Investing in cyber security companies

Investing in cyber security companies
Investing in cyber security companies

Today, hackers lurk through computer networks, just as ancient hackers lurked in ships and convoys, so today there is an urgent need to protect data convoys from their exit to their landing. Hence the importance of information security and its branch specialized in cyber security, what is known as cyber security.

In this report, we will take an exploratory tour of the reality of cybersecurity around the world and address some of the concepts related to it and the great challenges and opportunities it faces now and in the future for companies operating in it, listed in the US stock markets.

Scope of information security and cybersecurity

Information security is concerned with preventing unauthorized access, use, disclosure, disruption, modification, examination, recording or destruction of traditional or electronic records, in order to ensure that information is available for use and prevent any unauthorized changes or modifications. These records include a number of basic data such as name, address and phone number, and financial information such as credit cards, bank accounts, real property and stock certificates, and others. The records also include executive orders for buying and selling operations and the transfer of funds and assets from one person to another.

As for cyber security, it is part of information security that is mainly concerned with electronic records, hardware and software, by creating an environment free of electronic attacks, intrusions, and impersonation. In general, the term cybersecurity appeared with the increasing use of the Internet, the proliferation of information, and the multiplicity and diversity of methods of saboteurs and intruders on the Internet.

Information technology and information security

Some estimates indicate that the volume of losses caused by cybercrime annually amounts to more than one trillion dollars, according to the “Hidden Costs of Cybercrime” report issued by the security and virus software company “McAfee”, and according to the “Cyber ​​Security” magazine, losses may exceed ten trillions of dollars by 2025.

The size of the cybersecurity market, according to the German statistics website “Statista”, is about $218 billion this year, and there are expectations for significant growth in this sector by 2030, with a cumulative annual growth rate of 11.6 percent, according to “Next Move” for strategic consultancy.

Therefore, many investors around the world are betting on the continuation of the attractiveness of the field of information security, especially cyber security, for many years to come.

The Kingdom excels in the field of cybersecurity

The Kingdom has been known for its interest in information security for many years, and about three years ago, the National Cyber ​​Security Authority was established to be the competent authority in the Kingdom in cybersecurity and the national reference in all matters related to cyber security and data and information protection. Among its most prominent competencies is the management of the national strategy for cybersecurity, including setting policies, mechanisms, frameworks, standards, controls and guidelines related to cybersecurity, circulating them to the relevant authorities, following up on compliance with them, and updating them.

According to the Global Cybersecurity Index monitored by the International Telecommunication Union, the Kingdom ranks second globally, equal to the United Kingdom of Britain. This indicator measures the maturity of each country in several areas related to cybersecurity, such as technical infrastructure, legislation, administrative regulations and awareness, among others.

The importance of cyber security in cloud computing

The importance of cybersecurity has increased after the emergence of cloud computing in the past few years, so that it has become relied upon by companies and individuals, and even some government agencies, as data centers in the electronic cloud have become an attractive alternative to traditional data centers, and thus many electronic services and related them from data to the electronic cloud. What increased the danger at the level of individuals is the reliance on storing personal data with an online storage service provider, where the data is stored on third-party servers for a fee or for free. Therefore, hackers and saboteurs, who are called “hackers”, are keen to target these servers, because they contain a lot of information. On the other hand, the entities that provide these services are keen to protect the data they have by using the best international methods and practices for information safety and security.

What we will discuss in this report includes companies that deal with cloud computing problems on the one hand, and on the other hand, companies that provide their solutions via the Internet, that is, through the “cloud”.

With the increase in the volume of data and the variety of ways to store and process it, it becomes more and more difficult to manage and control it. According to the “Cyber ​​Security” magazine, which specializes in cybersecurity, the volume of data stored in 2025 will reach 200 zettabytes, or 200 billion terabytes, which is roughly equivalent to the data of 200 billion personal computers. . There will be six billion people connected to the Internet interacting with data by next year, with about one million people joining the Internet on a daily basis.

The giant of information technology and networks, “Cisco”, also expects that by 2023 there will be three times the devices currently connected to the networks, including about a trillion electronic sensors – or electronic sensors – and after nearly 20 years, the size will reach 45 trillion electronic sensors, which means that there are There is an urgent need to pay more and deeper attention to the information security sector in the near future.

Hacks and ransomware

The reasons for hackers penetrating platforms and applications vary, from political reasons to see sensitive decisions or to cause panic in different sectors, as happens in the operations of attacking domain name providers that result in the downfall of a number of sites on the Internet. There are purely military and financial reasons through direct extortion, the so-called ransomware, which is expected to reach about three million attacks this year, and the ransom amounts to be paid will reach about $20 billion, compared to $11.5 billion in 2019, according to Cyber ​​Crime magazine.

The amount of money that was already transferred to ransomware criminals and disclosed by victims in 2020 amounted to about 370 million dollars, which is about 3.3 times what it was in 2019, according to Chainalysis, which specializes in analyzing the blockchains that run cryptocurrencies. These are only the official numbers announced and do not include other payment methods outside cryptocurrencies, and do not include payments made in secret, in order to preserve the reputation of the entity or individual. According to Coveware, the average ransom paid in the first quarter of 2021 was about $212,000, 43 percent higher than the previous quarter!

The activities of cyber security companies

Cybersecurity companies differ in terms of the role they play in protecting against cybercrime on the Internet, and we can divide them according to the following classifications:

Cloud computing security companies: These are companies that provide their solutions through cloud computing, as well as have solutions that protect programs and data stored in third parties from deletion, leakage, or theft, and the service is provided through a combination of applications, firewalls, and controls called VPN, and there are many Examples of these companies include: CRWD, ZS, DDOG, PLTR, NET, PANW.

