You might think it's a good time to move into cybersecurity stocks amid high-profile hacking incidents. The hype surrounding artificial intelligence is also driving investor interest in cybersecurity stocks. Analysts say federal government spending on cybersecurity should provide a boost in 2024.
X
As of May 6, the computer software security group was ranked No. 95, up from No. 35 two months earlier, out of 197 industry groups tracked by IBD.
Meanwhile, CrowdStrike (CRWD) shares are up 21% this year.
Some Wall Street analysts are touting cybersecurity stocks with cloud platforms, such as CrowdStrike, as the most likely market share gainers. Many companies are aiming to consolidate purchasing by buying from fewer security vendors, analysts say.
Cybersecurity Stocks: Earnings Reports
Shares in Fortinet (FTNT) fell after first-quarter billing growth beat estimates. Cloudflare (NET) shares also fell on weak revenue expectations. Cloudflare stock dropped from the IBD 50 list of growth stocks.
Meanwhile, CyberArk Software (CYBR) and Zscaler (ZS) were dropped from the IBD Leaderboard watchlist. CyberArk specializes in privileged access management.
Palo Alto Networks (PANW) reported fiscal third-quarter earnings on May 20. PANW stock is expected to be at par in 2024.
The big picture: Cybersecurity services provided via cloud computing platforms are preferred. Many companies are moving away from “firewall” hardware for on-premise computer networks.
Cybersecurity Stocks: Competing with Microsoft
Cybersecurity stocks have boomed despite increasing competition from cloud computing giant Microsoft (MSFT). Microsoft aims to integrate AI tools into its security platform. The platform, called Microsoft Security Copilot, uses a new AI assistant.
The Microsoft Copilot for Security platform became generally available on April 1.
Recent hacks on casino operators MGM Resorts (MGM) and Caesars Entertainment (CZR) have underscored fears that generative AI will increase ransomware attacks.
At the same time, the Securities and Exchange Commission established new disclosure rules for public companies. The rules require companies to report hacking incidents within four business days if they have a material impact on operations.
Furthermore, research firm Gartner updated its forecast for corporate spending on cybersecurity. The research firm expects a 14% increase in 2024 to $215 billion.
This is higher than its previous forecast of growth of 11%. This is better than most categories of IT spending.
In 2024, spending on cloud security products and services will jump nearly 25% to $7 billion, according to Gartner forecasts.
Cybersecurity Stocks: Artificial Intelligence is a Double-Edged Sword
Meanwhile, both computer security companies and hackers are expected to benefit from generative AI tools. Here's a look at the AI ​​cybersecurity battle.
Cybersecurity companies expect productivity AI tools to help reduce the time needed to detect and respond to many forms of computer hacking. They also see generative AI automating more functions in security operations centers to help companies deal with the shortage of software engineers.
According to a Morgan Stanley survey of chief information officers in 2022, cloud computing and security software remained at the top of priority lists, followed by business intelligence/analytics, digital transformation, and artificial intelligence.
Analysts say a new wave of startups is taking share from established companies in the industry. They include Netskope, Wiz, Snyk, Lacework, and Illumio. Other companies to watch include Vectra AI, Venafi, Recorded Future, Noname Security, Obsidian Security, Deep Instinct and Skyflow, analysts say. Startups are pressuring companies to increase spending on research and development.
Funding continues to go to cybersecurity startups. Cloud security company Wiz recently raised $300 million at a $10 billion valuation.
Cybersecurity stocks and private equity
Private equity firms remain active. Thoma Bravo agreed in October 2022 to acquire ForgeRock for $23.25 per share in an all-cash deal valued at approximately $2.3 billion. The deal represents a 53% premium to ForgeRock's closing stock price on October 10. The deal is expected to close in the first half of 2023.
Earlier, Thoma Bravo acquired Ping Identity Holdings (PING) for $2.8 billion. Toma Bravo also acquired cybersecurity companies SailPoint Technology, Proofpoint, Sophos, and Barracuda. The private equity firm has invested in cybersecurity startups, such as Illumio.
Private equity firm Permira in May also completed the purchase of Mimecast for $5.8 billion.
Federal market as a tailwind?
