Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
>>> Palantir Buys Gold as Hedge Against ‘Black Swan Event’
by Lizette Chapman
August 18, 2021
https://finance.yahoo.com/news/palantir-buys-gold-bars-hedge-175654233.html
(Bloomberg) -- Palantir Technologies Inc. said it’s preparing for another “black swan event” by stockpiling gold bars.
The company spent $50.7 million this month on gold, part of an unusual investment strategy that also includes startups, blank-check companies and possibly Bitcoin.
Palantir had previously said it would accept Bitcoin as a form of payment. A spokeswoman for Palantir said no one has yet done so.
Embracing nontraditional currencies “reflects more of a worldview,” Shyam Sankar, the chief operating officer, said in an interview. “You have to be prepared for a future with more black swan events.”
The gold purchase was buried in a securities filing last week for its quarterly financial results and reported earlier this week by Barron’s.
Palantir’s 100-ounce gold bars will be kept in a secure location in the northeastern U.S., according to the filing. “The company is able to take physical possession of the gold bars stored at the facility at any time with reasonable notice,” Palantir wrote.
Palantir, co-founded by the technology billionaire Peter Thiel and Chief Executive Officer Alex Karp, makes software used by governments and businesses. It fashions itself as a company of free thinkers. Palantir relocated to Denver last year and mocked its peers in Silicon Valley on the way out. In the interview, Sankar compared Palantir’s culture with an “artist colony,” rather than a tech company churning out software on an assembly line.
Governments have strongly embraced Palantir software to help them make sense of the coronavirus pandemic, the current so-called black swan, a random and unpredictable event.
The company has some $2.3 billion in cash and is exploring creative uses for that money. Palantir said in May that it was considering investing in Bitcoin. And it’s taking stakes in startups that are customers of Palantir software, an approach that helped buoy sales results in the second quarter.
<<<
>>> ETF Explainer: BUG
ETF.com
August 01, 2021
by Heather Bell
https://www.etf.com/publications/etfr/etf-explainer-bug
Each month, we look at an ETF selected by ETF.com based on its performance and importance to investors. This month, we consider the performance of the $552 million Global X Cybersecurity ETF (BUG), a thematic fund covering the cybersecurity space. All the companies mentioned below are holdings in BUG, unless otherwise noted (*).
JUL 8 Zscaler shares jump more than 6% on positive comments and upgrades by analysts. The company’s stock rises more than 18% during the month.
AUG 10 CrowdStrike’s stock price plunges along with other Nasdaq-listed technology stocks over multiple trading days.
DEC 22 Several Fortune 500 companies report being hit by the SolarWinds hack, leading to boosts in share price for Check Point Software Technologies and CyberArk.
FEB 5 A South Korea lawmaker claims Pfizer computers in the country were breached by North Korea hackers seeking to steal COVID-19 vaccine data, sending cybersecurity stocks into a sell-off.
MAR 10 Fortinet stock rises after it makes strong projections exceeding Wall Street estimates during its investor day.
MAY 11 NortonLifeLock notches record revenues and profits in its 4Q earnings report, and announces a $1.5 billion share buyback program, boosting the share price 20% over the next three days.
<<<
>>> Israeli Firm’s Spyware Found on Phones Worldwide, Post Says
Bloomberg
By Yueqi Yang
July 18, 2021
https://www.bloomberg.com/news/articles/2021-07-18/israeli-firm-s-spyware-found-on-phones-worldwide-post-says?srnd=premium
Investigation shows phones of journalists, activists targeted
NSO Group denies findings, calls them exaggerated and baseless
Israeli company NSO Group Ltd.’s Pegasus spyware was used in attempted and successful hacks of 37 smartphones belonging to journalists, activists and business executives worldwide, according to an investigation by The Washington Post and its media partners.
Among the findings is that the spyware was used to target the smartphones of both the wife and the fiancee of murdered Saudi columnist Jamal Khashoggi. Their phone numbers appeared on a list of more than 50,000 numbers, which the consortium said were possible targets for surveillance by governments using Pegasus.
Also on the list are phone numbers of overseas journalists for news organizations, including CNN, the Associated Press, Voice of America, the New York Times, the Wall Street Journal, Bloomberg News, Le Monde in France, the Financial Times and Al Jazeera in Qatar.
“The sort of surveillance being reported is an appalling violation of press freedoms and we strongly condemn it,” said a Bloomberg News spokesperson.
The media consortium, led by the Paris-based not-for-profit Forbidden Stories, said it was revealing evidence extracted from the phones through digital forensic analysis by Amnesty International’s security lab.
Pegasus, sold to select governments and law enforcement agencies, can hack into mobile phones through a link and secretly record emails, calls and text messages. In some cases, it can activate itself without the victim clicking on the link, the Post said. It’s unknown how many of the phones on the list were targeted or surveilled, the Post said.
In response to the consortium, NSO denied that its technology was used against Khashoggi and said the investigation contained flawed assumptions and factual errors.
Last month, NSO Group published its first annual “Transparency and Responsibility Report,” which said its products have been used by states to thwart major terrorist attacks and dismantle drug trafficking rings.
More findings from the investigation will be rolled out in the next three days, the Post said.
<<<
Okta - >>> 3 Growth Stocks for the Next 10 Years and Beyond
Fast-growing businesses with plenty more growth to come.
Motley Fool
by Rich Duprey
Jul 13, 2021
https://www.fool.com/investing/2021/07/13/3-growth-stocks-for-the-next-10-years-and-beyond/
Fastly's outage dovetails nicely with the next stock, cybersecurity expert Okta (NASDAQ:OKTA), which offers cloud-based identity verification solutions by providing tools for controlling access to corporate networks.
Much like CDN is necessary for businesses delivering the content to end users, the nature of cloud-based data makes securing it even more important. Using artificial intelligence for systems that are based in the cloud, Okta is able to quickly offer security solutions in excruciatingly granular detail that grow increasingly adept at identifying threats to a network. But perhaps more important is that as its customers grow in size, Okta's technology can scale upwards as well.
And Okta's business is scaling up, too. With over 10,000 customers worldwide, revenue for the first quarter of fiscal year 2022 jumped 37% from last year while subscription revenue grew fast at 38%. That recurring revenue stream will eventually enable this cybersecurity stock to turn profitable.
Yes, Okta is currently posting losses, and forecasts it will continue to do so for at least the coming year, but with an $80 billion total addressable market, it will be able to grow into profits while providing investors remarkable returns for the next decade or more.
<<<
>>> Microsoft Is Said to Be Buying Cybersecurity Company RiskIQ
Software giant said to pay more than $500 million in cash for the San Francisco company
Bloomberg
By Katie Roof and Dina Bass
July 11, 2021
https://www.bloomberg.com/news/articles/2021-07-11/microsoft-is-said-to-be-buying-cybersecurity-company-riskiq?srnd=premium
Microsoft Corp. has agreed to acquire RiskIQ, a security software maker, as the tech giant tries to expand its products and better protect customers amid a rising tide of global cyberattacks, according to people familiar with the matter.
The deal will be announced as soon as the next few days, said the people, who asked not to be identified speaking about an acquisition that isn’t yet public. Microsoft will pay more than $500 million in cash for the company, one of the people said.
San Francisco-based RiskIQ makes cloud software for detecting security threats, helping clients understand where and how they can be attacked on complex webs of corporate networks and devices. Its customers include Facebook Inc., BMW AG, American Express Co. and the U.S. Postal Service, according to the company’s web site.
Known for its annual report on security called the “Evil Internet Minute,” RiskIQ has raised $83 million from firms like Summit Partners and Battery Ventures, according to Crunchbase. It was founded in 2009.
A spokesman for Microsoft declined to comment and RiskIQ didn't immediately respond to a request for comment.
Microsoft has been adding security features to products like Windows and its Azure cloud services to protect individual machines and detect attacks on networks. The company has also added personnel who probe Microsoft’s own products for vulnerabilities, help clients clean up after a cyberattack, and runs a lab called the Microsoft Threat Intelligence Center that closely tracks nation-state hackers.
The software maker has also acquired several companies to expand its security capabilities. Last month, Microsoft bought ReFirm Labs, a maker of technology to secure Internet of Things devices, for an undisclosed amount. In a blog post announcing the deal, the company said it has 3,500 employees working on security at Microsoft and a mission to help protect customers “from the chip to the cloud.”
Microsoft and the rest of the U.S. technology industry, as well as companies and government agencies, have also spent the past eight months grappling with a series of damaging and widespread cyberattacks.
This month, hackers launched a mass ransomware attack that exploited multiple previously unknown vulnerabilities in IT management software made by Kaseya Ltd. In March, hackers linked to China used flaws in the code of Microsoft Exchange to break into tens of thousands of organizations, and in an attack disclosed in December, suspected Russian hackers compromised popular software from Texas-based firm SolarWinds Corp., inserting malicious code into updates for SolarWinds software.
<<<
>>> Massive Ransomware Attack May Impact Thousands of Victims
Bloomberg
By William Turton and Jennifer Jacobs
July 3, 2021
https://www.bloomberg.com/news/articles/2021-07-03/number-of-victims-continues-to-grow-in-massive-ransomware-attack?srnd=premium
Russia-linked REvil accused of hack weeks after Biden warning
Biden orders a ‘deep dive,’ says not sure yet on Russian link
Just weeks after President Joe Biden implored Vladimir Putin to curb cyber crime, a notorious, Russia-linked ransomware gang has been accused of pulling off an audacious attack on the global software supply chain.
REvil, the group blamed for the May 30 ransomware attack of meatpacking giant JBS SA, is believed to be behind hacks on at least 20 managed-service providers, which provide IT services to small- and medium-sized businesses. More than 1,000 businesses have already been impacted, a figure that’s expected to grow, according to the cybersecurity firm Huntress Labs Inc.
“Based on a combination of the service providers reaching out to us for assistance along with the comments we’re seeing in the thread we are tracking on our Reddit, it’s reasonable to think this could potentially be impacting thousands of small businesses,” according to John Hammond, a cybersecurity researcher at Huntress Labs.
Biden said he had ordered a “deep dive” by U.S. intelligence officials on what happened in the attacks. At this point, he said “we’re not sure” that Russia is behind them.
“I directed the intelligence community to give me a deep dive on what’s happened and I’ll know better tomorrow,” Biden said, recalling that he told Putin during their meeting in June that the U.S. would respond to cyber transgressions. He added that he hasn’t called the Russian president about the latest case.
Biden Says ‘Not Sure’ If Russia Is Behind Latest Cyberattack
“We’re not sure it’s the Russians,” he said. “The initial thinking was, it was not Russian government, but we’re not sure yet.”
Attacking MSPs is a particularly devious method of hacking, since it may allow the attackers to then infiltrate their customers as well. Hammond said more than 20 MSPs have been affected so far.
In Sweden, most of grocery chain Coop’s more than 800 stores couldn’t open on Saturday after the attack led to a malfunction of their cash registers, spokesperson Therese Knapp told Bloomberg News.
There are victims in 17 countries so far, including the U.K., South Africa, Canada, Argentina, Mexico and Spain, according to Aryeh Goretsky, a distinguished researcher at cybersecurity firm ESET.
The ransomware attack is the latest in a string of devastating hacks in recent months, making cybersecurity an increasingly pressing national security issue for the Biden administration. At a summit on June 16, Biden warned Russian President Putin that 16 types of critical infrastructure -- including food and agriculture, emergency services and health care -- were off limits to future attacks. It’s not yet known if the U.S. victims of the latest ransomware attack fell within those sectors.
A software supply chain attack revealed in December included nine U.S. agencies and about 100 businesses as victims. Russian-state sponsored hackers were accused of the attack, where hackers implanted malicious code in updates for popular software for SolarWinds Corp. Customers who downloaded the updates inadvertently created a backdoor that the hackers could then exploit. It was particularly sophisticated and highlighted the terrifying potential of supply-chain hacks.
More recently, ransomware attacks on Colonial Pipeline Co., the operator of the nation’s largest fuel pipeline, and JBS have revealed gaping security vulnerabilities in crucial U.S. businesses. Both Colonial and JBS paid the hackers millions of dollars. The hackers behind the Colonial attack, a group called DarkSide, have also been tied to Russia.
Friday’s attack appears to combine a supply-chain attack with ransomware, vastly increasing the number of potential victims and presumably, the payout. Ransomware is a type of attack in which hackers encrypt computer files and then demand payment to unlock them.
