Micron reported Q2 results that beat estimates and guided for Q3 sales and earnings growth above expectations. However, Micron’s share are off 9% post-earnings, which may be due to commentary around soft demand in China, slowing PC sales and concerns that Micron may be nearing the top of the cycle. We believe that these concerns are temporary, and that Micron is structurally becoming a less cyclical company, which deserves a premium multiple. I discuss the company’s latest results and why we believe the recent sell-off is overdone in more detail below.
Micron’s Q2 FY2022 Beat Expectations and Guidance Was Above Consensus
Micron reported Q2 FY2022 results on March 30th, and sales increased 1% QoQ to $7.8 billion driven by a 4% sequential rise in NAND sales, which accounted for ~25% of total revenues. NAND sales also increased 19% YoY and management expects NAND sales to increase by ~30% YoY for the year. Demand for NAND is being driven by Micron’s new 176-layer NAND technology, which represented the majority of Micron’s NAND shipments. We explained the importance of 176-layer NAND here, stating that Micron has significantly increased memory capacity and is a leader in this technology, allowing the company to capture more market share.
Importantly, the strength in NAND should also be a tailwind for Lam Research, which sells the etching equipment necessary to build the layers for 176-layer NAND. In our latest update on Lam Research, we explained that “the key reason we think Lam could fare better than its peers is because as 3D layers increase, capital intensity also increases. The process does not scale linearly, instead it’s non-linear because it takes longer than 2X to etch a stack that is 2X high and requires more complex etch and deposition equipment”. With Micron guiding for $12 billion in Capex this year and plans for $150 billion in capacity expansions over time, we should expect Lam Research to see strong demand for etching equipment going forward.
Micron’s NAND prices also benefitted from the contamination of ~8% of the global supply of NAND. In February, memory peer Western Digital disclosed that there was a contamination event at two of its Japanese JV facilities, which resulted in 6.5 exabytes of NAND memory being contaminated. Likely benefitting from this event, Micron’s Q2 NAND prices rose ~4% QoQ, driving much of the topline growth as volumes were flat. As shown below, Micron has outperformed relative to Western Digital YTD, however, both companies have underperformed the broader market in 2022. I outline a few reasons for this in more detail below, which we believe are only temporary.
Similar to NAND, DRAM sales increased 2% QoQ and were up 29% YoY to $6 billion, or 73% of total sales. DRAM volumes increased but were offset with a decline in ASPs. Strong demand in datacenter drove the increase in DRAM sales. For example, Micron’s largest segment, Compute and Networking, grew sales 31% YoY to $4 billion, driven by a 60% YoY rise in data center sales which were “supported by robust demand across our DRAM and SSD portfolio” (Q2 call, 03/30/22). DRAM sales benefitted from Micron’s leading 1-alpha technology which is increasingly being adopted in the memory-intensive cloud environment. During the Q2 call, CEO Sanjay Mehrotra stated that DRAM sales will continue to ramp into 2023 when he said that “We have broadened the qualifications for our 1-alpha DRAM products and are well positioned to support the data center DDR5 transition driven by new CPU platforms, which are targeted to begin ramping later this calendar year and gain momentum in 2023”.
Following the strength in cloud sales, Storage sales increased 38% YoY to $1 billion as SSDs continue to replace HDDs, while Embedded sales increased 37% YoY driven by strength in automotive. A blemish was weakness in Mobile sales, which increased just 4% YoY to $1.9 billion. While the rollout of 5G phones will lead to a ramp in memory content per phone, there may be demand headwinds on the horizon. For instance, Apple cut its forecast of 5G iPhone shipments by ~20%. I discuss this in more detail below.
Continuing down the income statement, gross margin increased by 2,100 bps YoY and 100 bps QoQ to 47%, benefitting from higher NAND margins and the ramp in 1-alpha DRAM and 176-layer NAND technologies, which reduces costs as it scales. Management noted on the Q2 call that most of the efficiency benefits have been realized, and that margin expansion from the ramp is largely behind the firm. Furthermore, YoY gross margin comps were impacted by a one-time $300 million charge taken last year when Micron switched to FIFO accounting.
The strength in gross margin flowed down to operating profit, which increased 118% YoY to $2.7 billion. The dramatic rise in profitability was driven by higher selling prices and cost reductions from the ramp in new technologies outlined above. However, Micron has historically been a cyclical industry, and there may be concerns that Micron is nearing the top of the cycle. This may explain the recent sell-off in Micron’s sales, yet we believe that Micron is becoming structurally less cyclical and that its multiple will rebound once this is clearly evident in future results (discussed in more detail below).
Finally, GAAP earnings per share were $2.00 while non-GAAP EPS was $2.14, which beat estimates by $0.16. Non-GAAP EPS increased 118% YoY and the strength in EPS growth should continue going forward. For instance, Micron will benefit from a lower tax as Idaho’s governor signed a new tax law on March 16th, 2022 that will reduce Micron’s taxable income (Micron is HQ in Idaho). The CHIPS act may also be a tailwind to earnings as the US government looks to incentivize reshoring of manufacturing capacity.
As of the end of the quarter, Micron had $12 billion in cash and equivalents and free cash flow was over $1 billion during the quarter. Management stated that they expect free cash flow generation will be “substantially higher” over the next two quarters relative to H1 2022. Micron intends to use ~50% of its free cash flow to buy back its stock and pay dividends to shareholders. Since 2019, Micron has reduced its share count by an aggregate 113 million, or by 9%. With Micron guiding for record sales and profits in FY2022, cashflow generation should be significant, which will support more buybacks in the future.
Looking forward, management expects Q3 sales to grow 18% YoY to $8.7 billion, which beat initial topline estimates by 6%. Management stated that they are “tracking ahead” of their initial guide set in Q1 for FY2022 and that demand remains strong, but noted during the Q2 call that “there are some pockets where semiconductor shortages have not improved as fast as we had expected, and these shortages are likely to continue into calendar year 2023”. Nonetheless, Q3 adjusted EPS is expected to grow 14% QoQ to $2.46, which beat initial estimates by 9%.
Potential Risks are only temporary
As discussed above, Micron reported strong top and bottom-line results, guided above consensus and expects to be report record sales and earnings in FY2022. However, despite this, Micron has underperformed in 2022 and is off ~9% since announcing FQ2 results. This may be due to a couple developments: 1) softness in mobile and PC sales and in China, 2) and concerns that Micron may be nearing the top of the cycle.
In regards to the first point, during the Q2 call management stated that “We see some weakness in the China market as the local economy slows, smartphone market share shifts and some customers take a more prudent approach to inventory management.” CEO Mehrotra added that he expects PC unit growth will be “flattish”. These comments may have contributed to a post-ER sell-off, and it is notable that AMD is also off following the Micron Q2 print, likely due to its exposure to PC sales. However, management added further color that enterprise PC sales are expected to be strong in the near term, which are more content rich in terms of DRAM and NAND content, which should offset this pressure.
Moreover, 5G phone sales are just now starting to ramp, but the timing of this ramp remains unknown. As mentioned above, Apple has reportedly cut its production forecasts for its first 5G phone by ~20%. While this may be a near-term headwind, it is inconsequential in the long term. This is because 5G phones will inevitably take share from 4G going forward, and 5G phone DRAM content is 50% higher than 4G, while NAND content is >100%.We expect mobile will be a tailwind going forward, despite the near term uncertainty in the pace of the ramp.
