Category Archives: Cyber Revenue

10 Cybersecurity Stocks for the Coming Cyber Wars

Related Quotes

Symbol Price Change
AAPL 393.30 +6.01
Chart for Apple Inc.
CHKP 59.82 +0.64
Chart for Check Point Software Technologi
CSCO 16.46 +0.11
Chart for Cisco Systems, Inc.
FIRE 27.70 +0.68
Chart for Sourcefire, Inc.
FTNT 21.09 +0.39
Chart for Fortinet, Inc.
On Tuesday July 19, 2011, 11:50 am EDT

Lila MacLellan also contributed to this article.

Cyberspace is a scary place. Just ask Sony (SNE), which saw its stock price fall more than 15% after the firm suffered a data breach in April. Or Citibank (C), which announced last month that the personal data of an estimated 360,000 clients had been compromised. Or the US government officials whose Gmail accounts were recently breached by hackers working out of China. Or Monsanto, which this week had its website taken down byAnonymous, also known as the “Internet Hate Machine.”

The recent spike in publicized hacking is expected to trigger even higher demand for information security, especially when it comes to safeguarding customer data. According to a 2010 study by the Ponemon Institute, the average data breach costs a company $7.2 million, mostly in lost customers. The actual bill can be much, much higher — Sony announced in May that its hacking and the subsequent PlayStation Network outage will cost the firm $171 million.

The need to protect against such losses is clear to investors: recently cybersecurity firms Sourcefire (FIRE) and Fortinet Incorporated (FTNT) were trading at 55 and 64 times their expected 2011 earnings, respectively. Stocks such as Symantec (SYMC), Iron Mountain (IRM), and Check Point Software Technologies Ltd. (CHKP) have all outperformed the S&P 500 in 2011.

Corporations are not the only ones scrambling for coverage, of course. Cyberspace is rapidly emerging as a new international battleground in the political sphere, too. In the words of Nick Harvey, the British armed forces minister, “Action in cyberspace will form part of the future battlefield.” Already we’ve seen incidents of real world damage caused by cyberspace attacks. Last year, Iran’s nuclear facility at Natanz was damaged by “Stuxnet”, an extremely complex computer worm. The attack delayed the program and, according to aWikileaks source, caused “a serious… nuclear accident.”

In response, governments are ramping up both their defensive and offensive security services, and defense contractors are expanding their business models to get a piece of the growing market. Lockheed Martin(LMT) received more than $30 million last year from the U.S. government to develop “advances in cybersecurity and cyber warfare capabilities to address a critical global security challenge.” Its cyber-related activities comprised about 22% of 2010 sales, totaling $9.95 billion.

Smaller contractors are getting in on the action as well: Alabama-based Camber Corp. recently purchased a network security subsidiary from EADS North America, and defense IT firm KEYW Corporation (KEYW)acquired JKA technologies, which makes a wide range of security products used by the US intelligence community. Such acquisition targets, which offer “meaningful access” to network solutions, have attracted premium valuations because of the relatively high barriers to entry in the intelligence sector, according to a report published this month by ERG Partners.

More than ever, the Internet is serious business, and so is its safekeeping. But investors without special expertise in this area should be warned: this is a complex market that’s still in transition.

“It’s a weird sector,” says Sean Udall, a Minyanville contributor and author of the TechStrat Report. “A lot of times these stocks go up because of something in the news. You’ll see substantial price swings, even in the companies that have nothing to do with what’s been infiltrated.”

Pure plays are rare, adds Udall. “I think the average person thinks he or she can still buy a Fortinet, or something like it, and gain from this trend. But that’s not quite right for a couple of reasons. For one thing, a lot of these companies have already realized huge price moves, maybe a few years worth in just a few quarters. Secondly, a lot of the business already belongs to the big networking and data storage companies, who have acquired many of the prime plays.”

Almost every big technology company — including Intel, Juniper, and Cisco — has made a security acquisition, he explains. A lot of mergers happened between 2004 and 2007.

For many of the larger companies, the benefits of an M&A that happened years earlier are still forthcoming. “The stocks that look doggy right now are some of the businesses that should benefit the most. Cisco has lagged terribly, for example, but one of the reasons I like it is because they’re very strong in network security.”

Finally, says Udall, “there’s also a ton of really good technology being developed with companies that are pre-IPO pipeline. “It’s hard to know how much business those new companies are getting with really good solutions versus what I call mid-tier companies that have not yet been acquired.” (For more on venture capital interest in Silicon Valley’s cybersecurity companies, which are expected to form the next wave of Tech IPOs, see: Analysis: Computer security attracts venture capitalists.)

