Standing in the White House Rose Garden alongside Chinese President Xi Jinping, President Barack Obama announced last September that the two countries had inked an informal cybersecurity peace treaty of sorts. Over the last nine months, that deal has had a real impact on a group of valuable, private, homegrown cybersecurity companies — with some saying its hurt their business.
Obama’s cyber deal established a rudimentary promise: Each government would not “conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information for commercial advantage.” Additionally, both countries agreed to cooperate and assist each other in cybercrime investigations when possible.
At the time — in the wake of a devastating data breach at the Office of Personnel Management that many believed came courtesy of the Chinese — the agreement appeared significant as a step in the right direction.
But today, questions loom over the Obama-Xi cyber deal regarding whether it is actually decreasing the force and volume of cyber attacks coming from China. Some domestic cybersecurity firms believe it has, citing slowing business as evidence.
Publicly traded Silicon Valley cybersecurity giant FireEye is among those firms that believe the deal hurt their business.
FireEye experienced a turbulent 2015, with business growth that slowed significantly after the first quarter, causing stock prices to fall. Earlier this May, FireEye made an executive shift by naming then President Kevin Mandia as CEO.
Prior to that decision, FireEye chairman Dave DeWalt spoke about Obama’s cyber deal, explaining that his company’s 2015 struggles came due to, among other things, a changing threat landscape that saw a cut in attacks aimed at both the federal and commercial U.S. sectors from Chinese actors.
“The late summer of 2015, it was a big turning point for us … between 2008 and 2015, we saw a massive growth in the attack force coming from China. And we really built ourselves up during those years,” DeWalt said.
“When you think about it, we were sort of a wartime company.”
Cybersecurity companies Juniper Networks, Imperva, Fortinet, Cisco and Check Point Software all declined to comment for this story. Each sells a diverse catalogue of security products to a wide array of customers. The common bond that ties them all together is that each markets a product capable of stopping “cyber-enabled theft of intellectual property” at some level.
A spokesperson for Check Point Software wrote in an email: “We try to stay out of political topics.”
Of those five brands that chose not to comment, three offer less valuable stock today than in the days before and shortly after Obama’s remarks in the Rose Garden: Juniper Networks, Imperva and Fortinet. And while this information provides an interesting window into the companies’ financials, it does not tell the full story.
Obviously, correlation is not causation — which is to say that poor stock performance is just one potential indicator, revealing the potential aftermath of this cyber deal.
In the case of Cisco and Check Point Software, their stock is up since September and roughly equal to the price per stock year-over-year.
In an email interview with FedScoop, Palo Alto Network’s Vice President of Cybersecurity Strategy and Global Policy Ryan Gillis wrote: “We have not seen a downturn generally … the threat landscape, regardless of origin, is not abating and continues to morph. The hacks may not be as widely publicized or be the big brand names, but they are definitely happening. The overall trends we are seeing are echoed by statements of top government officials.”
A spokesperson for Symantec said they have “not seen an impact to business” as a result of the U.S.-China agreement.
Meanwhile, Bill Wright, a director of Government Affairs for Symantec, told FedScoop that his company did in fact see “an immediate decrease in October 2015 in some Tactics, Techniques and Procedures (TTPs) data associated with China.”
“We, however, still continue to see a small amount of activity continuing after September 2015. This small trickle of continuing activity could be explained by the time needed for attackers to cease operations in relation to the U.S.-China cyber agreement in September 2015. Some operations just can’t be wound down overnight,” said Wright.
The beginning of 2016, in particular, he went on to explain, was especially quiet on the cyber front between the U.S. and China.
To contact the reporter on this story you may email via firstname.lastname@example.org or follow him on Twitter at @Bing_Chris. Subscribe to the Daily Scoop to get all the federal IT news you need in your inbox every morning at fdscp.com/sign-me-on.