Among the companies targeted was Kaseya Ltd., a Miami-based developer of software for managed service providers, as a way to attack its customers, according to cybersecurity experts.
“What makes this attack stand out is the trickle-down effect, from the managed service provider to the small business,” Hammond said. “Kaseya handles large enterprise all the way to small businesses globally, so ultimately, it has the potential to spread to any size or scale business.”
In a statement, Kaseya said it has notified the FBI. The company said it had so far identified less than 40 customers that were impacted by the attack.
Allan Liska, a senior threat analyst at cybersecurity firm Recorded Future Inc., said REvil was behind the attacks.
Eric Goldstein, the executive assistant director for cybersecurity at the U.S. Cybersecurity and Infrastructure Security Agency said the group is closely monitoring this situation.
“We are working with Kaseya and coordinating with the FBI to conduct outreach to possibly impacted victims,” he said in a statement. “We encourage all who might be affected to employ the recommended mitigations and for users to follow Kaseya’s guidance to shut down VSA servers immediately. As always, we stand ready to assist any impacted entities.”
Two of the affected MSPs include Synnex Corp. and Avtex LLC, according to two people familiar with the breaches. Avtex President George Demou told Bloomberg News in a text message on Friday night, “Hundreds of MSPs have been impacted by what appears to be a Global Supply Chain hack.”
“We are working with those customers who have been impacted to help them to recover,” he added.
A Synnex spokesperson didn’t immediately respond to requests for comment. The Republican National Committee said it was alerted that its vendor Synnex may have been affected.
“Today, Microsoft informed us that one of our vendors, Synnex, systems may have been exposed,” said Mike Reed, a spokesman for the RNC. “There is no indication the RNC was hacked or any RNC information was stolen. We are investigating the matter and have informed DHS and the FBI.”
<<<
Cyber Polygon is next week (July 9) -
https://www.weforum.org/projects/cyber-polygon
>>> World Economic Forum
Cyber Polygon
This project is part of the World Economic Forum’s Centre for Cybersecurity Platform
Digitalisation is accelerating everywhere. New digital ecosystems are forming all around us, creating unnoticed linkages across services and supply chains.
As the world grows more interconnected, the speed of development makes it difficult to assess the impact of change.
A secure approach to digital development today will determine the shape of our future for decades to come. Having the right skills in place is key to protecting organisations from attack now.
What is Cyber Polygon?
Cyber Polygon is a unique cybersecurity event that combines the world's largest technical training exercise for corporate teams and an online conference featuring senior officials from international organisations and leading corporations.
The 2021 conference discusses the key risks of digitalisation and best practice for the secure development of digital ecosystems.
The 2021 technical exercise builds and tests the skills needed to protect our industries, centering on a targeted supply-chain attack.
Every year, the training brings together a global businesses and government agencies to collaborate on technical exercises. The live stream draws in millions of spectators from across the world.
2020 results
120 teams from 29 countries took part in the technical cybersecurity training in 2020. The live stream viewership reached 5 million from 57 nations.
A comprehensive report with detailed results of Cyber Polygon 2020 is available here.
Cyber Polygon in 2021
This year discussions during the live-streamed conference will centre on secure development of ecosystems. With global digitalisation further accelerating and people, companies, and countries becoming ever more interconnected, security of every single element of a supply-chain is key to ensuring the sustainability of the whole system.
During the technical exercise, participants will hone their practical skills in mitigating a targeted supply chain attack on a corporate ecosystem in real time.
The event will be held online on July 9th. Applications from organisations wishing to join the training are open. See further details on the official website.
<<<
Cyber Polygon - World Economic Forum (WEF) -
https://www.weforum.org/projects/cyber-polygon
Cyber Polygon
This project is part of the World Economic Forum’s Centre for Cybersecurity Platform
Digitalisation is accelerating everywhere. New digital ecosystems are forming all around us, creating unnoticed linkages across services and supply chains.
As the world grows more interconnected, the speed of development makes it difficult to assess the impact of change.
A secure approach to digital development today will determine the shape of our future for decades to come. Having the right skills in place is key to protecting organisations from attack now.
What is Cyber Polygon?
Cyber Polygon is a unique cybersecurity event that combines the world's largest technical training exercise for corporate teams and an online conference featuring senior officials from international organisations and leading corporations.
The 2021 conference discusses the key risks of digitalisation and best practice for the secure development of digital ecosystems.
The 2021 technical exercise builds and tests the skills needed to protect our industries, centering on a targeted supply-chain attack.
Every year, the training brings together a global businesses and government agencies to collaborate on technical exercises. The live stream draws in millions of spectators from across the world.
2020 results
120 teams from 29 countries took part in the technical cybersecurity training in 2020. The live stream viewership reached 5 million from 57 nations.
A comprehensive report with detailed results of Cyber Polygon 2020 is available here.
Cyber Polygon in 2021
This year discussions during the live-streamed conference will centre on secure development of ecosystems. With global digitalisation further accelerating and people, companies, and countries becoming ever more interconnected, security of every single element of a supply-chain is key to ensuring the sustainability of the whole system.
During the technical exercise, participants will hone their practical skills in mitigating a targeted supply chain attack on a corporate ecosystem in real time.
The event will be held online on July 9th. Applications from organisations wishing to join the training are open. See further details on the official website.
<<<
>>> Recorded Future is a privately held cybersecurity company founded in 2009 with headquarters in Somerville, Massachusetts. The company specializes in the collection, processing, analysis, and dissemination of threat intelligence. Recorded Future uses patented machine learning and natural language processing methods to continuously collect and organize data from open web, dark web, and technical sources. The resulting information is displayed within a software-as-a-service portal. <<<
>>> Varonis Systems, Inc. (VRNS) provides software products and services that allow enterprises to manage, analyze, and secure enterprise data in North America, Europe, the Middle East, Africa, and internationally. Its software enables enterprises to protect data stored on premises and in the cloud, including sensitive files and emails; confidential personal data belonging to customers, and patients and employees' data; financial records; strategic and product plans; and other intellectual property. The company offers DatAdvantage that captures, aggregates, normalizes, and analyzes every data access event for users on Windows and UNIX/Linux servers, storage devices, email systems, and Intranet servers; and DatAlert that profiles users and their behaviors related to systems and data, detects and alerts on deviations that indicate compromise, and provides a Web-based dashboard and investigative interface. It also provides Data Classification Engine that identifies and tags data based on criteria set in various metadata dimensions, and provides business and information technology (IT) personnel with actionable intelligence about data; and DataPrivilege, which provides a self-service Web portal that allows users to request access to data necessary for their business functions, and owners to grant access without IT intervention. In addition, the company offers Data Transport Engine, which provides an execution engine that unifies the manipulation of data and metadata, translating business decisions, and instructions into technical commands, such as data migration or archiving; and DatAnswers that offers search functionality for enterprise data. It sells its products and services through a network of distributors and resellers. The company serves IT, security, and business personnel. Varonis Systems, Inc. was incorporated in 2004 and is headquartered in New York, New York.
<<<
>>> Return of the Darkside: Analysis of a Large-Scale Data Theft Campaign
INCIDENT RESPONSE, THREAT DETECTION, THREAT RESEARCH
Inside Out Security Blog » Cybersecurity News » Threat Research » Return of the Darkside: Analysis of a Large-Scale Data Theft Campaign
BY Snir Ben Shimol
UPDATED: 3/18/2021
https://www.varonis.com/blog/darkside-ransomware/
Our team has recently led several high-profile investigations of attacks attributed to an up-and-coming cybercrime group, Darkside. These highly targeted campaigns were conducted in several phases over weeks or months, ultimately targeting theft and encryption of sensitive data, including backups. In this technical blog post, we will review the tactics, techniques, and procedures (TTPs) we’ve observed.
About Darkside, inc.
The Darkside ransomware group announced their RaaS (Ransomware-as-a-Service) in August of 2020 via a “press release.” Since then, they have become known for their professional operations and large ransoms. They provide web chat support to victims, build intricate data leak storage systems with redundancy, and perform financial analysis of victims prior to attacking.
Want to learn ransomware basics and earn a CPE credit? Try our free course.
“In just one hour, I’ll teach you the fundamentals of Ransomware and what you can do to protect and prepare for it.”
The group’s name, Darkside, evokes the image of a good guy (or gal) that has turned from the light. While we can’t conclude that the group is comprised of former IT security professionals, their attacks reveal a deep knowledge of their victims’ infrastructure, security technologies, and weaknesses.
They have publicly stated that they prefer not to attack hospitals, schools, non-profits, and governments, but rather big organizations that can afford to pay large ransoms.
Our reverse engineering revealed that Darkside’s malware will check device language settings to ensure they don’t attack Russia-based organizations. They have also answered questions on Q&A forums in Russian and are actively recruiting Russian-speaking partners.
The group has both Windows and Linux toolsets. Much like NetWalker and REvil, Darkside has an affiliate program that offers anyone who helps spread their malware 10-25% of the payout.
Anatomy of an Attack
The Darkside ransomware attack campaigns stood out for their use of stealthy techniques, especially in the early stages. The group performed careful reconnaissance and took steps to ensure that their attack tools and techniques would evade detection on monitored devices and endpoints.
While their initial entry vectors vary, their techniques are more standardized once inside, and their endgame is coldly efficient.
Stealth tactics include:
Command and control over TOR
Avoiding nodes where EDR is running
Waiting periods & saving noisier actions for later stages
Customized code and connection hosts for each victim
Obfuscation techniques like encoding and dynamic library loading
Anti-forensics techniques like deleting log files
During the later stages of their attack sequence, they:
Harvest credentials stored in files, in memory, and on domain controllers
Utilize file shares to distribute attack tools and store file archives
Relax permissions on file shares for easy harvesting
Delete backups, including shadow copies
Deploy customized ransomware
Initial Access: Finding the Weak Link
Darkside ransomware gained initial entry through weak links – remotely exploitable accounts and systems.
We observed Darkside use compromised contractor accounts to access Virtual Desktop Infrastructure (VDI) that had been put in place to facilitate remote access during the pandemic. Though, contractor accounts did not.
We also observed them exploit servers, and then quickly deploy an additional RDP that would preserve access should the vulnerable server be patched.
While neither of these vectors is novel, they should serve as a warning that sophisticated threat actors are easily bypassing perimeter defenses. They illustrate the need for multi-factor authentication on all internet-facing accounts and rapid patching of internet-facing systems.
Command and Control
The Darkside ransomware attackers established command and control primarily with an RDP client running over port 443, routed through TOR. After installing a Tor browser, they modified its configuration to run as a persistent service, redirecting traffic sent to a local (dynamic) port through TOR via HTTPS over port 443, so it would be indistinguishable from normal web traffic. These connections were persistent, so the attackers could establish RDP sessions to and through the compromised hosts, facilitating lateral movement.
We found traces of TOR clients across many servers and observed dozens of active TOR connections.
The attackers used Cobalt Strike as a secondary command and control mechanism. We observed dozens of customized stagers that downloaded customized beacons that connected to specific servers. The stagers (named file.exe) were deployed remotely on specific targeted devices using WinRM, each one configured differently. Cobalt-Strike stagers established connections to a dedicated C2 server to download the Cobalt Strike Beacon.
Threat actors commonly use only a few C2 servers per victim, but Darkside configured each beacon to connect to a different C2 server with a different user agent. This would indicate that Darkside operates a large, well-established attack infrastructure.
The stagers and TOR executables were stored in network shares for easy distribution. The actors avoided installing backdoors on systems monitored by EDR solutions.
Detection of the beacon being downloaded into a compromised server
We observed the threat actors log into the Virtual Desktop environment with many accounts, sometimes concurrently. Each time the threat actor logged on, .lnk files were created in the compromised user’s home folders. The .lnk file activity helped determine which accounts and VDI environments had been compromised and when each account was used in the attack.
Recon and Credential Harvesting
Darkside ransomware is known for living off the land (LOtL), but we observed them to scan networks, run commands, dump processes, and steal credentials. Like the command and control code, the attack tools were also executed on hosts that had minimal detection and blocking capabilities. Well-known tools included advanced_ip_scanner.exe, psexec, Mimikatz, and more.