If you’re still looking to get in on the cybersecurity game, here are some stock names to consider, as selected by Udall. This list is divided into pure plays and software conglomerates.

CYBERSECURITY: 6 PURE PLAYS

Check Point Security Systems (CHKP), Checkpoint.com

This is “one of the better growth companies in the space — one of the cleaner names — therefore the stock has doubled or more in the last year,” say Udall. Indeed, Bloomberg reports that the world’s second largest security company saw its stock price hit a 10-year high this month; shares have gained 97 percent over the past year.

Check Point, the inventor of FireWall-1 and Stateful inspection technology, two landmark innovations, is known for customized security solutions designed to protect consumers from hackers, spyware and identity theft. According to the company’s website, its clients “include tens of thousands of organizations of all sizes, including all Fortune and Global 100 companies.”

The Tel Aviv-based firm, which employs just over 2,000 people, recently purchased Nokia’s security appliance business, and two years ago acquired FaceTime Communications’ application database, which added security controls for over 50,000 Web 2.0 widgets and more than 4,500 Internet applications to their company’s portfolio.

Sourcefire (FIRE), Sourcefire.com

This leading company, known for selling security software into the IT departments of large companies and governments, was recently named to TheStreet.com’s Breakout Stocks portfolio. The 10-year-old firm is headquartered in Columbia, M.D. and is best known for its open source Snort program, whichthe company says is “the world’s most widely deployed intrusion detection and prevention technology.” Sourcefire is also behind ClamAV, claimed to be the “most commonly used open source anti-virus and anti-malware gateway product.”

In a recent report, Todd Weller, an analyst at Stifel Nicolaus, said, “We continue to view Sourcefire as an attractive growth play in the security sector, an area that is experiencing increased investor interest… We attribute [this] to the many recent high profile security attacks that have hit various companies.”

According to news stories, Sourcefire was recently an acquisition target for both Barracuda Networks and CheckPoint, described above. Because Sourcefire’s Snort detection software is widely used by the U.S. intelligence community, the potential for a sale to CheckPoint, which is based in Israel, prompted a severe political backlash.

Fortinet (FTNT), Fortinet.com

Founded in 2000, this Sunnyvale, California firm is a serious force in the Cybersecurity world. In 2010, its revenue hit $325 million. Udall calls it “a hot name in the space,” and says, “the stock has gone haywire.”

With more than 100,000 customers, Fortinet is considered a market leader in network security appliances and unified threat management (UTM). Customers include major corporations, telecommunication firms and governments around the world.

The stock has been surging over the last year “”as Fortinet delivered four consecutive positive earnings surprises,” says Todd Bunton at Zacks.com. Total revenue jumped 34% to $93.3 million in 2011 Q1, beating analyst expectations. Consensus estimates say the earning per share is expected to grow by 21% this year and 17% next year. “Fortinet isn’t exactly a value stock though,” Bunton warns. “Shares trade at 72x forward earnings, a significant premium to the industry average of 20.1x. Its price to book ratio of 13.3 is also well above its peers at 1.9.”

Guidance (GUID), Guidancesoftware.com

This company went public in December of 2006, catching the market’s attention with its forensic investigation software. “If something bad happens in your company, they have a solution to help you track down the culprits,” say Udall.

Guidance Software specializes in incident response, computer forensics, litigation support, and “hands-on” digital investigation. They also train corporate, law and government professional in digital forensics. Their flagship product is EnCase, which targets corporate government and law enforcement organizations to conduct computer investigations of various types, including intellectual property theft, incident response and compliance auditing, according to the company’s website. This forensic software is now in demand from so many different types of clients (including financial, retail, manufacturing, defense, and pharmaceutical companies) that a recent update was made to its interface to make it more intuitive. “We’re getting a lot of new people entering this field. The profile of our users is changing. When you use it, it’s going to feel like a web application,” Steve Salinas, Product Marketing Manager, told reporters.

Several Fortune 100 companies use the EnCase platform, including Allstate, Chevron, Ford, General Electric, Honeywell, and Pfizer. Guidance was founded in 1997 in Pasadena, California and has since expanded to locations across the U.S. and in Singapore. On the strength of Guidance Software’s customer base and rising sales, trend-setting investor Primecap Management recently increased its position in the firm.

Symantec (SYMC), Symantec.com

“This company has been around for a long time – it’s a security giant,” says Udall. “The company’s biggest challenger, McAfee, was bought by Intel, and Symantec has remained a wallflower buyout candidate for the better part of decade.”

