You may be thinking that now is a good time to jump into cybersecurity action amid high-profile hacking incidents. Additionally, the buzz around artificial intelligence is driving investor interest in cybersecurity stocks.
X
As of the market opening on January 2, the IBD Computer Software-Security group ranked sixth out of 197 industrial groups tracked by IBD. Zscaler (ZS), a major player in SASE market growing stronglybelongs to MII classification.
Five cybersecurity values are members of the IBD 50 List of Growth Stocks: Crowd strike (CRWD), Zscaler, Qualys (QLYS), Cloud Flare (NET) And SentinelOne (S).
Among the best performing cybersecurity stocks in 2023 are Palo Alto Networks (PANW). PANW stock is up 111% in 2023. CRWD stock is up 142% this year. Zscaler stock jumped 98%. Cloudflare jumped 84%.
Cybersecurity actions: Microsoft competition
Cybersecurity stocks thrived despite growing competition from cloud computing giant Microsoft (MSFT). Microsoft aims to integrate artificial intelligence tools into its security platform. Called Microsoft Security Copilotthe platform uses a new AI assistant.
Recent hacks against casino operators MGM Resorts (MGM) And Caesars Entertainment (CZR) highlighted fears of an increase in generative AI ransomware attacks.
At the same time, research firm Gartner updated its forecasts for business spending on cybersecurity. The research firm forecasts an increase of 14% in 2024 to reach $215 billion.
That’s up from its previous forecast of 11% growth. And that’s better than most IT spending categories.
By 2024, spending on cloud security products and services will increase nearly 25% to $7 billion, Gartner predicts.
Meanwhile, the Securities and Exchange Commission has new disclosure rules for public companies. The rules require companies to report hacking incidents within four business days if they have a significant impact on their operations.
Cybersecurity actions: double-edged AI
Meanwhile, IT security companies and hackers should use generative AI tools. Here is an overview of the AI Cybersecurity Battle.
Cybersecurity companies expect generative AI tools to help reduce the time it takes to detect and respond to many forms of hacking. They also envision generative AI automating more functions in security operations centers to help companies address the shortage of software engineers.
In 2024, the AI generation will likely take a step forward, George Kurtz, chief executive of Crowdstrike, said in an interview.
“I think we’re going to see the maturation and adoption of generative AI,” Kurtz told IBD. “With Charlotte AI, we are focusing on (security center) automation, turning a security analyst’s eight hours of work into 10 minutes. That’s the ROI (return on investment) for companies that will start to see benefits in 2024.”
Cloud computing and security software remain at the top of priority lists, followed by business intelligence/analytics, digital transformation and artificial intelligence, according to a 2022 Morgan Stanley CIO survey.
Analysts say a new wave of startups is taking share from the industry’s incumbents. They include Netskope, Wiz, Snyk and Illumio. Analysts say others to watch include Venafi, Recorded Future, Noname Security, Obsidian Security, Deep Instinct and Skyflow. Startups are putting pressure on incumbents to spend more on research and development.
Funding continues to go to cybersecurity startups. Cloud security company Wiz recently raised $300 million at a valuation of $10 billion. The big question is whether the banking crisis will slow venture capital investment in the sector.
Cybersecurity Stocks and Private Equity
Private equity firms remain active. Thoma Bravo agreed in October 2022 to buy ForgeRock for $23.25 per share in an all-cash transaction valued at approximately $2.3 billion. The deal represented a 53% premium to ForgeRock’s closing share price on October 10. The operation should be finalized in the first half of 2023.
Earlier, Thoma Bravo had acquired Ping identity funds (PING) for $2.8 billion. Thoma Bravo also acquired cybersecurity companies SailPoint Technology, Proofpoint, Sophos and Barracuda. The private equity firm has invested in cybersecurity startups, like Illumio.
Additionally, private equity firm Permira completed its $5.8 billion purchase of Mimecast in May.
Private equity firm Vista Partners acquired KnowBe4 on October 13 in a $4.6 billion leveraged buyout.
The federal market, a favorable wind?
Parent Google Alphabet (GOOGLE) acquired cybersecurity company Mandiant last year in a $5.4 billion all-cash deal. Mandiant is now part of Google’s cloud computing business.
