Lila MacLellan also contributed to this article.
Cyberspace is a scary place. Just ask Sony (SNE), which saw its stock price fall more than 15% after the firm suffered a data breach in April. Or Citibank (C), which announced last month that the personal data of an estimated 360,000 clients had been compromised. Or the US government officials whose Gmail accounts were recently breached by hackers working out of China. Or Monsanto, which this week had its website taken down byAnonymous, also known as the “Internet Hate Machine.”
The recent spike in publicized hacking is expected to trigger even higher demand for information security, especially when it comes to safeguarding customer data. According to a 2010 study by the Ponemon Institute, the average data breach costs a company $7.2 million, mostly in lost customers. The actual bill can be much, much higher — Sony announced in May that its hacking and the subsequent PlayStation Network outage will cost the firm $171 million.
The need to protect against such losses is clear to investors: recently cybersecurity firms Sourcefire (FIRE) and Fortinet Incorporated (FTNT) were trading at 55 and 64 times their expected 2011 earnings, respectively. Stocks such as Symantec (SYMC), Iron Mountain (IRM), and Check Point Software Technologies Ltd. (CHKP) have all outperformed the S&P 500 in 2011.
Corporations are not the only ones scrambling for coverage, of course. Cyberspace is rapidly emerging as a new international battleground in the political sphere, too. In the words of Nick Harvey, the British armed forces minister, “Action in cyberspace will form part of the future battlefield.” Already we’ve seen incidents of real world damage caused by cyberspace attacks. Last year, Iran’s nuclear facility at Natanz was damaged by “Stuxnet”, an extremely complex computer worm. The attack delayed the program and, according to aWikileaks source, caused “a serious… nuclear accident.”
In response, governments are ramping up both their defensive and offensive security services, and defense contractors are expanding their business models to get a piece of the growing market. Lockheed Martin(LMT) received more than $30 million last year from the U.S. government to develop “advances in cybersecurity and cyber warfare capabilities to address a critical global security challenge.” Its cyber-related activities comprised about 22% of 2010 sales, totaling $9.95 billion.
Smaller contractors are getting in on the action as well: Alabama-based Camber Corp. recently purchased a network security subsidiary from EADS North America, and defense IT firm KEYW Corporation (KEYW)acquired JKA technologies, which makes a wide range of security products used by the US intelligence community. Such acquisition targets, which offer “meaningful access” to network solutions, have attracted premium valuations because of the relatively high barriers to entry in the intelligence sector, according to a report published this month by ERG Partners.
More than ever, the Internet is serious business, and so is its safekeeping. But investors without special expertise in this area should be warned: this is a complex market that’s still in transition.
“It’s a weird sector,” says Sean Udall, a Minyanville contributor and author of the TechStrat Report. “A lot of times these stocks go up because of something in the news. You’ll see substantial price swings, even in the companies that have nothing to do with what’s been infiltrated.”
Pure plays are rare, adds Udall. “I think the average person thinks he or she can still buy a Fortinet, or something like it, and gain from this trend. But that’s not quite right for a couple of reasons. For one thing, a lot of these companies have already realized huge price moves, maybe a few years worth in just a few quarters. Secondly, a lot of the business already belongs to the big networking and data storage companies, who have acquired many of the prime plays.”
Almost every big technology company — including Intel, Juniper, and Cisco — has made a security acquisition, he explains. A lot of mergers happened between 2004 and 2007.
For many of the larger companies, the benefits of an M&A that happened years earlier are still forthcoming. “The stocks that look doggy right now are some of the businesses that should benefit the most. Cisco has lagged terribly, for example, but one of the reasons I like it is because they’re very strong in network security.”
Finally, says Udall, “there’s also a ton of really good technology being developed with companies that are pre-IPO pipeline. “It’s hard to know how much business those new companies are getting with really good solutions versus what I call mid-tier companies that have not yet been acquired.” (For more on venture capital interest in Silicon Valley’s cybersecurity companies, which are expected to form the next wave of Tech IPOs, see: Analysis: Computer security attracts venture capitalists.)
If you’re still looking to get in on the cybersecurity game, here are some stock names to consider, as selected by Udall. This list is divided into pure plays and software conglomerates.
CYBERSECURITY: 6 PURE PLAYS
Check Point Security Systems (CHKP), Checkpoint.com
This is “one of the better growth companies in the space — one of the cleaner names — therefore the stock has doubled or more in the last year,” say Udall. Indeed, Bloomberg reports that the world’s second largest security company saw its stock price hit a 10-year high this month; shares have gained 97 percent over the past year.