Finally, a trend that is typical with highly cyclical companies is that investors tend to reduce exposure when earnings are high due to concerns that the company may be nearing the top of the cycle. Historically, Micron has been a highly cyclical company with periods of oversupply and rapidly declining prices. However, with more demand drivers coming from data centers/cloud and automotive, memory demand is no longer dependent on the short-cycle PC market.
During the Q2 call, CEO Mehrotra explained that over 75% of its quarterly volume are under long-term agreements (LTA) that go out beyond four quarters or more, up from less than 25% in prior years. CEO Mehrotra added that all of the company’s large customers are now under LTAs, which helps improve demand visibility and reduces uncertainty. An increase in LTAs significantly reduces the cyclicality of Micron’s business.
Moreover, new trends on the horizon further smooth demand for memory, reducing Micron’s dependence on the short-cycle PC market. For example, CEO Mehrotra stated that “new EVs are becoming like data center on wheels, and we expect over 100 new EV models to launch worldwide in this calendar year alone”. The memory content in higher end EVs is 15x higher than the average car, which further reduces the cyclical nature of Micron’s business.
As shown below, Micron trades at a 9x PE multiple, which is below where it was trading in 2017 and well below its multiple in 2020 and 2021. We believe that the market remains in a “wait and see” mode until Micron can prove that it is less cyclical. If Micron can prove that it is less cyclical going forward, we should expect a re-rating of its multiple going forward. A trend that supports this is the reduction in finished goods, which declined QoQ despite the softness in China, PC and mobile. A build in finished goods inventory would signal that demand may be weakening, a trend we have yet to observe in the memory market.
Below, the team looks at Micron – a semiconductor company the I/O Fund has owned in the past. Micron is in third place behind Samsung and SK Hynix. We analyze both product and financials to determine if Micron has what it takes to capture more market share across data centers, automotive/industrial, and 5G smartphones and edge devices. Earnings are on December 20th.December 20th.
Micron is one that we are watching closely but do not own at time of writing. Please reference Trade Notifications archived on the dashboard and the forum for updates. on the dashboard and the forum for updates.
Overview of Micron’s Products:
By Beth Kindig
When we first covered Micron, the company’s revenue was two-thirds DRAM and one-third NAND. The company’s most recent earnings report shows a heavier weight on DRAM at three-quarters revenue compared to one-quarter revenue from NAND.
NAND memory saves data even when the power is removed, such as when a cell phone is turned off. Beyond mobile devices, NAND is found in traffic lights, digital advertising panels/displays, and anything with artificial intelligence that needs to store data.
Dynamic RAM, or DRAM, stores memory when a device is on, such as PC processors and graphics cards. DRAM is also used in gaming devices and video game consoles. DRAM is 100X faster than NAND, lasts longer, and is smaller in size. However, DRAM is known as volatile memory which means when power is turned off, it does not store data. The benefit of loading the data into the RAM is that reading the data is much faster than reading it from the hard drive.
According to the CEO of Micron, AI servers will require six times more DRAM and twice the SSDs compared with standard servers. In the most recent earnings report, it was also pointed out that “DRAM and NAND stem share of the semiconductor industry has steadily grown over the last two decades, from around 10% to approximately 30% today.” Today, data centers are the largest market for memory and storage due to the growth driven by cloud.
Hyperscale data centers are growing faster than DRAM supply can keep up with. Due to higher capacities and low latencies, DRAM is being used across health care, the military, automotive, networking systems, and data centers. DRAM is being used in the Internet of Things (IoT) due to low latency with automotive using up to 80GB compared to 5.5GB in PCs and 2.5GB in handsets.
NAND is used to store pictures or music on a mobile device and is also particularly well suited for edge devices because it’s ideal for high data storage density. Although DRAM drives the majority of Micron’s revenue right now, NAND is the growth segment to watch as AI workloads move to the edge and will require NAND for the increased energy requirements, portability, and ability to store massive amounts of data.
According to FiorMarkets, Global 3D NAND Flash is expected to grow at a 32.3% CAGR from 2019 to 2025. 360 Research Reports put the CAGR at 20.6% between 2021-2026. Overall, NAND is expected to grow at 11.05% between 2021-2026. DRAM has a CAGR of 7% between 2020 and 2026.
Micron’s revenue segments
By business unit, Micron saw the most revenue growth from Embedded (EBU) at 108% year-over-year and 23% QoQ growth. This was also the largest growth in the prior year. EBU refers to memory and storage products used in automotive, consumer markets, and industrial applications. In 2019, Micron had expanded its wafer fab facility in Virginia with a $3 billion investment to manufacture 20nm/1xnm DRAM and 3D NAND for automotive infotainment, advanced driver-assistance systems (ADAS), and also industrial automation and surveillance applications. Two years later, the investment and engineering expansion appears to be paying off.
This is a key segment to watch as industry CAGR for automotive processors is expected to be 65% through 2023, according to IDC. This is driven by automation and the memory content per car will increase up to 16GB of DRAM and 1TB of NAND to run AI, supercomputer, and high-def mapping. Micron holds 48% of automotive memory market share and is the primary supplier to Nvidia and Intel.
Compute and Networking (CNBU) grew at 26% growth year-over-year and 15% quarter-over-quarter. This is the segment that serves cloud servers and PCs, plus graphics and networking markets, and this segment is the largest source of revenue and operating income for Micron. Bradley expands more on this in his write-up below.
Mobile Business Unit (MBU) focuses on mobile and smartphones and mobile saw its highest-ever mobile revenue in fiscal year 2021. This is partly driven by the uMCP5 multichip package which allows smartphones to handle data-intensive 5G workloads. Micron has also released low-power DRAM for edge devices in a promotion with MediaTek. Micron offers a combined chip for both NAND flash storage and DRAM for 5G smartphones to extend battery life and increase performance without taking up circuit board space. This segment is also one to watch as the memory in smartphones will increase exponentially with 5G due to large data volumes.
Micron has exposure to PCs. This has been a boon during the past few years yet could also weigh on Micron if consumer spending slows.
3D NAND product update
Last year, Micron released a 176-layer 3D NAND product that has a layer count 40% higher than the nearest competitor, which is Samsung. The new NAND device is 10 times denser than previous 3D NAND devices which allows smartphones and edge devices with capacity limitations removed and increased power efficiency. Cloud storage also benefits due to being data intensive.
According to Micron, this device has the “industry’s highest data transfer rate” of 1,600 megatransfers per second (MT/s). The device is the same height as the 64-layer design with a fabrication technique that removes stack height limitations to provide higher storage capacities. The company uses CMOS-under-array (CuA) to build a multi-layered cell stack for more memory to be leveraged in a smaller space while also decreasing die size.
The replacement-gate (RG) flash technology replaces the traditional floating-gate design, and according to Micron’s whitepaper, helps the device remain competitive in terms of time it takes to program and/or to limit the reduction in performance. Micron points out in the paper that extending the number of tiered stacks creates cell-to-cell capacitive coupling, which leads to lower program times. Therefore, the more tiers or layers that competitors release will not necessarily result in better performance due to design limitations. This performance becomes critical as program algorithms can add to time delays when writing the data.
In this iteration, Micron changed the design to mitigate issues of the “cell-to-cell capacitance structure,” or a reduction of electric field duration and increase in voltage threshold (VT), which results in higher endurance life span, increased power efficiency, increased storage capacity, and doubled speed of write performance. The company also changed the material from polysilicon to metal. These two improvements result in Micron’s RG 3D NAND to perform up to 2X faster than other current 3D NAND devices.