From the initial set of compromised hosts, ticket requests, and NTLM connections to gain access to additional systems and accounts. After a waiting period, the actor used an Active Directory reconnaissance tool (ADRecon.ps1) to gather additional information about users, groups, and privilege, storing results in a file called, DC.txt. Each of their attack tools was deleted after use. The attacker temporarily stored the recon results and credential information on a very active windows server. Interesting file names written and deleted on the server included: Typed_history.zip, Appdata.zip, IE_Passwords.zip, AD_intel, and ProcessExplorer.zip.
In addition to credential harvesting, the attacker mined credentials from User profile folders, including:
Users\<user name>\Appdata\[Roaming\Local]\Microsoft [Credentials\Vault]
Users\<user name>\Appdata\Roaming\Mozilla\Firefox\Profiles
Users\<user name>\\Appdata\Local\Google\Chrome
The threat actor used Invoke-mimikatXz.ps1 to extract credentials from unmonitored servers and stored them in a file called “dump.txt.” This operation was performed on a high-value target with minimal detective capabilities.
Once the attacker obtained domain admin credentials, accessed domain controllers. In later stages they performed the well-known DCSync attack, where the attacker pretends to be a legitimate domain controller and utilizes the Directory Replication Service to replicate AD information, gaining access to password data for the entire domain, including the KRBTGT HASH.
Data Collection and Staging
The active Windows server also served as a hub to store data before exfiltration. Data was mined from hundreds of servers with a batch routine (dump.bat) located in \Desktop\Dump, writing files to the same location, compressing them into 7zip archives with a simple naming convention, *.7z.[001]-[999].
Though they had accumulated elevated privileges, we observed the attacker relax the permissions on file systems, opening them up so that they could access the files with any domain user account. The batch file, target data, and the archives were deleted by the attackers within hours of collection
Encryption
Darkside doesn’t deploy ransomware until they’ve mapped the environment, exfiltrated interesting data, gained control of privileged accounts, and identified all backup systems, servers, and applications. We observed several connections to primary backup repositories using compromised services accounts shortly before encryption. By holding off on the encryption phase of the attack, they put themselves in a position to maximize damage and profit.
The ransomware code is delivered through established backdoors (TOR-RDP or Cobalt Strike) and is customized for each victim. The payload includes the executable, a unique extension, and a unique victim ID that allows the victim to access Darkside’s website and make payment.
By using unique executables and extensions, the ransomware easily evades signature-based detection mechanisms. Darkside also provides customized ransomware to other threat actors (Ransomware as a Service) and takes a part of the profit in successful attacks.
One version of the customized code was named, “Homie.exe.” In addition to being customized, we found it also uses anti-forensics and anti-debugging techniques, such as self-injection, virtual machine detection, and dynamic library loading. It also deletes shadow copies on victim devices.
Darkside Ransomware Stage 1 – Self Injection
On execution, the malware copies itself to the path
“C:\Users\admin\AppData\Local\Temp\” and injects its code into the existing process with a CMD command:
If the malware finds indications that it is being debugged or run in a VM, it immediately stops.
To avoid detection by AV and EDR solutions, the ransomware dynamically loads its libraries, without registering them in its imports section:
Malware dynamically loads libraries
Only 3 libraries are imported, which indicates that other libraries’ names resolved dynamically during the malware’s run instead of being explicitly imported.
Ransomware Stage 2 – Deletion of Shadow Copies
Using an obfuscated PowerShell command, the malware attempts to delete the shadow copies on the victim device. The obfuscated command:
The de-obfuscated command:
Ransomware Stage 3 – Encryption of Files
After the deletion of the shadow copies, the malware first closes specific processes to avoid locked files that can delay encryption, and then begins its encryption routine.
List of processes:
sql
oracle
ocssd
dbsnmp
synctime
agntsvc
isqlplussvc
xfssvccon
mydesktopservice
ocautoupds
encsvc
firefox
tbirdconfig
mydesktopqos
ocomm
dbeng50
sqbcoreservice
excel
infopath
msaccess
mspub
onenote
outlook
powerpnt
steam
thebat
thunderbird
visio
winword
wordpad
notepad
During encryption, the malware appends an 8-character string to the end of the encrypted file names.
Dark side ransomware avoids encrypting files with the following extensions:
386,adv,ani,bat,bin,cab,cmd,com,cpl,cur,deskthemepack,diagcab,diagcfg,diagpkg,dll,drv,exe,hlp,icl,icns,ico,ics,idx,ldf,lnk,mod,mpa,msc,msp,msstyles,msu,nls,nomedia,ocx,prf,ps1,rom,rtp,scr,shs,spl,sys,theme,themepack,wpx,lock,key,hta,msi,pdb
It creates a ransom instructions (“README…txt”) to contact the ransomware creator for decryption:
How to Prepare for Threat Actors in 2021
Find and fix the weak links before attackers do
Any internet-facing account that doesn’t require MFA is a brute-force attack away from a compromise. Any unpatched internet-facing server is an exploit away from script-kiddie payday.
Assume breach and fix weak links inside
Threat actors look for quick ways to obtain domain admin credentials. Service or admin accounts with SPNs that also have weak encryption, or worse still, privileged accounts with weak or no password requirements are too-easy targets.
In too many organizations, attackers don’t even need elevated credentials to harvest data – the average employee has access to far more data than they require. Lockdown sensitive data so that only the right accounts have access, and then monitor file systems for unusual access and change events.
More lights, please, especially on stuff that matters
Organizations with comprehensive monitoring solutions detect and investigate attacks like these more quickly. If you have blind spots on core data stores, in Active Directory, DNS, remote access systems, or in web connections, you’ll struggle to determine which systems were compromised and whether sensitive data was stolen.
If you detect a breach, let Active Directory triangulate the blast radius
Active Directory events can help you quickly identify compromised accounts and devices. Instead of focusing on one endpoint at a time, once one compromised account or system has been identified, query Active Directory for signs of lateral movement by that account or accounts used on that system.
If you have any reason to believe you’ve been targeted by Darkside or any other group, please don’t hesitate to reach out for incident response and forensics help via https://www.varonis.com/help.
A special thanks to Rotem Tzadok for leading our Darkside investigations and analysis.
Snir Ben Shimol
Director of Cyber Security, Varonis Snir is the Head of Cyber Security at Varonis, a software company specializing in data security and insider threat detection. Snir began his career in the IDF Technology and Intelligence Unit and continued as a Security Researcher in the Israeli Prime Minister’s Office. Since then he has worked in the Advanced Security Center of EY as the Cyber Security Advisory Leader, managing red-team operations and risk assessments. He has advised major international corporations and high-profile individuals to build their security resilience and protect their organization. Prior to his current role, he led Radware’s Cyber Security Research Division, responsible for innovation and security solution capabilities.
<<<
>>> Recorded Future
From Wikipedia, the free encyclopedia
https://en.wikipedia.org/wiki/Recorded_Future
This article contains content that is written like an advertisement. Please help improve it by removing promotional content and inappropriate external links, and by adding encyclopedic content written from a neutral point of view. (November 2018) (Learn how and when to remove this template message)
Recorded Future, Inc.
RF-Logo-Standard.png
Type Privately Held
Industry Cybersecurity, Threat Intelligence
Founded 2009
Founders Christopher Ahlberg,
Staffan Truvé
Headquarters Somerville, Massachusetts, United States
Number of locations Washington, D.C.,
Gothenburg, Sweden,
London, United Kingdom,
Singapore,
Tokyo, Japan
Area served Worldwide
Products Threat Intelligence Platform, SaaS Portal, Browser Extension, Security Control Feeds, Third-Party Risk, Finished Intelligence Reports
Number of employees 450 (December 2019)
Website www.recordedfuture.com
Recorded Future is a privately held cybersecurity company founded in 2009 with headquarters in Somerville, Massachusetts. The company specializes in the collection, processing, analysis, and dissemination of threat intelligence. Recorded Future uses patented machine learning and natural language processing methods to continuously collect and organize data from open web, dark web, and technical sources. The resulting information is displayed within a software-as-a-service portal.
Contents
1 History
2 Services
3 Organization
4 Analysis
4.1 China Vulnerability Database Report
4.2 Al-Qaeda Report
4.3 Occupy Wall Street Media Monitoring Report
5 Controversies
6 See also
7 References
8 External links
History
In 2007, co-founders Christopher Ahlberg and Staffan Truvé, both Ph.D.s in computer science from Chalmers University of Technology, filed for Recorded Future’s first patent (granted in 2013 as United States patent US8468153B2) - Data Analysis System with Automated Query and Visualization Environment Setup.[1] The patent laid the foundation for continuous collection and processing of data and information from sources across the open, deep, and dark web, facilitated by machine learning. Recorded Future was officially incorporated in 2009.
The company received initial funding from Google and In-Q-Tel, as reported in a July 2010 introduction to Recorded Future published by Wired.[2]
Recognizing that its algorithms and visualization software matched needs within the intelligence community,[3] Recorded Future entered the cyber threat intelligence market in January 2012.
In 2014, the company launched Recorded Future Dark Web, integrating open and dark web sourcing as well as dark web forum access and analysis.
In 2016, Recorded Future was named a partner for threat intelligence by Splunk,[4] Palo Alto Networks,[5] and Vencore GEOINT.[6]
In May 2017, Recorded Future introduced Insikt Group,[7] the company’s threat intelligence research arm. The word “insikt” is Swedish, a nod to Recorded Future's co-founders, and means “insight.” Insikt Group is responsible for delivering analyst-generated assessments, insights, and recommended actions to customers and the public.
In May 2019, New York-based private equity firm Insight Partners acquired Recorded Future for $780 million.[8]
In November 2019, the company opened a second office in Somerville with the goal of building a “campus” in the Davis Square area. Recorded Future currently employs more than 430 people around the world.[9]
Services
Using what they call a "Temporal Analytics Engine," Recorded Future provides forecasting and analysis tools to help analysts predict future events by scanning sources on the internet, and extracting, measuring, and visualizing the information to show networks and patterns in the past, present, and future.[10] As of 2015, the engine was described as "Web Intelligence Engine."[11] Likewise, the Washington Post, in an article authored by Stewart Baker - the former General Counsel of the National Security Agency (1992–1994), which had described the company as a predictive analytics web intelligence firm deleted the term upon request of RF.[12] The software analyzes sources and forms "invisible links" between documents to find links that tie them together and may possibly indicate the entities and events involved. Noah Schachtmann from WIRED – who first wrote about Google and the CIA both investing in RF – described the company in an interview as follows: "Recorded Future is a company that strips out from web pages the sort of who, what, when, where, why — sort of who’s involved, [...] where are they going, what kind of events are they going to."[13]
Clients initially included the financial sector with quantitative investors, but since 2013 they have changed to businesses seeking cyber security, per Ahlberg, for example SITA (IT company), a global air transport IT company.[14]
Organization
The company was founded in 2009 by Christopher Ahlberg[11] and had 20 employees as of November 2011.[15] Google Ventures and In-Q-Tel invested "under $10 million each" into the Recorded Future shortly after the company was founded. Google published this on May 3, 2010[16] In-Q-Tel is an investment arm of the CIA.[17] As of 2015, it had partnerships with IBM, HP ArcSight, Cimation, Ethnographic Edge, Tiberium Security, and Malformity Labs LLC per its company profile published by Businessweek.[11]
Analysis
China Vulnerability Database Report
In November 2017, Recorded Future published analysis asserting that the Ministry of State Security (China) influences or alters their National Vulnerability Database (CNNVD) to coverup espionage activities.[18] The analysis concludes "vulnerabilities commonly exploited by malware linked to Chinese APT groups" are inconsistent with CNNVD publication practices. The company presented further analysis in March 2018 at the Kaspersky Labs Analyst Summit, presenting evidence that the Chinese government retroactively changed the original publication dates.[19][20]
Al-Qaeda Report
In May 2014, Recorded Future released a report called "How Al-Qaeda Uses Encryption Post-Snowden (Part 1)."[21] Part 2 of the report was released on August 1, 2014, supposedly with a strengthened "earlier hypothesis about Snowden leaks influencing Al-Qaeda’s crypto product innovation." On the same day National Public Radio aired Recorded Future claims of "tangible evidence" that Edward Snowden harmed national security by prompting terrorists to develop more sophisticated encryption programs.[22] Glenn Greenwald and Andrew Fishman criticized Recorded Future's report did not prove causation between Snowden's leak and improved encryption by al-Qaeda.[23]
Occupy Wall Street Media Monitoring Report
In 2011, Recorded Future reported, "... gaining online momentum for the Occupy Wall Street movement. When we look more carefully at influencers in this discussion using our Influencer Map, we find that Iran Press TV is the second largest influencer after the U.S. media!"[24]
Controversies
In April 2015, a coding website accused Recorded Future of violating internet privacy by analyzing private Facebook messages, which it denied. The accusation was disproven when the assumed private link for private Facebook chat was found posted publicly online via a server log.[14]
See also
Cyber Threat Intelligence
Open Source Intelligence
Corporate Security
Managed Security Service
Operational Intelligence
Palantir Technologies
Intelligence Engines
References
https://patents.google.com/patent/US8468153
Shachtman, Noah (July 28, 2010). "Exclusive: Google, CIA Invest in 'Future' of Web Monitoring". WIRED.
