Publications

- April 1, 2022: Vol. 9, Number 4

Investing in cybersecurity in the age of ransomware

by Lyman Howard

The need for cybersecurity has exponentially increased over the years, with the pandemic-driven transition to a work-from-home environment accelerating the trend. With this increased focus on cybersecurity comes opportunity for investment in companies with solid fundamentals in this industry.

A major theme of the pandemic was an acceleration of work and commerce from brick-and-mortar shops and offices to online. From buying goods, to education, to the white-collar workplace, activities shifted onto connected internet devices out of necessity, making the economy more dependent than ever on secure and efficient connections to computer networks.

The relatively quick transition to a work-from-home environment was a challenge for corporate IT managers and an opportunity for cyber criminals. The World Economic Forum estimated that cyberattacks jumped 238 percent globally between February and April 2020. Perhaps this was a unique window of vulnerability, but there is evidence that cyber threats revealed an undercurrent of risk that is still around.

Cybersecurity has become an issue of existential importance to many organizations, forcing management to devote greater resources to fortify and monitor networks. Every employee working outside the office has the potential to become a weak link in their defenses, maintaining the urgency to defend the network. It serves as a call for both heightened personal diligence and, at the same time, creates a potential opportunity for investors.

Spending on cyber defense is a growing portion of that budget. Microsoft president Brad Smith recently told The Wall Street Journal that in January the company’s security business surpassed $10 billion in revenue, and security continues to be a significant focus for Microsoft and U.S. companies in general. According to Smith, there are about 460,000 U.S. job openings that require cybersecurity skills.

We expect a mix of in-person and remote work will likely persist as workers’ preference for a flexible working environment remains strong. This provides a strong mid-term tailwind for the entire cybersecurity industry, although companies within that category create different products and services:

  • Cloud security companies that monitor networks for anomalies
  • Hardware companies building firewalls and secure network gear
  • Software designed to detect malicious code and halt its damage
  • IT service contracts that provide daily management and expertise

Some companies are dedicated to one of these tasks, but most present a combination of products and services. For example, Accenture is a global consulting firm serving large corporations and government agencies with outsourcing and strategy, 80 percent of which is technology consulting.

Cisco Systems, on the other hand, continues to manufacture secure network hardware, from modems to routers, but more recently offers secure file sharing services and secure web conference hosting services as part of its small but growing software and services business.

Perhaps the best example is Fortinet, which is dedicated to a full suite of network security. This company builds network firewall hardware embedded with sophisticated internal software alongside additional cybersecurity software solutions. That integrated product offering serves to manage internet-connected devices, walls off the company network, and seeks out malware in incoming emails and company operating systems.

What’s important for investors is selecting the right investment with solid profit margin, sustainably growing sales, and a competitive position that makes it easy for customers to “hire” the company or pay for the product while making it difficult for a competitor to enter. Seeking out companies that exhibit these characteristics is a potential recipe for investment success, and there are good companies in the cybersecurity landscape today fitting this profile.

We expect organizations to continue allocating larger budgets to security investments designed to be more conducive to a digitized, hybrid work environment. The changes forced by the pandemic are here to stay, and employers large and small will appreciate the importance of investing in cybersecurity technologies. Digital transformation continues to drive growth, and we want to be invested in this long-term secular tailwind.

 

Lyman Howard is a portfolio manager at Ashfield Capital Partners. Read the original version of this article on the Ashfield website at this link: https://ashfield.com/investing-cybersecurity/

Forgot your username or password?