It was always there. But it would be naive to say the COVID-19 pandemic hasn't accelerated the cybersecurity market's growth pace. With millions of employees still -- and perhaps permanently -- working from home, many enterprises remain far too vulnerable to hacking and digital security breaches.
The depth of the need for cybersecurity solutions, however, may still not be fully appreciated by investors. That in turn means that cybersecurity providers Palo Alto Networks (PANW -28.44%) and Fortinet (FTNT -3.78%) may remain underestimated. Not only are they two of the top names in the business, but each has a security solution available right now for employees connecting to a company's network from home.
A couple of recent predictions flesh out this opportunity.
Just the beginning
The cybersecurity market is currently worth around $200 billion, according to numbers from Mordor Intelligence, but it's on pace to grow a bit more than 14% per year through 2025. That's impressive, particularly compared to other industries' growth outlooks.
But it's an estimate that still fails to adequately paint a complete picture of what the right company could do given the opportunity at hand. Even with power players like the aforementioned Fortinet and Palo Alto in place, Mordor says the market remains highly fragmented. Both companies could continue to make acquisitions, achieving economies of scale as they expand.
Even without dealmaking, though, the industry's rising tide will lift these boats.
Technology market research firm Gartner supplies one of the clearest reasons to expect that tide to keep rising. Last month it opined that "bring your own PC," or BYOPC, security will be normalized in five years or less. And within 10 years, secure access service edge, or SASE, will be the norm for enterprise-level organizations.
The terms and their acronyms may not mean much to the layperson, but cybersecurity folk may be nodding their heads in agreement. Bringing-your-own-PC security is exactly what it sounds like. Rather than a tech department issuing devices to workers with security features pre-installed, employees procure their own devices and then -- hopefully -- take all the necessary steps to ensure cloud-based connections are secure. A secure access service edge is a newer digital security theme that creates a networking environment that allows for, among other things, BYOPC.
In some regards, they're the next step in the natural evolution of connectivity. Gartner may not be overstating things, however, when it suggests the two technologies "will have transformational impact on global businesses within the next 10 years." In a post-COVID world, Gartner research director Rob Smith explains, "[Cyber] security leaders should expect the need to support BYOPC to be dependent upon a long-term work-from-home strategy, and also expect to support security tools needed for a BYOPC environment."
In the same vein, technology market analytics outfit International Data Corp. (IDC) recently predicted that by 2024, 60% of the United States' employees will work remotely -- either at home or out in the field with customers and at project sites. That would push the total number of remote workers to more than 93 million, and subsequently expand the likelihood of cyberattacks.
The cybersecurity industry isn't starting from scratch, however. Both Palo Alto and Fortinet had remote connectivity protection available even before the pandemic took hold.
For Palo Alto Networks, one of those products is Prisma Access, which is a secure access service edge -- or SASE -- offering that Gartner suggests will become commonplace by 2030. It's built specifically for mobile users and branch offices that need reliable, safe access to a corporate network. Palo Alto also offers cloud-based SD-WAN, or software-defined wide-area networking, with the help of recently acquired CloudGenix. It's a testament to the potential of the right sort of dealmaking that allows for bolt-on improvements of the company's existing capabilities.
As for Fortinet, it's got a few tools in its mobile cybersecurity toolbox as well, like the FortiGate platform. Among other things, it's a way of putting a firewall in place, managing virtual private networks that encrypt communications from devices all the way to a company's servers, and implementing an intrusion prevention system. FortiGate customers also automatically have access to an SD-WAN solution for remote offices or remote employees, and the platform was a key part of last quarter's growth.
These offerings aren't exactly brand new, and more are apt to be on the way. What's new is the sudden, true realization of the need for them. As Gartner's Rob Smith noted: "Prior to the COVID-19 pandemic, there was little interest in BYOPC. At the start of the pandemic, organizations simply had no other alternative. The urgent need to enable employees to work from home and a lack of available hardware bolstered its adoption globally." International Data Corp.'s senior research analyst Bryan Bassett expects that adoption has only begun, saying: "To meet the needs of more mobile, remote, and work-from-home workers, U.S. enterprises have indicated that mobile security and mobile management solutions will be top spending priorities going forward."
While the bullish outlook for these companies is strong, would-be investors in either should note that the predictions from IDC and Gartner are long-term in nature. Gartner's SASE adoption expectation could take up to 10 years to play out fully. International Data Corp.'s mobile worker outlook looks to the end of 2024. Investors not thinking in multi-year terms may find this opportunity isn't for them.
Still, the opportunity is real for those willing to wait for it to fully gel. It's long-term enough, in fact, that investors interested in plugging into it don't necessarily have to do so today, this month, or even this year.