The number of global cybersecurity attacks escalated in 2022 and cybersecurity companies like Fortinet and Palo Alto are gaining investor interest as a result. Despite it being a tough time for tech stocks more broadly, with many plunging in 2022, investment in cybersecurity remains a must-have for big companies and governments making this a theme to monitor closely.
- Cybersecurity stocks are down following 2022’s tech selloff, but demand is holding firm.
- Despite tumbling share prices, cybersecurity companies reported revenue growth in 2022.
- The iShares Cybersecurity & Tech ETF offers exposure to Palo Alto Networks, SentinelOne, CrowdStrike and Fortinet.
Cybersecurity stocks including Palo Alto Networks [PANW], SentinelOne [S], CrowdStrike [CRWD] and Fortinet [FTNT] could look increasingly tempting for investors following a year in which cybercrime attacks became more sophisticated.
The share price of cloud security expert CrowdStrike was down 48.6% in 2022, and at the end of November reported weaker-than-expected revenues for its third quarter (Q3) earnings. However, the company upped its guidance for full-year 2023, surpassing analyst consensus by as much 15.2%.
Palo Alto Networks’ share price fell 24.8% in 2022. The share price for SentinelOne plummeted by 71.1% through the year, while Fortinet’s slid by 32%.
Despite ongoing challenges, the cybersecurity theme has sustained healthy demand. Last year, the international hacking group Lapsus$ gained notoriety after stealing data from names like Nvidia [NVDA], Samsung [005390.KS], Microsoft [MSFT], Okta [OKTA] and Ubisoft [UBI.PA]. In September 2022, Lapsus$ also hacked Uber [UBER] and Rockstar Games, the gaming brand owned by Take-Two Interactive [TTWO].
Uptick in revenues a positive sign
Despite the clobbering of their share values, leading US cybersecurity firms reported healthy revenue growth as demand stays high for what’s now seen as an essential service. For the third quarter (Q3) of 2023 ended 31 October, SentinelOne announced revenues up 106% year-over year to $115.3m. “Cybersecurity remains a top priority for enterprise IT spending,” said SentinelOne’s CEO Tomer Weingarten earlier in the year.
Similarly, CrowdStrike’s CEO George Kurtz emphasised that “cybersecurity is not a discretionary line item” at an earnings call in late August. In November, the company released its Q3 earnings, reporting revenues up 53% year-over-year to $580.9m.
Data centre security experts Palo Alto reported a profit for the first time in four years in August. The company’s share price jumped by 12.1% as a result. Its Q1 results reported in November included revenue gains of 25% year-over-year, reaching $1.6bn. Its share price climbed 3% on the news.
Fortinet is another cybersecurity name witnessing ramped up revenues, with totals for Q3 reaching $1.2bn, a rise of 33% year-over-year.
Rising crime fuelling cybersecurity demand
An IBM survey of 550 organisations impacted by cyberattacks showed the average cost of a data breach reached $4.4m in 2022, with the highest cost being suffered by the healthcare sector for the 12th subsequent year. According to Shawn Surber, VP of solutions architecture and strategy at cybersecurity firm Tanium, cybersecurity spending by US healthcare firms is projected at $125bn by 2025, and is “barely a third of what it should be” to protect against the risks these organisations experience.
Big tech companies including Meta Platforms [META], Alphabet [GOOGL], Amazon [AMZN] and Microsoft are all reported to be investing heavily in cybersecurity.
According to a report by Grand View Research, the global market for cybersecurity solutions was worth $202.7bn in 2022 and will expand at a compound annual growth rate (CAGR) of 12.3% from 2023 to 2030. The report cited an increase in cyberattacks and the growth of ecommerce platforms, cloud solutions and use of smart devices as drivers of the market, forcing companies to minimise the risks associated with these trends.
Funds in focus: iShares Cybersecurity & Tech ETF
The iShares Cybersecurity & Tech ETF [IHAK] manages $492.4m worth of assets as of 30 December.
The fund’s top holding is Okta at 4.50% of assets under management (AUM), and holds Fortinet in the ninth position at 3.91% of AUM. CrowdStrike holds 3.63% of AUM, while Palo Alto Networks has 3.46% and SentinelOne has a 2.65% weighting in the fund. The fund fell by 25.8% during 2022.
The GlobalX Cybersecurity ETF [BUG] features cybersecurity firms including Fortinet, which is the largest holding as of 30 December at 6.60% of AUM. It also offers exposure to Okta and Palo Alto Networks in the third and sixth positions at 6.34% and 5.78% of AUM, respectively. Crowdstrike is held at a weighting of 4.61% and SentinelOne at 3.39%. In 2022, the fund dropped 33.6%.
Other names to consider in the theme include the First Trust Nasdaq Cybersecurity ETF [CIBR]. As of 30 December, Fortinet and Palo Alto Networks were its fourth and fifth-largest holdings at respective weightings of 5.74% and 5.13%. Okta is sixth at 4.00% of AUM, while Crowdstrike and SentinelOne have 2.79% and 1.96% respectively.