Memory and storage can be very competitive in terms of price, so we want to track incremental product improvements. According to Micron, “current 3D NAND design has begun to reach the limits of its monolithic die-level maximum capacity. It will continue to fall short of the immense system-level storage capacities demanded by future data-driven applications. Cell-to-cell capacitive coupling complications and smaller etch requirements account for many of these limitations.” If Micron is correct, then this could be an opportunity for the company to see more market share on 3D NAND.
NAND is expected to see a 30.8% increase in total bit demand and an oversupply in the second half of next year. Competition is expected to drive a decrease in average sales price (ASP). In the earnings presentation, Micron forecast calendar year 2022 growth of 30% in NAND.
DRAM product update
Moore’s Law states that the number of transistors or processing power on an integrated circuit doubles every two years while the cost is halved. This has led to shrinking the circuits to fit more transistors or memory cells in the limited space. At one point, you could see a transistor and now they are measured in nanometers, which is not visible by the human eye. This helps chips switch faster and use less energy and are cheaper to make, as well. As size decreased, memory chips moved to the Roman and Greek alphabet to name nodes which is why Micron calls their DRAM “1-alpha.’ This provides a 40% improvement over bit density compared to the 1z node and power consumption has improved by up to “20 percent.”
These chips are manufactured without EUV, or Extreme Ultraviolet Lithography. This manufacturing method uses smaller 13.5nm wavelengths of ultraviolet light to etch wafers as opposed to lasers from Deep Ultraviolet Lithography (DUV). You could argue that EUV is a point of weakness for Micron as Samsung is using this manufacturing method while Micron is delayed until 2024.
DDR5 is the company’s increased bandwidth product that will increase core count resulting in up to 85% increase in bandwidth. The double date rate (DDR) product has been primarily focused on more bandwidth while previous generations focused on reducing power consumption to serve the needs of mobile applications and data centers. The performance increase is between 1.36X and 1.87X. This has not been released yet but is expected to be released soon.
DRAM is expected to see a decrease in average sales price (ASP) next year while DRAM bit demand will increase by 17%. This will lead to an oversupply in the second half of the year. Micron is forecasting DRAM revenue to be in the mid-to-high teens.
Being U.S. based, plus MU, lowered exposure to China
It’s very helpful that Micron is the only U.S. based manufacturer of memory during a time when suppliers are relocating to the United States. Micron announced that it intends to invest $150 billion globally over the next decade in “leading-edge memory manufacturing and research and development (R&D) including potential U.S. fab expansion.” The U.S. Senate passed the U.S. Innovation and Competition Act (USICA) which includes $52 billion in federal investments for the domestic semiconductor research, design and manufacturing provisions in the CHIPS Act. Congress is also considering legislation called the FABS Act that would establish a semiconductor investment tax credit. Policy could strategically help Micron compete with Samsung.
The next hurdle for semis long-term is relying on China sales. Micron changed how they report geographic information from ship-to location to customers headquarters. Micron also lost Huawei revenue during the same time period which Keybanc estimates was 7-9% of Micron’s revenue.
Here's a snapshot from fiscal Q4 2018 where “ship-to location” was heavily weighted to China.
If we go on customer headquarters then we see that Micron has about 18% exposure in FY2021 if we include China and Hong Kong.
Competitors
Micron was the first to build and ship a 176-layer NAND last year and SK Hynix was close behind. In early 2020, Kioxia and Western Digital released a 112-layer device and are expected to move to 160-layer soon based on split-gate architecture by stacking two 80-layer structures. By splitting the gates, the cell size is reduced in half and this increase the capacity. YMTC was a new competitor from China that released a 128-layer very quickly by skipping the 96-layer generation. The company uses an expensive copper hybrid bonding technique that enables higher bit density. YMTC is likely to take market share in China across all memory and storage competitors.
According to TrendForce, SK Hynix saw the largest increase QoQ on NAND flash sales with a 25% QoQ increase and Kioxia reported 3D NAND sales of 20.8% QoQ compared to Micron’s 8% increase QoQ. In terms of DRAM, TrendForce reported that Samsung grew it’s lead with 11% growth QoQ while Micron also grew it’s lead with 12% growth QoQ compared to SK Hynix at 8% QoQ.
Micron is Becoming Less Cyclical
By Bradley Cipriano
Micron has reported strong results over the last few years and this continued into 2021. Micron is a key player in the memory market, which is going through a structural change. Demand is no longer dependent on PCs, rather memory demand is now being driven by much stronger tailwinds such as datacenter server growth and the rollout of 5G. This structural change is making Micron less cyclical.
Looking forward, Micron expects these structural tailwinds to continue to drive growth at the company. CEO Sanjay Mehrotra explained it well during the Q4 FY2021 Conference Call when he said that “Industry trends like the broad integration of artificial intelligence into all computing, proliferation of the intelligent edge, continued data center growth, and deployments of 5G networks create new and expanding opportunities for Micron.”
The rise of cloud data centers has led to a structural increase in demand for semiconductor components such as DRAM and NAND memory, which helps smooth out the boom and busts cycles that Micron was historically exposed to. Micron explained the new market dynamic in its 10K when it stated that “data is today’s new business currency, and memory and storage are a critical foundation for the data economy”.
The IDC estimates data creation will explode going forward (pictured below), driven by the rise of cloud computing. Furthermore, the IDC estimates that less than 2% of data is saved today, and that data creation is far outpacing data storage capacities.
Furthermore, the ramp of the metaverse also requires massive scaling. During Marvel’s (MRVL) Q3 Conference Call, the company stated that the metaverse “will significantly accelerate a number of key trends, which are already occurring in the cloud today, including the need to store huge amounts of data”. With Meta (aka Facebook) guiding for $34 billion in capex in 2022 to develop the metaverse, the demand for data storage will likely be strong for the foreseeable future.
We can see the structural change underway by looking at results over the last four years. For instance, aggregate gross margin over the last four years was 44%, well above historical (cyclical) periods, and aggregate operating cashflow margin was ~50% over the same time period. In response to the structural change underway in the memory market, management recently initiated a quarterly dividend ($0.10 per share), which highlights management’s contention that the memory market is becoming less cyclical. I discuss Micron’s recent financial results in more detail below.
New memory technologies keep pace with cloud innovation
To address the issue of exploding data creation, Micron has innovated on some key new technologies that will enable datacenters to capture and retain much more data. Two of these key new technologies are 176-layer NAND and 1-alpha DRAM, which Micron began shipping in volume this year.
Micron stated that the introduction of “176-layer NAND and 1α (1-alpha) DRAM represent major technology breakthroughs for our company and the first time in our history that we have achieved industry leadership across these two flagship technologies”. 176-layer NAND is an extension of 3D NAND, and as the name implies, has 176 layers of cells that dramatically increase memory capacity. Previously, NAND was on a 2D plane with just one layer, and Micron has significantly increased capacity by expanding beyond a single layer of memory. Furthermore, the 1α DRAM memory node was introduced in 2021 and materially improves the performance of DRAM memory (20% to 30% higher yields), which is critical for cloud servers that rely on low latency and high performance.
