The tense geopolitical environment and accelerated digitization of the economy are unsurprisingly coming with an increasing number of highly damaging cyberattacks and the momentum is unlikely to slowdown any time soon.
The next growth driver is already visible with the emergence of the Internet-of-Things (IoT), powered by 5G networks. IoT will spark a massive rise in the number of new vulnerabilities as billions of new devices are expected to be connected and to boast smart features in the future, including autonomous vehicles, wearable medical devices, voting machines, smart homes…
Against this backdrop, all companies and organizations face massive intrusion threats, suggesting they will have no choice but to roll out Zero Trust security architectures that combine user identification and access management with device authentication and protection and to massively invest in detection tools and automated response solutions.
Rising data compliance requirements in several parts of the world where governments impose to store and process data locally are another major challenge and opportunity for the cybersecurity industry.
From a financial standpoint, profitability of cybersecurity is lagging that of other software segments but a combination of strong revenue growth and M&A should give a boost to margins and earnings growth and support valuations across the board.
Finally, M&A is adding some spice to the investment case. The growth outlook as well as the cybersecurity industry fragmentation are attracting both private equity firms seeking to extract synergies by combining various cybersecurity assets and Tech companies seeking to offer end-to-end security solutions.
The cybersecurity sector had a rough ride last week as Palo Alto Networks (a portfolio company), one of the industry leaders, announced an underwhelming billings guidance for both the current quarter (only +2-4%, after +16% in CQ4) and the full year (+10-11% vs +16-17% previously). Amid healthy cybersecurity spending, Palo Alto’s figures clearly came as…
UK-based Darktrace kicked off the cybersecurity earnings season with a robust set of figures and a guidance upgrade, giving confidence that the recent rally in security stocks is sustainable as fundamentals improve. In H1 (calendar H2), Darktrace delivered 27% revenue growth, 3% above expectations, with an EBITDA margin above 19% (100-200bps above consensus) and raised…
Eighteen months after initial reports of M&A talks, networking giant Cisco announced the takeover of data analytics and cybersecurity software company Splunk in a massive $28 billion deal (both Cisco and Splunk are portfolio companies). The 32% premium is in line with recent sector transactions and the valuation multiple (6x revenue) is in the low-end…
As we commented a couple of months ago, generative AI has been emerging as a weapon for hackers, making phishing attempts (emails or texts inviting a user to open a malicious link to steal his/her credentials) bespoke and then much harder to detect, and helping to reduce malware software development cycles and/or rewrite code to…
The cybersecurity sector has come under pressure over the last couple of days following Microsoft’s introduction of a secure web gateway solution (SWG) called Entra, that complements the Tech giant’s leading franchise in identity/access management and extended detection and response (XDR). SWG – which is one of the main components of Gartner’s defined Secure Access…
The easing of the zero Covid policy in China and of the government crackdown on its Tech industry have obviously been a major positive as both Chinese Tech giants and local companies, that often fly under investors’ radar, enjoyed a significant rerating since the end of 2022. Specifically, cybersecurity firms, that were hit by a…
Ransomware attacks have been increasing at an alarming rate over the last couple of years (between +50% and +100% according to various sources) with ransomware becoming the preferred method for many cybercriminals to monetize their fraudulent activity. With the emergence of the Ransomware-as-a-Service (RaaS) “business model” in the hackers’ community, this type of attack is…
Crypto hacks are now making the headlines on a regular basis, as illustrated by the $620 million heist of blockchain game Axie Infinity in March or last week’s $160 million hack of crypto market maker Wintermute. With criminal activity involving cryptocurrencies on track to reach a new record after the 2021 peak ($14 billion, up…
As illustrated by Google’s recent acquisition of Mandiant and Cisco’s increasing focus on security, a convergence between tech hardware and cybersecurity software has been taking place, a move that should intensify over coming years. For networking hardware specialists such as Cisco and Juniper, implementing firewalling and threat detection software in their routers and switches is…
