My core investment philosophy for long-term positions is to select the strongest companies within sustainable industries that I believe will outperform the greater market. IT Security is one such industry with increasing demand that will not decline unless every competent hacker across the globe agrees to end their malicious attacks against corporations and governments. As our society continues moving toward the "Data Age," the need to protect everything from credit cards to Social Security numbers should be a top priority for every organization.
Over the past fifteen or so years, there has been a steady increase in the number of malicious attacks or hacks against users. While some hacks are simple in nature such as a Nigerian prince asking for money or a phishing e-mail baiting you to click on the link, hacking has become extremely sophisticated in recent years. For the sake of simplicity, an entity with threat detection software could be likened to a medieval castle. With multiple layers of defense, advancing armies or intruders would have to cross a moat, climb or break through the outer walls, and navigate within the inner walls and chambers to find the object or person that is sought after. The alternative would be to find a secret door that leads straight to the goal in mind, bypassing all obstacles.
Network defense systems and threat detection software use many of the same tactics with multiple firewalls, baiting hackers to false locations within the network, and complex inner workings that make it difficult to discern where the data being sought after is located. However, many networks do exist with the secret door or security bypasses enabling hackers to extract information. Also, hackers are able to adapt and many are successful in their aim to obtain confidential information evidenced by recent news reports just in the past two weeks:
- Russian gang steals 1.2 billion passwords
- Hospital patient data stolen
- Home Depot data breach
- Celebrity pictures "#HackGate"
In short, companies possess data that groups or individuals would go to extreme lengths to obtain, despite the illegality, which makes the addressable market for IT Security virtually every company, government entity, and organization across the globe.
One comparison of IT Security would be purchasing a life insurance policy. While the odds of the policy being enacted are extremely slim, I would assume that an overwhelming majority of readers have purchased life insurance in order to ensure the well-being of their family or loved ones. In IT Security, the odds that your specific organization is targeted is low as well, but executives want to be able to sleep at night knowing that they are protected, so they are not the next "Target."
The qualitative aspects and societal trends suggesting that the cyber security space will grow rapidly as the need for data protection increases is included in many market reports. Infiniti Research suggests that cyber security spending will grow annually at just under 12% through 2018, while a report from Markets and Markets shows the industry exceeding $150B by 2019. Spending by the US Federal Government alone will top billions as many believe cyberspace could very well be the next battlefront. While forecasts somewhat differ from a CAGR from 9% to 14%, it is hard to argue against the proposition that IT security spending will be increasing at a fast rate.
FireEye is my personal favorite within the IT Security industry, as I have outlined both here and here. With a superior product to competitors, I believe FEYE will capitalize on the growth of the industry as a whole and steadily increase its market share. FEYE has recovered nicely over the past week where it tested its 52-week low on news of the Home Depot data breach which catapulted the entire industry. As I outlined in my update article, I used this dip to lower my cost-basis to $31/share.
My eighteen-month price target using DCF analysis is ~$46 suggesting 30-35% upside. Analyst price targets range anywhere from $37 to $50, with a majority recommending buy/overweight positions and none recommending a sell/underweight. While investors must pay a fairly high multiple considering FEYE is not currently profitable, the asymmetrical risk/reward makes for a compelling investment as the possibility of being acquired provides downside protection.
Palo Alto Networks (PANW)
On a qualitative aspect, PANW is my second favorite company offering a strong platform and high retention rate among clients while operating as a slightly more mature company compared to FEYE. However, my DCF suggests a price target of $88, resulting in minimal upside at current price levels as PANW closed at $89.74. While I would re-evaluate on any dip, I am currently not a buyer.
Two other companies I plan to evaluate in the upcoming weeks are Fortinet (NASDAQ:FTNT) and Barracuda Networks (NYSE:CUDA). Both companies have relatively smaller market caps compared to both FEYE and PANW, but offer an intriguing platform. As of my very preliminary analysis, CUDA seems to be one that might be fairly undervalued by the market.
The IT security space should provide ample opportunities to profit over the coming years as the industry as a whole grows at a fairly rapid clip. Accurately predicting the best performers would only be icing on the cake. I suggest purchasing shares of FEYE at current price levels in the low-$30s and evaluating PANW on any major dips.
Disclosure: The author is long FEYE. The author wrote this article themselves, and it expresses their own opinions. The author is not receiving compensation for it (other than from Seeking Alpha). The author has no business relationship with any company whose stock is mentioned in this article.