The digital age is here, and it’s become an indispensable part of our lives. It’s penetrated nearly every industry, including business operations, commerce, entertainment, banking, etc. These advances have put more power in the hands of consumers and businesses, but the increasing reliance on computers, connectivity, and cloud computing has made us more vulnerable to cyberattacks.
Data is the lifeblood of the digital economy and all the services that we are now dependent upon. According to the University of Maryland, a cyberattack occurs every 39 seconds and affects 1 in 3 Americans. The cost of such an attack can be quite steep for individuals but even more disastrous for companies. Some costs can include trade secrets, intellectual property, customer trust, regulatory scrutiny, and a disruption in operations.
Just like the rise of automobiles spawned the car insurance industry, the increased digitization of operations and activities necessitates investing in an effective cybersecurity program and structure. Cybersecurity needs have become increasingly varied and complex as threats proliferate and grow in sophistication.
Types of Cybersecurity Attacks
Every few months or so, there are some high-profile hackings in the news. Just over the last few years, the Stuxnet virus affected Iran’s nuclear facilities, the theft of employee and customer records at RSA Security, data of over 100 million customers being stolen from Target (TGT), Yahoo compromising the data of 500 million users, and eBay (EBAY) which lost the data of nearly 150 million users.
Based on these incidents and the constant reports of new threats, it’s clear that one of the biggest near-term risks to companies is a cybersecurity attack.
These incidents have also taught us that cyberattacks can take different forms and cause different types of damage. To protect against digital attacks, it’s necessary to understand areas of vulnerability and the potential impact of an attack. Some of the means of cyberattacks are social engineering, phishing, ransomware, unpatched software, and persistent threats.
Cyberthreats are typically classified into three categories:
- Attack on Integrity – Tampering or Altering data by unauthorized people. Many cyber attacks start this way to gain access to systems.
- Attack on Confidentiality – Theft of private or confidential information.
- Attack of Availability – Prevents systems and data from being accessed or used.
Components of Cybersecurity
Companies’ tech stacks have different points of vulnerability due to different access points. Each cybersecurity solution should include the following assessments:
- Risk Management and Assessment: This step involves identifying and prioritizing internal and external vulnerabilities. Then, choosing to prioritize which gaps should be addressed by balancing time, cost, and risks.
- Unified Threat Management: This is often the dashboard by which companies assess and monitor systems and threats. It’s a comprehensive look at a cybersecurity system including the various tools that are found in a typical package including antivirus, antispam, firewalls, intrusion detection, etc.
- Security Incidence: Security Incidence is the company’s protocol for dealing with threats in real-time. This is to minimize the impact of damage and help operations return to normal as quickly as possible.
- Identity and Access Management: Cloud, mobile, and IoT allow employees and customers to work and engage from any location. This increases the importance of assigning a digital ID to every user to ensure that data or systems are not accessed without proper credentials.
Cybersecurity Industry Size and Prospects
Given the importance and depth of the cybersecurity field, it’s not surprising that overall spending has increased from $3.5 billion in 2004 to $185 billion in 2020. According to Grandview Research, spending is expected to increase at a 12% to 15% CAGR over the next decade.
In a survey from Ernst & Young, 86% of companies said that upgrading cybersecurity is a priority for them in 2021. Cybersecurity and national defense are also becoming synonymous, as cyberwarfare and spyware are increasingly taking place in cyberspace. In 2020, the Defense Department spent $24 billion on cybersecurity, and this is expected to reach $50 billion by 2030.
Over the next decade, technologies like cloud computing, 5G, and the Internet of Things (IoT) will continue to proliferate and become ubiquitous. This will begin the era of “always connected” devices. The counter to this innovation will be that our increased dependence on these devices will increase the cost of cybersecurity attacks.
4 Cybersecurity Stocks to Buy
Cybersecurity is a complex field with multiple layers. Companies, governments, and individuals have to protect themselves from threats that could come in many forms. Of course, these threats are getting increasingly sophisticated.
Technology’s incursion into various aspects of life for individuals and businesses is unstoppable. There are several benefits, but the major downside is increased risk and exposure to cyberattacks. In a sense, the cybersecurity industry is the “insurance” that must be bought to protect against these risks.
The costs of any disruption will only increase as more data, activities, services, and operations are performed on the cloud. Of course, it’s expected that criminals will follow the money. Radware (RDWR), NortonLifeLock (NLOK), Qualys (QLYS), and Checkpoint (CHKP) are four stocks that will benefit as cybersecurity spending increases.
Radware Ltd. (RDWR)
RDWR was founded in 1996 and is headquartered in Tel Aviv, Israel. It designs and develops cybersecurity applications for physical, virtual, and cloud environments. Its products include DefensePro, real-time network protection, and attack prevention software, AppWall, a Web application firewall; and DefenseFlow, a cyber-command and control application.
Further, RDWR provides Cloud DDoS Protection Service, which offers a range of enterprise-grade DDoS protection services in the cloud, as well as technical support, professional, managed, and training and certification services to its customers. The company sells to independent distributors, including value-added resellers, original equipment manufacturers, and system integrators.
