Can Investors Find Opportunity in the Cybersecurity Industry? A Look at the Trends and Risks

Cybersecurity firms could play an important role in providing a stable and robust digital environment in an age of hacking and cyberattacks.

https://tickertapecdn.tdameritrade.com/assets/images/pages/md/Unlocked padlock on keyboard: Trends and risks in cybersecurity industry
4 min read
Photo by Getty Images

Key Takeaways

  • About 95% of cyberattacks are due to human error 

  • Cybercrime damages may reach $6 trillion globally

  • Most companies are likely to fall victim to a cyberattack

News of cyberattacks and data breaches are almost becoming commonplace, but particularly stunning attacks still make headlines, such as the Colonial Pipeline disruption and the SolarWinds attack.

In early May, a cyberattack forced Colonial Pipeline to shut its pipeline for 11 days, causing gasoline shortages along the Southeast. The SolarWinds attack was discovered in December 2020 and is believed to have infiltrated government and other systems through a compromised update to the firm’s Orion software. It was discovered when major cybersecurity company FireEye reported a breach by nation-state hackers believed to be affiliated with the Russian government.

Cyberattacks are the fastest-growing crime in the United States. Globally, cybercrime damages are expected to reach $6 trillion, according to ISACA, a global IT association and learning organization.

Cyber education company Cybint reported that 95% of cybersecurity breaches are caused by human error, so it’s likely that just about any company can suffer some sort of data breach. The global information security market is forecast to reach $170.4 billion in 2022, according to research firm Gartner.

That sort of spending may bode well for the share prices of companies in the IT and cybersecurity fields. Firms in this sector range from well-established names like Cisco Systems (CSCO) and NortonLifeLock (NLOK), formerly Symantec, to lesser household names.

History of Hacking

For as long as there’s been an internet, there’s been some malicious character trying to cause problems. Kurtis Minder, CEO of cybersecurity firm Groupsense, has worked in internet infrastructure since the 1990s. Initially hackers attacked networks just to prove it could be done, rather than steal information, because there was no place to sell purloined data.

Now the dark web exists as a marketplace to sell that information. Ransomware as a service is one type of illicit business in which a group creates a platform to facilitate a ransom lockdown of files and demands payment to return the data. It’s similar to a profit-sharing arrangement between the people who create the actual ransomware and those who execute the attack.

Minder divides cyberattacks into two categories: common cyber criminals and nation-state attackers. The methods used and the severity of those attacks are vastly different.

Minder, who creates ransomware responses for firms, explained most of the common cyber criminals aren’t particularly sophisticated, exploiting the same common mistakes people and companies have made for the past several years. These mistakes include not using two-factor authentication, clicking links from random emails, and not properly securing remote access.

“Even the actual more technical components, like the malware, is not that sophisticated. There are tools to mitigate those things; it’s just people aren’t using them,” Minder said.

Nation-state attacks are highly complex, such as the SolarWinds attack.

“You’re talking about someone who’s willing to almost use unlimited spending power and time and resources, and they’re willing to stay clandestine. They’re not trying to monetize anything. Those things are really hard to detect and are extremely sophisticated in nature,” Minder explained.

Wide Variety of Tech Names

Michael Kealy, education coach at TD Ameritrade, noted there are a wide variety of companies to choose from in this sector. One name in the cybersecurity industry is Sailpoint Technologies (SAIL), which provides identity management and other cybersecurity for remote workforces. With work-from-home becoming more popular, a firm like Sailpoint may benefit from a potential secular tailwind.

CyberArk (CYBR) is a vendor in a data security offering known as privileged access management, which provides critical corporate resource access to specific userssuch as IT administrators, human resources, and compliance. If a hacker breaches the corporate network, this software helps prevent access to sensitive data.

Aside from Cisco and NortonLifeLock, a few other household names in the field include Fortinet (FTNT), which sells firewalls and anti-virus and endpoint security components, and CrowdStrike (CRWD), which does threat intelligence and cyberattack response services as part of its cybersecurity offerings. Palo Alto Networks (PANW) offers advanced firewalls, and its NextGen Cloud Security business is also quickly growing.