Alphabet (GOOGL), Google's parent company, last year acquired cybersecurity company Mandiant in a cash deal worth $5.4 billion. Mandiant is now part of Google's cloud computing business.
Furthermore, in 2022, Google acquired Siemplify, a company specializing in security orchestration, automation, and response, for about $500 million.
However, some computer security companies could get a boost from new federal government initiatives.
The Cyber ​​Incident Reporting Act of 2023 requires federal agencies, contractors, and critical infrastructure operators to notify the Department of Homeland Security when a data breach is discovered, an important step in building security.
In addition, ransomware remains a major threat.
Cybersecurity Stocks: Wide Range of Products
Furthermore, an investor should know about cybersecurity stocks that address ransomware, phishing, or other types of cyber attacks.
Meanwhile, CrowdStrike uses machine learning and a specialized database to detect malware on laptops, cell phones and other devices that access corporate networks. In addition, many software companies are using AI to gain a competitive advantage.
Additionally, Zscaler is the largest provider of cloud-based web security gateways that scan customers' traffic for malware.
SailPoint, an identity management software manufacturer, is among the companies that gets more than 10% of its revenue from government agencies.
Other cybersecurity companies with significant government business include Tenable (TENB), Rapid7, and CyberArk. In 2021, Tenable acquired France-based Alsid, which focuses on identity access management.
Additionally, Rapid7 (RPD) and Qualys (QLYS) specialize in vulnerability management services.
Amid the rapid global spread of Covid-19, many companies have instructed their employees to work from home. This has led to increased demand for computer security products that support remote work.
The coronavirus emergency and the shift to remote work have accelerated the growth of cloud security. So the industry now has a new term for the infrastructure that supports distributed workers and branch offices.
SD-WAN technology is changing security needs
US companies have increased technology spending on security with the goal of protecting intellectual property as well as consumer privacy. Hackers continue to steal credit card data and intellectual property.
Spending on security technologies has evolved as companies shift commercial workloads to cloud computing providers. Amazon Web Services, part of Amazon.com (AMZN), is the largest cloud services company. Amazon looms as a potential competitor to companies like Cloudflare as it builds more security tools into its cloud services.
Fortinet also competes with Palo Alto Networks and others in the security firewall market. Firewalls exist between private networks and the Internet. They block unauthorized traffic and scan web applications for malware.
As large companies shift to off-premise cloud computing services, one view is that firewall technology will play a lesser role. Fortinet targeted software-defined wide area networking, or SD-WAN, an emerging computer networking technology.
Cybersecurity products fight ransomware and phishing
Furthermore, cybersecurity stocks include a wide range of products and services. In addition, some security vendors are shifting to software subscription-based business models rather than selling hardware. Among them, Proofpoint specializes in email and data loss protection.
Meanwhile, hackers often aim to penetrate networks by targeting employees or management who have administrative access. CyberArk (CYBK) manages premium accounts. In addition, Okta provides identity verification services.
To slow down hackers, more companies are focusing on internal security threats through a strategy known as Zero Trust. In addition, traditional security measures aim to keep bad guys out of corporate networks. Moreover, network firewalls focus on hackers from the public Internet.
Zero Trust cybersecurity models focus on insider threats, such as hackers stealing someone's security credentials. Security companies verify the identity of network users and limit access to applications.
CrowdStrike, Okta, Netskope, and Proofpoint recently formed the Zero Trust Alliance. Aiming to target Zero Trust security, Cisco Systems (CSCO) in 2018 acquired Duo Security for $2.35 billion.
Many fast-growing cybersecurity companies are also present in the endpoint market. Their tools detect malware on laptops, cell phones, and other devices that access corporate networks.
Also, investors may consider the Global X Cybersecurity ETF (BUG) for broader exposure to this sector.
Follow Reinhardt Krause on Twitter @reinhardtk_tech for updates on 5G wireless, artificial intelligence, cybersecurity, and cloud computing.
You may also like:
IBD Digital: Unlock IBD's featured stock listings, tools and analysis today
Learn how to time the market with IBD's ETF market strategy
How to use the 10-week moving average to buy and sell
Get Free IBD Newsletters: Market Preparation | Technical report | How to invest