Based in Mountain View, California, Symantec has been in the cybersecurity field since 1982, and now employs more then 18,000 people around the world. It services companies in the Americas, the Middle East and Africa and the Asia Pacific region, including Japan. The company specializes in securing, storing and managing large amounts of information; its core businesses include consumer and endpoint security, storage management and backup.

In response to the number of malicious software programs developed and deployed amid a recent sea of new apps, Symantec is now, “introducing services that assess the ‘‘reputation’ of software, weighing factors like how old it is and how widely it is used to decide if it is safe,” according to theNew York Times.

Websense (WBSN), Websense.com

“If I had a buy list, this would be on it,” says Udall. Websense of San Diego, California, focuses on data in transit, in email content and over the web. Its products and services are sold as software that can be installed on standard server hardware, or pre-installed on optimized appliances, or as cloud-based services, or in a hybrid appliance/SaaS configuration, according to the firm’s New York Timesprofile. The stock has been strong this year, though Udall says that the company is considered a takeover target, so 5 to 6 points in its share price can be attributed to a potential merger premium. “I would be surprised if Websense was still operating as a standalone company in one or two years,” he adds.

According to company reports, the firm sells to “tens of thousands of enterprise, mid-market, and small organizations around the world.”

CYBERSECURITY: 4 TECHNOLOGY CONGLOMERATES

Cisco (CSCO), Cisco.com

This California-based technology behemoth provides hardware, networking, and communications services, among other products. Their many acquisitions have included security companies, including some industry leaders, like Ironport, an internet filter, and Securent, which is known for its management authorization software.

According to Udall, “Not only have they bought strong assets, the gear they make has a security component built into it, which should benefit them over time.” Cisco’s 3Q 2011 earnings topped analysts’ expectations, and revenue increased 4.8% to $10.9 billion. Their recent deal with New Songdo International City Development LLC to invest in U.Life Solutions marks a foray into “smart-city services.”

Blue Coat (BCSI), Bluecoat.com

Founded in 1996, this company lists 88% of the Fortune Global 500 among its 15,000 customers, as well as the 100 largest companies in the world and 96 of the 100 largest companies in the United States. With headquarters in Sunnyvale, California and development centers in Hong Kong and the UK (with one planned for Bangalore), Blue Coat Systems employs over 1,300 people worldwide. According to the company website, they offer “solutions that provide the visibility, acceleration and security required to optimize and secure the flow of information to any user, on any network, anywhere.”

Blue Coat Systems’ products predominantly focus on WAN (wide area network) optimization. “At every gateway, you can embed certain security protocols,” Udall explains. “Moreover, it’s likely that this name is being underappreciated for it’s security solutions currently.” In May, Blue Coat’s WAN optimization appliance was found by an independent testing lab to have “an extremely large performance advantage” over a competing Riverbed Steelhead appliance.

EMC (EMC), Emc.com

Ranking #152 in the Fortune 500 with total consolidated revenue of $17 billion in 2010, this company’s stock is traded as a component of the S&P 500, and is near its 52-week high. It employs about 48,500 people and operates in more than 80 countries, according to its corporate website.

Among its $14 billion spent on the acquisitions of 36 technology companies was a 2006 purchase of RSA Security, which specializes in authorization of log-ins. According to Udall, “EMC sells to the world’s largest data centers, so they have layers of security throughout their product line. If this was still a standalone name, I’d likely still own it. ” According to COO Pat Gelsinger, EMC is expected to spend about $3 billion on acquisitions in 2011.

Juniper (JNPR), Juniper.com

Juniper’s company overview proclaims, “Legacy approaches to networking are proving unsustainable. They are too costly, too complex, and simply cannot scale. At Juniper, we are leading the charge to architecting the new network.” (Yes, architect can be used as a verb, and not only computer scientists think so.)

The new network Juniper is building should be a secure one given the company’s interest in making the internet a safer place.

This Sunnydale, California firm was once known mainly for its high-performance Internet Protocol network products, but over time its identity has come to include network security. Its $4 billion acquisition of NetScreen Technologies, a network security layer company, in 2004, was just one of the company’s moves toward the e-commerce security market.

Udall believes Juniper is just the type of company to benefit most from increased demand for online security. “Think about the amount of internet commerce done today vs. 10 years ago. Credit card numbers and social security numbers are flying through the internet all the time. And most of them are safe because of these security networks”.

