Credit: Shutterstock photoCyber security is going to be in the news over the next week or so. The Congressional hearings into the hacks of the Democratic National Committee e-mail server and that of Clinton campaign chair John Podesta begin today, with the public version of the intelligence community’s reports being made available on Monday.
These reports and hearings may or may not prove beyond reasonable doubt that Russia was involved in the attacks, but regardless of whether or not you believe that to be the case, the fact is that both servers were compromised. Add in the recent revelations from Yahoo concerning their massive security breach and you have an atmosphere where cyber security is sharply in focus, and that should benefit stocks in the sector.
Some may say, and with some justification, that any further revelations of security lapses could have the opposite effect. It seems that despite the best efforts of the cyber security industry, the criminal elements still have the upper hand, and can penetrate any defense the industry sets up. What that ignores, though, is the fact that for corporations who handle sensitive customer data, which is pretty much every modern company, perception is reality.
Even if they have their doubts as to the effectiveness of security measures, they have to be seen to be taking the problem seriously, and that means spending money on it. Furthermore, that dynamic doesn’t only apply to the private sector. President-elect Trump has already stated his intention of launching a large cyber security initiative, and an injection of Federal dollars into the industry would also help.
The problem for investors though is that despite the industry’s obvious potential, it has been, to date, an area of underperformance. In many cases, particularly with the U.S. companies in the sector, there has been decent revenue growth but rapidly increasing costs have left firms losing money, and the stocks have suffered as a result.
Some of those costs have come from stock related compensation to attract top talent in the competitive jobs market in Silicon Valley, but companies such as FireEye (FEYE) and Palo Alto Networks (PANW) have also been investing heavily in new security suites and platforms.
Both FEYE and PANW have the advantage of being government certified, and if Trump does go forward with his cyber security push, those investments over the last year or so should pay off handsomely as 2017 unfolds. It is reasonable to assume, given Trump’s “America First” stance in the election, that U.S. companies will be awarded any Federal contracts that result from those policies, which is why I prefer FEYE and PANW to other, maybe more obvious picks in the industry.
The two big Israeli companies in the field, CyberArk (CYBR) and Check Point Software (CHKP), for example, both have the advantage of being proven profit makers and have a history of beating market expectations for earnings. By contrast, FEYE is still seeking its first profitable quarter as a public company and PANW has missed expectations in each of the last four quarters.
For those reasons I would not put anybody off of CYBR and CHKP as a way to play the sector. As I said above, though, my preference would be for the two domestic names. Both will be in line for Federal contracts and both have been investing heavily. Now looks like the time to cash in on that investment.
Whether or not you agree with that assessment, the most important thing for investors is that you have exposure to the sector. Any combination of the four stocks mentioned above or a broader based play such as the ETFs HACK or CIBR will work, but some exposure is definitely warranted as the subject gains increasing attention.
The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.
The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.
