While companies around the world leave the impression that they have figured out how to protect their most critical computer networks, many really haven't. Just last month, oil pipeline operator Colonial Pipeline revealed that it had opted to pay hackers a $4.4 million ransom to regain control of its infrastructure. And this past week, major meat company JBS learned it, too, had been hacked.
These are just two recent examples of cybersecurity failures that got some public attention. It is believed that many more hacking attempts (successful or not) go unreported. Check Point Software Technologies now counts a weekly average of around 1,000 ransomware attacks alone directed at U.S organizations. That's an attack roughly every 10 minutes.
The ultimate cost of all this hacking? Cybersecurity Ventures currently pegs the annual figure at around $6 trillion, though further estimates that the ransomware "business" will be worth $10.5 trillion by 2025.
The need for cybersecurity has never been greater and that presents a long-term opportunity for companies with the knowledge to combat it. Here's a closer look at three cybersecurity companies tapping into this megatrend.
1. Palo Alto Networks
If an organization needs any of a number of different cybersecurity services, Palo Alto Networks (NYSE:PANW) probably offers it. From firewalls to cloud security to threat detection to remote-worker connectivity, this software company can do it all. It's even got a ransomware attack-response division explicitly meant to deal with the sort of debacle Colonial Pipeline just went through.
You won't buy its stock cheap. The stock's presently trading at nearly 60 times this year's projected profits, and almost 50 times next year's likely per-share earnings.
Fairly steep valuations aren't exactly new for this name, however, and they've typically been worth the risk. That's because double-digit percentage revenue growth is also the norm here, and this year or next isn't expected to be any different. Analysts are collectively calling for top-line growth of 23% for 2021, followed by 18% growth in 2022.
2. CrowdStrike Holdings
With nothing more than a quick glance, CrowdStrike Holdings (NASDAQ:CRWD) looks a whole lot like Palo Alto. And in most regards, it is. There's one big differentiation, though. That is, CrowdStrike's cybersecurity software is cloud-native. That's the fancy way of saying the company's flagship platform, called Falcon, isn't software installed into a server or a centralized computer, but rather is managed via an interface that's constantly connected with CrowdStrike itself. That way this software-as-a-service cybersecurity defense is always up to date.
Like Palo Alto Networks, CrowdStrike Holdings won't come cheap. Also like Palo Alto, though, CrowdStrike is well worth its price. The company's fiscal first-quarter results posted last week are not only better than the top and bottom lines analysts were projecting, but CrowdStrike upped its full-year revenue and earnings guidance. At the midpoint of its suggested ranges, the cybersecurity outfit expects to turn $1.36 billion worth of sales into a per-share profit of $0.38, up from last year's $0.27.
Next year is the game-changer, though. Analysts are modeling a bottom line of $0.69 per share, up 81% from this year's projected bottom line on sales growth of 35%.
Finally, add Fortinet (NASDAQ:FTNT) to your list of beneficiaries of the war hackers are waging on any organization that utilizes computers.
It's no surprise that this name is priced similarly to CrowdStrike and Palo Alto; that's the norm for the industry's stocks. Fortinet is valued at 60 times this year's expected profits and 52 times next year's projected bottom line. Like its peers, double-digit sales growth is par for the course.
Fortinet is a bit unique, however, in that it's developing specialized solutions that are actually less niche and more widely marketable than they may seem on the surface.
Take the newest iteration of its SD-WAN (software-defined network) security solution as an example. It's built specifically for users of Google Cloud's Network Connectivity Center, or NCC. This is seemingly a step away from the open-source and a la carte options enterprise customers seem to want. The fact is, however, cloud-based networking has become so complex that customers need more specialized, provider-specific plug-in tools.
The recently widened capabilities of its FortiEDR are another example of Fortinet's foray into highly focused solutions. Last month this early threat-detection and response software was tweaked specifically for clients that use automated machinery. Even if a hack is successful, FortiEDR now allows that organization's machinery to remain in use while the threat is being removed.
Fortinet is still a relatively conventional cybersecurity outfit, for the record. These industry-specific solutions simply make it easier for the company to attract and win new customers, who then sign on for additional protection.
Plenty of opportunity up for grabs
Cybersecurity Ventures' projected 2025 cybercrime and hacking cost of $10.5 trillion is rooted in the idea that enterprise-level computer system users won't do things much differently in the foreseeable future than they have in the recent past. After the Colonial Pipeline and JBS hacks, though, the digital threat became real enough again to prompt ramped-up responses.
Technology market research outfit Gartner has attached a number to that response. It suggests the world's going to spend $150.4 billion this year to sidestep the risk of becoming part of that $10.5 trillion statistic, up 12.4% from last year's cybersecurity outlays. Given the fact that hacking and ransomware attacks are not only still growing in number but in scope as well, however, somehow this year's expected market growth of 12.4% feels like a microcosm of a much bigger, longer-lived trend.