Cybersecurity—are risks increasing?
Cybersecurity—are risks increasing?
Gauging the risk of a cyber attack before it happens is difficult. Significant attacks, like the Solar Winds attack from a few years ago, occur over a period of months and have far reaching implications. Successful hacks may be happening right now and we will only hear about them at their discovery in the future.
The uptick in geopolitical tensions raises the risk of significant attacks. Russia, Iran and China share a common thread of engaging in offensive cyber activities. Chief information security officers recognise they cannot slack on cyber defences. It’s also true that there are many actors who would love to disrupt the 2024 U.S. presidential election.
Are cybersecurity company earnings boosted by an increasing perception of risk?
Cybersecurity has been consistently near the top of the spending plans for technology budgets1. It is basically cybersecurity and then Artificial Intelligence (AI) taking up all IT budgets. Some of the news flow from recent earnings reports:
- Datadog: Revenue growth registered 25% year-over-year, which ended a streak of five consecutive quarters of year-over-year revenue deceleration. Additionally, revenue growth guidance for the current quarter was 21%, which effectively calmed concerns Datadog would struggle to hit a 20% level exiting 20232.
- Rapid7: Annual recurring revenue was up 14% year-over-year, beating consensus. The company saw strong performance in its ‘Managed Threat Complete’ and ‘Cloud Risk Complete’ bundles. The market was expecting a 15.3% operating margin but the firm delivered 18.5% on the back of restructurings and headcount reduction3.
- Palo Alto Networks: Palo Alto Networks is expected to maintain billings growth in the mid to high teens. Their business with the public sector is done on a three-year subscription basis as opposed to a one-year basis4. The company recently announced a plan to acquire Dig Security in the data protection area and reports speculate about also acquiring Talon, which would be more in the area of access security. Palo Alto Networks has proven over time that it can acquire leading companies, help with access to funding, and allow them to grow5.
- Varonis Systems: Annual recurring revenue was up about 16% year-over-year, beating consensus expectations. Annual recurring revenue has been accelerating AND the Software-as-a-Service (SaaS) transition is happening faster than expected. SaaS represented 59% of new business, while guidance only predicted 45%6.
- Qualys: Qualys reported year-over-year growth in billions that was about 2.2% ahead of consensus, delivering 13.1%. EBITDA margins were also 5% ahead of expectations. The company is predicting overall 2023 billings growth to be about 12%8.
- Trend Micro: Trend Micro has announced plans to increase shareholder returns, including paying 100 billion yen of dividends at the end of December 2023, implying a 70% payout ratio, and then share buybacks worth 40 billion yen9.
- CyberArk: Annual recurring revenue growth reported at 38%, beating consensus expectations of 35%. Management cited accelerating bookings and a record pipeline10.
- Akamai: Akamai reported security growth of 20%, year-over-year, which, combined with operating margins expanding, helped drive earnings per share growth to 30% year-over-year. With cloud and security now above 50% of total revenues, a path to durable earnings per share growth in the low teens could be possible11.
- Check Point: Check Point’s current period results were one that stood out as not positive—they were weaker than expected and current billings declined. However, it is possible that the firm is nearing the trough of a tougher period in its business, with possibly improved results coming up12.
Artificial intelligence: a possible cybersecurity catalyst?
Cybersecurity connects back to the AI story. AI without appropriate attention to security can be a bit of a disaster, so we are hoping that companies are researching if or how they will use AI in parallel with how they will secure AI. ChatGPT awakened the world to the promise and possibility of AI, and it became a requirement to talk about one’s AI strategy across earnings calls in 2023.
Cybersecurity also lends itself to AI since there are many millions of attacks every day. The scale of the issue and limited amount of cybersecurity professionals creates a synergy where many AI companies are using AI and machine learning to provide better security solutions.
Conclusion: a mandatory megatrend
If you knew a business had no cybersecurity strategy, would you work with it? We have yet to find anyone answering ‘yes’ to this question. The necessity of cybersecurity is clear, globally. The question when investing is more about which companies may be positioned to capture the market share and demand for these services, as well as whether it becomes acceptable to outsource cybersecurity to the major cloud infrastructure providers.
Whatever the ultimate strategy, we simply note that every new technology requires thought to be applied in how to secure it because the hackers never rest and are always seeking vulnerabilities.
Sources
1 Fodderwala, Hamza. “4 Reasons We’re More Bullish Here.” Morgan Stanley Research. 31 July 2023.
2 Singh et al. “3Q23 Results: Case for Durable Growth Gets a Boost as Consumption Trends Stabilize.” Morgan Stanley Research. November 8, 2023.
3 Fodderwala et al. “3Q23 Vulnerability Management Recap: RPD Back on Track, Mixed Results from TENB.” Morgan Stanley Research. November 2, 2023.
4 Fodderwala et al. “Can PANW Continue to Separate From the Pack? We Think So.” Morgan Stanley Research. November 10, 2023.
5 Fodderwala et al. “Revving Up The M&A Engine.” Morgan Stanley Research. November 6, 2023.
6 Fodderwala et al. “3Q23 Results—Moving In The Right Direction.” Morgan Stanley Research. October 31, 2023.
Related blogs
+ Behind the Markets Podcast: boosting productivity with AI
+ How artificial intelligence can fuel growth across megatrends
+ A military perspective on cybersecurity (Part 2)