Skip to main content
Publish date:

Cybersecurity Stocks Should Be in Every Investor's Portfolio

Cybsecurity is a secular trend that every investor should be eyeing.

Privacy is a fundamental human right. At Apple, it’s also one of our core values.”

So reads the first two lines of Apple’s  (AAPL) - Get Apple Inc. (AAPL) Report dedicated page to privacy protection for its customers. Over the years, this is a promise that dedicated Apple users, and investors, felt very secure with. However, Apple’s recent announcement that it will scan users’ iCloud platforms has provoked a deep discussion on privacy issues that millions of users previously had taken for granted.

To be sure, the move by Apple is aimed at preventing child abuse and dissemination of illegal material. Nonetheless, many users remain skeptical given good intentions can often beget issues and potentially suboptimal outcomes.

“Consumers absolutely must have confidence that data is handled safely. But we also must be sure that technology isn't helping exploit children or commit other serious crimes,” David Thomas, CEO of risk mitigation software firm EvidentID, told Real Money. “That's the fine line that Apple is walking and that every other company with explosive growth potential will inevitably face - and they will never be perfect.”

However, stepping back from the Apple anecdote, there is an increasing awareness among technology-savvy consumers about the vulnerability of their data, both to the prying eyes of tech giants and potentially more nefarious actors.

As such, data protection is an area of deepening investment that should also attract the attention of retail investors seeking to capitalize on the secular trend in cybersecurity.

Protecting Privacy

While cybersecurity is an incredibly broad term and can often confuse consumers, it is intuitive that as life becomes more technologically integrated through advancements in everything from 5G to artificial intelligence AI to the Internet of Things (IOT), protection of consumer data will have to play catch-up.

For reference on this acceleration alongside tech innovation, market research firm Mordor Intelligence said it expects the cybersecurity market to grow from an industry valued at about $156 billion in 2020 to more than $352 billion by 2026.

Seeking to capitalize on this growing market for end-user protection, many cybersecurity-focused companies are either investing heavily, or combining into larger and more effective entities. Indicative of this trend lately are large-scale deals like NortonLifeLock’s  (NLOK) - Get NortonLifeLock Inc. Report $8.1 billion acquisition of Czech software giant Avast, private-equity firm Thoma Bravo‘s $12.3 billion purchase of Proofpoint  (PFPT) - Get Proofpoint, Inc. Report and Broadcom’s  (AVGO) - Get Broadcom Inc. Report $10.7 billion takeover of Symantec Enterprise Security.

It is particularly this size and scale that Kevin Simzer, chief operating officer of cybersecurity firm Trend Micro, told Real Money was pivotal for retail investors to recognize.

“Retail investors should be thinking about a cybersecurity company with three core qualities: Global, holistic data, and platform-minded,” he said. “A global presence and customer base maximizes cyber efficacy. Leveraging data from desktops, networks, email, servers and cloud better pin-points cyber threats.”

Restricting Ransomware

Of course, privacy and protection is not only sought by consumers. Major firms are certainly further along in their pursuit of data protection, but recent bouts of high-profile ransomware attacks indicate increased investment is still necessary.

TheStreet Recommends

While the hack of the Colonial Pipeline is the highest profile event, attracting intense attention from the Department of Homeland Security, the trend of attacks is incredibly widespread, forcing many firms to fork over millions to return critical information.

Vykintas Maknickas, product strategist at NordVPN, told Real Money this can beget a vicious cycle that will require proactive investment and prevention.

“The cycles fueling this cybersecurity momentum come in stages and they look like this: Hackers breach company networks and encrypt the data, companies pay a ransom to decrypt the data because it’s cheaper than losing it, and hackers are incentivized to breach more companies because they pay the ransom,” he explained.

Maknickas noted that the bifurcation of firms able to buck this worrisome trend and those that aren’t will create big winners and losers. As such, increased investment in protective measures is very much worthwhile.

Even if firms are reluctant to invest on their own, they may in fact be forced to do so by more aggressive regulation by the Cybersecurity and Infrastructure Security Agency (CISA) which unveiled a private-public partnership Joint Cyber Defense Collaborative (JCDC) on Aug. 5.

“The JCDC presents an exciting and important opportunity for this agency and our partners - the creation of a unique planning capability to be proactive vice reactive in our collective approach to dealing with the most serious cyber threats to our nation,” CISA director Jen Easterly said in a statement. “The industry partners that have agreed to work side-by-side with CISA and our interagency teammates share the same commitment to defending our country’s national critical functions from cyber intrusions, and the imagination to spark new solutions.”

Among the key partners are both big tech companies like Amazon  (AMZN) - Get Amazon.com, Inc. Report, Microsoft  (MSFT) - Get Microsoft Corporation (MSFT) Report and Alphabet  (GOOGL) - Get Alphabet Inc. Class A Report, as well as emergent cybersecurity leaders CrowdStrike  (CRWD) - Get CrowdStrike Holdings, Inc. Class A Report, FireEye  (FEYE) - Get FireEye, Inc. Report and Palo Alto Networks  (PANW) - Get Palo Alto Networks, Inc. Report.

Remote Work Risks

The nexus of these enterprise and endpoint risks is perhaps best highlighted in remote work, which is slated to see an 87% increase from pre-pandemic levels in a matter of just a few years, according to a recent report from workforce analysis firm Upwork.

With data no longer centralized and instead stored by cloud providers for ease of access, increased protection is no doubt necessary.

“As the world continues to grapple with COVID-19 ensuring that online resources are available will continue to be a global priority,” Stephen Boyce, CEO of digital forensics firm Cyber Doctor told Real Money. “Cloudflare NET has been a global leader in making sure online resources are available through its DDoS protection services. As more states and countries continue to grapple with data sovereignty, Cloudflare's Data Localization Suite will help customers manage their data locality, privacy, and compliance needs.”

Elsewhere, he highlighted cybersecurity training firm Knowbe4  (KNBE) - Get KnowBe4 Report as a likely winner as firms attempt to increase awareness of data protection protocols and prevent a “weakest link” human error issue in their security efforts.

Other companies highlighted by the experts as attending to overlapping concerns amid the increased mobility of work environments are Zscaler  (ZS) - Get Zscaler, Inc. Report and Okta  (OKTA) - Get Okta, Inc. Class A Report, as well as currently private firms 1Password and OneTrust.

In the end, data is a precious commodity and a confluence of factors in technological paradigm shifts, harder to contain hacking efforts, privacy conundrums, and remote work are making it an increasingly difficult thing to protect. However, as both businesses and consumers increase investment in critical protection, investment in the sector could likewise be a critical protection for investors’ portfolios.

NortonLifeLock, Apple, Amazon, Microsoft, Alphabet and Broadcom are holdings in Jim Cramer's Action Alerts PLUS member club. Want to be alerted before Jim Cramer buys or sells the stocks? Learn more now.