Temple-Raston, Dina (October 8, 2012). "Predicting The Future: Fantasy Or A Good Algorithm?". NPR.
Kodama, Matt (February 22, 2016). "Announcing Recorded Future for Splunk". Recorded Future. Recorded Future. Retrieved January 2, 2020. Enrichment dashboards show intel on-demand inside Splunk, while monitoring and correlation dashboards apply our threat intel to your events and infrastructure.
Wong, Glenn (April 4, 2016). "Announcing Recorded Future for Palo Alto Networks". Recorded Future. Recorded Future. Retrieved January 2, 2020. We’re very excited to join the Palo Alto Networks NextWave Technology Partners Program.
McKeon, Amanda (May 17, 2016). "Announcing Recorded Future and Vencore GEOINT Partnership". Recorded Future. Recorded Future. Retrieved January 2, 2020. We’re very excited to announce a partnership with Vencore to combine our unique open source intelligence (OSINT) datasets with its geospatial system integration and analytic capabilities.
Future, Recorded. "Recorded Future Launches Threat Research Arm to Enhance Threat Intelligence Offering". www.prnewswire.com. Retrieved 2021-03-11.
Miller, Ron (May 30, 2019). "Insight Partners acquires threat intel company Recorded Future for $780M". TechCrunch.
Maffei, Lucia (October 28, 2019). "Threat intel firm to open new office, add 130 jobs in the Boston area". Boston Business Journal.
Holliday, Maynard; Holden, Chris (July 15, 2014). "Advanced Web-Based Temporal Analytics for Arms Control Verification and Compliance". Science & Diplomacy. 3 (3).
"Recorded Future, Inc". BusinessWeek. Retrieved July 29, 2010.
Stewart Baker (August 3, 2014). "As evidence mounts, it's getting harder to defend Edward Snowden". Washington Post. Retrieved 31 May 2015. “While this may seem like splitting hairs, in the world of data analysis software “predictive analytics” has specific technical meaning which implies something different. We use the term web intelligence to reduce this confusion.”
Amy Goodman, Juan González (July 30, 2010). "Google Teams Up with CIA to Fund "Recorded Future" Startup Monitoring Websites, Blogs & Twitter Accounts". Democracy Now. Retrieved May 31, 2015.
Cale Guthrie Weissman (May 26, 2015). "Inside the company that can predict the future by analyzing every piece of information on the web". Business Insider. Retrieved May 31, 2015.
Cheshire, Tom (November 10, 2011). "The News Forecast". Wired UK. Retrieved December 25, 2011.
Mastrull, Amanda (May 4, 2010). "Google invests in company, Recorded Future, that tries to predict the future". The New York Daily News. Retrieved July 29, 2010.
Shachtman, Noah (July 28, 2010). "Exclusive: Google, CIA Invest in 'Future' of Web Monitoring". Wired. Retrieved July 29, 2010.
Recorded Future (November 20, 2017). "China's Ministry of State Security Likely Influences National Network Vulnerability Publications". Recorded Future. Retrieved November 17, 2017.
ALFRED NG (March 9, 2018). "China isn't being honest with its vulnerabilities database". CNET. Retrieved March 8, 2018.
Insikt (March 9, 2018). "China Altered Public Vulnerability Data to Conceal MSS Influence". Recorded Future. Retrieved March 8, 2018.
C (May 8, 2014). "How Al-Qaeda Uses Encryption Post-Snowden (Part 1)". Recorded Future. Retrieved August 14, 2014. The timeline above tells a compelling story showing how four to five months after the Snowden disclosures both mainstream AQ, as well as the break-off group ISIS, launches three new encryption tools.
Dina Temple-Raston (August 14, 2014). "Big Data Firm Says It Can Link Snowden Data To Changed Terrorist Behavior". Morning Edition. National Public Radio. Retrieved August 14, 2014.
Glenn Greenwald; Andrew Fishman (August 12, 2014). "NPR Is Laundering CIA Talking Points to Make You Scared of NSA Reporting". The Intercept. First Look Productions, Inc. Retrieved August 14, 2014.
Holden (October 1, 2014). "Iran's Growing Influence & Occupy Wall Street Protests". Recorded Future. Retrieved August 14, 2014.
<<<
>>> Cyberattack forces Colonial Pipeline to shut major fuel line
Colonial Pipeline says it transports 45 percent of East Coast fuel supply.
May 8, 2021, 4:18
By Reuters
https://www.nbcnews.com/news/us-news/cyberattack-forces-colonial-pipeline-shut-major-fuel-line-n1266737
Top U.S. fuel pipeline operator Colonial Pipeline has shut its entire network after a cyberattack, the company said in a statement on Friday.
Colonial's network supplies fuel from U.S refiners on the Gulf Coast to the populous eastern and southern United States. The company transports 2.5 million barrels per day of gasoline, diesel, jet fuel and other refined products through 5,500 miles of pipelines.
Colonial Pipeline says it transports 45 percent of East Coast fuel supply.
The company learned of the attack on Friday and took systems offline to contain the threat, it said in the statement. That action has temporarily halted operations and affected some of its IT systems, it said.
The company has engaged a third-party cybersecurity firm to launch an investigation, and Colonial has contacted law enforcement and other federal agencies, it said.
Colonial did not give further details or say for how long its pipelines would be shut.
The operator had shut its main gasoline and distillate lines, Reuters reported earlier on Friday.
During the trading session on Friday, Gulf Coast cash prices for gasoline and diesel edged lower.
Both gasoline and diesel futures on the New York Mercantile Exchange rose more than crude prices during the day. Gasoline futures gained 0.6 percent to settle at $2.1269 a gallon, while diesel futures rose 1.1 percent to settle at $2.0106 a gallon.
Longer-term price effects will depend on the amount of time that the lines are shut. If barrels are not able to make it onto the lines, Gulf Coast prices could weaken further, while prices in New York Harbor could rise, one market participant said.
Colonial significantly shut down its gasoline and distillate lines during Hurricane Harvey, which hit the Gulf Coast in 2017.
During that time, spot Gulf Coast gasoline prices rose to a five-year high, while diesel prices rose to around a four-year high.
<<<
>>> Best Cybersecurity ETFs for Q2 2021
BUG, IHAK, and CIBR are the best cybersecurity ETFs for Q2 2021
Investopedia
By NATHAN REIFF
Feb 4, 2021
https://www.investopedia.com/articles/etfs-mutual-funds/042616/2-cybersecurity-etfs-consider-cibr-hack.asp?utm_campaign=quote-yahoo&utm_source=yahoo&utm_medium=referral
The global cybersecurity market is expected to expand at a healthy compound annual growth rate (CAGR) of 10.0% through 2027 as cybercrime affects more individuals, companies, and governments.1?? Investors seeking to profit from this trend may consider owning a wide spectrum of cybersecurity stocks through exchange-traded funds (ETFs). Betting on individual stocks can be especially risky in young, fast-evolving industries. Cybersecurity ETFs offer diversification across the sector, thus avoiding the risks associated with trying to pick individual winners.
KEY TAKEAWAYS
The cybersecurity industry has outperformed the broader market in the past year.
The ETFs with the best 1-year trailing total return are BUG, IHAK, and CIBR.
The top holding of each of these ETFs is class A shares of CrowdStrike Holdings Inc.
There are 4 ETFs that trade in the U.S. focused on the cybersecurity sector: the Global X Cybersecurity ETF (BUG), the First Trust NASDAQ CEA Cybersecurity ETF (CIBR), the iShares Cybersecurity and Tech ETF (IHAK), and the ETFMG Prime Cyber Security ETF (HACK). The sector, as measured by the S&P Kensho Cyber Security Index, has outperformed the broader market with a total return of 33.0% over the past 12 months compared to the S&P 500's total return of 20.8%, as of February 2, 2021.2?? The best-performing cybersecurity ETF, based on performance over the past year, is BUG. We examine the top 3 best cybersecurity ETFs below. All numbers below are as of February 3, 2021.
Global X Cybersecurity ETF (BUG)
Performance over 1-Year: 66.1%
Expense Ratio: 0.50%
Annual Dividend Yield: 0.45%
3-Month Average Daily Volume: 231,654
Assets Under Management: $266.4 million
Inception Date: October 28, 2019
Issuer: Global X
BUG tracks the Indxx Cybersecurity Index, which gauges the performance of companies that operate within the cybersecurity industry.3??? The ETF invests in companies that are positioned to benefit from increasing adoption of cybersecurity technology, including companies that offer security against intrusion and attacks on systems, networks, applications, computers, and mobile devices. The fund focuses on cybersecurity growth stocks across the market-cap spectrum. About three quarters of its 28 holdings are based in the U.S., with the remaining quarter spread across Israel, Britain, Japan, and South Korea.4??? Its top three holdings include class A shares of CrowdStrike Holdings Inc. (CRWD), a holding company whose subsidiaries provide cyber security platforms; Palo Alto Networks, Inc. (PANW), a provider of network security solutions; and Zscaler Inc. (ZS), a cloud-based security software company.5???
iShares Cybersecurity and Tech ETF (IHAK)
Performance over 1-Year: 49.6%
Expense Ratio: 0.47%
Annual Dividend Yield: 0.39%
3-Month Average Daily Volume: 127,119
Assets Under Management: $348.1 million
Inception Date: June 11, 2019
Issuer: iShares
IHAK is a multi-cap fund focused on cybersecurity companies. The fund tracks the NYSE FactSet Global Cyber Security Index, which is composed of cybersecurity and technology stocks. The ETF invests in companies engaged in cyber security hardware, software, products, and services. Nearly 80% of the fund's 48 holdings are based in the U.S., with the rest based in Israel, Japan, Canada, and Taiwan.6??? It follows a blended strategy, investing in a mix of growth and value stocks. The fund's top holdings include class A shares of CrowdStrike Holdings; BlackBerry Limited (BB:TSE), a Canadian multinational that provides software and services; and Palo Alto Networks Inc.7???
First Trust NASDAQ CEA Cybersecurity ETF (CIBR)
Performance over 1-Year: 48.1%
Expense Ratio: 0.60%
Annual Dividend Yield: 1.09%
3-Month Average Daily Volume: 735,500
Assets Under Management: $3.5 billion
Inception Date: July 6, 2015
Issuer: First Trust
CIBR is a multi-cap growth fund targeting U.S.-listed stocks. The ETF tracks the NASDAQ CTA Cyber Security Index, which is designed to gauge the performance of cybersecurity companies within the technology and industrials sectors. Each of the fund's 41 holdings must be classified as a cybersecurity company by the Consumer Technology Association, have a minimum market cap of $250 million, and must meet certain liquidity requirements.8??? Its top three holdings include class A shares of CrowdStrike Holdings; Zscaler Inc.; and Cisco Systems Inc. (CSCO), the maker of telecommunications and networking hardware and software.
<<<
Okta - >>> 3 Software Stocks to Pick Up in the Next Market Crash
Software stocks could be in for a nasty correction this year. Here are three to keep on your watchlist if that happens.
Motley Fool
by Billy Duberstein
Feb 2, 2021
https://www.fool.com/investing/2021/02/02/3-software-stocks-to-pick-up-in-the-next-market-cr/
Some of the biggest winners from the very odd year of 2020 were cloud software stocks. In fact, business was so good that many software unicorns decided to go public amid surging stock prices. If your product enabled work-from-home, facilitated better and faster data use, or secured enterprise infrastructure, your stock likely rocketed higher.
However, after a stunning 2020, these names could be in for a correction. Many trade at nosebleed valuations. Meanwhile, recent short squeezes may cause hedge funds to sell other big winners, including these enterprise software stocks. The rollout of vaccines may cause investors to gravitate toward "reopening" stocks in travel, financials, and other cyclical stocks at the expense of cloud software.
