Cybersecurity is a mind-bogglingly complex topic. That's especially true for those of us who aren't tech professionals. When we encounter such complexities, it's usually best to put them in the "too hard" pile and move on.
I, too, have typically shied away from the industry. And yet, few niches are growing in importance at the same rate. That makes learning how to invest in cybersecurity stocks a profitable endeavor -- if we're willing to roll up our sleeves.
After doing that, there was only one stock I was comfortable with: CrowdStrike (CRWD 0.13%). What's more -- the reason I picked it should be understandable to just about anyone.
Image source: Getty Images
What happens when things go wrong?
Things never turn out as we plan -- whether in investing or in life. Accepting this reality, we must ask: if things go terribly wrong, what will the consequences be?
Here's what I mean: my burger might not taste good upon a trip to the restaurant. What's the worst that could happen to the company? A bad review from me? Losing my business? No, one dissatisfied customer shouldn't ruin the entire pot.
With cybersecurity, the dynamics are different. Cybersecurity is supposed to protect you from digital villains. If those villains find a weakness, they won't just steal from one client -- they'll attempt to steal from them all. Such a breach quickly leads to a tarnished brand.
Perhaps that's an oversimplification, but those dynamics -- the fact that a single breach could bring a company down -- have historically been enough to keep me away from the sector.
Introducing CrowdStrike
Recently public CrowdStrike takes an entirely different approach to cybersecurity. But first, here's how it works: when a company signs on to use CrowdStrike (it has 10 modules and an app store), they are basically getting access to two tools:
- An intelligent, lightweight agent: This is tech speak for the fact that the software running in the background of your operations will be efficient.
- Threat graph: Think of this as the mother ship. It is the place in the cloud where all the data is gathered that's sent by all of the company's lightweight agents. It does the heavy lifting and number crunching.
By taking this approach, customers get non-clunky cyber-protection (agents) while still getting big data, number-crunching protection (threat graph).
The difference-maker
This is where things get really interesting. Quoting from the company's prospectus:
Threat Graph processes, correlates, and analyzes over one trillion endpoint-related events per week in real time and maintains an index of these events for future use. Threat Graph continuously looks for malicious activity by applying graph analytics and AI algorithms to the data streamed from the endpoints.
Allow me to translate: With each additional data point, Threat Graph grows stronger and harder to fool. Why does that matter? Because each additional customer adds significant value (data for AI) to existing customers.
Think of it this way: If a new customer in Budapest is hacked by an organization using a brand-new approach, the rest of CrowdStrike's customers all over the world are instantly protected.
In a sense, CrowdStrike wants its customers to get hacked. It's like a flu shot: by injecting a little bit of the virus, the rest of your body (other CrowdStrike users) builds up an immunity.
Because CrowdStrike was the first company to deploy this cloud-based approach, the first-mover advantage is enormous. Why would you go with any other company when you know that CrowdStrike has the deepest well of data via the Threat Graph?
The numbers are staggering
And if you want cold, hard data, the company's results provide that as well. There's a lot to like in the company's third-quarter conference call from December.
Let's start with the number of CrowdStrike customers.
Data source: SEC filings. Chart by author.
It's important to note that these figures are sequential -- not year-over-year. In other words, CrowdStrike added over 750 new customers in three months alone the last time it reported. Overall, this translates to a growth rate of 145%. Customers are more than doubling every year!
But that's not all. Increasingly, they are using more and more modules (remember, there are 10 to choose from right now) to help secure their operations. The company regularly reports the percentage of customers using four or more modules.
Data source: SEC filings. Chart by author.
While it appears that growth here is stalling, there are two things to remember:
- Over the past two quarters, management has only offered that those with 4+ modules is "above 50%."
- While the percentage is staying the same, the number of customers is growing by the aforementioned 145% -- meaning far more customers are using more tools.
In the conference call, management also volunteered that 30% of customers are now using at least five tools.
Finally, when these forces combine -- more customers using more tools -- they lead to huge growth in annual recurring revenue (ARR).
Data source: SEC filings. Chart by author. ARR = annual recurring revenue.
Again, this is all presented on a sequential basis. Over the past two-plus years, ARR has jumped at a 118% rate.
Putting it all together
Here's why all of this matters: CrowdStrike benefits from both high switching costs and network effects. Each additional customer adds more data ("flu shots"), making the entire system that much healthier.
Because the company is also a software-as-a-service (SaaS) play, it will increasingly be able to leverage this position for outsized free cash flows. In the previous quarter, in fact, the company generated $7 million in free cash flow -- a great sign for such a young company aggressively reinvesting in itself.
For all of these reasons, I'll be buying (more) shares of the company when Motley Fool trading rules allow. If you're interested in the sector, I suggest you consider doing the same.