With the continued development of AI, cloud servers require significantly higher quantities of DRAM, as the number and capabilities of these intelligent edge devices increases, more data is stored, processed and accessed in the cloud. The demand for storage in the cloud environment is growing exponentially and Micron’s industry leading 1α DRAM nodes should be able to capture market share in this fast growing segment in FY2022. We can see the strength in cloud computing by looking at Micron’s Compute and Networking segment (CNBU) sales, which increased 34% YoY to $12.3 billion during FY2021 and rebounded from an 8% YoY decline in the prior year.
CNBU is Micron’s largest segment (44% of sales) and continued strength here will be rewarded by the market. With that said, there was a deceleration in this segment between fiscal Q3 and fiscal Q4 both YoY and QoQ from 49% down to 26% YoY growth and down from 25% to 15% on QoQ growth.
In Q2 FY2021, Micron also began shipping 1α DRAM nodes for mobile, which improved power efficiency in mobile phones, and allows for memory intense use cases like smart photography. Management explained on the Q4 call that 5G phones have 50% more DRAM than 4G phones, meaning that the continued adoption of 5G phones should be a significant tailwind for Micron going forward.
Micron also began volume shipments of 176-layer NAND for mobile in 2021. On the Q4 call, CEO Mehrotra explained that “176-layer NAND-based mobile product went from just introduction to 1-million-unit shipments in a record time. Fastest RAM in the history of the Company”. The ramp in 176-layer NAND helps put into perspective how much demand there is for Micron’s new technologies. Following this strong demand, Mobile (MBU) segment sales increased 26% YoY to $7.2 billion in FY2021, a record high. The continued roll-out of 5G phones will likely be a tailwind for Micron going forward.
The roll out of these new technologies is just now beginning to ramp. To accelerate the roll out of these new technologies, Micron expects to increase its annual capex by 20% YoY to $12 billion, which follows a 22% YoY rise in capex in FY2021. Micron explained that capex will be driven by its continued transition to 176-NAND, as well as infrastructure support for the introduction of new technologies such as EUV lithography. While increased capex spend does not guarantee increased sales, there are also signs in Micron’s balance sheet that point to heightened demand in the near term, which I discuss in more detail next.
Micron’s financials
Following the roll out of new technologies during the year, Micron reported strong results to end its fiscal year. Specifically, Micron’s Q4 FY2021 sales increased 37% YoY to $8 billion, an acceleration from the 36%, 30%, and 12% YoY increase in Q3, Q2, Q1 respectively. Gross margin increased 1,300 bps YoY to 47%, the highest level since Q3 FY2019. On a rolling four-year basis, gross margin was 44%, highlighting the strong success Micron has experienced in recent years. As shown below, the sustained improvement in four-year rolling gross margin suggests that Micron’s business is becoming less cyclical.
The strong gross margin flowed down into operating margin, which increased 1,600 bps YoY to 36%. On an annual basis, operating margin improved from 14% in FY2020 to 23% in FY2021, while non-GAAP operating margin was 28%, up 1,200 bps YoY. The strong margin performance was driven by pricing increases across DRAM and NAND products and ongoing product transformation. Looking forward, management guided that gross margin would remain strong at 47% +/- 100 bps in Q1 FY2022, as the company continues to benefit from the new product releases (discussed in more detail above).
Continuing down the income statement, GAAP EPS increased 175% YoY to $2.39 and on an annual basis GAAP EPS increased 117% YoY to $5.14. In the last five years, Micron has reported an aggregate $28.94 in GAAP EPS, or nearly five times as much as it had earned in aggregate earnings over the prior 33 years (dating back to 1984). As discussed above, Micron had historically been a cyclical company dependent on PC demand for memory, but tailwinds from datacenter and mobile have structurally changed the demand environment for memory and have made Micron’s business less cyclical and more profitable. Below, we look at the 4-year rolling gross margin to discuss the continued strength in the company.
We can also see this outperformance in cashflows. Micron’s annual cashflow margin was robust at 45%, and FCF margin was also strong at 9%. Annual FCF margin has been positive in all but one year since 2012 and has been positive for five consecutive years. As a result of the strong cashflow performance over the last few years, management initiated a quarterly $0.10 dividend.
CFO Dave Zinsner stated on the Q4 call that “the initiation of a dividend is an important milestone that reflects the structural transformation Micron has undergone over the last several years, and it shows our confidence in the sustainability of our cash flow generation”. He added that Micron expects to return more than 50% of FCF to shareholders through dividends and buybacks going forward. If the memory business is becoming less cyclical, then shareholder returns could be substantial going forward given Micron’s robust profitability and cashflow generation.
Finally, inventory trends also highlight the strong demand for Micron’s products. Inventory declined 17% YoY despite the 37% YoY growth in sales, as Micron has struggled to replenish lean inventory levels in response to strong customer demand. Typically, in cyclical industries, elevated inventory levels can be a sign of concern, so the drawdown in inventory highlights the strong demand for memory in the current environment.
Inventory composition is also bullish, as raw material inventory increased to 11% of total inventory, a three-year seasonal high, while finished goods inventory declined from 19% of inventory to 11% in Q4, a five-year low. The drawdown in finished goods highlights that Micron is shipping its product faster than it can be replaced, highlighting the strong demand it is experiencing. A rise in raw materials and decline in finished goods means that management is quickly selling its product and anticipates that this demand will continue.
Outlook and valuation
However, a risk with the low inventory levels is that Micron will not be able to fulfill the strong demand in the near term. There are also supply chain issues outside of Micron’s control that may impact demand in the near term. CEO Mehrotra explained on the Q4 call that some PC customers are adjusting memory purchases in the near term due to non-memory component shortages. He added that supply chain constraints for IC components will limit some large shipments in the near term.
This commentary helps explain Micron’s Q1 FY2022 forward guide miss. Micron guided Q1 sales to be $7.65 billion at the mid-point, 10% below the Street’s initial estimate at $8.5 billion. Micron also guided Q1 EPS to be $2.10 at the midpoint, or 15% below initial expectations of $2.48. CEO Mehrotra explained that while there are near term supply chain issues, “shipping growth will resume in the second half of the fiscal year, and we're planning to deliver record revenue with solid profitability in fiscal 2022”. While Micron only quantified its Q1 guide, CEO Mehrotra’s statements suggest that growth will rebound in the second half of the year as supply chain issues and low inventory levels normalize.
Looking forward, Micron is expected to report Q1 earnings on December 20th. Q1 sales are expected to increase 33% YoY to $7.65 billion and non-GAAP EPS is expected to rise 169% YoY to $2.10. For the year, Micron is expected to grow sales 16% YoY to $2 billion and to report $9.01 in non-GAAP EPS, which gives it a 9.2x fwd EPS multiple. This is slightly below Intel’s fwd P/E multiple of 9.7 but above Western Digital’s fwd P/E of 6.7x. Furthermore, Micron’s fwd P/E of 9.2x is below the 15.8x level it reached earlier in the year, which highlights that there is room for multiple expansion going forward.
Micron also trades at a slight premium based on trailing earnings. Its TTM P/E multiple of 16x is 45% higher than the peer median of 11x (peers include Samsung, SK Hynix, Intel, and Western Digital). Micron is likely being awarded a premium over its peers due to its current technological lead in key technologies discussed above.
Conclusion
Micron’s sales grew 29% YoY in FY2021 and management expects this growth to continue into FY2022 as demand for memory remains robust. The memory market is becoming less cyclical due to numerous tailwinds that have expanded demand for memory beyond PCs and into more memory intensive markets such as data centers and mobile. Micron is ramping capex to keep pace with outsized demand and has innovated new technologies to keep pace with the cloud environment.