But while SaaS stocks may face a challenging year ahead, all are ushering in a powerful new data era. So if there's a pullback in the space, long-term investors may get an attractive entry position. The following three cloud leaders are currently on my radar.
JFrog
JFrog (NASDAQ:FROG) is one of the high-flying SaaS companies that went public in the busy month of September 2020. JFrog's tools enable "liquid software" updates, or continuous updates and patching of applications, rather than the traditional method of constructing an entirely new code every few months (or longer).
Source code must transform into binary code in order to be deployed, and JFrog's platform allows for the storage, organization, automation, and deployment of these binary code packages. Even better, it works across all clouds, on-premises data centers, and programming languages.
As of last quarter, JFrog software was used by 75% of the Fortune 100 and 27% of the Global 2000. That may seem like JFrog has already penetrated a lot of its market. However, the company's 136% net expansion rate suggests existing customers increase their JFrog usage over time and upgrade to higher-priced tiers.
Though revenue grew "only" 40% last quarter, this may have been due to the pandemic slowing the sales cycle to new customers. Still, 40% growth is pretty good. JFrog has also shown the ability to expand gross margins and operating margins as it grows, and the company is already generating free cash flow (though it still has GAAP losses due to stock-based compensation).
JFrog anticipates it will end the year with about $150 million in revenue. At the current $5.7 billion market cap, it seems expensive, at around 38 times sales.
Nevertheless, being a cloud-neutral first-mover in an important niche is a great place to be. That's why JFrog is on my radar in case software stocks pull back in 2021.
Okta
Like JFrog, Okta (NASDAQ:OKTA) is a cloud-neutral first-mover with mission-critical functionality. Okta's identity-as-a-service software allows employees of an organization to access critical data and applications, no matter where they are. Okta has therefore been tremendously helpful in the current work-from-home environment, and should remain a strong grower as workforces become more distributed.
In fact, Okta identifies its workforce identity market opportunity at $30 billion. If the company can expand into customer-facing identity sign-on, that's another $25 billion opportunity. Meanwhile, Okta projects only $823 million in revenue for its current fiscal year, so there's a lot of room to grow.
Last quarter, Okta showed strength across the board. Customers grew 27%, and high-value customers grew 34%. Net expansion of 123% accelerated from 117% in the year-ago quarter, leading to 42% revenue growth. Remaining performance obligations, which take into account future revenue yet to be recognized, grew an even higher 53%. Gross margins, operating margins, and free cash flow margins all expanded, showing profitability is in Okta's future, even if the company currently posts GAAP losses.
Despite all this goodness, Okta currently trades at 42 times trailing 12-month sales, or about 40 times its enterprise value to FY 2021 estimates. That's high. Even if Okta hits its growth target of 35% revenue growth through 2024 and hits its free cash flow margin target of 25%, it would still make only about $683 million in free cash flow. That means the stock currently trades at 49 times its 2024 estimated cash flow. As great a company as Okta is, that doesn't give it a whole lot of margin of safety. Still, it will surely be at the top of my list should the SaaS sector fall out of favor.
Snowflake
Perhaps was Snowflake (NYSE:SNOW) was arguably the poster child for the 2020 IPO mania. Like the two aforementioned names, Snowflake is a first-mover in cloud-based data warehousing and data management. It offers a cloud neutrality that's resonating with customers. Snowflake's founders decided to go all-in on the cloud early, ignoring traditional on-premises data management. The results of that early decision have been downright impressive.
Snowflake is growing the fastest of any large software company that you might find, but it's also the most expensive. Revenue grew a stunning 118% last quarter, but like JFrog, its remaining performance obligations -- essentially pre-payments toward future usage -- doubled that rate at 240%. Customers grew 84%, and customers who spend over $1 million grew 110% as well. Fortune 500 customers grew 56% to 165. Net expansion with existing customers grew a ridiculous 162%. Over the past two years, gross margins have expanded 10 percentage points from 58% to 68%.
Snowflake's cloud platform is clearly resonating, as it's broken down the barriers and silos that previously separated various forms of data. Companies large and small can dump everything into Snowflake to discover, manipulate, and run machine learning on its data cloud. Snowflake's revolutionary data exchange allows different enterprises and data providers to safely and securely share data with each other, leading to even more and better insights. Twenty-three percent of Snowflake's customers currently use data sharing capabilities. That's likely to increase going forward.
Despite all this great news, Snowflake's stock is quite pricey indeed, having more than doubled over its IPO price of $120, which itself was raised 50% from the expected IPO price. It also trades at a lofty 158 times sales. At that height, it's possible for the business to do quite well even as the stock stagnates.
Snowflake is currently too rich for my blood, but it's an impressive company with a promising management team and future. Add it to your watchlist in the event of a market or tech sector meltdown.
<<<
>>> Can This Cybersecurity Play Become a Growth Stock in 2021?
This cybersecurity stock is showing signs of life after years of underperformance.
Motley Fool
Harsh Chauhan
Feb 1, 2021
https://www.fool.com/investing/2021/02/01/cybersecurity-play-be-growth-stock-check-point/
Check Point Software Technologies (NASDAQ:CHKP) has been a perennial stock market underperformer over the years despite operating in the fast-growing cybersecurity industry. The company's cautious approach toward the cybersecurity market has failed to dazzle investors when compared to the likes of Palo Alto Networks (NYSE:PANW) and Fortinet (NASDAQ:FTNT).
But can Check Point Software Technologies hit a higher gear in 2021 and outpace its rivals? Let's find out.
Check Point Software is trying to step on the gas
Check Point's anemic top-line growth has been holding the stock back. Revenue for the first nine months of 2020 increased only 3.4% year over year. Its fourth-quarter guidance was also disappointing. Check Point estimates $550 million in revenue for the quarter that ended in December 2020, missing Wall Street's expectation of $555 million.
What's more, Check Point's 2020 revenue will increase just 2.8% over 2019 levels if it hits the midpoint of its guidance range. That would be disappointing as the company's revenue had increased at a faster rate of 4% in 2019. However, the novel coronavirus pandemic should share a part of the blame for this slowing revenue growth.
Gartner originally anticipated cybersecurity spending to increase 8.7% in 2020. But the pandemic forced the firm to revise its estimate to a growth of just 2.4%. Check Point seems to have done well by that yardstick, as its 2020 revenue increase is likely to be in line with the broader market's growth. However, the company's performance pales in comparison to Fortinet and Palo Alto.
Fortinet's and Palo Alto's outperformance isn't surprising, as both companies are tapping into hot cybersecurity trends such as cloud security. Spending on cloud security was expected to jump 33% in 2020 as per a third-party estimate, and Check Point's rivals made the most of that opportunity. Fortinet, for instance, saw a sharp rise in its cloud-related business as organizations scrambled to protect critical data in the wake of a jump in remote workers.
Similarly, the demand for Palo Alto Networks' cloud security offerings increased amid the pandemic. The number of Fortune 100 companies using Palo Alto's integrated cloud security platform -- Prisma Cloud -- increased from 43% to 70% quarter over quarter. Additionally, 20% of the Global 2000 companies were using Prisma Cloud last quarter as compared to 14% in the preceding one.
Meanwhile, Check Point's cloud security business isn't big enough just yet to move the needle in a big way for the company. Cloud accounted for less than 10% of the company's revenue in the second quarter of 2020, though management pointed out that cloud-related revenue was up 70% year over year during the quarter.
Check Point's cloud security subscriptions surpassed 10% of the total revenue in the third quarter. The good news for Check Point investors is that it is trying to step on the gas in cloud security. It acquired cloud cybersecurity start-up Odo Security in September 2020 and got its hands on a service that could differentiate it from rivals' cloud offerings.
So, Check Point could see its cloud business become stronger in 2021, and that would be the key to an acceleration in its top-line growth. Analysts expect just 3% revenue growth from Check Point in 2021, but a strong showing from the cloud business could help the company surpass those expectations.
What should investors do?
In the third quarter of 2020, the legacy products and licenses accounted for nearly 24% of the company's revenue. The segment's revenue fell slightly year over year, extinguishing the 9.7% gains scored by the security subscriptions business. So, investors will have to remain patient and wait for the legacy business's influence on Check Point's top line to decline, while expecting the subscription business to pick up the pace.
The good part is that investors willing to bet on Check Point's accelerated top-line growth can still buy the stock at a reasonable valuation. Its trailing price-to-earnings (P/E) ratio of 22 is in line with the five-year average, while the forward earnings multiple of 18 points toward bottom-line growth. What's more, Check Point already has a strong margin profile as compared to rivals.
A stronger contribution from the higher-margin subscription business can boost Check Point's earnings power and turn it into a growth stock this year after years of underperformance.
<<<
>>> BlackBerry Limited (BB) provides intelligent security software and services to enterprises and governments worldwide. The company leverages artificial intelligence and machine learning to deliver solutions in the areas of cybersecurity; safety and data privacy; and endpoint security management, encryption, and embedded systems. It offers BlackBerry Spark software platform that includes a suite of security software products and services comprising BlackBerry Cylance, BlackBerry UEM, BlackBerry Dynamics, and BlackBerry Workspaces; and BlackBerry Spark SDK to promote the evolution of a platform ecosystem by enabling enterprise and independent software vendor developers to integrate the security features of BlackBerry Spark into their own mobile and web applications. BlackBerry Limited also provides BlackBerry Internet of Things (IoT) solutions, including BlackBerry QNX, BlackBerry AtHoc, SecuSUITE, BlackBerry Certicom, BlackBerry Radar, and other IoT applications; and manages and monetizes BlackBerry patents and applications. As of February 29, 2020, the company owned approximately 38,000 worldwide patents and applications. BlackBerry Limited has a partnership with the University of Windsor to develop and deliver a cybersecurity curriculum for the university's graduate master's program in applied computing; and an agreement with Amazon Web Services, Inc. to develop and market BlackBerry's intelligent vehicle data platform. The company was formerly known as Research In Motion Limited and changed its name to BlackBerry Limited in July 2013. BlackBerry Limited was founded in 1984 and is headquartered in Waterloo, Canada.
<<<
BioCatch (private) - >>> The Leader in AI-Driven Behavioral Biometrics
https://www.biocatch.com/company/our-story
BioCatch was founded in 2011 by experts in neural science, artificial intelligence (AI), machine learning and cyberterrorism. The newly-founded company had a significant mission: to address next-generation digital identity challenges by focusing on online user behavior rather than static authentication measures, like passwords or endpoint security. They discovered an untapped goldmine.
Powerful behavioral insights — gleaned from the analysis of more than 2,000 physical and cognitive behavioral parameters — were able to support different use cases across the digital identity lifecycle. The technology enabled the holy grail of the modern digital era — seamless and secure online experiences. Behavioral biometrics, a technology used to identify people based on their behavioral parameters, was born.
BioCatch founder Avi Turgeman began pursuing a theory that people interact with machines in unique, measurable ways while serving in military intelligence. Drawing on years of experience exploring white-hat hacking, system vulnerability management and cyberterrorist operations, Turgeman turned his attention to online fraudsters and their identifiable signatures, co-founding BioCatch with Benny Rosenbaum.
In developing their AI-driven platform to passively identify both human and non-human behaviors online, BioCatch upended the paradigm of having to choose between security and convenience. Today, the company continues its commitment to innovation through an unparalleled IP portfolio of more than 60 granted or pending patents.
The BioCatch platform is deployed by major banks and other global enterprises to help manage their digital identity challenges. The technology prevents new account fraud, authenticates online users, prevents account takeover fraud and detects vishing scams, generating impressive returns on investment that come from catching more fraud as well as reducing false positives and unnecessary escalations.
BioCatch has been recognized for its industry leadership and cutting-edge approach to behavioral biometrics and digital identity in the CB Insights AI 100, One World Identity Leading Innovators in Identity, Deloitte Technology Fast 500, Florin Awards for Best Innovation in Securing Transactions and more.
<<<
>>> BioCatch (private) offers a range of behavioral authentication and threat detection solutions for web and mobile applications. Available as a cloud-based solution, BioCatch collects and analyzes more than 2000 cognitive parameters to generate unique user profiles. Organizations use the platform to continuously authenticate users during their online sessions, protecting against cyber threats and fraudulent activity, such as account takeover and RAT-in-the-Browser (RitB), remote access, and automated account manipulation.