Check Point, the inventor of FireWall-1 and Stateful inspection technology, two landmark innovations, is known for customized security solutions designed to protect consumers from hackers, spyware and identity theft. According to the company’s website, its clients “include tens of thousands of organizations of all sizes, including all Fortune and Global 100 companies.”
The Tel Aviv-based firm, which employs just over 2,000 people, recently purchased Nokia’s security appliance business, and two years ago acquired FaceTime Communications’ application database, which added security controls for over 50,000 Web 2.0 widgets and more than 4,500 Internet applications to their company’s portfolio.
Sourcefire (FIRE), Sourcefire.com
This leading company, known for selling security software into the IT departments of large companies and governments, was recently named to TheStreet.com’s Breakout Stocks portfolio. The 10-year-old firm is headquartered in Columbia, M.D. and is best known for its open source Snort program, whichthe company says is “the world’s most widely deployed intrusion detection and prevention technology.” Sourcefire is also behind ClamAV, claimed to be the “most commonly used open source anti-virus and anti-malware gateway product.”
In a recent report, Todd Weller, an analyst at Stifel Nicolaus, said, “We continue to view Sourcefire as an attractive growth play in the security sector, an area that is experiencing increased investor interest… We attribute [this] to the many recent high profile security attacks that have hit various companies.”
According to news stories, Sourcefire was recently an acquisition target for both Barracuda Networks and CheckPoint, described above. Because Sourcefire’s Snort detection software is widely used by the U.S. intelligence community, the potential for a sale to CheckPoint, which is based in Israel, prompted a severe political backlash.
Fortinet (FTNT), Fortinet.com
Founded in 2000, this Sunnyvale, California firm is a serious force in the Cybersecurity world. In 2010, its revenue hit $325 million. Udall calls it “a hot name in the space,” and says, “the stock has gone haywire.”
With more than 100,000 customers, Fortinet is considered a market leader in network security appliances and unified threat management (UTM). Customers include major corporations, telecommunication firms and governments around the world.
The stock has been surging over the last year “”as Fortinet delivered four consecutive positive earnings surprises,” says Todd Bunton at Zacks.com. Total revenue jumped 34% to $93.3 million in 2011 Q1, beating analyst expectations. Consensus estimates say the earning per share is expected to grow by 21% this year and 17% next year. “Fortinet isn’t exactly a value stock though,” Bunton warns. “Shares trade at 72x forward earnings, a significant premium to the industry average of 20.1x. Its price to book ratio of 13.3 is also well above its peers at 1.9.”
Guidance (GUID), Guidancesoftware.com
This company went public in December of 2006, catching the market’s attention with its forensic investigation software. “If something bad happens in your company, they have a solution to help you track down the culprits,” say Udall.
Guidance Software specializes in incident response, computer forensics, litigation support, and “hands-on” digital investigation. They also train corporate, law and government professional in digital forensics. Their flagship product is EnCase, which targets corporate government and law enforcement organizations to conduct computer investigations of various types, including intellectual property theft, incident response and compliance auditing, according to the company’s website. This forensic software is now in demand from so many different types of clients (including financial, retail, manufacturing, defense, and pharmaceutical companies) that a recent update was made to its interface to make it more intuitive. “We’re getting a lot of new people entering this field. The profile of our users is changing. When you use it, it’s going to feel like a web application,” Steve Salinas, Product Marketing Manager, told reporters.
Several Fortune 100 companies use the EnCase platform, including Allstate, Chevron, Ford, General Electric, Honeywell, and Pfizer. Guidance was founded in 1997 in Pasadena, California and has since expanded to locations across the U.S. and in Singapore. On the strength of Guidance Software’s customer base and rising sales, trend-setting investor Primecap Management recently increased its position in the firm.
Symantec (SYMC), Symantec.com
“This company has been around for a long time – it’s a security giant,” says Udall. “The company’s biggest challenger, McAfee, was bought by Intel, and Symantec has remained a wallflower buyout candidate for the better part of decade.”
Based in Mountain View, California, Symantec has been in the cybersecurity field since 1982, and now employs more then 18,000 people around the world. It services companies in the Americas, the Middle East and Africa and the Asia Pacific region, including Japan. The company specializes in securing, storing and managing large amounts of information; its core businesses include consumer and endpoint security, storage management and backup.
In response to the number of malicious software programs developed and deployed amid a recent sea of new apps, Symantec is now, “introducing services that assess the ‘‘reputation’ of software, weighing factors like how old it is and how widely it is used to decide if it is safe,” according to theNew York Times.
