Super Investors Be Like
Terry Smith·FORTINET INC
FTNT

Fortinet — Key Risks

AI Overview
Activity & BusinessResultsFinancialsRisks

Heavy Dependence on a Small Number of Channel Partners Creates Concentrated Risk

Fortinet sells almost all of its products through distributors and resellers rather than directly to end customers. Just six distributor customers accounted for 67% of total net accounts receivable as of December 31, 2025, with the single largest representing 32% on its own. If any of these key partners runs into financial trouble, shifts focus to a competitor, or simply walks away, Fortinet's revenue could take a significant hit with little short-term ability to compensate.

Taiwan Manufacturing Concentration Leaves the Supply Chain Vulnerable

The majority of Fortinet's hardware is manufactured in Taiwan, and its proprietary chips (ASICs) are fabricated by foundries including TSMC. Any military escalation between China and Taiwan — which the filing explicitly names as an ongoing concern — could disrupt production with limited ability to quickly shift to alternative sources. The filing also notes a current global memory chip shortage that is already causing delivery delays and pushing up costs.

Product Vulnerabilities Can Directly Undermine Customer Trust

Because Fortinet sells security products, a flaw in its own software is particularly damaging — it means the tool meant to protect a customer's network may instead expose it. The filing specifically mentions a recent critical vulnerability in the FortiManager product, noting the company faces ongoing reputational harm, customer relationship damage, potential litigation, and regulatory scrutiny as a result. Customers who don't apply patches in time compound the problem.

The Shift to Cloud Security Is a Genuine Threat to the Core Business

Most of Fortinet's platform is currently deployed on-premises as physical hardware appliances. Competitors like CrowdStrike and Zscaler are cloud-native, and enterprise buyers are increasingly demanding subscription-based cloud delivery. Fortinet is investing to catch up, but this transition carries real execution risk, higher costs, and the possibility that the company moves more slowly than the market requires.

Service Subscription Revenue Is a Lagging Indicator — Declines Show Up Late

A large share of Fortinet's revenue comes from FortiGuard security subscriptions and FortiCare technical support, which are recognized gradually over contract periods of one to five years. This means a slowdown in new or renewed contracts today won't fully appear in reported revenue for months or even years — making it harder for outside investors to see problems developing in real time.

Key-Person Risk Is Unusually High Given Founder-Led Structure

The company was founded by brothers Ken Xie (CEO) and Michael Xie (President and CTO), who remain central to its strategy and technical direction. The filing explicitly flags that losing either of them could significantly delay development and strategic goals. This level of founder dependency is a concentration risk that is more pronounced here than at many comparably sized companies.

China's Directive to Avoid U.S. Cybersecurity Vendors Is a Direct Revenue Threat

The filing discloses that the Chinese government has instructed domestic companies in certain industries not to use cybersecurity products from U.S. or Israeli companies — explicitly including Fortinet. This is not a hypothetical geopolitical risk; it is an active policy that directly restricts Fortinet's addressable market in one of the world's largest economies.