Skip to main content
Image placeholder title

NEW YORK (TheStreet) -- Cyber attacks against U.S. companies have become almost impossible to stop. So cybersecurity companies like FireEye (FEYE) , CyberArk (CYBR) and Palo Alto Networks (PANW) are focusing not only on prevention but minimizing the damage from such attacks when they inevitably occur.

"Traditionally there was really a focus on perimeter security and prevention technology, preventing intruders from making it into your network," JMP Securities analyst Erik Suppiger said. "I think there's still considerable investment in that type of security, but I think in the last year to two years there's been much greater awareness that even if you invest in prevention technologies, intruders are going to penetrate your network. So there's growing awareness that you also need detection and remediation technologies so that you've got security that can prevent them from doing significant damage once they're in."

The urgency of dealing with breaches continues to grow. Witness the recent attacks against Sony Pictures Entertainmentundefined , Target (TGT) , Home Depot (HD) , Anthemundefined   and JPMorgan Chase (JPM) .

Cybersecurity firms have certainly benefited from the explosion in hacking. Here's how three have performed, both in their stock price, and how they've adjusted to the growing need for damage control in cyber attacks.


This Israeli-based company, which went public this past September, is known for combatting high-profile breaches that target key insiders such as corporate executives and system and database administrators. CyberArk secures the administrative accounts under layers of protection that keep intruders from accessing them. CyberArk also closely monitors these privileged insiders and alerts the company when it sees suspicious activity.

CyberArk says it has long seen the need to emphasize protecting a network on the inside while acknowledging the fact that intruders will inevitably get in.

"The whole approach of let's keep the bad guys out that was probably used since the introduction of the Internet just doesn't work because they're making it in," CyberArk's CEO Udi Mokady said. "For so many years we've been shouting the enemy is making it inside to mostly deaf ears. The reason we're seeing commercial success now in the last couple of years is that awareness is now across the board. Every chief information officer is now speaking what used to be heresy in the past--'we can't secure ourselves by keeping the bad guys out. We have to assume they'll make it in and how do we protect our inside?'"

Although CyberArk has seen its stock more than double since going public, some analysts think the stock is overvalued compared to similar companies. The stock plunged 12% on Monday following a downgrade from JPMorgan Chase.

"The demand environment for security certainly is very attractive now," Suppiger said. "The question is can they grow into the valuations that they're at. CyberArk is probably one of the most extreme cases."

But William Blair & Company's Jonathan Ho (who rates the company Outperform) believes that CyberArk is now becoming more recognizable and gaining customer interest. "Companies that already have a next generation firewall or APT solution should be looking at CyberArk as the next level of security," he said.


Another fairly recent cybersecurity IPO is California-based FireEye, which went public in September 2013 and is now trading up 30% from its opening price. The company leads the way in dealing with advanced persistent threat and beat analyst expectations by 2% in its fourth quarter earnings of $143 million in revenue, up 150% year-over-year.

According to FireEye's CTO David Merkel the company uses a technology called MDX to monitor every access point a hacker may try to enter, including mobile applications, laptops, and servers.

"Bad guys are always innovating, so just like good guys are always innovating to bring Teslas and rocketships, the bad guys are innovating the same way," Merkel said. "They're trying to find new ways to get into organizations. Everything you do has a cyber component. The best way to go after it is online. That is the new normal."

Palo Alto Networks

This Santa Clara, Calif.-based company recently acquired Israeli cybersecurity company Cyvera, helping to position it as a leader in the space. Palo Alto Networks is Pacific Crest's top pick in security, with an Outperform rating and price target of $130.

This company went public in July 2012 and has nearly tripled its stock price to around $140. It's fourth quarter revenue grew 59% year-over-year to $178.2 million, up about 5% from analyst expectations according to Thomson Reuters.

"We believe competitive gaps are widening as Palo Alto Networks continues to outpace the industry," Pacific Crest's Rob Owens and Ben McFadden wrote in a research note. "While the current spending environment is likely to bolster the entire industry, we believe Palo Alto has the most to gain with plenty of opportunity left (less than 50% of the Global 2000 are customers) and a channel that is increasingly seeking cutting-edge solutions."

JMP Securities' Suppiger is also bullish on Palo Alto, noting that the company has a solid platform that enables it to consolidate new solutions seamlessly. This positions it to do well in the long-run as newer technologies emerge.

While Palo Alto may be leading the pack, one thing is certain: the demand for cybersecurity is not dying down anytime soon.

"As network complexity increases and the sophistication of attacks also increases, cyber-security is high on the spending list for CIOs," Oppenheimer's Shaul Eyal wrote in an email. "The increasing importance of data for enterprises combined with the increasing sophistication of attackers means that this is an arms race that is likely to continue for some time to come."

--Written by Rebecca Borison in New York

>Contact by Email.

Follow @borisonr