<<<
https://www.crunchbase.com/organization/biocatch?utm_source=yahoo&utm_medium=referral&utm_content=profile_cta&utm_campaign=yahoo_finance
>>> Opportunities in Cybersecurity Offer Investors Future ETF Play
ETF Trends
by BEN HERNANDEZ
APRIL 16, 2020
https://www.etftrends.com/innovative-etfs-channel/opportunities-in-cybersecurity-offer-investors-future-etf-plays/
As more and more businesses turn to cloud technology, cybersecurity will continue to gain traction as a viable investment opportunity. This is evident in biometrics security tech developer BioCatch, which just raised $145 million.
BioCatch’s technology can track user behavior to determine whether a customer is real or fake. Its platform is already being used by 40 global financial institutions.
“BioCatch’s growth in annual recurring revenue and client base speaks directly to the growing demand for our service and the increasing number of use cases we are able to support,” said Howard Edelstein, the company’s chief executive officer. “The current environment has spawned a large increase in bad actors seeking to take advantage of distracted individuals working from home or dispersed companies whose technologists are scattered in remote locations. In such times, technologies like behavioral biometrics become more important than ever.”
Companies like BioCatch open up opportunities for ETFs focusing on cybersecurity like the First Trust NASDAQ Cybersecurity ETF (NYSEArca: CIBR) and the ETFMG Prime Cyber Security ETF (NYSEArca: HACK). First, on the docket, CIBR seeks investment results that generally correspond to the price and yield f an equity index known as the Nasdaq CTA Cybersecurity IndexSM, which is comprised of securities of companies classified as “cybersecurity” companies by the CTA.
Next, HACK seeks investment results that generally correspond to the price and yield performance of the Prime Cyber Defense Index. The index tracks the performance of the exchange-listed equity securities of companies across the globe that (i) engage in providing cybersecurity applications or services as a vital component of its overall business or (ii) provide hardware or software for cybersecurity activities as a critical component of its overall business.
ETFs to look at in the growing fintech space include the?Global X FinTech ETF (NasdaqGM: FINX)?and the?ARK Fintech Innovation ETF (NYSEArca: ARKF). ARKF invests in equity securities of companies that ARK believes are shifting financial services and economic transactions to technology infrastructure platforms, ultimately revolutionizing financial services by creating simplicity and accessibility while driving down costs.
Another fund to get exposure to disruption via data-driven technology is Goldman Sachs Motif Data-Driven World ETF (GDAT). The fund seeks to provide investment results that closely correspond to the performance of the Motif Data-Driven World Index, which is designed to deliver exposure to companies with common equity securities listed on exchanges in certain developed markets that may benefit from the on-going rapid increase in electronically recorded data in the world and its impact on the lifecycle of data delivery and processing.
GDAT essentially provides exposure to the beneficiaries of technological innovation, regardless of sector, geography or market capitalization. They can be used individually or collectively to help investors position their portfolios for the future.
<<<
Tanium - >>> Developer of unified endpoint management and security platform designed to simplify endpoint security and configuration compliance. The company's security and systems management service empowers security and IT operations teams to ask questions about the state of every endpoint across the enterprise in plain English, retrieve data on their current state and execute change as necessary, all within seconds, enabling organizations to effectively get protected against modern-day threats and realize new levels of cost efficiency in IT operations. <<<
Cybersecurity has been hot.
Okta - >>> 3 Tech Stocks That Are Better Than Snowflake
Investors can still win big with these fast-growing stocks.
Motley Fool
Chris Neiger, Danny Vena, And Brian Withers
Dec 13, 2020
https://www.fool.com/investing/2020/12/13/3-tech-stocks-that-are-better-than-snowflake/
Shares of Snowflake, a cloud data company, have soared since the company went public back in September. Some investors have flocked to the tech stock because of its massive opportunity in the cloud data space, and the fact that Warren Buffett's Berkshire Hathaway is an investor in the company.
But despite all of the attention Snowflake has received, there are still a lot of fast-growing companies that could be even better long-term investments. Here's why MongoDB (NASDAQ:MDB), Okta (NASDAQ:OKTA), and Square (NYSE:SQ) fit the description.
MongoDB: Creating a home for messy data
Danny Vena (MongoDB): One of the key takeaways from 2020 is that cloud-based solutions are no longer a luxury but a necessity, providing access anywhere, anytime. That's one of the reasons investor demand for Snowflake has been off the charts. Unfortunately, Snowflake's valuation is also off the charts, with the stock trading at 214 times its trailing-12-month sales of $490 million, making it one of the most expensive growth stocks around.
Investors looking for a less expensive cloud alternative should consider MongoDB. One of the challenges with legacy databases is that they couldn't accommodate any data that didn't fit neatly into rows or columns. That's where MongoDB comes in. The company offers a cloud-native solution that houses data and electronic information of all types, including photos, audio, social media posts, video, and even full documents.
MongoDB offers a free version of its flagship database that customers have downloaded more than 90 million times since it was introduced in 2009, and over 35 million times in 2019 alone. After experiencing firsthand the ease and utility of MongoDB's flagship product, many developers take the plunge and sign up for Atlas -- the company's cloud-centric, fully managed database-as-a-service product.
While the pandemic temporarily stunted MongoDB's growth, the company has come roaring back. In the third quarter, revenue grew 38% year over year, while subscription sales increased 39%. More importantly, adoption of Atlas grew even faster, as revenue climbed 61% year over year and now accounts for roughly 47% of the company's total sales. Not bad for a product that was introduced just four years ago.
The customer metrics are equally compelling. MongoDB added more than 2,400 customers during the quarter, bringing the total customer count to 22,600, up 42% year over year. Atlas customers grew more quickly -- to 21,100, up 49%. Those contributing at least $100,000 in annual recurring revenue climbed to 898, up 31%. Finally, the company's net AR expansion rate, which tracks the rate at which existing customers spend more, remained above 120% for the 24th consecutive quarter.
The company's customer satisfaction scores are also enviable. Atlas commands a net promoter score of 74. That's a remarkably high score; 50 or higher is considered excellent, and any number above 70 is considered world-class.
The digital transformation is ongoing and the data that needs to be stored is growing exponentially. The database software market is estimated to be $71 billion in 2020, growing to $97 billion by 2023. Considering MongoDB's revenue topped out at $422 million last year, it has a long runway for growth.
Oh, and did I mention that at just 34 times sales, it's a steal compared to Snowflake.
Okta: Taking advantage of the cloud trend
Brian Withers (Okta): Even though Snowflake is putting up massive growth, investors can get in on the cloud trend without a triple-digit nosebleed valuation. As enterprises move more of their software to the cloud, Okta's identity management platform is a key enabler to keep their infrastructure secure. It makes it easy for information technology teams to secure their cloud applications and provides authorized users the ability to sign on to all of their apps with a single password.
Cloud software is still in the early stages of adoption. IDC reports that 81% of enterprise organizations have at least one core application in the cloud, but only 13% of large companies are 100% dependent on the cloud. As businesses extend their use of cloud-based software tools, the need for a robust identity management solution like Okta's only grows stronger.
With these tailwinds, the company has grown to a $768 million trailing-12-month revenue business. For the upcoming fiscal year, its top line is expected to surpass the $1 billion mark, representing a 29% year-over-year growth. This is a decline from the current year's expected 40%, but it is likely to beat its guidance as it's done frequently in the past.
One indicator that Okta's revenue growth forecast could be light is the solid increase in its remaining performance obligations (RPO). RPO represents the total value of all customer contracts, which grew at an impressive 53% last quarter. Additionally, the company had an important win last quarter as Amazon Web Services (AWS) now includes Okta as part of its marketplace. This opens up the platform to a whole new set of customers. With stable subscription revenue accounting for 95% of its top line, investors can be confident growth will continue long into the future.
Even though Snowflake is growing faster at triple-digit rates, that growth comes at a tremendous price. Not that Okta is cheap, but its lofty price-to-sales ratio of 39 looks like a bargain next to Snowflake's 224. Okta is a better way for investors to profit as organizations continue their move to the cloud.
Square - This company is betting on the shift to digital payments
Chris Neiger (Square): For years, Square has been helping merchants of all sizes shift from physical cash to a digital payment world. The company's point-of-sale terminals are often used with digital card readers and near-field communication devices that make paying with a phone or tapping a credit card to pay easier than ever.
The pandemic has accelerated the shift to digital payments as many people have preferred not to handle physical money. This has helped boost Square's business, with third-quarter revenue skyrocketing 148% year over year (excluding its Caviar business). Square users are also spending a lot more through the company's payment platform, as gross payment volume jumped 91% in the recent quarter to $31.7 billion.
Additionally, the company's popular Cash App, which allows users to send money to friends, saw the number of its daily transacting customers nearly double year over year in the third quarter. Cash App sales also popped 174% in the quarter.
Digital payments were already becoming mainstream before the pandemic, but the trend is even more solidified now. This year the digital payment market will reach $910 billion, and by 2024 it'll be worth an estimated $1.5 trillion. For investors looking for a fast-growing tech stock that's tapping into this massive money trend, Square looks like a great long-term bet.
<<<
>>> Best Cybersecurity ETFs for Q1 2021
BUG, CIBR, and IHAK are the best cybersecurity ETFs for Q1 2021
Investopedia
By MATTHEW JOHNSTON
Dec 2, 2020
https://www.investopedia.com/articles/etfs-mutual-funds/042616/2-cybersecurity-etfs-consider-cibr-hack.asp?utm_campaign=quote-yahoo&utm_source=yahoo&utm_medium=referral
The global cybersecurity market is expected to expand at a healthy compound annual growth rate (CAGR) of 10.0% through 2027 as cybercrime affects more individuals, companies, and governments.1? Investors seeking to profit from this trend may consider owning a wide spectrum of cybersecurity stocks through exchange-traded funds (ETFs). Betting on individual stocks can be especially risky in young, fast-evolving industries. Cybersecurity ETFs offer diversification across the sector, thus avoiding the risks associated with trying to pick individual winners.
KEY TAKEAWAYS
The cybersecurity industry has underperformed the broader market in the past year.
The ETFs with the best 1-year trailing total return are BUG, CIBR, and IHAK.
The top holdings of these ETFs are Palo Alto Networks Inc., class A shares of CrowdStrike Holdings Inc., and DocuSign Inc., respectively.
There are 4 ETFs that trade in the U.S. focused on the cybersecurity sector: the Global X Cybersecurity ETF (BUG), the First Trust NASDAQ CEA Cybersecurity ETF (CIBR), the iShares Cybersecurity and Tech ETF (IHAK), and the ETFMG Prime Cyber Security ETF (HACK). The sector, as measured by the S&P Kensho Cyber Security Index, has underperformed the broader market with a total return of 14.0% over the past 12 months compared to the Russell 1000's total return of 19.4%, as of November 30, 2020.2? The best-performing cybersecurity ETF, based on performance over the past year, is IHAK. We examine the top 3 best cybersecurity ETFs below. All numbers below are as of December 1, 2020.
ETFs with very low assets under management (AUM), less than $50 million, usually have lower liquidity than larger ETFs. This can result in higher trading costs which can negate some of your investment gains or increase your losses.
Global X Cybersecurity ETF (BUG)
Performance over 1-Year: 33.4%
Expense Ratio: 0.50%
Annual Dividend Yield: 0.64%
3-Month Average Daily Volume: 43,025
Assets Under Management: $45.7 million
Inception Date: October 28, 2019
Issuer: Global X
BUG tracks the Indxx Cybersecurity Index, which gauges the performance of companies that operate within the cybersecurity industry.3? The ETF invests in companies that are positioned to benefit from increasing adoption of cybersecurity technology, including companies that offer security against intrusion and attacks on systems, networks, applications, computers, and mobile devices. The fund focuses on cybersecurity growth stocks across the market-cap spectrum. Over three quarters of its 27 holdings are based in the U.S., with the remaining quarter spread across Israel, Britain, Japan, and South Korea.4? Its top three holdings include Palo Alto Networks, Inc. (PANW), a provider of network security solutions; class A shares of CrowdStrike Holdings Inc. (CRWD), a holding company whose subsidiaries provide cyber security platforms; and Fortinet Inc. (FTNT), a provider of network security solutions.5?
