Concerns over data security have created a rush by private companies and the government to bolster their cybersecurity spending. The result is a huge opportunity for cybersecurity firms - and for investors.
The names of malware used by cybercriminals — such as PlugX, Dyreza, Cryptolocker and TorrentLocker – may not resonate with the average computer user, but among today’s cybersecurity professionals these names are about as common as household name companies like The Home Depot, Neiman Marcus, and Sony Pictures Entertainment Inc., all 3 of which have been impacted by computer security breaches.
Demand for the cybersecurity services and products provided by leading public companies in the sector — Palo Alto Networks Inc. (NYSE: PANW), FireEye Inc. (Nasdaq: FEYE), Check Point Software Technologies Ltd. (Nasdaq: CHKP), Proofpoint Inc. (Nasdaq: PFPT), and Fortinet Inc. (Nasdaq: FTNT) – doesn’t just show little sign of slowing but is expected to mushroom, according to industry observers.
“Ultimately, it’s a $15 billion to $20 billion market opportunity. There’s a massive secular shift taking place as more corporate enterprises and government agencies move towards protecting IT infrastructure against malicious activity and cyber threats,” said Daniel Ives, a managing director at FBR Capital Markets. “When you think about the overall spending environment, it’s still a pretty modest IT spending environment, but cybersecurity is growing at 25% to 30% year over year,” said the analyst and author of FBR’s new cybersecurity report.
Ives said spending against computer threats is expected to be strong this year as chief information officers seek to upgrade their existing security capabilities. “We estimate an increase in next-generation cybersecurity spending of approximately 20% in 2015, relative to a 3%—5% IT spending environment.”
That growth and the need to protect against unwarranted cyber intrusion is what underscored the $2.4 billion buyout of Blue Coat Systems Inc. by Boston private equity house Bain Capital, a deal announced on March 10. In a press release, David Humphrey, a managing director at Bain Capital, noted, “We are very impressed with the profitable growth the company has demonstrated and believe strongly in the future growth of the cyber security market…”
The time for investing in the sector couldn’t be more auspicious in light of the “once in a multi-decade” move by corporate and government security IT departments to bolster their IT security capabilities, while larger companies like IBM will drive consolidation in the industry, according to FBR. “Overall, in our opinion, the increasingly complex threat environment is paving the way for advanced security solutions and major tailwinds for cybersecurity players that have the right technologies at the right time, and we continue to encourage investors to be overweight [in] this sector,” Ives said.
Cybersecurity stocks have rallied on the Nasdaq and New York Stock Exchange over the past year, driving share prices up industry-wide by some 40% to 50%, said the FBR analyst.
Consider Santa Clara, CA-based Palo Alto Networks Inc. (NYSE: PANW), an $11.9 billion market cap company with shares that reached a high of $149.35 over the last year, while trading at $145.82 each this week.
Separately, FireEye Inc. (Nasdaq: FEYE), the Milipitas, CA-based $6.7 billion market capitalized company had its shares hit a high of $71.54 over the past year. At press time, the company’s shares were trading at $43.00 each.
When it comes to making investment decisions about cybersecurity stocks, Ives said the biggest factor is to review a company’s revenue growth rates, especially when it concerns faster growing companies with high margins like Palo Alto Networks, FireEye, Proof Point and CyberArk Software Ltd. (Nasdaq: CYBR). “For the high growth names you want to look more at the revenue levels and when it comes to slower growth companies, you want to look more at their cash flow.”
For example, the FBR analyst expects Palo Alto Network’s revenues to increase 39% in fiscal 2015 and 32% in the coming fiscal year, which represent strong revenue growth rates. Other companies, however, may expect lower growth rates.
Ives’ report highlighted the importance of bigger-picture factors when it comes making investments in specific companies. These factors include determining the sustainability of a company’s growth, renewal rates on products or services, the integration of acquired companies, and today’s macroeconomic environment. While a downturn in the economy can negatively impact any cybersecurity vendor’s performance and its stock price, Ives is sanguine about the industry’s prospects going forward.
“We’re bullish on cybersecurity because of the recent increased threat environment,” he noted.