The digital age is here, and it’s become an indispensable part of our lives. It’s penetrated nearly every sphere such as business operations, commerce, entertainment, banking, etc. These advances have put more power in the hands of consumers and businesses, but the increasing reliance on computers, connectivity, and cloud computing has made us more vulnerable to cyberattacks. 

Data is the lifeblood of the digital economy and all the services that we are now dependent upon. According to the University of Maryland, a cyberattack occurs every 39 seconds and affects 1 in 3 Americans. 

The cost of such an attack can be quite steep for individuals but even more disastrous for companies. Some costs can include trade secrets, intellectual property, customer trust, regulatory scrutiny, and a disruption in operations. 

Just like the rise of automobiles spawned the car insurance industry, the increased digitization of operations and activities necessitates investing in an effective cybersecurity program and structure. Cybersecurity needs have become increasingly varied and complex as threats proliferate and grow in sophistication. 

Types of Cybersecurity Attacks

Every few months or so, there are some high-profile hackings in the news. Just over the last few years, 90 million customers’ credit card details from TJX (TJX), the Stuxnet virus which affected Iran’s nuclear facilities, the theft of employee and customer records at RSA Security, data of over 100 million customers being stolen from Target (TGT), Yahoo compromising the data of 500 million users, and eBay (EBAY) which lost the data of nearly 150 million users.

Based on these incidents and the constant reports of new threats, it’s clear that one of the biggest near-term risks to companies is a cybersecurity attack. 

These incidents have also taught us that cyberattacks can take different forms and cause different types of damage. To protect against digital attacks, it’s necessary to understand areas of vulnerability and the potential impact of an attack. Some of the means of cyberattacks are social engineering, phishing, ransomware, unpatched software, and persistent threats. 

Cyberthreats are typically classified into three categories:

• Attack on Integrity – Tampering or Altering data by unauthorized people. Many cyber attacks start this way to gain access to systems. 
• Attack on Confidentiality – Theft of private or confidential information.
• Attack of Availability – Prevents systems and data from being accessed or used.

Components of Cybersecurity

Companies’ tech stacks have different points of vulnerability due to different access points. Each cybersecurity solution should include the following assessments:

• Risk Management and Assessment: This step involves identifying and prioritizing internal and external vulnerabilities. Then, choosing to prioritize which gaps should be addressed by balancing time, cost, and risks.
• Unified Threat Management: This is often the dashboard by which companies assess and monitor systems and threats. It’s a comprehensive look at a cybersecurity system including the various tools that are found in a typical package including antivirus, antispam, firewalls, intrusion detection, etc.
• Security Incidence: Security Incidence is the company’s protocol for dealing with threats in real-time. This is to minimize the impact of damage and help operations return to normal as quickly as possible.
• Identity and Access Management: Cloud, mobile, and IoT allow employees and customers to work and engage from any location. This increases the importance of assigning a digital ID to every user to ensure that data or systems are not accessed without proper credentials. 

Cybersecurity Industry Size and Prospects

Given the importance and depth of the cybersecurity field, it’s not surprising that overall spending has increased from $3.5 billion in 2004 to $185 billion in 2020. According to Grandview Research, spending is expected to increase at a 12% to 15% CAGR over the next decade. 

In a survey from Ernst & Young, 86% of companies said that upgrading cybersecurity is a priority for them in 2021. Cybersecurity and national defense are also becoming synonymous, as cyberwarfare and spyware are increasingly taking place in cyberspace. In 2020, the Defense Department spent $24 billion on cybersecurity, and this is expected to reach $50 billion by 2030. 

Over the next decade, technologies like cloud computing, 5G, and the Internet of Things (IoT) will continue to proliferate and become ubiquitous. This will begin the era of “always connected” devices. The counter to this innovation will be that our increased dependence on these devices will increase the cost of cybersecurity attacks.

5 Stocks to Buy

Cybersecurity is a complex field with multiple layers. Companies, governments, and individuals have to protect themselves from threats that could come in many forms. Of course, these threats are getting increasingly sophisticated.

Technology’s incursion into various aspects of life for individuals and businesses is unstoppable. There are several benefits, but the major downside is increased risk and exposure to cyberattacks. In a sense, the cybersecurity industry is the “insurance” that must be bought to protect against these risks.

The costs of any disruption will only increase as more data, activities, services, and operations are performed on the cloud. Of course, it’s expected that criminals will follow the money. Radware (RDWR), NortonLifeLock (NLOK), McAfee (MCFE), Qualys (QLYS), and Proofpoint (PFPT) are five stocks that will benefit as cybersecurity spending increases. 

Radware Ltd. (RDWR)

RDWR was founded in 1996 and is headquartered in Tel Aviv, Israel. It designs and develops cybersecurity applications for physical, virtual, and cloud environments. Its products include DefensePro, real-time network protection, and attack prevention software, AppWall, a Web application firewall; and DefenseFlow, a cyber-command and control application. 

Further, RDWR provides Cloud DDoS Protection Service, which offers a range of enterprise-grade DDoS protection services in the cloud, as well as technical support, professional, managed, and training and certification services to its customers. The company sells to independent distributors, including value-added resellers, original equipment manufacturers, and system integrators. 

RDWR’s stock is quite attractive as it’s expected to grow earnings 27% next year which is significantly above the market average and its peers. It is also priced much more attractively than its peers given its PS of 4.6. It also has an attractive 82% gross margin. 

RDWR’s long-term chart shows a stock that has been consolidating between $20 and $30 over the last 4 years. Due to the stock’s strong earnings momentum, reasonable valuation, and sector strength, there are good chances of a breakout. At the least, it presents an attractive risk-reward proposition.