There are a handful of cybersecurity-focused exchange-traded funds* (ETFs) for investors who want to choose that route. It may be a good idea to check their performance against a benchmark such as the S&P Kensho Cyber Security Index ($KCYBERP) or the Nasdaq CTA Cybersecurity Index ($NQCYBR).

Many of these technology companies are off their highs; the sector has come under selling pressure in part from concerns about rising interest rates and a possible switch in mindset from growth to value. However, Kealy mentioned their valuations remain lofty, and that’s something investors should consider as they look into these stocks.

Hard-to-Predict Breaches

As investors, it’s hard to tell if a company will be particularly vulnerable to cybercrime because it’s likely that any large, high-profile company could be a target. However, there are certain companies where cybercrime can be a financially material issue, Minder observed. An example: companies involved in critical infrastructure, such as financial institutions or those in supply chains where a major cyber incident could be a business-ending event.

The White House is looking to beef up its dealings with contractors. In response to the Colonial Pipeline security hack, The Washington Post reported in late May that the Department of Homeland Security is expected to issue its first cybersecurity regulations for pipelines. That may be a sign more companies could be expected to have stronger cybersecurity protocols if they wish to do business with the government.

Although almost every firm can fall victim to a hack, those that are transparent with their response may have only a small hit to their reputation, especially if they take significant steps to fix the problem.

When Minder has spoken to cyber insurance companies, he’s asked them if they would offer insurance to a victim of a recent attack. “And they said, ‘Actually, yeah.’ It’s a little bit different than a car accident, where the person is now seen as a reckless driver. They’re a higher risk because they smash into things,” Minder said. “In the case of cyber incidents, the immediate response to a cyber incident is to bolster your defenses.”

As dependency on cyberspace grows, more companies are likely to adopt tougher security measures. Demand for cyber products is likely to grow, so it may be worth keeping an eye on the evolution of the cybersecurity industry.

*Carefully consider the investment objectives, risks, charges and expenses before investing. A prospectus, obtained by calling 800-669-3900, contains this and other important information about an investment company. Read carefully before investing.

Print

Key Takeaways

  • About 95% of cyberattacks are due to human error 

  • Cybercrime damages may reach $6 trillion globally

  • Most companies are likely to fall victim to a cyberattack

Related Videos

Call Us
800-454-9272

Content intended for educational/informational purposes only. Not investment advice, or a recommendation of any security, strategy, or account type.

Be sure to understand all risks involved with each strategy, including commission costs, before attempting to place any trade. Clients must consider all relevant risk factors, including their own personal financial situations, before trading.

TD Ameritrade and all third parties mentioned are separate and unaffiliated companies, and are not responsible for each other’s policies or services.

Inclusion of specific security names in this commentary does not constitute a recommendation from TD Ameritrade to buy, sell, or hold.

adChoicesAdChoices

Market volatility, volume, and system availability may delay account access and trade executions.

Past performance of a security or strategy does not guarantee future results or success.

Options are not suitable for all investors as the special risks inherent to options trading may expose investors to potentially rapid and substantial losses. Options trading subject to TD Ameritrade review and approval. Please read Characteristics and Risks of Standardized Options before investing in options.

Supporting documentation for any claims, comparisons, statistics, or other technical data will be supplied upon request.

This is not an offer or solicitation in any jurisdiction where we are not authorized to do business or where such offer or solicitation would be contrary to the local laws and regulations of that jurisdiction, including, but not limited to persons residing in Australia, Canada, Hong Kong, Japan, Saudi Arabia, Singapore, UK, and the countries of the European Union.

TD Ameritrade, Inc., member FINRA/SIPC, a subsidiary of The Charles Schwab Corporation. TD Ameritrade is a trademark jointly owned by TD Ameritrade IP Company, Inc. and The Toronto-Dominion Bank. © 2021 Charles Schwab & Co. Inc. All rights reserved.

Scroll to Top