First Trust NASDAQ Cybersecurity ETF (CIBR)
Performance over 1-Year: 29.2%
Expense Ratio: 0.60%
Annual Dividend Yield: 1.32%
3-Month Average Daily Volume: 467,177
Assets Under Management: $2.5 billion
Inception Date: July 6, 2015
Issuer: First Trust
CIBR is a multi-cap growth fund targeting U.S.-listed stocks. The ETF tracks the NASDAQ CTA Cyber Security Index, which is designed to gauge the performance of cybersecurity companies within the technology and industrials sectors.6? Each of the fund's 40 holdings must be classified as a cybersecurity company by the Consumer Technology Association, have a minimum market cap of $250 million, and must meet certain liquidity requirements.7? Its top three holdings include class A shares of CrowdStrike Holdings; class A shares of Okta Inc. (OKTA), a developer of applications software such as mobile identification and multifactor authentication; and Zscaler Inc. (ZS), a security software company.8?
iShares Cybersecurity and Tech ETF (IHAK)
Performance over 1-Year: 27.8%
Expense Ratio: 0.47%
Annual Dividend Yield: 0.68%
3-Month Average Daily Volume: 60,935
Assets Under Management: $165.7 million
Inception Date: June 11, 2019
Issuer: iShares
IHAK is a multi-cap fund focused on cybersecurity companies. The fund tracks the NYSE FactSet Global Cyber Security Index, which is composed of cybersecurity and technology stocks. The ETF invests in companies engaged in cyber security hardware, software, products, and services. Nearly 83% of the fund's 41 holdings are based in the U.S., followed by Israel (7%), Japan (4%), the U.K. (3%), and Taiwan (2%).9? It follows a blended strategy, investing in a mix of growth and value stocks. The fund's top holdings include DocuSign Inc. (DOCU), a provider of electronic signature solutions; class A shares of CrowdStrike Holdings; and Zscaler.
<<<
Okta - >>> 3 Growth Stocks That Can Soar Even With a Coronavirus Vaccine
A return to normal wouldn't be bad news for these fast-growing companies.
Motley Fool
Sean Williams
Nov 12, 2020
https://www.fool.com/investing/2020/11/12/3-growth-stocks-that-can-soar-even-with-a-covid-19/
November has been wild for Wall Street. The week prior to the U.S. election saw equities nosedive, but since election night, the stock market has been virtually unstoppable.
The stock market really took off after Pfizer (NYSE:PFE) and BioNTech (NASDAQ:BNTX) reported an interim analysis of their late-stage coronavirus disease 2019 (COVID-19) vaccine candidate, BNT162b2. This first look from an independent data monitoring committee showed vaccine effectiveness (VE) of over 90% for Pfizer's and BioNTech's therapeutic, which blew researchers' VE expectations out of the water.
There's still a lot of pending data, such as how at-risk groups fared and how long this vaccine provides protection, but there now appears to be a light at the end of the tunnel to the coronavirus disease pandemic. Unfortunately, that's been perceived as bad news for work-from-home stocks, which plummeted on the news of Pfizer's and BioNTech's success.
I'm here to tell you that high-growth work-from-home stocks can still thrive, even with a COVID-19 vaccine. Here are three growth stocks to consider buying on any significant weakness following this vaccine interim analysis data.
Pinterest
Despite getting clobbered on Monday, a COVID-19 vaccine isn't going to be able to derail Pinterest's (NYSE:PINS) momentum.
Social media stock Pinterest has certainly benefited from people having more downtime and being stuck at home, but it's not as if the company's user growth was slowing prior to the pandemic. In the most recent quarter, Pinterest tallied 442 million monthly active users (MAU), which was 120 million MAUs higher than the prior-year period. In the four years prior to the pandemic, Pinterest's MAUs grew by an average of 30% a year. This innovative and popular platform is drawing eyeballs, COVID-19 or not.
One of the keys to Pinterest's rapid growth is the company's ability to lure new international users. Though average revenue per user (ARPU) in overseas markets is considerably lower than ARPU in the U.S., Pinterest has demonstrated that it can double international ARPU many times over this decade.
Pinterest also has the makings of a burgeoning e-commerce platform. Since Pinterest's MAUs are willingly posting about the products, places, and services that interest them, it only makes sense for the company to connect these Pinners with small businesses that cater to those desires. According to the company, 89% of Pinners use Pinterest as their inspiration when making a purchase.
Pinterest can double its sales every four years, COVID-19 vaccine or not.
Square
Another growth stock that took a beating following the new BNT162b2 data is fintech stock Square (NYSE:SQ). With cash viewed as a harbinger of germs, interest in cashless payment platforms spiked during the pandemic. This interest is going to continue well after COVID-19 is put into the rearview mirror.
Most folks probably know Square best for its point-of-sale devices that have historically targeted smaller businesses. In the eight years leading up to the pandemic, gross payment volume (GPV) traversing Square's network surged to $106.2 billion, or 49% a year.
What's noteworthy about Square's oldest operating segment is that it's not just for small businesses anymore. In the third quarter, 61% of GPV was derived from businesses with at least $125,000 in annualized GPV (i.e., medium and large businesses). Since we're talking about a business segment driven by merchant fees, bigger businesses are liable to generate more revenue for Square.
Even more impressive has been Square's peer-to-peer payment platform Cash App. In the 30-month stretch following the end of 2017, Cash App's user count more than quadrupled to 30 million, with the app becoming especially popular among young adults. Cash App enables Square to make money from transfer fees, bitcoin exchange fees, investment fees, and merchant fees. By as soon as next year, this should be Square's leading gross profit generator.
This company isn't going to take its foot off the gas, no matter what happens with a vaccine.
Okta
On Monday, Wall Street was very concerned about the potential for cloud-based companies moving forward. While the brick-and-mortar work environment was never going away, it'd be foolish (with a small "f") to think that we're going to see cloud spending slow in any meaningful way. This is especially true for cloud-focused security companies like Okta (NASDAQ:OKTA).
If the past few quarters have taught us anything, it's that cloud security is now a basic-need service. No matter how the U.S. economy is performing, hackers and robots are active. Businesses of all sizes will need security products moving forward as consumers push online and employees favor remote work environments.
Another key advantage of Okta, which specifically handles identity verification, is its reliance on artificial intelligence to drive results. Okta's machine-learning technology makes its cybersecurity solutions smarter over time, which helps the company identity threats more effectively. The quality of the company's cybersecurity solutions has played a big role in helping it sign up new clients, as well as in encouraging existing users to spend more.
It's also worth pointing out that Okta's business model is built atop subscriptions. The cybersecurity subscription model is designed to achieve high margins and reduce customer churn.
COVID-19 vaccine or not, Okta has the potential to generate consistent double-digit growth throughout the decade.
<<<
>>> Fortinet Is My Favorite Cybersecurity Stock -- Here's Why I'm Buying More Shares Now
Another strong quarter of sales growth was complemented by even better profitability.
Motley Fool
Nicholas Rossolillo
Nov 6, 2020
https://www.fool.com/investing/2020/11/06/fortinet-is-my-favorite-cybersecurity-stock-heres/
Cybersecurity is a fast-evolving industry. The bad guys are constantly altering their angle and complexity of cyber attack, and security vendors need to stay ahead of the curve lest they be technologically (and financially) left behind. But the lockdown this year has created unique challenges for the digital security industry -- and its customers -- to navigate. Fortinet (NASDAQ:FTNT), in keeping with its stalwart performance over the years, has done particularly well.
A graceful transition to the cloud
Fortinet's cybersecurity proficiencies are rooted in an era when throwing up a perimeter around a physical location (like a firewall, a device that acts as a gatekeeper) was the best way to secure data. The cloud and mobility have been changing this (especially in 2020, when work-from-home went mainstream), transforming security from what once looked like a castle to something more like a counterintelligence agency.
But Fortinet has been steadily updating its services, and now has a foot in both the past and the future. In fact, CEO Ken Xie pointed out on the last earnings call that Fortinet was the only security vendor recognized as a leader in both software-defined WAN edge infrastructure (for cloud and other networks spanning large areas) and network firewalls (more traditional security, still valid for physical real estate like offices, factories, and data centers).
And though the world of cybersecurity is quickly shifting, Fortinet's legacy products segment (labeled FortiGate products) is still best-in-class, and it grew revenue by 16% year over year in Q3 after a sluggish performance during the economic lockdown. The next-gen services segment (non-FortiGate revenue) grew year-over-year revenue by 27%, driven especially by strong demand from cloud computing operators. Over the trailing 12-month stretch ended September 2020, non-FortiGate revenue was $668 million -- an increase of 27% from a year ago, and good for just over one-quarter of total trailing 12-month revenue.
These new cybersecurity products are helping sustain Fortinet's double-digit percentage growth rate, and are also making it one of the most profitable security pure-play companies around, a rare combination in this notoriously difficult corner of the tech sector.
Metric
Nine Months Ended
Sept. 30, 2020
Nine Months Ended
Sept. 30, 2019
Change
Revenue
$1.846 billion
$1.545 billion
19%
Gross profit margin
78.2%
76.3%
1.9 pp
Earnings per share
$2.03
$1.22
66%
Free cash flow
$684 million
$573 million
19%
Top-notch profitability paired with a strong balance sheet
So far this year, Fortinet's free cash flow (revenue less cash operating and capital expenses) is at an enviable 37%. This is an important factor to consider when picking cybersecurity stocks. Those with nefarious intent never rest and are always adapting their attacks. Security is therefore always a fast-moving industry. The cloud and mobile endpoints are all the rage at the moment, but mark my words: They won't be the hot topic in security forever. For example, there is growing momentum toward building security directly into applications and the "containers" that move them themselves. As applications grow increasingly large and complex over time, simply securing a network on which data travels won't cut it anymore.
High profit margins thus enable a firm to continuously innovate to remain a relevant choice in protecting customers. And this is why Fortinet has been such an enduring growth story over the years. It has funneled its profits into the right research at the right time, and has been able to adapt its portfolio to match whatever the current need is. And it continues to do so. If app "container security" is the next big thing, Fortinet has a product to meet the demand. And along with its lucrative free cash flow generation, the company also has no debt, and $1.66 billion in cash and short-term investments on hand.
Fortinet shares are off from the all-time highs notched over the summer months, and trades for 23 times trailing 12-month free cash flow after Q3 2020 results. I'm a buyer of this top cybersecurity growth story right now.
<<<
OKTA - >>> 3 Top Cloud Computing Stocks to Buy Right Now
Looking beyond the cloud leaders can be the difference between mediocre and explosive returns.
Motley Fool
by Danny Vena
Nov 5, 2020
https://www.fool.com/investing/2020/11/05/3-top-cloud-computing-stocks-to-buy-right-now/
When the pandemic struck earlier this year, the need for remote access and cloud computing became abundantly clear. This acceleration in adoption of cloud computing wasn't limited to Amazon and its cloud offering, Amazon Web Services (AWS). Businesses that were new to the space quickly found they could rent processing power, as well as accessing software, architecture, platforms, and more from just about anywhere.
With a large and growing list of products and services that are being offered via the cloud, investors have a host of opportunities to prosper from this trend. Let's look at several -- not named Amazon -- that might offer more upside.
DocuSign: Reimagining how agreements are done
The need for social distancing has crimped the ability to sign contracts in person, accelerating the need for consummating agreements from a distance. Given how critical most signed documents are, the importance of using a trusted provider in the space can't be overstated. As the proven leader, with more than 70% of the e-signature market, many turned to DocuSign (NASDAQ:DOCU).
During the second quarter, DocuSign's revenue grew by 45% year over year, accelerating from the 39% gains in the first quarter. The company's subscription revenue accounted for nearly 95% of the total, giving the company a solid base of recurring revenue on which to build. That leverage pushed more money to the bottom line, as adjusted profits climbed a mind-boggling 17-fold.
Other metrics are equally encouraging. Operating cash flow quadrupled, while free cash flow grew by eight times compared to the prior year quarter. Billings -- which includes sales that have been contracted but not yet included in revenue -- grew 61%, illustrating the strength of DocuSign's future business.
Yet even as the company maintains control of the large and growing e-signature market, it's DocuSign's latest venture that should have investors really excited. The company debuted the DocuSign Agreement Cloud early last year, "a suite of products and integrations for digitally transforming how organizations prepare, sign, act on, and manage agreements."
This could just be the beginning, as DocuSign has only begun to capture the opportunity represented by the e-signature market, which it estimates at about $25 billion. With the addition of the Agreement Cloud, DocuSign's total addressable market jumps to $50 billion, according to management. DocuSign generated just $974 million in revenue in 2019, showing the magnitude of the opportunity that remains.