Websense (WBSN), Websense.com
“If I had a buy list, this would be on it,” says Udall. Websense of San Diego, California, focuses on data in transit, in email content and over the web. Its products and services are sold as software that can be installed on standard server hardware, or pre-installed on optimized appliances, or as cloud-based services, or in a hybrid appliance/SaaS configuration, according to the firm’s New York Timesprofile. The stock has been strong this year, though Udall says that the company is considered a takeover target, so 5 to 6 points in its share price can be attributed to a potential merger premium. “I would be surprised if Websense was still operating as a standalone company in one or two years,” he adds.
According to company reports, the firm sells to “tens of thousands of enterprise, mid-market, and small organizations around the world.”
CYBERSECURITY: 4 TECHNOLOGY CONGLOMERATES
Cisco (CSCO), Cisco.com
This California-based technology behemoth provides hardware, networking, and communications services, among other products. Their many acquisitions have included security companies, including some industry leaders, like Ironport, an internet filter, and Securent, which is known for its management authorization software.
According to Udall, “Not only have they bought strong assets, the gear they make has a security component built into it, which should benefit them over time.” Cisco’s 3Q 2011 earnings topped analysts’ expectations, and revenue increased 4.8% to $10.9 billion. Their recent deal with New Songdo International City Development LLC to invest in U.Life Solutions marks a foray into “smart-city services.”
Blue Coat (BCSI), Bluecoat.com
Founded in 1996, this company lists 88% of the Fortune Global 500 among its 15,000 customers, as well as the 100 largest companies in the world and 96 of the 100 largest companies in the United States. With headquarters in Sunnyvale, California and development centers in Hong Kong and the UK (with one planned for Bangalore), Blue Coat Systems employs over 1,300 people worldwide. According to the company website, they offer “solutions that provide the visibility, acceleration and security required to optimize and secure the flow of information to any user, on any network, anywhere.”
Blue Coat Systems’ products predominantly focus on WAN (wide area network) optimization. “At every gateway, you can embed certain security protocols,” Udall explains. “Moreover, it’s likely that this name is being underappreciated for it’s security solutions currently.” In May, Blue Coat’s WAN optimization appliance was found by an independent testing lab to have “an extremely large performance advantage” over a competing Riverbed Steelhead appliance.
EMC (EMC), Emc.com
Ranking #152 in the Fortune 500 with total consolidated revenue of $17 billion in 2010, this company’s stock is traded as a component of the S&P 500, and is near its 52-week high. It employs about 48,500 people and operates in more than 80 countries, according to its corporate website.
Among its $14 billion spent on the acquisitions of 36 technology companies was a 2006 purchase of RSA Security, which specializes in authorization of log-ins. According to Udall, “EMC sells to the world’s largest data centers, so they have layers of security throughout their product line. If this was still a standalone name, I’d likely still own it. ” According to COO Pat Gelsinger, EMC is expected to spend about $3 billion on acquisitions in 2011.
Juniper (JNPR), Juniper.com
Juniper’s company overview proclaims, “Legacy approaches to networking are proving unsustainable. They are too costly, too complex, and simply cannot scale. At Juniper, we are leading the charge to architecting the new network.” (Yes, architect can be used as a verb, and not only computer scientists think so.)
The new network Juniper is building should be a secure one given the company’s interest in making the internet a safer place.
This Sunnydale, California firm was once known mainly for its high-performance Internet Protocol network products, but over time its identity has come to include network security. Its $4 billion acquisition of NetScreen Technologies, a network security layer company, in 2004, was just one of the company’s moves toward the e-commerce security market.
Udall believes Juniper is just the type of company to benefit most from increased demand for online security. “Think about the amount of internet commerce done today vs. 10 years ago. Credit card numbers and social security numbers are flying through the internet all the time. And most of them are safe because of these security networks”.
“What I would almost argue is that when you look at the pure play vs. the hardware companies, it’s the hardware companies that are in many cases going to come out ahead,” he says. “Juniper is doing way more to help the overall security of data companies and the global internet than these small companies — an interesting value proposition.”
With over 9,000 employees and offices in 47 countries, Juniper’s market cap topped $22 billion in April 2011. Now the company’s networks infrastructure will be deployed by Youku.com (YOKU), marking a coup for the U.S. firm, which has had other success in China. Earlier this year, Juniper’s architecture was purchased by China Mobile Limited (CHL), the largest mobile network operator in China.