Back to top

Image: Bigstock

Biden's Latest Initiative Could Be Positive for the Cybersecurity Space

Read MoreHide Full Article

In what may be described as recognition of the increasingly all-pervasive cyber (and related) security issues, the President met with leaders from across technology and other key industries. The goal was to discuss the growing threat from increasingly sophisticated cyber attacks on the one hand and the need for protection in the face of increased digitization of every aspect of our lives on the other, to come up with a plan to counter the bad actors.

As recent security breaches have shown, it is not just the corporate sector that’s being hit today, but also schools, government bodies and the national infrastructure. Therefore, mere isolated attempts to secure individual infrastructure will not be enough. There needs to be a standardized set of best practices that all organizations must follow, as well as improved security and integrity of the technology supply chain. Moreover, there needs to be broader awareness of the risk and penalties for non-compliance (by insurance companies for example).

Biden said, "The reality is, most of our critical infrastructure... is owned and operated by the private sector, and the federal government can’t meet this challenge alone. So I’ve invited you all here today because you have the power, the capacity, and the responsibility, I believe, to raise the bar on cybersecurity."

A White House statement also said that “nearly half a million public and private cybersecurity jobs remain unfilled,” indicating that this is also a focus area.

On July 28, the President issued a National Security Memorandum outlining the government’s expectations for owners and operators of critical infrastructure. It remains voluntary at this stage.

Since social media and other technology platforms have effectively rendered national borders ineffective, Biden is also pushing G7 countries to hold accountable nations that harbor ransomware criminals. He is also calling for an updating of NATO cyber policy.

Within the country, he is expanding the Industrial Control Systems Cybersecurity Initiative to natural gas pipelines. The system has already been used to outfit 150 electric utilities with better cybersecurity.

As the White House statement shows, Microsoft, Google, Apple, IBM and Amazon have committed to investing several billions to improve the tech supply chain and software network while also helping to train people on security issues.

Microsoft, in particular, said it would integrate security into its designs, produce advanced security products and help governments, educational institutions and non-profits in their security issues. Overall, Google committed $10 billion while Microsoft committed $20 billion.

Other invited groups and organizations are also made specific commitments.

We don’t have specific numbers from the others but it’s clear that this is a big initiative.

Cisco’s 2021 cybersecurity threat trends report shows that cryptomining, phishing, trojan and ransomware in that order were the most active threats last year, together accounting for 10X the volume of all other threats.

It also mentioned some other concerning stats: 86% of organizations had at least one user try to connect to a phishing site, 70% of organizations had users that were served malicious browser ads, 69% of organizations experienced some level of unsolicited cryptomining, 50% of organizations encountered ransomware-related activity, etc.

So the primary drivers of the cybersecurity segment at this moment appears to be:

1) A much greater number of people using connected devices and thereby becoming prone to attack. This has been exacerbated by the pandemic where people have even thrown caution to the wind in the interest of safety.

2) With workloads rapidly moving to the cloud, there is increasing demand for cloud-based security with corresponding softness on the on-premise side.

3) Social media connectivity has dissolved boundaries between countries, making for more seamless communication and cross-border business. This makes it more difficult for any government to frame laws that can guarantee the security of its citizens, corporations and other organizations within its borders since they could be interacting with external machines.

3) Hackers are getting more sophisticated by the day. Because of the above reasons, they also likely have easy access to a far larger number of individuals, which remains the weakest link in the security chain. So they can plan and orchestrate their attacks better.

4) The advent of cryptomining has helped hackers access a large number of machines. Cisco’s report says “Cryptomining, when software-based, often serves as a gateway into more serious forms of cybercrime. Malicious third parties get into your environment, and then set up a miner to make passive income while they conduct lateral moves to exfiltrate data or do something else malicious.”

5) Some security companies may be acquired by larger players in order to consolidate resources and tap market opportunities.

Given this backdrop, cybersecurity stocks like Proofpoint, Inc. , Qualys, Inc. (QLYS - Free Report) and Radware Ltd. (RDWR - Free Report) could be worth a closer look. While the industry includes a number of better-known players like Palo Alto Networks, Inc. (PANW - Free Report) , Check Point Software Technologies Ltd. (CHKP - Free Report) and Fortinet, Inc. (FTNT - Free Report) to name a few, it is the first three that have a Zacks Buy (#2) rank. So let’s see how they have been doing recently-

Qualys

Another provider of cloud-based security and compliance solutions, Qualys offers its vulnerability management, policy compliance, web application scanning, malware detection and associated security products through its QualysGuard Cloud Platform.

Its 2021 and 2022 revenues are expected to grow 12.0% and 11.9%, respectively. Earnings are expected to grow 5.2% and 5.7%. Here too, we see a solid estimate revision trend with the 2021 earnings estimate jumping 29 cents (10.6%) in the last 30 days. The 2022 estimate is up 20 cents (6.7%) during the same period.

The company topped estimates in three of the last four quarters while meeting in one. The four-quarter average surprise is 10.0%. The company is particularly well-positioned to benefit from the ongoing rapid digital transformations across sectors and the modern work from anywhere/hybrid environment. An illustration of the strength it is seeing is the 51% increase in its paid cloud agent subscriptions in the last quarter.

Additionally, the shares have been on an upward trajectory over the last three months but remain well below their median levels (on a P/E basis) over the past year. So they are going cheap.

Radware

The company offers a broad range of Internet traffic management solutions to service providers, e-commerce businesses and corporate enterprises that require uninterrupted availability and optimal performance of IP-based applications that are critical to their business.

Radware’s revenues are expected to grow 12.6% in 2021 and 10.5% in 2022. Its earnings in the two years are expected to grow 20.3% and 21.2%. The Zacks Consensus Estimate for 2021 earnings is up 5 cents (6.9%) in the last 30 days. The 2022 estimate is also up 5 cents (5.7%).

The company beat estimates in three of the last four quarters while missing in one. The four-quarter average is 9.3%.

In the words of Roy Zisapel, President and CEO of Radware, “The momentum continues to be strong across our business lines and geographies. The market provides many opportunities as enterprises are accelerating their digital transformation and at the same time experiencing more cyber attacks than ever. Our pipeline is robust, and we are confident in our ability to execute on it.”

Radware is trading at a P/E multiple of 38.7X, which is way below its median level of 64.5X and the industry’s 127.7X. This would suggest that the shares are worth buying.

Proofpoint

This is a leading security-as-a-service (SaaS) provider of on-demand data protection solutions to large and mid-sized organizations. Through its cloud-based infrastructure, the company offers threat protection (phishing, malware and spam, encryption), compliance, archiving and governance, and secure communications.

Its revenues are expected to grow a respective 16.3% and 18.9% in 2021 and 2022. Its earnings are expected to grow a respective 12.6% and 25.5%. Its estimates have shown an upward trend over the last 30 days. The 2021 average estimate is up 16 cents (7.7%) while the 2022 estimate is also up 16 cents (6.0%). The surprise history is good.

The company has posted double-digit surprises in each of the last four quarters, averaging 28.6%.

The company’s shareholders approved an agreement to be acquired by privately-held Thoma Bravo, a leading software investment firm. The acquisition is expected to close in the third quarter. The current share price is close to the acquisition price of $176 a share to be paid in cash.

6-Month Price Performance

Zacks Investment Research
Image Source: Zacks Investment Research