Quarterly Outlook
Macro Outlook: The US rate cut cycle has begun
Peter Garnry
Chief Investment Strategist
Chief Investment Strategist
Summary: Most high growth industries have a high sensitivity to the economic outlook but the cyber security industry becoming a necessity for the corporate sector and governments around the world. This means that the underlying demand function is stable throughout the economic cycle and the increased number of cyber attacks have increased the awareness and need for massive investments. The industry is still small and will likely see double-digit growth growth rates over the coming decades as the digitalisation continues and with the rise of Internet of Things. Our cyber security consists of 25 largest publicly-listed cyber security companies.
This year we have been rolling out 15 new equity theme baskets and today we are launching our 16th equity basket focusing on the cyber security industry. This industry has grown considerably the past year and delivered strong returns to shareholders over the past five years. However, the best feature of the cyber security industry is that it has defensive characteristics combined with an above average growth outlook.
The basket
Our cyber security basket consists of 25 companies mainly based in the US with only three non-US companies showing the dominance of the US in cyber security. Despite the growing threats from cyber attacks with the most recent high-profile attack being on a major US pipeline, the industry is still small with a combined market value of $381bn across the 25 companies in our basket.
Name | Market Cap (USD mn.) | Sales growth (%) | EPS growth (%) | Diff to PT (%) | 5Y return % |
Crowdstrike Holdings Inc | 57,108 | 77.3 | 41.1 | 1.3 | NA |
Fortinet Inc (**) | 39,206 | 20.3 | 37.6 | -8.5 | 652.3 |
Okta Inc | 36,615 | 40.4 | -39.9 | 12.4 | NA |
Palo Alto Networks Inc | 35,878 | 22.2 | -69.7 | 19.7 | 202.5 |
Cloudflare Inc | 32,224 | 51.0 | NA | -6.6 | NA |
Zscaler Inc | 29,981 | 53.7 | -352.1 | 5.5 | NA |
VeriSign Inc | 25,487 | 3.1 | -13.2 | 3.6 | 168.8 |
Splunk Inc | 22,571 | -3.0 | -79.6 | 19.2 | 151.2 |
Check Point Software Technologies Ltd | 15,825 | 3.8 | 9.9 | 14.2 | 49.6 |
NortonLifeLock Inc | 15,792 | 2.4 | 75.2 | 1.9 | 145.5 |
McAfee Corp | 12,216 | NA | NA | -2.2 | NA |
F5 Networks Inc | 10,984 | 7.0 | -11.0 | 18.6 | 62.5 |
Proofpoint Inc | 9,970 | 16.4 | 28.0 | 1.4 | 190.3 |
Trend Micro Inc/Japan | 7,443 | 5.2 | -13.1 | 7.3 | 94.8 |
Avast PLC | 7,127 | 2.5 | -19.2 | 16.6 | NA |
Varonis Systems Inc | 6,189 | 24.3 | -12.5 | 17.7 | 633.3 |
CyberArk Software Ltd | 5,410 | 5.8 | -96.6 | 29.5 | 181.4 |
Rapid7 Inc | 5,383 | 24.8 | -52.3 | 1.8 | 650.5 |
SolarWinds Corp | 5,341 | 6.8 | 448.6 | 16.6 | NA |
Sailpoint Technologies Holdings Inc | 4,842 | 25.4 | -26.6 | 21.6 | NA |
FireEye Inc | 4,838 | 6.5 | 33.4 | 9.8 | 30.4 |
Tenable Holdings Inc | 4,684 | 22.2 | 71.8 | 33.0 | NA |
Venustech Group Inc | 4,154 | 32.0 | 27.6 | 48.1 | 29.2 |
Qualys Inc | 3,996 | 12.3 | -4.1 | 9.9 | 239.6 |
CommVault Systems Inc | 3,701 | 7.8 | 96.1 | 1.4 | 87.3 |
Aggregate / median | 380,749 | 14.3 | -11.0 | 9.9 | 160.0 |
Source: Bloomberg and Saxo Group
* Sales and EPS growth is measured on 12-month trailing figures, Diff to PT is the difference between consensus price target and the current price in %
** Peter Garnry has holdings in these companies
The median revenue growth over the past year is 14% which is quite attractive relative to a global pandemic and lockdowns in many countries. Earnings growth is volatile across the industry with a few players showing stable profit margins while most cyber security companies are investing heavily in growth and expanding the client base. Analysts covering the industry are generally positive on the industry with a median price target being 10% above the current price. Of the 16 companies with a five-year history the median five-year return has been 160% which has been attractive.