Electronic identity management companies: These companies work to manage identity and grant access to user networks, devices and a range of cloud applications in a specific context, through smart cards, fingerprint or passwords, and among these companies: OKTA, EFX, INVE, PING, FORG .

Traditional information security companies These companies specialize in protecting personal devices against viruses and intrusions or those specialized in protecting traditional data centers, and they aim to monitor, identify and prevent unauthorized access or misuse of computer networks, such as: FTNT, FFIV, JNPR, CSCO, MCFE, NLOK.

Threat and Breach Detection Companies: These companies specialize in providing data analysis and performance monitoring solutions to detect any potential threat or abuse, including: SPLK, SUMO, VMW, CTXS.

Major companies have cyber security solutions

There are large, well-established companies working in many fields, but they also have solutions in the field of information security and cybersecurity, and these companies often have achieved great successes in their main field of business, and then after the emergence of specialized small companies that begin to acquire significant market shares, then These major companies begin to enter the field themselves, and these companies are: IBM, MSFT, CSCO.

Selected cyber security companies

In the table “The most important cybersecurity companies”, ten distinguished companies were selected, some of which are making profits and some are still in the construction stages, but all of them have great growth in revenues, and they have a great and promising future ahead of them.

NLOK – American company and owner of one of the most popular antivirus software (Norton), is a leader in consumer electronic safety with more than 80 million customers in 150 countries. According to the company, the company was able to block more than 900 million threats in 100 days and 23 million phishing attempts per month, in addition to 18 million malware blocks. The company recorded revenues of $686 million in the second quarter of this year, which is $14 million higher than the previous quarter.

FTNT – US company for security and security software in diverse networks including firewalls, anti-malware and anti-spam, and has a new strategic alliance with Linksys to deliver business protection solutions when working from home, has a market value of about $ 50 billion, and has grown annual sales 100% in the past four years, and employs more than nine thousand employees.

QLYS – an American company for cloud services and information security, according to the company, has more than 19,000 customers in 190 countries to support digital transformation, and since last August, the company began acquiring Total Cloud, a provider of automation without the need to write any software, and works for the company More than 1,600 employees, a market capitalization of $4.6 billion.

CRWD – An American company that provides various cloud security solutions and has 19 cloud modules on its Falcon platform to cover different cybersecurity markets. Its market value is about 60 billion dollars and it has more than four thousand employees. The company was able to achieve high revenues in its second quarter during 2021, which amounted to 338 million dollars, and despite that the company is still recording operating losses.

ZS – An American cloud security company responsible for securing more than 400 Forbes Global 2000 companies, including Germany’s Siemens, and the company’s solutions protect more than one million people across the UK’s National Health Service, and the 1.2 million-user Carolina Education Network It owns more than 150 data centers with clients in 185 countries, and has a market capitalization of nearly $38 billion.

NET – An American company that provides a suite of integrated cloud-based security solutions to protect platforms including public cloud, private cloud, on-premises applications, SaaS applications, IoT devices, and more. It has a market capitalization of $42 billion, has high revenue growth, has a quarterly growth rate of 53 percent year-on-year, and has more than 2,000 employees.

PANW – An American cybersecurity solutions company with more than 85,000 customers in 150 countries, a market capitalization of $46 billion, more than ten thousand employees, provides hardware and software for firewalls, both in public and private clouds, and provides subscription services that cover areas of Prevent threats and malware in computers and mobile devices.

CYBR – An American information security company that provides protection services to more than 5,000 customers in the financial, energy, retail, healthcare, and government markets. The company has a market capitalization of $6.6 billion and employs approximately 1,700 employees.

Okta is an American identity management company for enterprises, small and medium businesses, universities, nonprofits, and government agencies. The company serves more than 13,000 customers, has 4,000 employees, has a market capitalization of $40 billion, and was formerly known as Saasure.

Another important company is SPLK. This company has very unique solutions. Its closest competitor, SUMO, offers tools and software that specializes in real-time data search and gives useful clues to cybersecurity professionals. In four years, its revenue rose more than 100 percent, but it still posted quarterly losses due to its rapid growth, and its market value is about $25 billion.

Investing with ETFs

There are three exchange-traded funds specialized in cybersecurity, the benefit of which is that they eliminate the process of selecting companies separately, and reduce the risk to the investor. There is an index on the Nasdaq Stock Exchange that monitors companies operating in the cybersecurity sector in the technology and industrial sectors, and these funds mimic the performance of this index, or others.

The largest of these funds, CIBR, which has a specific method for selecting cybersecurity companies among its components, has an average daily trading volume of about 850,000 shares, and manages assets of $5.3 billion, and the administrative costs are $60 per ten thousand investments.

The other fund, HACK, is slightly smaller, with $2.4 billion in assets under management, and it is the first fund to specialize in cybersecurity companies and to own well-known companies such as Cisco, Akamai and Qualys.

Finally, the BUG Fund manages $ 875 million in assets, which was established two years ago and its price rose nearly three times the levels of Corona’s bottom in March 2020, and it specializes in companies to protect against attacks and intrusions, and it follows in its performance the performance of the Indxx Cybersecurity Index.


This report is a survey of the activities of information security companies, and the focus here is on cybersecurity companies, which is the part of information security concerned with protecting devices and data on the Internet. We also touched on the fact that the Kingdom of Saudi Arabia is very advanced in this field, as the International Federation ranks it second in the world.

Cyber ​​security companies were classified in specific areas, and ten distinguished companies were reviewed in this field, which are suitable for investors in the medium and long term.

For Latest Updates Follow us on Google News

PREV Oil prices continue to rise .. and US crude is at its highest level since 2014
NEXT Google Cloud and Thales agree to develop cloud computing services in France