NEW YORK ( TheStreet) – Corporate CEOs and chief information officers are on high alert, given the endless outpouring of reports about cybercriminal activities. Ironically, these subversive activities should provide a boost to investors' cybersecurity stocks into 2015 and beyond.
"Enterprises need to protect their networks as the stakes have been raised given the recent surge of criminal hacking attacks and malicious activity worldwide," Daniel Ives, a managing director and senior research analyst at FBR Capital Markets & Co., told TheStreet.com. He estimates that the increase in cybercriminal activity is a $15 billion to $20 billion market opportunity worldwide for cybersecurity vendors over the next three years.
"We are in the early innings of this massive cybersecurity opportunity. It’s a game changing paradigm shift as enterprises worldwide adjust to these new security threats," Ives added. "Over the next few years, there’s going to be a massive surge in enterprise and government spending on cybersecurity technologies to detect and prevent malicious activity. These investments will help many of the (security) companies achieve accelerated growth in their sales and profitability in a challenging IT spending environment."
One piece of advice Ives also offered was for investors to take a broader view of security stocks as a core holding and seek those security vendors that will benefit from the escalation of security threats.
Traditional security companies, such as Symantec (SYMC) , Intel's (INTC) subsidiary McAfee, Cisco (CSCO) and Juniper Networks (JNPR) , have more mature technology, which isn’t really focused on the next generation of threats, Ives said. However, Palo Alto Networks (PANW) , FireEye (FEYE) , Proofpoint (PFPT) , Fortinet (FTNT) , and even Checkpoint (CHKP) have done a commendable job expanding their product portfolios to address the latest types of malicious assaults and spy tools, he added.
The increased attacks on networks have been a catalyst for cybersecurity spending by their customers, said Ives. An increasing number of big data analytics are becoming a bigger piece of the security pie, he added, which benefits vendors, such as Palo Alto Networks, Proofpoint, Splunk (SPLK) and Verint (VRNT) .
One of the principal malware spy tools that is in the crosshairs of security analysts is Regin. They are trying to figure out how to stop attackers who insert Regin into computer networks to eavesdrop on enterprise activities and then remotely alter corporate operations.
Noteworthy is that Symantec, which recently published an update about its Regin research, is one of the cybersecurity companies that have lagged in top-line growth over the past few years. Part of the frustration with this cybersecurity tech pioneer has been its focus for the past decade on its original anti-virus, endpoint security technology, said Ives. "They should’ve been building products to address network security, threat analysis, firewalls and unified threat managers."
Now, said Ives, Symantec's recent announcement that it would split into two companies is seen as a step in the right direction. One company will focus on security and the other on storage. This news, announced on Oct. 9, was initially panned by investors who pushed the stock lower after the close and during the subsequent days, but have since apparently warmed to the idea. Symantec is up nearly 11 percent from its close of $23.30 when the split was announced, while the tech-heavy Nasdaq has climbed only 7.5% during the same period.
Elsewhere, although in its early days, Ives believes the development of big data analytics with a security focus represents a massive opportunity for software vendors. “As the security buying decisions remains a top priority in enterprise IT departments, of all shapes and sizes, we will see a surge of spending in this area in 2015 and beyond. This will fuel growth for next generation cybersecurity vendors and investors should benefit accordingly,” he said.
Data analytics for cybersecurity threat analysis is another segment of emerging security technology that represents investment opportunities. “Big data analytics are ramping up as a bigger piece of the security pie,” said Ives. Companies that FBR recommends considering as investments that sell these tools include Splunk, Palo Alto Networks, Proofpoint and Verint.”
Lastly, FBR expects the fragmented security market to consolidate through mergers and acquisitions, which also could benefit investors. “We view more mature, traditional tech companies, such as Cisco, EMC and IBM as potential acquirers of cybersecurity firms such as Fortinet, Proofpoint, Qualyis and Imperva. These acquired companies could enhance sales and as well as protect the corporate data centers with their advanced security core technologies,” said Ives.