Madera Technology Master Fund commentary for the second quarter ended July 31, 2017.
- Baupost Letter Points To Concern Over Risk Parity, Systematic Strategies During Crisis
- AI Hedge Fund Robots Beating Their Human Masters
The Madera Technology Master Fund returned +1.5% in July. Year to date the Fund has returned +13.2%.
The Hedge Fund RI Absolute Return Index was up 0.5% in July and is up 1.9% year to date.
Important product updates
Several of you have asked us to implement strategies with more concentrated exposure and volatility to our highest conviction long-term ideas and themes. You have also asked us to implement long-biased strategies so that you can modulate market exposure holistically across your broader portfolio while still capturing our unique ideas.
We are pleased to now be able to offer these specialized products. With the help of BTIG and Goldman Sachs, we are able to create custom solutions requiring zero incremental effort. This flexible platform provides a great way to leverage our ideas to provide the exact product you need.
This month we are:
- Introducing the long-biased implementation of the main portfolio (Madera Long). This strategy replicates the long side of our portfolio and then uses strategic and opportunistic hedging to manage tail risk. We are adopting the innovative “1 or 30” pricing model developed by Albourne Partners and the Teacher Retirement System of Texas whereby investors are paid back the management fee out of performance fees. Madera Long is up ~27% through July.
- Re-opening to investors our concentrated Next Generation Entertainment and Disruptive Telecom strategy (Madera Next). This portfolio emphasizes exposure to our largest thesis in the book (modern streaming & mobile infrastructure businesses vs. their legacy and obsolete counterparts) and provides for larger volatility. We believe the longs are 10X opportunities over time and the shorts have greater than 50% downside. It’s not every day that an entire industry gets transformed and we are extremely excited about this as we look towards 2018 with the secular trends well under way. Madera Next is up ~33% through July.
As a special thank you for your continued trust, we would like to offer these new products to you at no management fee for any additional capital invested in August and September.
We greatly appreciate your referrals to friends and colleagues. If we can be helpful to others, please feel free to pass this along.
Password: Swordfish – The Truth is Scarier than Fiction
We believe the magnitude and cost of the recent WannaCry and NotPetya cyber attacks are a global wake-up call for organizations to upgrade their cyber security.
2014 and 2015 were big years for spending in the US on cyber security as high profiles hacks such as Target, Anthem, Sony, and the US Office of Personnel Management (OPM) saw business lost, CEOs fired, and massive clean-up costs. WannaCry and NotPetya have been far more pervasive and wreaked havoc globally. The threat landscape is only expanding with connected cars, drones, and medical devices putting real lives in danger when there is a hack. And the bad guys are getting far more sophisticated as state sponsored attacks multiply. Our favorite companies that help solve problems include Proofpoint (PFPT, email security, because email is mission critical), Imperva (IMPV, database security, because you have to secure your data), and FireEye (FEYE, incident response, because these are the guys you call to clean up the mess and fix things).
WHAT EXACTLY ARE WANNACRY AND NOTPETYA?
WannaCry and NotPetya are two recent, high profile computer attacks based on weaknesses uncovered by the US National Security Agency (NSA). Both are extremely contagious and rapidly spread to hundreds of thousands of unprotected computers over only a few days. The hacks have infected systems in more than 150 countries (that’s 77% of the world by country). Upon infecting a computer, both would encrypt the data and demand a ransom be paid (hence the name ransomware). This renders the computer useless until the ransom is paid (and assuming the perpetrators have the keys to unlock). The attacks were extremely disruptive and entire businesses were shut down. As one CIO put it, “as you can imagine it's carnage.”
WHAT DID THEY DO THAT WAS SO BAD?
The ultimate scope of the damage is not yet known, but we have seen the first headlines quantifying damages:
FedEx had service disruptions at its TNT Express subsidiary and warned shareholders that the financial impact “could be material.”
Reckitt Benckiser said recent cyber attacks disrupted manufacturing, distribution, and billing operations in the quarter resulting in lost sales. The lost sales were estimated at 100bps of growth or £90 million and systems are still not fully operational.
Other firms that were impacted but have not disclosed the magnitude of the impact include WPP, Maersk, Rosneft, Deutsche Post, Britain’s National Health Service (NHS), Pennsylvania’s Heritage Valley Health System, Merck, Mondelez, and law firm DLA Piper. The 4,200 lawyers at DLA Piper not billing $1k adds up to $4 million of lost revenue per hour.
FURTHER SIZING THE IMPACT
The global market for cyber insurance last year was about $3.4 billion in premiums and Munich Re believes this will expand to $10 billion by 2020 (note, this was before WannaCry and NotPetya). “It would only need a combination of WannaCry’s wide reach and Petya’s destructive force to cost cyber insurers something like $2.5 billion, or a full year of gross premium income in the market” – CFC Underwriting. “Sooner or later, we will see a billion-dollar cyber claim” – Sanford C. Bernstein. And this is only for companies that have bought insurance.
HOW TO HELP SOLVE THE PROBLEM: PFPT, IMPV, AND FEYE
While email can seem mundane, email is extremely mission critical. 95% of cyber attacks come through email. According to the FBI, identified exposed losses from just one isolated email threat have totaled more than $3 billion since 2015. From a product perspective, Proofpoint (PFPT) offers the best email security and archive technology, a first-class management team, and new growth areas in mobile and social. A cornerstone of our investment process is finding companies that offer customers the most value, and Proofpoint tops that list of value delivered to the customer. The software-as-a-service delivery model gives them a competitive advantage in a virtuous circle (more emails -> more threats analyzed -> better product -> more customers -> more emails). We believe Proofpoint can grow revenues and cash flows in excess of 30% sustainably for years to come.
We believe the risk/reward in IMPV (Imperva, which has very good database protection technology) and FEYE (FireEye, which has simply the very best A-team of security remediation experts in the world) is very attractive as both shares trade near trough multiples for software companies yet have best in class technology. Public market investors often shy away from software companies with stocks that have gone down because they can be difficult to understand, but private equity and strategic acquirers love the category because its all intellectual property and the software business model inherently has greater than 50% EBIT margins. The laundry list of software company acquisitions over the last thirty years is extensive because buying these businesses at 5X recurring revenue means you can earn greater than 10% annual cash returns with very little effort. Trough multiples would translate to about 15% downside, and we believe upside to fair value using just average multiples is more than 50%—meaning you are risking $1 to make $3. While both companies have had a few self-inflected missteps recently, our diligence shows that operations are on the mend, the technology is differentiated, and the products provide real value to customers. Put another way, the stocks will appreciate either because the companies execute well or an acquirer does it for them.
IT IS TIME TO OWN CYBER SECURITY AGAIN
WannaCry and NotPetya were serious cyber attacks that have caused significant global disruption. Businesses, hospitals, banking systems, airports, and power companies were shut down. Executives have been forced to disclose the impacts to shareholders. The executives have a fiduciary duty to safeguard the business operations of their companies. This liability and responsibility likely requires proactive response. If we are correct in our thesis that WannaCry and NotPetya will increase demand for security products, we believe our companies with best in class technology will do very well.