FireEye plans layoffs, cuts outlook as sales of its security services weaken

According to FireEye CEO Kevin Mandia, changes in the threat environment have resulted in lower sales of its security subscriptions and products.

FireEye is planning to lay off up to 400 employees in a restructuring effort as revenue declines throughout its services division.

The cuts were announced along with the cybersecurity firm's second quarter earnings report Thursday, in which FireEye also lowered its full-year fiscal outlook and warned of the impact a shifting threat landscape could have on its profitability.

FireEye sells security software that helps businesses prevent and respond to cyber attacks. But according to FireEye CEO Kevin Mandia, changes in the threat environment have resulted in lower sales of its security subscriptions and products.

"While our services personnel are responding to more attacks this year than prior years, the scope and scale of these attacks is simply different," Mandia said on a call with analysts. "The average duration and size of each incident response engagement was smaller than in years past and as a result, we saw lower services growth than expected."

More specifically, Mandia said attackers are attempting fewer large-scale breaches on business networks and instead are opting for more ransom ware attacks that are "simply easier to remediate at times".

As a result, FireEye reported a net loss of $139.3 million, or 86 cents a share. Non-GAAP losses narrowed to 33 cents a share on revenue of $175 million.

Wall Street was looking for earnings of 39 cents a share with at least $181.6 million in revenue.

FireEye also came up short in billings with $196.4 million, as analysts were expecting somewhere closer to $209 million.

Additionally, FireEye reduced its 2016 revenue forecast from $780 million to $810 million down to a range of $716 million to $728 million. Analysts are expecting annual revenue of $793.5 million. By late Thursday afternoon, FireEye's shares had fallen nearly 15 percent in extended trading.

FireEye said it's now pursuing a bevy of internal and product changes aimed helping the company balance growth and profitability. These changes include the hiring of a new head of worldwide sales (Mandia said sales execution was also a factor in FireEye's revenue miss) and a new leader in the EMEA region.

FireEye is also expanding its Software-as-a-Service (SaaS) with third-party vendor alerts. Until now, the service has been tightly coupled with FireEye's own technology stack and focused mainly on advanced attacks. Other initiatives include lower-cost alternatives within its security portfolio and a greater focus on real-time threat detection products.

It remains to be seen whether FireEye can successfully implement its turnaround strategy, but so far analysts remain skeptical. In a research note, JMP Securities said it was particularly disappointed with the revenue shortfall given the recent appointment of Mandia as CEO, who replaced former CEO David DeWalt in May.

In addition, our checks suggest that turnover at FireEye has increased significantly over the last year and we believe the planned workforce reduction will further hamper morale. While we believe market demand issues may have impacted FireEye, we believe the magnitude of the miss reflects company specific challenges, such as sales execution issues, competitive pressures,and maturation in its core market.

In a similarly harsh research note, Stifel Financial expects that FireEye will likely pursue a sale should the firm fail to recover:

We continue to see FireEye at or near the top of the list of public companies that are likely to be acquired in the near to mid-term, with Cisco and IBM most often mentioned as potential acquirers. We think another quarter of missteps could be a key driver in pushing the board to take a more flexible approach to potential valuation.