Management also issued a quarterly $0.10 dividend, which further highlights management’s contention that its market is becoming less cyclical. Micron currently trades at 9x fwd P/E, which is near Intel’s and above Western Digital’s multiple. If the company can prove to the market that its business is less cyclical and that its 40% gross margin and 50% cashflow margins are sustainable, then its multiple will likely expand going forward.
This article originally appeared in VentureBeat.VentureBeat.
By all accounts, mobile advertising is the wave of the future. Mobile ad spend is projected to increase 430 percent between 2013 to 2016, when it’s expected to surpass $100 billion worldwide, according to eMarketer. By 2019, overall ad spend will go on to surge to an estimated $200 billion. This is record-breaking growth, and it’s no wonder we are seeing this level of investment considering we’ve seen mobile usage recently exceed desktop.
It’s exciting to be in mobile today. You couldn’t ask for more users, more eyeballs.
Yet there are still a few unanswered issues. Those spending big dollars on mobile, namely advertisers, publishers driving installs, and also brands and agencies, have a few key indicators they want to meet, including a reasonable level of accuracy, optimization, reach, and of course, performance. The mission is to deliver the correct content at the right moment closely matched to the intention of the person viewing the ad.
But whether this happens or not is an absolute mystery on mobile today. We may know someone installed an app, but they may never open that app again. We can measure clicks, but this has led to fraud and has also prevented brands from feeling confident that a “click” is the result they want from a campaign.
To loosen the bottleneck, we need to look at the yardstick we are using. We need to measure accuracy. We need to measure optimization. We need to measure reach. And we need to measure performance. The common denominator across all KPIs is how to measure both the audience and the campaign performance.
There are three predominant methods for measuring mobile ad performance today and each has its limits.
CPI: Cost per Install. This measurement is unique to mobile and was initiated for mobile publishers who doubled as advertisers. These publishers needed installs on their mobile apps, therefore, user acquisition dictated a new form of campaign measurement. It’s also the easiest (and first) way of measuring effectiveness in mobile video, although it limits the number of advertisers to only those who want to drive app installs.
CPI is also a higher risk to the publisher because they only get paid when the install occurs. As a result, the user experience is often quite bad because the user sees the ad over and over again, with the ad exchange favoring whatever means necessary to procure the install.
Weaknesses: Not every advertiser wants to drive an app install. Plus, users are gravely affected by the repetition of ads.
CPC: Cost per click came from desktop and originated in search, where the main function of the ad was to lead the user to a website or product page to initiate the conversion funnel and close the purchase. On desktop, CPC works best when tied to targeted keywords, relying on search terms to narrow relevancy and qualify who is clicking on the ad. Display ads on desktop naturally became display on mobile, although the screen size and user no longer matches the desktop actions that display was originally intended for.
Weaknesses: Clicks have never been a good measure of media outside of search. Mobile amplifies this problem with many erroneous clicks being attributed to media performance. We’ve seen a rise in fraud from bots, especially among Open real-time bidding markets and other programmatic exchanges. Plus, CPC does not address video, where the mobile market is headed, with 12.8 percent of impressions currently equaling 55 percent of revenue.
CPCV: Cost per completed view. This measurement is more favorable for video, especially when used with hybrid mediation algorithms, because it measures according to the effectiveness of the ad per completed view. Therefore, the correct content, the right moment, and the intention of the person viewing the ad has been achieved, in theory, because the video ad has been completed.
Weaknesses: Factors such as whether the ad is skippable or non-skippable and rewarded or non-rewarded play into why it was completed. CPCV is also not equipped (yet) for cross-device measurement. There have been variations on this form, such as CPMV (cost per 1,000 views), however, this does not take into account if the video ad was completed or not.
Given the shortcomings of these common measurement methods, it’s no wonder we are seeing a push towards new forms of measurement. Interestingly enough, the most recent form of measurement to emerge for mobile isn’t new at all. It comes from an environment where advertisers have been consistently measuring audiences for quite awhile now: television.
GRP: Gross Rating Point is calculated by the percent of the target market reached multiplied by exposure frequency. There are innate benefits to using the GRP measurement: First, having originated from television, the strength of the GRP is in measuring elusive eyeballs on video-produced ads – comparing mobile video to television, you can see why CPI is not conducive (there’s nothing to install). Second, advertisers are comfortable with this measurement system. It makes sense to invite the majority share of ad spend (which is television, at 42 percent, in the United States) to the mobile conversation by speaking in familiar language as to how ads are measured. Last – but definitely not least – the gross rating point is ideal for cross-device measurement because it takes into account exposure frequency. This last point may be the clincher for why the aforementioned three metrics will lose effectiveness over the next few years.
Weaknesses: Because the GRP is a navigational metric, it’s a measurement of how you approach your audience and how the budget is spent rather than providing an analysis of whether your ad was viewed and what action (if any) was taken.
The next chapter in measurement will be driven by people-based metrics and behaviors. Who is watching these ads is what advertisers need to know; completion rate – including CPCV – is not enough information to determine performance. Meanwhile, installs are singular in purpose, excluding most brands, and clicks are troublesome at best. GRP may or may not be the correct answer; however, it is a move in the right direction for mobile video ads. Today, most targeting and optimization is at the app level, not the people level, and this has resulted in inefficient media spend.
The global market for connected cars will grow by 270% by 2022 with 125 million passenger cars expected to ship worldwide between 2018 and 2022.1 By 2020, it’s estimated that UK, France and Germany will reach 100% connected car penetration. Growth in the European region is due to the eCall mandate which requires new cars to automatically dial the 112 emergency number in the event of a serious accident.2 While North America and Europe lead in the highest percentage of shipments, China accounts for 32% of shipments.
The list of connected features enjoyed by consumers that add more opportunities for security attacks include streaming radio, Wi-Fi access points and remote-control mobile phone applications. However, with these conveniences comes responsibility. The recent death of a woman in Arizona who was struck by an Uber in autonomous mode has put a spotlight on what can go wrong in connected vehicles as manufacturers seek to introduce more high-tech features to remain competitive to car buyers. Not surprisingly, 68% of Americans are fearful of cars with self-driving features.3
The increasing number of smart features built into cars opens door to a serious threat – hacker attacks. Because connected cars are linked with the Internet and its crucial parts are interconnected over a network, adversaries have the potential to remotely access and manipulate the data being exchanged leading to a number of problems, such as leaked personal information, overcoming vehicle’s security mechanisms, or even full remote control of the car.
Threats to the Connected Car
Innovative automakers, software developers, and tech companies are transforming the automotive industry. Drivers today enjoy enhanced entertainment, information options and connection with the outside world. As automobiles move towards more autonomous capabilities, the stakes will raise in regards to security. Even if cars are not entirely driverless, the functions will become increasingly dependent on applications, connectivity, and sensors. Vehicle-to-vehicle (V2V) and Vehicle-to-Infrastructure (V2I) allow the car to communicate with other cars and infrastructure such as traffic lights. Vehicle speed adjustments, telematics, and AI voice recognition and interfaces will become common features.
The rapid increase of these technologies inevitably creates the risk of hackers gaining access and control to the essential functions and features of those cars and utilizing information on drivers’ habits for commercial purposes without the drivers’ knowledge or consent.
