The cybersecurity market could grow from $138 billion this year to $232 billion in 2022, according to research firm Markets and Markets. However, technical jargon and volatile growth can make it tough to understand this industry's long-term prospects. So today I'll highlight the seven key trends investors should follow in the cybersecurity industry next year.
1. More data breaches
The number of data breaches has surged over the past few years. Digital security company Gemalto reports that 708 million records were breached in 2015, 1.38 billion records were breached in 2016, and a whopping 1.9 billion records were lost in the first half of 2017.
Image source: Getty Images.
The leaked personal data from those breaches often leads to identity theft, which hit a historic high in the US last year and affected 15.4 million consumers, according to Javelin Strategy & Research.
2. New security technologies
To counter these hackers, companies are introducing new levels of security. Many retailers switched to EMV chip cards to curb identity theft. Many apps now require two-factor authentication or fingerprint sign-ins.
Looking ahead, we'll likely see the growing importance of facial recognition, led by Microsoft's Windows Hello biometric technologies and Apple's Face ID. However, adoption rates for these technologies could be sluggish as consumers cling on to older devices and operating systems.
3. More sophisticated attacks
Meanwhile, hackers will likely start using more sophisticated attacks. Over the past year, we saw the Mirai botnet and its variants wreak havoc on unsecured Internet of Things (IoT) devices like IP cameras and routers. Meanwhile, ransomware attacks like WannaCry held hundreds of thousands of PCs hostage until Bitcoin payments were made. These attacks clearly indicated that many individuals and organizations were poorly shielded (or not shielded at all) from evolving cyber threats.
4. Taking cyber threats more seriously
The data breach at Equifax (EFX +1.87%), one of the nation's three largest credit reporting firms, revealed just how lax some security measures were. The company's chief security officer was a music major with no cybersecurity experience, it used "admin" as a login and password for a major database, and sent its customers to a fake "phishing" site for nearly two weeks.
Image source: Getty Images.
The Equifax debacle indicated that companies desperately needed to hire experienced security professionals and invest in "best in breed" cybersecurity solutions. However, the US government's own efforts remain sluggish, with President Trump's "Cybersecurity Executive Order" yielding almost no improvements since it was signed in May.
5. The "best in breed" players will keep growing
This means that companies like Palo Alto Networks (PANW 0.15%), the market leader in next-gen firewalls, should experience robust growth in 2018 and beyond as customers take data breaches more seriously.
Palo Alto already serves 85 of the Fortune 100 companies and 63% of the Global 2000, but those figures should climb even higher. That's why analysts expect Palo Alto's revenue and non-GAAP earnings to respectively rise 23% and 25% this year.
Other noteworthy "best in breed" players include CyberArk (CYBR +0.00%), which protects company networks from internal threats like disgruntled employees or corporate spies; and Check Point Software (CHKP 3.01%), which provides firewalls and other security solutions to a wide range of businesses.
6. The profitable players will thrive
Many cybersecurity companies post robust revenue growth but remain unprofitable due to high stock-based compensation (SBC) expenses, rising marketing and R&D costs, and tough price competition.
Therefore, investors should keep an eye out for the security players with consistent earnings growth. For example, Silicon Valley-based Palo Alto Networks is only profitable on a non-GAAP basis due to its high SBC expenses, yet CyberArk and Check Point -- which are both based in Israel -- are profitable by both non-GAAP and GAAP measures.
7. The market will be consolidated
Standalone players like Palo Alto and CyberArk face growing competition from bigger tech companies like networking giant Cisco and security solutions provider Symantec.
Both tech giants can bundle comparable cybersecurity products with their other products and services to undercut smaller stand-alone players. However, companies like Palo Alto and CyberArk already boast strong market penetration in the enterprise market -- which makes them attractive takeover targets.
There's already been a lot of takeover chatter about Palo Alto, CyberArk, and other companies. That buzz might finally lead to some big buyouts next year.
The key takeaways
Investing in the cybersecurity market might seem daunting, but it becomes manageable once you understand a company's core technology, assess the market demand, size up the competition, and evaluate its roadmap toward profitability.
Investors looking for a simpler play on the cybersecurity sector can also consider buying the ETFMG Prime Cyber Security ETF (HACK 0.78%), which owns a basket of popular cybersecurity stocks. That ETF, which rallied about 16% this year, could climb higher in 2018.