“What I would almost argue is that when you look at the pure play vs. the hardware companies, it’s the hardware companies that are in many cases going to come out ahead,” he says. “Juniper is doing way more to help the overall security of data companies and the global internet than these small companies — an interesting value proposition.”

With over 9,000 employees and offices in 47 countries, Juniper’s market cap topped $22 billion in April 2011. Now the company’s networks infrastructure will be deployed by Youku.com (YOKU), marking a coup for the U.S. firm, which has had other success in China. Earlier this year, Juniper’s architecture was purchased by China Mobile Limited (CHL), the largest mobile network operator in China.

via 10 Cybersecurity Stocks for the Coming Cyber Wars – Yahoo! Finance.


The Alarming Growth of Global Cyber Menace – Hacking | Asian Tribune

When gmail accounts of some of the US state officials were hacked two weeks ago, the Defence Department categorized any serious cyber attack, as an act of war. Since Google had tracked down the source of the attack to a certain province in China, it was all too clear that the Pentagon was not beating about the bush while taking the cyber threat seriously. The gmail attack came hot on the heels of another high-profile attack – Lockheed Martin Corporation, the high-tech defence firm.Having been annoyed by implicit accusation, China hit back at Google by warning that the company would face the music, if it accused the Chinese government of covert involvement.

The disturbing cyber nuisance did not end there. The servers of

Sony

, the entertainment giant, were subjected to two successive hacking within a matter of days. On the first occasion – the more serious one – the accounts of millions of had been hacked into and then details were stolen; the servers of

Nintendo

suffered the same fate. On June 3, the servers of

Codemasters

, the largest UK game publisher, were hacked. The hackers did not spare even the

National Health Service

of the UK; there has been a breach of security in some servers, according to media reports.

The spate of attacks has pushed millions of online users, not necessarily the folks who play games, into a state of perpetual anxiety. Since the hackers have been able to stay a few rungs above the security experts along the learning curve, it’s high time the threat was treated as something against the whole online community, not just selected strata of it.

The companies, which have been affected, are counting the cost in terms of loss of both revenue and reputation. Although, they assure the customers of better security mechanisms in future – and when the horse had left the barn, of course – restoring customer confidence is going to be an uphill struggle for the companies in question.

According to the details that came out so far, the hacking had been performed by duping the customers into web pages which looked identical to what they normally had been familiar with; once signed in, they had been taken for a ride, to say the least.

So, the companies affected implied that the customers should not have done that; well, how do ordinary folks distinguish between a real one and a fake one, when they look almost similar? The explanations have not gone far enough to address the serious side of the issue; all they can say is warning the public to be on their guard at all times – and they already are.

These high profile hackings are not the works of adventurous individuals, carried out in their bedrooms as a way of fighting boredom. Nor are they the works of teenagers, who could spare hours on computers in typing in endless combinations of characters into login names and passwords, in the hope that one of them would make them lucky by pure chance – one day. The nature of sophistication clearly shows the involvement of highly organized individuals – perhaps, with a substantial technical background – who are prepared to break hell lose, if they can get away with it.

The two groups, which are at the forefront of hacking, are Anonymous and LulzSec. The former claims to be a ‘leaderless structure’ while the latter introduces itself as the ‘world’s leaders in high-quality entertainment at your expense.’ Who can disagree with them?

Anonymous has been in the habit of hacking into government websites in order to teach them a ‘lesson’; it was at its peak of activities, known as ‘hacktivity’, when Wikileaks were coming out in dribs and drabs. LulzSec, meanwhile, claims that since fun is restricted to Fridays, they are going to extend it beyond that – and to the weekend. Whether what is fun for LulzSec, is certainly fun for everyone, remains to be seen in the days ahead!

In addition, there are clumsy hackers too. I keep getting an email from one such stupid hacker, who is in the habit of urging me to collect a parcel from a well-known courier service while clicking on a link provided. However, he could not completely conceal the tentacles of idiocy: the ‘To’ field of the email consists of a chain of email addresses, not just mine. So, I decided to keep getting the emails for academic purposes, without diverting them into a spam folder.

If a user can be duped by such an email, then of course, big companies cannot be blamed for mistakes of that kind. In short, users have to be a bit responsible too while login into similar-looking web sites and opening unsolicited emails.

As the menace of hacking reached fever pitch, some countries in South East Asia have started cracking down on potential hackers – finally. The arrests have been made in Malaysia, Indonesia and Taiwan. However, this is just the tip of the colossal iceberg.

The geography of the places where hackers were found, the time taken before the action being carried out and the abundance of other regional criminal activities, do not paint a serene picture for the online community in particular, and the law-abiding global citizens in general.