Additionally, Google acquired Siemplify, a security orchestration, automation and response provider, in 2022 for approximately $500 million.
Some computer security companies could nevertheless benefit from the federal government’s new initiatives.
The Cyber Incident Reporting Act of 2023 requires agencies, federal contractors, and critical infrastructure operators to notify the Department of Homeland Security when a data breach is detected, an important step in strengthening security.
Furthermore, Ransomware remains a significant threat.
Cybersecurity actions: wide range of products
Additionally, it is an investor’s responsibility to know which cybersecurity stocks combat ransomware, phishing, or other types of cyberattacks.
Meanwhile, CrowdStrike uses machine learning and a specialized database to detect malware on laptops, mobile phones and other devices accessing corporate networks. Additionally, many software publishers using artificial intelligence to gain competitive advantage.
Additionally, Zscaler is the largest provider of cloud-based web security gateways which inspect customer data traffic for malware.
SailPoint, an identity management software company, is among the companies that generate more than 10% of its revenue from government agencies.
Other cybersecurity companies with significant government activity include Tenable, Rapid7 and CyberArk (CYBR). Tenable acquired French company Alsid in 2021, which focuses on identity access management.
Furthermore, Fast7 (SPR) and Qualys specialize in vulnerability management services.
Faced with the rapid global spread of Covid-19, many companies have asked their employees to work from home. This has increased the demand for IT security products that support remote working.
The coronavirus emergency and the shift to remote work have accelerated the growth of cloud-based network security. So the industry now has a new term for the infrastructure that supports distributed workers and branch offices.
SD-WAN technology is changing security needs
American companies have increased their security technology spending in an effort to protect intellectual property as well as consumer privacy. Hackers continue to steal credit card data and intellectual property.
Spending on security technology has evolved as businesses shift workloads to cloud computing service providers. Amazon Web Services, part of Amazon.com (AMZN), is the largest cloud services company. Amazon is emerging as a potential rival to companies like Cloudflare as it integrates more security tools into its cloud services.
Also, Fortinet (FTNT) competes with Palo Alto Networks and others in the firewall security market. Firewalls reside between private networks and the Internet. They block unauthorized traffic and scan web applications for malware.
As large businesses shift to off-premises cloud computing services, some believe firewall technology will play a lesser role. Fortinet has targeted software-defined wide area networks, or SD-WAN, an emerging computer networking technology.
Aiming to catch up in SD-WAN technology, Palo Alto Networks acquisition of the startup CloudGenix.
Cybersecurity products fight ransomware and phishing
In addition, cybersecurity actions cover a wide range of products and services. Additionally, some security vendors are moving toward software-based subscription business models rather than selling hardware devices. Among them, Proofpoint specializes in email protection and data loss protection.
At the same time, hackers often aim to compromise networks by targeting employees or managers with administrative access. CyberArk manages privileged accounts. Additionally, Okta offers identity verification services.
To slow down hackers, more and more companies are focusing on internal security threats with a strategy known as Zero trust. Additionally, traditional security measures aim to keep bad guys out of corporate networks. Additionally, network firewalls focus on intruders coming from the public Internet.
Zero Trust cybersecurity models focus on insider threats, such as theft of security credentials by hackers. Security companies verify the identity of network users and limit access to applications.
CrowdStrike, Okta, Netskope and Proofpoint recently formed a Zero Trust alliance. Target Zero Trust security, Cisco Systems (CSCO) in 2018, acquired Duo Security for $2.35 billion.
Additionally, many fast-growing cybersecurity companies are present in the endpoint market. Their tools detect malware on laptops, mobile phones and other devices accessing corporate networks.
Additionally, investors might consider Global X Cybersecurity ETF (BUG) for broader exposure to the sector.
Follow Reinhardt Krause on Twitter @reinhardtk_tech for updates on 5G wireless, artificial intelligence, cybersecurity and cloud computing.
YOU MIGHT ALSO LIKE:
IBD Digital: Unlock IBD’s premium stock lists, tools and analysis today
Learn to Time the Market with IBD’s ETF Market Strategy
How to use the 10-week moving average to buy and sell
Receive free IBD newsletters: Market preparation | Technical report | How to invest