Many cybersecurity companies, including Fortinet, Cloudflare or Rapid7, reported their quarterly earnings in recent days. While revenue and earnings were overall solid, most companies hinted at increasing deal scrutiny from their corporate customers, lengthening sales cycles and softening growth trends going forward as customers navigate a complex environment and are closely watching their spending amidst…
Identity management specialist Ping Identity (a portfolio company) just announced its acquisition by private equity firm Thoma Bravo for a $2.8 billion enterprise value and a massive 63% premium, marking the sixth multi-billion M&A deal in cybersecurity so far this year. This deal follows the recent SailPoint takeover (also by Thoma Bravo), which was the…
Amid general concerns about the macro and corporate spending outlook, it appears that cybersecurity remains an area of strong growth and resilience, as illustrated by the latest Morgan Stanley survey of Chief Information Officers that found that spending on security software was the least likely to be cut among the whole Tech categories (software and…
According to various media reports, semiconductor giant Broadcom is in talks to acquire cloud software infrastructure company VMware. Having started with server virtualization, a software solution that morphs a single and physical server into several virtual ones, VMware gradually added storage and networking virtualization in order to offer a complete infrastructure software stack that allows…
Two weeks ago, we highlighted the need for automated threat detection in an environment where the number of threats is rising exponentially and commented that Google’s recent acquisition of privately held Siemplify could pave the way to other M&A deals in the field of security automation. It looks like things are speeding up with Microsoft…
Before a potential invasion, Russia has reportedly sought to destabilize Ukraine on the cyber front in recent weeks as hackers attacked and placed destructive malware inside tens of Ukrainian government agencies. This prompted the US Cybersecurity and Infrastructure Security Agency to warn critical infrastructure operators against possible cyber threats to US assets, reminding that two major cyberattacks…
Many cyber-attacks and security breaches made the headlines last year (SolarWinds, Kaseya…). But that was almost nothing compared to the Log4Shell vulnerability present in the Java open-source Apache logging library Log4J that was revealed in early December and sparked a coordinated response from several US agencies (NSA, FBI, CISA…). This dismay is not disproportionate as…
Since the beginning of the COVID-19 pandemic, cybercrime activity has been on a tear (e.g. +130% for ransomware) as companies had no choice but to open up their IT network to remote workers and devices, often struggling to comprehensively secure it on time, leaving entry points for malicious attacks. Interestingly, 50% of these security failures…
Recently, we commented that the Internet-of-Things (IoT) was finally gaining traction in the industrial world and was on track to become 5G’s killer app as it provides industrial companies with the opportunity to attach a wide range of digital services and features (monitoring, analytics…) to their installed base of cars, factory machines or robots. The…
The cyber-attack which recently struck one of the biggest oil infrastructures in the US, the Colonial Pipeline, is the latest in a series of high-profile attacks targeting critical US infrastructures. Back in December, the Sunburst/SolarWinds infiltration operation made the headlines as it hit the US Treasury, the US Department of Commerce as well as most…
Since the vaccine news last month, some investors have started questioning the growth sustainability of work-from-home winners, including cybersecurity names, considering that most lockdowns are now behind us and that we are heading towards a full economy reopening in 2021. This week’s earnings and guidance from some of the top software vendors securing the remote…
Back in April, we commented that a new generation of cloud-native cybersecurity companies (Zscaler, Okta, CrowdStrike…) was likely to disrupt the actual leaders (Check Point, Palo Alto…). Clearly, the accelerated digitization of the economy in the last couple of months helped them deliver on our expectation, with several players reporting impressive earnings last week and…
There’s been a lot of literature in recent days about the “remote” or at-home revolution. Remote working, videoconferencing, telemedicine and online shopping just to name a few are indeed currently supporting millions of people across the world in their daily professional activity, in helping them to stay in contact with colleagues and loved ones and,…
NAV & Performance
ISIN
CH0473585252
Currency
USD
Type
Active Equity
Issuer / Rating
UBS / S&P A+
Inception Date
08.11.2019
Liquidity
Daily