In 2012, the ever-evolving cyber security industry will not only rapidly shift its focus, but its growth, too.
This isn’t just because of a simple increase in business. The threat of a cyber attack has become something much different – and much more dangerous.
On the backs of these new types of attacks, the global cyber security industry is expected to grow an additional $7.2 billion in the next four years, according to projections from Gartner.
Not only does this include expanding security measures, but also redesigning old systems and dealing with new infrastructures as more data moves to “cloud” systems.
At the root of it all is the nature of this new cyber security threat that will reshape both cyber security as a technology and as a business.
The Advanced Persistent Threat
Cyber attacks used to cast a wide net to try to find valuable nuggets of data where available. Now they set their sights on one particular wealthy target and are sure to take it down. They’ve gone from catching tuna in a net, to spearfishing for prized marlin.
Appropriately titled “phishing,” the old cyber attack would blast out emails that appeared to be a bank requesting login information. Out of millions of emails, a few non-savvy users were duped and the cyber criminals would sell this information – mostly credit card numbers or other valuable pieces of data – to people who would then exploit it.
Now the top criminals use what’s called an “advanced persistent threat.” In this case, a valuable target is selected and its networks are penetrated through a variety of methods.
Once inside, while they remain undetected, these attacks siphon out as much important information as possible.
The most advanced cyber attack of this kind ever executed was the Stuxnet virus. It was specifically designed to infect every computer it was spread to, determine if the computer was connected to uranium-enrichment equipment inside Iran and, if so, cause it to damage itself. If that doesn’t seem “advanced” and “persistent,” I don’t know what does.
Stuxnet is an anomaly, a piece of engineering so amazing that experts believe it could only be done with “nation-state” support. The likely backers – the United States and Israel – have not, of course, admitted any involvement.
The complete opposite of nation-state support would be anonymous hacking groups, like the collective known only as “Anonymous”..
Aaron Barr, CEO of HBGary Federal – a technology security company – claimed he could track down the members of Anonymous. Embarrassingly for HBGary, the group responded by turning the tables. It hacked the email accounts of HBGary employees, took over the CEO’s Twitter account and posted tens of thousands of documents online, including very sensitive material about HBGary’s government contracts.
Of course, most attacks are less personal than profitable. Sony’s PlayStation Network, for example, was hacked last year, exposing 77 million credit card numbers and expiration dates, costing Sony at least $171 million and up to $1.25 billion in lost business.
A more ironic example can be found in the RSA Security breach. Its entire business is built around providing an unbreakable SecurID product that verifies a user’s identity online. But last year, RSA’s very own database was hacked. The hackers then had the information at their disposal to log in as an employee to one-fifth of Fortune 100 companies’ databases.
All this goes to show that big name companies that have invested millions on security – and even those whose very business is security – remain vulnerable, while the list of breaches grows longer and longer. Just ask Citibank or the Nasdaq Exchange, both were hacked last year, as well.
A Stronger Threat Means More Spending
These cases illustrate that the rise of the advanced persistent threats means a major shift in the business of cyber security.
Instead of merely needing a minimum level of security to prevent being an easy target – which is how it used to be – companies with valuable data now need to prepare for every possible contingency.
To imagine how this will effect spending on security, consider the difference between protecting your wallet from a pickpocket on the subway (where a single security fix should suffice) and securing a bank vault (where the number and kind of vulnerabilities is far more vast). On the one hand, the cost is feasibly low and limited, but on the other hand follows the rising sophistication of those trying to get in.
This means that if an organization wants thorough security protection, it better be willing to reach just deep into its pockets. And there are a few companies that stand to profit from these rising costs.
For starters, now that McAfee and ArcSight have been bought out, the remaining mega cap in cyber security is Symantec (Nasdaq: SYMC). The stock is a pretty safe way to play the growth of the industry overall, as it’s the first stock that comes to mind for investors looking to profit from cyber security.
It’s a quality stock and a quality company, yes, but keep in mind that it doesn’t stand to gain the most from the shift to advanced persistent threats. The company still generates 31% of its revenue from consumer software like its Norton Antivirus. Only 29% of revenue comes from its enterprise customers, and a significant portion of that is pre-packaged software for small to medium businesses. Still profitable, but not by any means a paragon of the new cyber security age.
For more growth, I like Sourcefire (Nasdaq: FIRE). The company developed SNORT, the completely free, open-source software for detecting network intrusion. This is more of a high-level network security than that offered by Symantec, and it appeals only to larger businesses that may actually be targeted for an advanced persistent threat.
On the back of the SNORT platform, Sourcefire develops real-time intrusion detection and prevention systems. It’s also a player in next-generation firewalls.
As such, sales have grown by greater than 25% for the last five years, and estimates suggest a further rise of 43% over the next two years. The stock’s not cheap, having just released great earnings numbers on Tuesday, but give it a week or two to cool down.
Bottom-line: Cyber security isn’t just a growing industry, it’s an industry about to pivot in a completely different direction. A direction that will ensure profits for years to come. And both Symantec and Sourcefire stand a great chance of catching the upside of the growing needs for protection against advanced persistent threats.