RDWR is rated a B by the POWR Ratings which equates to a Buy rating. Radware also has a B for Growth. This isn’t surprising considering that earnings per share (EPS) over the last 12 months was $0.20, and analysts are expecting EPS of $0.87 over the next year. 

RDWR also has an A for Quality. The company has been around since 1996 and has developed a reputation for creating effective cybersecurity solutions since its inception including network security, cloud security, and enterprise software. If you want to learn more about RDWR, click here.

McAfee Corp. (MCFE)

MCFE is one of the oldest and most well-known cybersecurity companies. It was founded in 1987 and was bought out by Intel (INTC) in 2010 for $7.7 billion. However, the merger was not successful, and Intel ended up selling MCFE to a consortium of private equity investors at a loss. 

In October 2020, MCFE, once again, became a public company as it IPO’d at $19. Since then, the stock has traded between $16 and $22. However given its long history, MCFE is much different from most IPOs as it has a mature business that is profitable and cash-flow positive.

MCFE has two major units – one to serve individuals, while the other serves enterprise customers. Currently, there is an even split between the two, but the enterprise segment is growing faster. For both segments, MCFE offers subscription-based products that include additional add-ons.

For enterprise customers, MCFE specializes in endpoint security which means protecting devices connected to a network. In this segment, its major competitors include FireEye (FEYE), VMWare (VMW), and CrowdStrike (CRWD). MCFE is also considered one of the leaders in cloud security according to Gartner. It counts 81 companies out of the Fortune 100 as customers. 

Overall, it has a 9% total share of the cybersecurity market which makes it one of the best vehicles for investors to get exposure to this theme, especially as the stock is trading at a much cheaper valuation than other companies in the sector.

MCFE is rated a B by the POWR Ratings which equates to a Buy. The stock has a B for Growth. This isn’t surprising as it is one of the leading companies in a fast-growing sector. As hackers get more sophisticated and the cost of breaches increases, more people will buy McAfee’s total security package. Its enterprise segment is growing even faster and offers cloud and network security. 

Many new IPOs come at steep valuations, therefore MCFE’s Value grade of A is unexpected. However, MCFE is an exception to the rule as it sports a forward PE of 16.7. This is cheaper than the S&P 500’s PE of 24. In addition to these categories, MCFE is also evaluated based on Momentum, Stability, Sentiment, Quality, and Industry. 

If you want to learn more about MCFE, click here.

Qualys Inc. (QLYS)

Since the beginning of February, QLYS is down by 30%. One factor is that many high-growth tech stocks have sold off due to rising interest rates. Another reason is the company issued guidance that was slightly below expectations.

However, investors should consider using this weakness as an opportunity to add shares. QLYS is the leading company in the vulnerability management space. This service is essential for companies as it helps them to prioritize where they should invest their time and resources in terms of cybersecurity. 

It’s also attractive from a valuation perspective with a 34 forward PE. This is cheaper than the S&P 500, while the company is also growing earnings at a faster rate at 22%. It also has gross margins of 78%. 

QLYS is rated a C by the POWR Ratings which equates to a Neutral grade. QLYS has been hurt by its Industry grade of D due to many of its peers weakening amid the selloff in tech stocks. 

At some point, quality names in tech stocks will start floating higher once the selling pressure recedes. Given QLYS’ Quality grade of A, it has a chance to outperform.  

Proofpoint Inc. (PFPT)

PFPT is a security as a service provider, targeting large and mid-sized organizations to defend, archive, and organize their sensitive data. It offers protection against threats, email security, cloud security, threat detection, and solutions to enable secure communication. 

Many expected that PFPT’s 2020 results would be negatively impacted by weakness in small and mid-sized businesses. However, the company was able to continue growing earnings by 24% and revenue by 13%. Analysts project average revenue growth of 14% over the next 5 years.

This makes the stock quite attractive especially given its PS of 6 which is below its peers. Additionally, the need for IT and email security is only going to expand in the coming years, and PFPT is one of the leading firms in this category. Email security is one of the largest markets with an estimated billion users while remaining relatively untapped. However, this is also one of the biggest points of vulnerability.

PFPT had an overall rating of B according to the POWR Ratings entering 2021 and into the spring. The stock jumped 30% in late April as it was bought by Thoma Bravo for a hefty premium. While there is some chance that the deal could fall apart, this seems unlikely at this point. 

Norton Lifelock Inc. (NLOK)

NLOK sells cybersecurity, subscription-based products geared towards the consumer market. Its most well-known offerings are its antivirus and network security programs, identity theft protection, and VPNs for online privacy. 

NLOK has a very attractive valuation with a forward PE of 12 which is almost half that of the S&P 500. Unlike many cybersecurity stocks, NLOK is more of a value stock given its multiples and low growth rate. Yet, it’s likely that the market environment could be more favorable for value stocks given the strength in long-term rates. This could lead to considerable multiple expansions for NLOK due to its 85% gross margins.

NLOK is rated a B by the POWR Ratings which equates to a Buy rating. The stock has a Quality grade of A. This is consistent with Norton Lifelock’s reputation as the premier tool for consumers to protect their identities. Its management team also has a sterling reputation in terms of consistent earnings growth and operational performance. 

NLOK is in the Software – Security group which has a B rating given the sector’s bullish outlook. In addition to Quality and Industry, NLOK is also assessed by Value, Growth, Stability, Sentiment, and Momentum. To learn more about these ratings, click here.

About the Author: Jaimini Desai

Jaimini Desai has been a financial writer and reporter for nearly a decade. His goal is to help readers identify risks and opportunities in the markets. He is the Chief Growth Strategist for StockNews.com and the editor of the POWR Growth and POWR Stocks Under $10 newsletters. Learn more about Jaimini’s background, along with links to his most recent articles. More...

More Resources for the Stocks in this Article