Here are some of the risks for connected cars:
Stealing personally identifiable information(PII): Today, sensors generate 25 GB of data per hour and this is expected to double considering there will be 200 sensors installed in connected cars by 2020 up from 100 sensors in 2015. Once autonomous vehicles become mainstream, the 17,600 minutes Americans spend driving annually will equate to 300 TB of data per year.4 Financial information, personal trip information, location information and entertainment preferences are just some examples of PII that can potentially be stolen through a vehicle’s system.
Connection security: Like other connected devices, vendor implementation flaws are often exploited by researchers for proof-of-concept attacks. However, it is inevitable that these will be followed by real life attacks. The current poor state of security on connected cars creates a tempting target for cyber criminals.
Manipulating a vehicle’s operation: Catastrophic incidents resulting in personal injury and lawsuits may be in the near future. Well-known cybersecurity researchers Charlie Miller and Chris Valasek have demonstrated several proof-of-concept attacks where they were able to control the braking and steering of a car by accessing the adaptive cruise control system.5 Although costly and with a lower likelihood than data breaches and unauthorized entry, this sort of attack has now been proven possible to a global audience.
Unauthorized vehicle entry: Car thieves now have a new way to gain entry into locked vehicles. Many vehicle technologies have opted to replace physical ignition systems with keyless systems using mobile applications or wireless key fobs. These new access mechanisms mean that methods of obtaining illicit entry include intercepting the wireless communication between the vehicle and the mobile application or between the wireless fob and the vehicle to gain entry credentials, among other methods. The New York Times has documented methods such as wireless key emulation devices and “power amplifiers” that increase the range of the wireless signal looking for the entry credentials. If the owner is in a house or other location close to the car, criminals can then gain entry when their wireless fob responds.6
Mobile application security: As more automobile manufacturers release mobile applications that communicate with cars, mobile applications are quickly becoming a major target for malicious behavior. One example of a flaw in a mobile application happened when Nissan had to pull its NissanConnect EV application for the Nissan Leaf.7 The poor security of the application allowed security researchers to connect to the Leaf via the Internet and remotely turn on the car’s heated seating, heated steering wheel, fans and air conditioning. In an electric car, this meant the possibility a malicious actor could drain the battery of an unsuspecting owner. Mobile applications themselves can be vulnerable in a number of ways. According to Gartner, 75% of mobile applications would fail basic security tests.8 Mobile operating systems themselves are a source of concern—over the last four years, there has been a 188% increase in the number of Android vulnerabilities and a 262% increase in the number of iOS vulnerabilities.9
Smartphones have popularized the concept of on-the-go entertainment with users now spending over five hours per day on their mobile device. This steady demand is great for businesses as long as this usage has reliable 3G or 4G broadband, or WiFi access. Data efficiency decreases the farther one travels from metropolitan areas, whether that be by plane or automobile, whereas the demand for entertainment is constant.
In-flight entertainment systems and broadband are popular with 70 percent of survey respondents citing they would be willing to pay 7 USD for connectivity[1]. Total revenue from these passenger connectivity services will reach $5.4 billion by 2025 growing at a rate of 23 percent CAGR[2].
Wireless in-flight entertainment is expected to reach 9000 aircrafts by 2021 with connected commercial aircrafts reaching 23,100 by 2025. Market size is expected to reach 9.82 billion by 2024[3] with in-flight broadband growing at a CAGR of almost 11% [4].
While these estimates seem in-line, the IFE connectivity may achieve an even higher trajectory due to High Throughput Satellites (HTS). Connectivity will increase 3x reaching 1,500 Gbps by 2017 while increasing 5x to 285 Gbps in 2018. These increased data speeds will also lower costs contributing to more widespread adoption for IFE services.
Cars are also pushing forward on-the-go entertainment with the global in-car market expected to reach $33.8 billion by 2022 up from 14.4 billion in 2016. The automotive landscape is undergoing a drastic change with only 2% of cars online in 2012 compared to an estimated 90% to be connected to the IoT by 2020. [5].
An Infographic on Key Trends in On-the-Go Entertainment:
Prior to the advent of mobile computing, security was limited to corporate IT assets that were often physically secured in facilities owned and managed by the company. According to a recent SANS Institute study, organizations spend as much as 12 percent of their IT budget on security.
In a Ponemon Institute study, it was found that organizations have a 27.7 percent probability of having a material data breach in the next 24 months at an average cost of $3.62M.
Meanwhile, the world of computing has changed. Security is not just about physically secure data centers and corporate controlled computing assets. Instead, end users have gone mobile, connecting to cloud enabled services, often with their own personal devices. And with the rise of the Internet of Things, there will be billions of connected computing devices on the planet in the next several years.
The primary consequences of applications getting hacked include financial loss, destroyed brand reputation, exposure to liability, and regulatory risk. Over 7 billion identities have been stolen in data breaches over the last eight years equal to one data breach for every person on the planet. Meanwhile, mobile’s rapid expansion has introduced a complicated and potentially hostile environment that is difficult to manage and protect.
64 percent of security practitioners said they were very concerned about the use of insecure mobile applications in the workplace with an average of 472 mobile applications reported as actively used in organizations.
Prior to the advent of mobile computing, security was limited to corporate IT assets that were often physically secured in facilities owned and managed by the company, on a network behind a managed firewall, and possibly in a datacenter with multi-factor access, physical security, and armed guards. Because the company owned those assets, they were able to dictate what applications could run on those machines, and actively manage and monitor them, providing the latest patches, endpoint security, and other controls dictated by corporate IT. Assets located in such places were implicitly trusted.
Today, the situation has changed. Mobile devices dominate the market, often as the primary or only way users access the Internet and the many cloud services available. These devices also have very little, if any, physical security. It is a well-worn path hackers use to access such devices to reverse engineer or tamper with the applications running on them, often through rooting, jailbreaking or hoodwinking the user.
This shift has created all sorts of new business models to take advantage of the popularity of mobile devices.
These new business models come with new security problems:
New forms of payment using near field communications (NFC) on mobile devices are becoming popular in recent years. These applications require that credentials to authenticate users must be stored on the device. If those credentials are compromised, then a hacker can execute fraudulent transactions.
Mobile devices are being used in the automotive industry to enable remote parking from your smartphone. A compromise of the device could pose a serious safety risk.
In healthcare, patients are using mobile devices to manage sensitive information collected from various devices ranging from fitness monitors to blood glucose monitors to improve care and create data driven treatment options. A compromise of such a device can lead to a loss of privacy and sensitive information. Or even worse, if a device is hacked, it could potentially lead to life-threatening consequences for the patient.
Internet of Things
By 2025, the total global worth of IoT technology will reach USD 6.2 trillion with the most value coming from health care devices (USD 2.5 trillion) and manufacturing (USD 2.3 trillion). Meanwhile, we see a persistent lack of IoT security investment with 67 percent of medical device makers expecting an attack on their devices while only 17 percent taking measures to prevent an attack. These numbers are staggering when you consider U.S. hospitals have an average of 10 to 15 connected devices per bed with some hospitals registering 5,000 beds — totaling 50,000 connected devices per hospital.
Furthermore, traditional security solutions do not port well to the IoT world, due to differences in system architectures and resource constraints. Therefore, IoT security solutions have not evolved enough and are prone to numerous vulnerabilities.