The industry and why it is attractive for investors
The cyber attack on the Colonial pipeline was a big deal and brough cyber attacks to the attention of company leaders and political leaders with Biden bringing it up as topic at the recent summit with Putin. Cyber security is becoming a critical part of any country and company’s infrastructure as the world goes more digital and some are even suggesting that it should become compulsory. A Danish home improvement retailer was recently exposed to a cyber attack and the CEO has been out saying that dealing with the pandemic was much easier than this cyber attack. This underscores the growing attention by business leaders that cyber security is a necessity.
The cyber security industry is expected to grow 11% annualized until 2028 from a current estimated market size of $167bn, but this could prove to be too low an estimate given the increased threat from cyber attacks. With the adoption of Internet of Things which we back in May described as the next growth cycle for the semiconductor industry more things will be coupled and connected creating even bigger demand for cyber security.
The combination of double-digit growth rate and defensive characteristics, companies and governments need cyber security no matter the state of the economy, are what makes the cyber security industry attractive for investors.
Key risks
Many cyber security stocks are aggressively valued due to increased attention of investors and the growth outlook. These high valuations make cyber security vulnerable and more volatile over earnings releases as they respond more to the changing outlook. The high valuations also mean that cyber security stocks in the short-term could be sensitive to higher interest rates. As most of the companies in the basket are US-based a higher USD is negative for earnings and revenue growth which means that higher US inflation could be a negative the industry.
Cyber security technology is evolving fast, and some companies might not be able to switch to the new technology vectors. The Orion hack back in 2020 exposed SolarWinds and has caused a crisis at the company and in general this is one of the big tail-risk events for any cyber security company that one day your systems cannot prevent a big cyber attack on your customers’ systems. This could lead to loss of clients and ultimately a failure as a company.
Disclaimer
The Saxo Bank Group entities each provide execution-only service and access to Analysis permitting a person to view and/or use content available on or via the website. This content is not intended to and does not change or expand on the execution-only service. Such access and use are at all times subject to (i) The Terms of Use; (ii) Full Disclaimer; (iii) The Risk Warning; (iv) the Rules of Engagement and (v) Notices applying to Saxo News & Research and/or its content in addition (where relevant) to the terms governing the use of hyperlinks on the website of a member of the Saxo Bank Group by which access to Saxo News & Research is gained. Such content is therefore provided as no more than information. In particular no advice is intended to be provided or to be relied on as provided nor endorsed by any Saxo Bank Group entity; nor is it to be construed as solicitation or an incentive provided to subscribe for or sell or purchase any financial instrument. All trading or investments you make must be pursuant to your own unprompted and informed self-directed decision. As such no Saxo Bank Group entity will have or be liable for any losses that you may sustain as a result of any investment decision made in reliance on information which is available on Saxo News & Research or as a result of the use of the Saxo News & Research. Orders given and trades effected are deemed intended to be given or effected for the account of the customer with the Saxo Bank Group entity operating in the jurisdiction in which the customer resides and/or with whom the customer opened and maintains his/her trading account. Saxo News & Research does not contain (and should not be construed as containing) financial, investment, tax or trading advice or advice of any sort offered, recommended or endorsed by Saxo Bank Group and should not be construed as a record of our trading prices, or as an offer, incentive or solicitation for the subscription, sale or purchase in any financial instrument. To the extent that any content is construed as investment research, you must note and accept that the content was not intended to and has not been prepared in accordance with legal requirements designed to promote the independence of investment research and as such, would be considered as a marketing communication under relevant laws.
Please read our disclaimers:
- Notification on Non-Independent Investment Research (https://www.home.saxo/legal/niird/notification)
- Full disclaimer (https://www.home.saxo/en-gb/legal/disclaimer/saxo-disclaimer)