If the governments in question keep treating the threat as trivial or non-existent, the trend can easily give a cumulative nasty shock for all of us at an unexpected time – something from which we may not recover without paying a heavy collective price.

via The Alarming Growth of Global Cyber Menace – Hacking | Asian Tribune.


The Alarming Growth of Global Cyber Menace – Hacking | Asian Tribune

When gmail accounts of some of the US state officials were hacked two weeks ago, the Defence Department categorized any serious cyber attack, as an act of war. Since Google had tracked down the source of the attack to a certain province in China, it was all too clear that the Pentagon was not beating about the bush while taking the cyber threat seriously. The gmail attack came hot on the heels of another high-profile attack – Lockheed Martin Corporation, the high-tech defence firm.Having been annoyed by implicit accusation, China hit back at Google by warning that the company would face the music, if it accused the Chinese government of covert involvement.

The disturbing cyber nuisance did not end there. The servers of

Sony

, the entertainment giant, were subjected to two successive hacking within a matter of days. On the first occasion – the more serious one – the accounts of millions of had been hacked into and then details were stolen; the servers of

Nintendo

suffered the same fate. On June 3, the servers of

Codemasters

, the largest UK game publisher, were hacked. The hackers did not spare even the

National Health Service

of the UK; there has been a breach of security in some servers, according to media reports.

The spate of attacks has pushed millions of online users, not necessarily the folks who play games, into a state of perpetual anxiety. Since the hackers have been able to stay a few rungs above the security experts along the learning curve, it’s high time the threat was treated as something against the whole online community, not just selected strata of it.

The companies, which have been affected, are counting the cost in terms of loss of both revenue and reputation. Although, they assure the customers of better security mechanisms in future – and when the horse had left the barn, of course – restoring customer confidence is going to be an uphill struggle for the companies in question.

According to the details that came out so far, the hacking had been performed by duping the customers into web pages which looked identical to what they normally had been familiar with; once signed in, they had been taken for a ride, to say the least.

So, the companies affected implied that the customers should not have done that; well, how do ordinary folks distinguish between a real one and a fake one, when they look almost similar? The explanations have not gone far enough to address the serious side of the issue; all they can say is warning the public to be on their guard at all times – and they already are.

These high profile hackings are not the works of adventurous individuals, carried out in their bedrooms as a way of fighting boredom. Nor are they the works of teenagers, who could spare hours on computers in typing in endless combinations of characters into login names and passwords, in the hope that one of them would make them lucky by pure chance – one day. The nature of sophistication clearly shows the involvement of highly organized individuals – perhaps, with a substantial technical background – who are prepared to break hell lose, if they can get away with it.

The two groups, which are at the forefront of hacking, are Anonymous and LulzSec. The former claims to be a ‘leaderless structure’ while the latter introduces itself as the ‘world’s leaders in high-quality entertainment at your expense.’ Who can disagree with them?

Anonymous has been in the habit of hacking into government websites in order to teach them a ‘lesson’; it was at its peak of activities, known as ‘hacktivity’, when Wikileaks were coming out in dribs and drabs. LulzSec, meanwhile, claims that since fun is restricted to Fridays, they are going to extend it beyond that – and to the weekend. Whether what is fun for LulzSec, is certainly fun for everyone, remains to be seen in the days ahead!

In addition, there are clumsy hackers too. I keep getting an email from one such stupid hacker, who is in the habit of urging me to collect a parcel from a well-known courier service while clicking on a link provided. However, he could not completely conceal the tentacles of idiocy: the ‘To’ field of the email consists of a chain of email addresses, not just mine. So, I decided to keep getting the emails for academic purposes, without diverting them into a spam folder.

If a user can be duped by such an email, then of course, big companies cannot be blamed for mistakes of that kind. In short, users have to be a bit responsible too while login into similar-looking web sites and opening unsolicited emails.

As the menace of hacking reached fever pitch, some countries in South East Asia have started cracking down on potential hackers – finally. The arrests have been made in Malaysia, Indonesia and Taiwan. However, this is just the tip of the colossal iceberg.

The geography of the places where hackers were found, the time taken before the action being carried out and the abundance of other regional criminal activities, do not paint a serene picture for the online community in particular, and the law-abiding global citizens in general.

If the governments in question keep treating the threat as trivial or non-existent, the trend can easily give a cumulative nasty shock for all of us at an unexpected time – something from which we may not recover without paying a heavy collective price.

via The Alarming Growth of Global Cyber Menace – Hacking | Asian Tribune.