As GM CEO Mary Barra said in a keynote speech, “A cyber incident is a problem for every automaker in the world. It is a matter of public safety.” As Tesla, GM and many others continue to release connected vehicles – and soon driverless vehicles, the dangers are set to increase. In fact, more than half of the vehicles sold today are connected and vulnerable.
By 2025, the driverless market will be worth $42 billion up from nearly nothing with an official market entry still being anticipated [1]. Self-driving cars have the potential to save 292,000 lives annually from preventing collisions. This is in addition to the added benefits of reducing traffic and climate change, along with the costs of car ownership.
While gaining access to, and being able to control or steal a vehicle such as a Tesla is disturbing enough, it raises several concerns about not only connected cars, but also the mobile applications that extend the features of these vehicles. In fact, mobile apps are quickly becoming the main target for malicious behavior. Over the last four years, there has been a 188 percent increase in the number of Android vulnerabilities and a 262 percent increase in the number of iOS vulnerabilities. In addition, according to Gartner, 75 percent of mobile apps would fail basic security tests.
In another report, more than 80 percent of mobile apps on both the Android and iOS platforms revealed cryptographic implementation issues. Recently, Android malware has become more stealth and has begun to obfuscate code to bypass signature-based security software. Despite Google’s response to critical vulnerabilities and patches of critical issues in the Android OS, end users are still dependent on device manufacturers for these updates.
Driverless Car Security Infographic:
The main source of security and data breaches are found in hacking, malware and social engineering [2].
There are four major attack clusters in the automotive sector:
Direct physical attack: Cars can be breached through the OBDII port and/or while in for maintenance or lent to other drivers.
Indirect physical attack: A carrier is used to compromise the vehicle such as a USB stick, SD card, or through a software patch.
Wireless attacks: Bluetooth and mobile networks including the current development of iOS and Android apps open up the vehicle to an abundant variety of attacks.
Sensor fooling: As of yet, there are no known hacks documented that indicate you can take over a car by fooling the sensors alone.
Consumers are becoming more aware of the dangers around connectivity with 62% saying they are concerned that connected cars will become easily hacked in the future and 48% saying data privacy and security are extremely important. Executives of car manufacturers are also aware of the heightened concern with 52% rating data security and privacy as being of upmost importance to their customers [3].
While the path towards better cyber security for connected cars is a multi-actor road map, auto manufacturers who take the lead will be improving the security of their own brand and product will also improve the safety of their customer.
Savvy consumers today are aware that marketers and corporate companies mine personal data from mobile phones and computers, sourced primarily from search engines, social media sites, emails, text messages, and GPS location information. The internet, a free virtual public space idealized in the nineties, has become colonized through a swath of promised conveniences. In the beginning, the lure of free, convenient services for data was enticing. The improvement in user experience when checking email in the cloud was great enough so as not to elicit questions as to how the emails were handled – such as when Google launched Gmail in 2004, adding a second signal to enrich the profile of search engine users through personally identifiable information. GPS tracking has also since become a powerful method of gathering information on an individual. E-commerce sites advertise by dropping cookies to track online behavior. Thermostats, in a promise to lower heating bills, track data on how people behave inside their homes. But the underpinnings of demand for data by marketers and big corporations remains obscure to most individuals. What is the value of this data and is the digital privacy of individuals a fair trade for the use of internet services and applications?
Ambient Intelligence: A Higher Level of AI Cognition
Many believe that technology’s dominance over privacy is inevitable. Today, humans in developed countries occupy a mixed digital and physical space, one that is largely driven by automatic collection, trading and analysis of information with little or no effort to protect the fundamental rights and liberties of those who use the technology. As the physical and digital worlds merge, digital privacy is no longer a right, but rather a commodity to be traded and sold – meanwhile, physical privacy continues to be protected.
Technology is simply moving faster than policy mechanisms, and this allows technologists to impose their own rules. Big data has fueled a sharp uptick in data mining and profiling with the intent to predict human behaviors and preferences. A White House report released in October 2016 notes that big data is actually the precursor to artificial intelligence and that the availability of big data from e-commerce, businesses, social media, and science have “…provided the raw material for dramatically improved machine learning approaches and algorithms.”
Once interoperability evolves for the many facets of the Internet of Things, along with a higher level of AI cognition, ambient intelligence will emerge. In a world of ambient intelligence, devices work seamlessly to carry on life activities using information and devices hidden in the network. The devices will grow smaller and become more integrated into the environment. Imagine an AI-powered assistant delivering products and services to you the instant they are required; whether it’s a ride when you leave the airport, replacing the groceries you’ve eaten earlier in the week, or ordering your drycleaning. The point for the bots and sensors will be to learn and know as much about your personal habits as possible to increase convenience.
Clearly, technologists have some responsibility that is absent from the current discussion on AI and ambient intelligence. The general population may not demonstrate substantial concern (or understanding) to change its behavior or modify its choices, but that doesn’t mean that these mechanisms should go unchecked. Higher order thinking makes the case that people (and society) need more control over personal information, including any machines placed to observe, construct or produce knowledge on an individual.
What is the Value of Privacy – and do Consumers care?
“Control over personal information is control over an aspect of the identity one projects to the world, and the right to privacy is the freedom from unreasonable constraints on the construction of one’s own identity.” –Philip Agre
Gartner predicts that by 2018, 50 percent of business ethics violations will occur because of the improper use of big data and analytics. At the same time, some companies have railed against this, taking steps to distinguish themselves under a banner of data ethics. Services such as Whatsapp and Signal have shunned data collection entirely by using end-to-end encryption. This decision has helped eliminate potential liability in handling sensitive, personal data, because it simply isn’t retained.
However, not every company can grow – let alone survive – without some level of data science. Big data is the fuel source even as the “engines” such as mobile, artificial intelligence and ambient intelligence become more sophisticated and subtle in their operations. In this case, data platforms are driving these decisions, and those that have a policy for privacy ethics will statistically deliver more value as marketers, startups and corporate companies alike need to connect with consumers without creeping them out.
These proactive decisions can help to sway the perspective of consumers, especially in a competitive space. According to a study by The University of Pennsylvania, more than half of Internet users are concerned about protecting privacy, but feel it may be too late. According to Pew, 74% of Americans say it is “very important” to be in control of their personal information. Meanwhile, according to Chapman University, Americans’ number-one fear is of man-made disasters (e.g., terrorist attacks). A close second is the tracking of personal data by government and corporations, outranking concerns about crime, the environment and natural disasters.
At this point, to say that consumers “do not care about privacy” is to dodge the ethical responsibility that comes with collecting data. As technology advances to include our immediate surroundings, the discussion around big data deepens as it may affect identity and lessen autonomy. In the future, those who handle data as an intermediary– which means delivering the necessary data to first-party companies while buffering and protecting the information collected on consumers – will fare better professionally than those who approach sensitive information like a commodity.
IoT medical devices may be our scariest security threat yet. Implanted devices such as pacemakers draw big headlines for security threats. However, there are 36,000 other health-care related devices in the United States that are discoverable on the connected device search engine Shodan – which doesn’t even take into account the global level of unprotected devices (source: Wired).
In fact, U.S. hospitals have an average of ten to 15 connected IoT medical devices per bed with some hospitals registering 5,000 beds (or 50,000 connected devices). Therefore, the magnitude of the risks associated with these medical IoT devices is a gripping proposition.