RDWR’s stock is quite attractive as it’s expected to grow earnings 15% next year which is above the market average and many of its peers. It is also priced much more attractively than its peers given its PS of 5.5. It also has an attractive 82% gross margin.
RDWR’s long-term chart shows a stock that has been consolidating between $20 and $30 over the last 4 years. Due to the stock’s earnings momentum, reasonable valuation, and sector strength, fundamentals favor holding for the long-term and betting on growth in an expanding industry with plenty of opportunities.
RDWR is rated a B by the POWR Ratings which equates to a Buy rating. Radware also has an A for Growth. This isn’t surprising considering that earnings per share (EPS) have nearly doubled this year.
RDWR also has an A for Quality. The company has been around since 1996 and has developed a reputation for creating effective cybersecurity solutions since its inception including network security, cloud security, and enterprise software. If you want to learn more about RDWR, click here.
Qualys Inc. (QLYS)
QLYS was slightly down in 2021 following a nearly 50% gain in 2020. One factor is that many high-growth tech stocks have sold off due to rising interest rates. Another reason is the company’s growth rate has been slightly below expectations.
However, investors should consider using this weakness as an opportunity to add shares. QLYS is the leading company in the vulnerability management space. This service is essential for companies as it helps them to prioritize where they should invest their time and resources in terms of cybersecurity.
It’s also attractive from a valuation perspective with a 37 forward PE. This is not cheap but still impressive given its expected earnings growth rate of 73%. The company also has gross margins of 78%.
QLYS is rated a B by the POWR Ratings which equates to a Buy rating. B-rated stocks have posted an average annual performance of 19.7% which compares favorably to the S&P 500’s annual 7.1W% gain. QLYS has been hurt by its Industry grade of D due to many of its peers weakening amid the selloff in tech stocks.
At some point, quality names in tech stocks will start floating higher once the selling pressure recedes. Given QLYS’ Quality grade of A, it has a chance to outperform. Click here to see more of QLYS’s POWR Ratings.
CHKP is a security as a service provider, targeting large and mid-sized organizations to defend, archive, and organize their sensitive data. It offers protection against threats, email security, cloud security, threat detection, and solutions to enable secure communication.
Many expected that CHKP’s 2021 results would be negatively impacted by weakness in small and mid-sized businesses. However, the company was able to continue growing earnings by 24% and revenue by 13%. Analysts project average revenue growth of 14% over the next 5 years.
This makes the stock quite attractive especially given its PS of 7 which is below its peers. Additionally, the need for IT and email security is only going to expand in the coming years, and CHKP is one of the leading firms in this category. Email security is one of the largest markets with an estimated billion users while remaining relatively untapped. However, this is also one of the biggest points of vulnerability.
CHKP has an overall rating of B according to the POWR Ratings. The stock also has an A rating for Quality which is consistent with the bulk of Wall Street analysts having a Buy rating on the stock.
Given the selloff in tech and cybersecurity stocks, CHKP’s status as one of the highest-quality cybersecurity companies makes it a good fit for the portfolio as it will be able to continue growing amid a tough environment. It also has no financial risk given its low debt and substantial cash holdings. Click here to see more of CHKP’s POWR Ratings.
Norton Lifelock Inc. (NLOK)
NLOK sells cybersecurity, subscription-based products geared towards the consumer market. Its most well-known offerings are its antivirus and network security programs, identity theft protection, and VPNs for online privacy.
NLOK has a very attractive valuation with a forward PE of 12.9 which is almost half that of the S&P 500. Unlike many cybersecurity stocks, NLOK is more of a value stock given its multiples and low growth rate. Yet, it’s likely that the market environment could be more favorable for value stocks given the strength in long-term rates. This could lead to considerable multiple expansions for NLOK due to its 85% gross margins.
NLOK is rated a B by the POWR Ratings which equates to a Buy rating. The stock has a Quality grade of A. This is consistent with Norton Lifelock’s reputation as the premier tool for consumers to protect their identities. Its management team also has a sterling reputation in terms of consistent earnings growth and operational performance.
NLOK is in the Software – Security group which has a B rating given the sector’s bullish outlook. In addition to Quality and Industry, NLOK is also assessed by Value, Growth, Stability, Sentiment, and Momentum. To learn more about these ratings, click here.
Want More Great Investing Ideas?
NLOK shares were trading at $25.55 per share on Wednesday afternoon, up $0.05 (+0.20%). Year-to-date, NLOK has declined -1.66%, versus a -7.25% rise in the benchmark S&P 500 index during the same period.
About the Author: Jaimini Desai
Jaimini Desai has been a financial writer and reporter for nearly a decade. His goal is to help readers identify risks and opportunities in the markets. He is the Chief Growth Strategist for StockNews.com and the editor of the POWR Growth and POWR Stocks Under $10 newsletters. Learn more about Jaimini’s background, along with links to his most recent articles. More...
More Resources for the Stocks in this Article
|Rank in Industry