Smart tech, smarter security: a cybersecurity guide for investors

Four cybersecurity leaders

Many vendors fall into two groups: platforms that bundle several tools, and specialists that focus on one area. Below we cover a broad platform (Palo Alto Networks), one platform-leaning specialist—CrowdStrike (endpoint + cloud workload), and two specialists—Okta (identity), and Zscaler (secure access).

Palo Alto Networks (PANW) — platform + secure access
Palo Alto sells a broad platform that covers networks, internet access, endpoints, and cloud security. Most sales are subscriptions, with “land and expand” across many products. Strengths: breadth and cross-selling into a large customer base. Risks: tough competition in secure access, migration complexity, and price pressure from bundled cloud deals.

CrowdStrike (CRWD) — endpoint + cloud workload
CrowdStrike protects laptops, servers, and cloud apps with a single lightweight agent on each system that monitors activity in real time and reports to Falcon—its cloud platform—where threats are detected and blocked. Revenue is subscription-based and grows as customers add more modules. Strengths: strong detection, fast updates, and rising use in cloud workloads. Risks: premium pricing and the 2024 outage reminder that one bad update can hurt trust.

Okta (OKTA) — identity at the center
Okta verifies who you are and what you can open across your work apps. It earns recurring revenue per user and by adding security features like multi-factor checks and governance. Strengths: neutral identity layer that works across clouds and vendors. Risks: stiff Microsoft competition and past security incidents that raise scrutiny.

Zscaler (ZS) — zero-trust network edge
Zscaler replaces old virtual private networks with a cloud service that connects users to apps only after checks—“trust no one” by default. Subscriptions drive revenue, with add-ons for data protection and operations. Strengths: built-for-cloud design and a large global network. Risks: long enterprise sales cycles and rising competition from bigger platform vendors.

These cybersecurity leaders have performed well and often trade at premium valuations, reflecting strong growth prospects and sticky subscriptions. Platforms give simpler, steadier exposure—one bill, integrated tools, and bundle pricing that cuts overlap. Specialists fit only when their product is clearly best-in-class or needed across multiple clouds (‘depth advantage’). Depth can win deals, but platform bundling and buyer consolidation can cap seat growth and make returns more volatile.

Challenges and risks

AI adds more apps, more data copies, and more places to break. Remote work multiplies devices and home networks. Net result: more doors to guard and more chances to slip. People remain the weak link. Stolen passwords and phishing do most of the damage, and small access mistakes—no multi-factor authentication (MFA), old admin accounts, broken single sign-on (SSO)—turn small slips into big breaches.

Rules raise the bar and lift costs. The EU AI Act pushes firms to log access, control data flows, and prove compliance. Cloud giants bundle security inside AWS, Azure, and Google deals. That can cut overlapping tools, but it increases lock-in—eroding pure-play pricing power—while leaving multicloud blind spots. Independent vendors still win when they go deeper or work cleanly across platforms.

Valuation is a risk: many cyber stocks trade at high multiples, leaving little room for error—small misses, softer guidance, or outages can compress multiples fast.

Investor playbook

• Follow recurring revenue, net retention, and add-on adoption; prefer durable growth to billings swings.
• Check platform coverage: favour platforms that cover identity, secure access, and workload protection; add specialists where depth matters.
• Watch pricing power versus hyperscaler bundles; track discounting and gross margins.
• Mind valuation: phase entries and size positions so a miss or outage won’t derail the portfolio.

Conclusion