Most hacks will not be a life or death situation, although a few exposed vulnerabilities could be potentially fatal, such as with Johnson & Johnson’s insulin pumps, which could potentially administer a fatal dose of insulin, or the Animas OneTouch Ping with a vulnerable wireless controller. The most common hack is for medical records, which can be sold on a Dark Web aftermarket with a value of $500 per Medicare or Medicaid record [2] . As The Hill reports, tens of millions of electronic health records have been compromised over the last few years, whereas there has not been a single implant device death or documented patient harm, according to Zach Rothstein, associated vice president of the Advanced Medical Technology Association. In 2015 over 113 million personal health records were compromised, up 9x from 2014, according to the Department of Health and Human Services (DHS).
While medical record theft and device hacks are well documented, there are many reasons hackers target the vast array of medical devices on the market. Ransomware is the practice of taking over a mobile app until a ransom is paid. A similar exploit can be performed on hospitals by entering a weak point, such as unsecured wireless connections, to access the system and take it over for a ransom. For instance, the Los Angeles Hollywood Medical Center had to pay hackers $17,000 to regain control of critical computer systems [3] . A similar attack also occurred in Mount Pleasant, Texas, where a hospital had its core electronic medical system knocked offline until a ransom was paid. According to those in the security industry, while ransomware attacks are prevalent, they are rarely made public for a variety of reasons.
Other reasons hacks that can occur include changing medical records for allergies or diagnoses. There is at least one case where medical devices were hacked to disseminate information and change stock prices, such as with Muddy Waters, a short selling firm that hired a boutique cybersecurity firm to conduct test attacks on a St. Jude’s pacemaker from 10 feet (3 meters) away, but up to 100 feet with an antenna and software defined radio, according to Reuters.
Medical devices extend beyond healthcare facilities and now overlap with mobile apps, as well. Last year, the Medicines and Healthcare products Regulatory Agency (MHRA) has issued updated guidance today to help identify health apps that are medical devices – and how to secure these mobile vulnerabilities. The apps that are of concern gather data from either the person or a diagnostic device, collecting information such as heartbeat or blood glucose levels, and then interpret the data to make a diagnosis, or to recommend treatment4 . As the MRHA director of medical devices says, “We live in an increasingly digital world, both healthcare professionals, patients and the public use software and stand-alone apps to aid diagnosis and monitor health.” There are also many apps connected to medical devices, providing another entry point for hackers.
“Mobile apps are unleashing amazing creativity,” Bakul Patel said from the FDA’s Center for Devices and Radiological Health. “At the same time, we have set risk-based priorities and are focusing FDA’s oversight on mobile apps that are devices for which safety and effectiveness are critical.”
This article first appeared on Intertrust.comIntertrust.com
To learn more on how to protect IoT Medical Devices and how Intertrust drives advancements in healthcare with secure data collaborations, data privacy and security, contact sales@whitecryption.com Intertrust drives advancements in healthcare with secure data collaborations, data privacy and security, contact sales@whitecryption.com
SOURCES:
[1] WIRED, Medical Devices Next Security Nightmare
[2] NextGov, This Is the Real Threat Posed by Hacked Medical Devices at VA
[3] NYTimes, Los Angeles Hackers Pay $17,000 After Attack
The Internet of Things (IoT) has enjoyed a lot of attention from analysts and researchers who expect the number of IoT connections to surpass the human population this year. It’s no surprise there are quite a few startups in IoT. But how many of these products will actually be used? And does IoT simplify life or only add more gadgets in an already gadget-frenzied world?
An open-source analysis of IoT user behavior conducted by Harvard Business Review collected from 1,000 IoT technology platforms and 279,000 early adopters found that the most heavily used IoT programs made home life easier. The top 3 most preferred systems extended security, quantified the self, such as measuring body mass index (BMI) or sleeping patterns), and optimized machines to automate functions such as turning off lights when someone leaves the house.
A few months back, Santa Clara hosted the IoT World conference, which is known as the largest IoT conference in the world with 400 speakers, 250 sponsors and exhibitors, and an attendance of over 11,000 people. I attended this conference and found the following startups in IoT to be on the mark for both innovation and also answering demand for consumer needs:
Hot Startups in IoT:
1. Owlet:
In 2015, there were about 3,700 sudden unexpected infant deaths (SUID) in the United States with 1,600 confirmed from SIDS. These deaths occur in infants less than 1-year-old and have no immediate obvious cause, creating stress for parents of newborn babies. Owlet has created a smart sock to track a baby’s heart rate and oxygen levels while they sleep. The gadget features a sensor within the sock that connects to a smartphone to log and track the data collected. The technology is called “pulse oximetry” that works like the red light used in hospitals placed on the index finger to measure heart rate and oxygen. If the baby’s oxygen levels or heart rate exceeds the acceptable range, the monitor sounds the alarm. Owlet is still in the process of FDA approval and cannot yet claim to prevent SIDS, however, some parents already claim to be sleeping better.
2. Swarm Technology
Swarm Intelligence was introduced in 1989 by Jing Wang as a collective behavior of decentralized, self-organized systems and was employed for artificial intelligence, especially in regards to cellular robotic systems. The inspiration for “intelligent” global behavior comes from nature, such as ant colonies, bird flocks, animal herding and bacterial growth. The company, Swarm Technology, takes this concept and applies it to distributed processing, heterogeneous processing, machine learning and multi-agent artificial intelligence. Alfonso Inguez, the electrical engineer who developed the idea, explains the CPU broadcasts ‘this is what I need’ and the other computers or hardware that are interconnected and part of the internet of things lends to the fulfillment of what is being broadcast. Iniquz explains the key concept is “that the co-processors are not sitting idle waiting to be told what to do; they’re actively looking for work.”
Swarm Intelligence was introduced in 1989 by Jing Wang as a collective behavior of decentralized, self-organized systems and was employed for artificial intelligence, especially in regards to cellular robotic systems.
3. Grid Connect
The smart home market continues to be plagued by high device prices, limited value and hard to install devices as pointed out in my article in VentureBeat. Centralization may be necessary for the connected home to work, but where should we limit this? If the benefits we’re looking for are interoperability and efficiency, then the connected home should limit centralization to only this, allowing the rest of the appliances and electronics to be decentralized. GridConnect helps facilitate this balance with the Connect Sense Smart Outlet. Released in 2015, the company announced the addition of power monitoring to the Smart Outlet and ConnectSense app in late 2016. With the ConnectSense app, users can integrate scenes and rules for the Smart Outlet and other home automation devices regardless of manufacturer. The power monitoring also helps to give insight into the power consumption of the devices plugged into the Smart Outlet. The ConnectSense app also gives the ability to create rules based on power usage.
4. Mynt
Smart trackers are becoming increasingly sophisticated and Mynt is not only reasonably priced but offers a full set of features such as accurate position tracking, playing music, taking a picture, recording video and sharing location, to name a few. By attaching Mynt to your valuables, your smartphone will alert you if you leave your keys or wallet behind, or if your pet is lost. Mynt is also a bi-directional tracker that has a built-in buzzer if you leave your phone. You can also locate your car by saving your parking location or take a selfie with Mynt by using it as a remote control for your cell phone camera. Although not the only Bluetooth tracker on the market, Mynt is extremely thin and reasonably priced at $19.99.
Please note: The I/O Fund conducts research and draws conclusions for the Fund’s positions. We then share that information with our readers. This is not a guarantee of a stock’s performance. Please consult your personal financial advisor before buying any stock in the companies mentioned in this analysis.