This year the world has already experienced at least eight major cybersecurity attacks that have ranged from breaches of company firewalls to state-sponsored technology hacks, each of which has exposed the data and personal information of millions of people. With such a high number of attacks already reported this year -- and likely more to come -- there's a growing opportunity for investors looking to bet on the cybersecurity sector.

Getting started in this market can be a bit overwhelming for a new investor, so here's a quick rundown of what the market is worth, what the potential risks are, some of the key players, and how to benefit over the long-haul.

Person typing on laptop with a lock image above her hand, while she holds a phone in her other hand.

Image source: Getty Images.

Know what the market is worth

The size of the cybersecurity market is expected to increase to nearly $232 billion by 2022, up from about $138 billion this year, according to Markets and Markets. Beyond that, it's very likely that we'll continue to see this market expand. Cisco Systems released a report this year showing that one-third of companies that reported breaches last year "reported substantial customer, opportunity, and revenue, loss" of more than 20%. Of those that were hacked, 90% increased their threat defense technologies following the attacks.

In short, breaches cost companies lots of money, and when they happen companies boost their security to protect against future attacks. That, in turn, should lead to increased cybersecurity spending in the future. 

Understand the risks

The nature of the cybersecurity business comes with some very clear risks. The first is the fact that many of the companies in the industry either offer similar services or could easily add new services to better compete with their peers. For example, CyberArk's (NASDAQ:CYBR) business is built around its privileged account protection, but there's nothing stopping other cybersecurity players from adding very similar features to their offerings and that could erode CyberArk's current advantage.

Additionally, if a company that's running software from a cybersecurity company you've invested in has a breach, it could have unwanted consequences for your investment. These breaches are bound to happen, and even if they aren't the cybersecurity company's fault directly they can still damage its reputation and share price.

Finally, cybersecurity companies require a lot of innovation to stay ahead of both hackers and the competition. In this business, it's essential to stay one step ahead of everyone else, which ultimately leads to some companies falling behind. 

Narrow it down to a few key players 

In another article, I compiled some of the best cybersecurity stocks for 2017. Let's go through them again and talk about why each company has an advantage in this growing market. 

Company Market size
CyberArk  $1.4 billion
Fortinet (NASDAQ:FTNT)  $6.4 billion
Palo Alto Networks  (NYSE:PANW)  $11.9 billion

Data source: Yahoo Finance.


I already mentioned CyberArk, which is focused on an area of security called privileged accounts. CyberArk's software protects the most important accounts that have access to the most sensitive data, which is critical if a hacker manages to get past a company's firewall.

CyberArk was one of the first companies to focus its attention on this particular area of security, and that's helped it build up its client base to include more than 50% of Fortune 100 companies. The company grew revenue by 26% year over year in the first quarter 2017 and is forecasting 24% to 25% growth for the full year.

The company has managed to build up $287 million in cash and is also debt-free. CyberArk's advantage among its competitors is its specialty in protecting privileged accounts and its list of 3,200 global clients.


For investors looking for a cybersecurity stock that spans nearly every part of the security market, Fortinet may be the best bet. The company sells firewalls, virtual private networks (VPNs), anti-malware software, and other security applications.

The company performed well in its second quarter, with revenue increasing 17% year over year to $363.5 million. Fortinet has managed to build up its cash reserves to $1.46 billion as it's expanded its business worldwide. The advantage with Fortinet is the company's expansion to nearly all aspects of cybersecurity and its massive list of 320,000 customers. 

Palo Alto Networks

Last, but certainly not least, is Palo Alto Networks. The company makes next-generation firewalls for nearly 40,000 customers across the globe. Those security solutions serve as a key barrier for many companies' data infrastructure, and Palo Alto is continuing to expand its business.

The company increased revenue by 25% year over year in its fiscal third-quarter 2017, hitting a record $431.8 million. Adjusted earnings per share (EPS) also jumped by more than 32% in the quarter to $0.61. One of the company's advantages has been its ability to move into new areas of cybersecurity, including advanced software that blocks malware and new security-as-a-service offerings like its Aperture software.

Take the long-term approach

There are plenty of other companies to choose from, of course, and you can even invest in cybersecurity funds that have multiple security stocks bundled together. But the above stocks should be a good starting point for investors who are just getting started in the cybersecurity market (and all three are recommended by Motley Fool premium services).

The last bit of advice for investing in cybersecurity stocks, as with any investment, is to find a good business and stick with it for the long-haul. The best case study for this comes from Palo Alto Networks. If you started investing in the company six months ago, you'd be down about 14% from your initial investment. But if you look at the company's overall performance for the past three years you'll see the company is up about 63%. Past performance isn't a predictor of future gains, but this is just a small example showing that investors need to have a timeframe of several years with cybersecurity stocks, not several quarters.

IDC predicts that by 2019 about 70% of major multinational corporations based in the United States and Europe will face "significant cybersecurity attacks." With stats like that, and massive security breaches already occurring, the buy-and-hold approach makes, even more, sense for cybersecurity investors.

This article represents the opinion of the writer, who may disagree with the “official” recommendation position of a Motley Fool premium advisory service. We’re motley! Questioning an investing thesis -- even one of our own -- helps us all think critically about investing and make decisions that help us become smarter, happier, and richer.