Okta: Moving to the cloud is only half the battle
One of the key challenges of the massive migration to the cloud has been to ensure the identity of those remotely accessing critical systems, thereby preventing unauthorized access. That's where Okta (NASDAQ:OKTA) comes in.
The company is the clear leader in the identity and access management space, attracting waves of new businesses in the transition to remote work. Okta's cloud-based identity management service handles user identification and authentication of employees, contractors, and customers for more than 8,950 organizations around the globe.
Perhaps more importantly, it integrates with more than 6,500 of the most often used business software applications, including Microsoft Office 365, AWS, Salesforce.com, and Slack, among thousands of others. By creating a single, secure login, the company gets remote people to work on all the systems they use quickly and painlessly.
Okta's platform continues to receive industry accolades for its utility and ease of use. The company was named the industry leader in access management for the third consecutive year by research company Gartner, taking the pole position in its much-cited Magic Quadrant. Forrester Research made a similar call, naming Okta the leading identity-as-a-service (IaaS) provider.
Accelerating adoption has been a key component to its impressive financial performance. For the second quarter, Okta's revenue jumped 43% year over year, while subscription revenue grew 44%. At the same time, its remaining performance obligation -- which consists of future revenue that is under contract but has not yet been recognized -- climbed even higher, growing 56%. Okta also generated adjusted net income, up from a loss in the prior-year quarter.
Okta's has only begun to scratch the surface of its immense opportunity. Revenue of $586 million in 2019 pales in comparison to its total addressable market, which management estimates at about $55 billion.
Twilio: The first line of communications for software and apps
The ability to communicate with customers in real time has never been more critical, especially in the app-based economy. From ride-hailing to food delivery, from customer service to password resets -- and everything in between -- hinges on the ability to connect.
While investors may not know Twilio (NYSE:TWLO) by name, there's little doubt most have used its services. The company provides the software building blocks that lets developers embed Twilio's communication technology in their apps, messaging systems, emails, and more. It also streamlines the process so it can be accomplished in a matter of hours, rather than weeks or months.
Still not convinced? The update you received regarding you ride from Lyft, the text messages and reservation confirmation you got from Airbnb, the customer service interactions with Disney's Hulu, and the booking confirmation from your restaurant via Yelp? All powered by Twilio's technology.
In the third quarter, Twilio's revenue climbed 52% year over year, while also delivering a surprise profit, swinging from a loss in the prior-year quarter. At the same time, strong customer adoption not only pushed the topline higher, but also provided a foundation for future growth. The company reported 208,000 active customers, up 24% year over year, while expanding its relationship with existing customers, as evidenced by its dollar-based net expansion rate, which rose to 137%.
That's not all. Twilio's recent acquisition of customer data platform Segment will significantly increase its market opportunity from $62 billion to $79 billion. Considering it generated revenue of just $1.1 billion in 2019, the road for future growth looks long.
You get what you pay for
Eagle-eyed investors will note that these high growth stocks come with an equally high price tag, which is not unusual when dealing with high-risk, high-reward opportunities like these. None of these stocks is cheap -- in fact, quite the opposite. Okta, DocuSign, and Twilio currently trade for 40, 37, and 28 times sales, respectively, when a reasonable price-to-sales ratio is generally considered to be between 1 and 2.
That said, the old adage, "You get what you pay for" comes to mind. Each of these stocks has positively crushed the overall gains of broader market so far this year -- and they show no signs of slowing.
<<<
>>> Why Fortinet Shares Fell as Much as 9.5% On Friday
The cybersecurity veteran delivered a strong third-quarter report and impressive guidance for the next quarter, but the stock still got a haircut on a brutal day for tech stocks overall.
Motley Fool
Anders Bylund
Oct 30, 2020
https://www.fool.com/investing/2020/10/30/why-fortinet-shares-fell-as-much-as-95-on-friday/
What happened
Shares of enterprise cybersecurity specialist Fortinet (NASDAQ:FTNT) crashed on Friday. The stock fell as much as 9.5% in the morning session before climbing back to a milder 7.2% drop at 2:20 p.m. EDT. The sharp downturn stood in stark contrast to the third-quarter earnings report Fortinet posted on Thursday night, beating Wall Street's estimates and following up with rosy guidance for the next quarter.
So what
Fortinet's total third-quarter revenue rose 19% year over year to $651 million, led by a 22% increase in service sales. Adjusted earnings landed at $0.88 per diluted share, 31% above the year-ago period's result. Your average Wall Street analyst would have settled for earnings near $0.78 per share on revenue of approximately $639 million.
Looking ahead to the fourth quarter, Fortinet's management expects earnings to rise 26%, landing near $0.96 per share. Sales should stop in the vicinity of $720 million. Here, the current analyst consensus pointed to earnings of roughly $0.87 per share on sales near $708 million.
Now what
The report was followed by a plethora of bullish analyst reactions, including at least four that reiterated "buy" ratings with raised price targets. That didn't stop Fortinet's stock from sliding on a brutal day for the broader market. The S&P 500 index fell as much as 2% on Friday, spooked by several disappointing earnings reports from companies not named Fortinet plus a rising second wave of COVID-19 infections. The tech sector took the same market news much harder, driving the NASDAQ-100 index as much as 3.2% lower.
Fortinet's strong gains over the last year set the stock up for a quick correction today, even though its results were fantastic and the next-quarter guidance supplied another rosy surprise. The stock is still up by a market-stomping 43% over the last 52 weeks, trading at a lofty 36 times trailing earnings. Volatility comes with the territory for high-flying market darlings.
You can still invest in Fortinet with confidence. Just remember that the COVID-19 pandemic that is hurting many companies today actually drives higher demand for Fortinet's digital security products and services.
"The COVID-19 pandemic has accelerated digital transformation and organizations have to deal with new challenges to secure the whole infrastructure in the zero-trust environment," Fortinet CEO Ken Xie said in the company's earnings call. "Fortinet is helping customers solve these issues through security-driven networking and our platform approach."
<<<
Ping Identity - >>> 5 Stocks to Buy With $100 During a Market Sell-Off
Fortunes are made by putting your money to work during periods of panic.
Motley Fool
by Sean Williams
Oct 30, 2020
https://www.fool.com/investing/2020/10/30/5-stocks-to-buy-with-100-during-a-market-sell-off/
Buying into businesses that are on the leading edge of innovation in the cybersecurity space is another good way to make money over the long term. That's why your $100 might be spent on shares of Ping Identity (NYSE:PING).
With more businesses than ever having no choice but to move their presence online and/or operate remotely during the coronavirus disease 2019 (COVID-19) pandemic, the door has opened for companies like Ping Identity to thrive. Ping specializes in identity-verification solutions, with its cybersecurity platform leaning on artificial intelligence to grow smarter over time. In other words, the more events Ping's security platform oversees, the smarter it gets at identifying potential threats and requesting secondary verifications before allowing access to enterprise data.
Ping Identity has been hit a bit harder than most software-as-a-service companies during the pandemic, but it also offers intriguing value in an otherwise pricey industry. The company is already profitable, capable of double-digit sales growth in 2021 and beyond, and valued at less than nine times Wall Street's estimated sales for next year. That's a bargain!
<<<
>>> Ping Identity Holding Corp. (PING), doing business as Ping Identity Corporation, provides intelligent identity solutions for the enterprise in the United States and internationally. Its Ping Intelligent Identity platform provides customers, workforce, and partners with access to cloud, mobile, Software-as-a-Service, and on-premise applications. The company's platform offers solutions, such as secure single sign-on; multi-factor authentication; security control for applications and APIs, or access security; personalized and unified profile directories; data governance to control access to identity data; and artificial intelligence and machine learning powered API security. Its customers include enterprises in Fortune 100, U.S. banks, bio-pharmaceutical companies, healthcare plans, and U.S. retailers. The company was formerly known as Roaring Fork Holding, Inc. and changed its name to Ping Identity Holding Corp. in August 2019. Ping Identity Holding Corp. was incorporated in 2016 and is headquartered in Denver, Colorado.
<<<
>>> Best Cybersecurity ETFs for Q4 2020
IHAK, HACK, and CIBR are the best cybersecurity ETFs for Q4 2020
By NATHAN REIFF
Sep 1, 2020
https://www.investopedia.com/articles/etfs-mutual-funds/042616/2-cybersecurity-etfs-consider-cibr-hack.asp?utm_campaign=quote-yahoo&utm_source=yahoo&utm_medium=referral&yptr=yahoo
The global cybersecurity market is expected to expand at a healthy compound annual growth rate (CAGR) of 10.0% through 2027 as cybercrime affects more individuals, companies, and governments.1? Investors seeking to profit from this trend may consider owning a wide spectrum of cybersecurity stocks through exchange-traded funds (ETFs). Betting on individual stocks can be especially risky in young, fast-evolving industries. The cybersecurity industry as represented by the S&P Kensho Cyber Security Index has exactly matched the performance of the broader market in the past year. Both the cybersecurity index and the S&P 500 have 1-year trailing total returns of 22.1%.2?
KEY TAKEAWAYS
The cybersecurity industry has exactly matched the performance of the S&P 500 in the past year.
The ETFS with the best 1-year trailing total return are IHAK, HACK, and CIBR.
The top holdings of these ETFs are DocuSign Inc., SailPoint Technologies Holdings Inc., and Crowdstrike Holdings Inc., respectively.
There are 4 ETFs focused on the cybersecurity sector. The best performing cybersecurity sector ETF is the iShares Cybersecurity and Tech ETF (IHAK). Below, we'll look at the top 3 cybersecurity ETFs as measured by 1-year trailing total returns. All data is as of August 31, 2020.
iShares Cybersecurity and Tech ETF (IHAK)
1-Year Trailing Total Return: 39.1%
Expense Ratio: 0.47%
Annual Dividend Yield: 0.71%
3-Month Average Daily Volume: 61,471
Assets Under Management: $123.9 million
Inception Date: June 11, 2019
Issuer: iShares
IHAK is a multi-cap blended fund focused on U.S.-listed technology cybersecurity companies. The fund tracks the NYSE FactSet Global Cyber Security Index, which has more than 40 cybersecurity stocks focused on hardware, software, and other services.3? The fund's top holdings include DocuSign Inc. (DOCU), the electronic agreements manager; Zscaler Inc. (ZS), the cloud-based information security firm; and Crowdstrike Holdings Inc. (CRWD), the threat intelligence and cyberattack response company.4?
ETFMG Prime Cyber Security ETF (HACK)
1-Year Trailing Total Return: 33.1%
Expense Ratio: 0.60%
Annual Dividend Yield: 1.30%
3-Month Average Daily Volume: 173,367
Assets Under Management: $1.6 billion
Inception Date: November 12, 2014
Issuer: ETF Managers Group
HACK tracks the ISE Cyber Security Index, which focuses on companies developing hardware and software to protect data as well as companies providing cybersecurity services. HACK is the first ETF to focus on the cybersecurity industry and classifies its holdings as either infrastructure or service providers. The fund's top holdings include SailPoint Technologies Holdings Inc. (SAIL), the identity governance company; Cloudflare Inc. (NET), the website security company; and Splunk Inc. (SPLK), the data analytics company.5
First Trust NASDAQ Cybersecurity ETF (CIBR)
1-Year Trailing Total Return: 30.2%
Expense Ratio: 0.60%
Annual Dividend Yield: 1.33%
3-Month Average Daily Volume: 451,198
Assets Under Management: $2.2 billion
Inception Date: July 6, 2015
Issuer: First Trust
CIBR is a multi-cap growth fund targeting U.S.-listed stocks. The fund tracks the NASDAQ CTA Cyber Security Index. Its holdings must be classified as a cybersecurity company by the Consumer Technology Association and have a minimum market cap of $250 million. The fund's top holdings include Crowdstrike Holdings; Splunk; and Broadcom Inc. (AVGO), the semiconductor and infrastructure software company.
<<<
Okta Inc - >>> Remote-Work Boom Mints Another Internet Billionaire
Bloomberg
By Nico Grant
August 28, 2020
https://www.bloomberg.com/news/articles/2020-08-28/okta-s-bodybuilder-ceo-becomes-billionaire-on-remote-work-boom?srnd=premium
Businesses, schools tap firm’s tools to secure online access
McKinnon stays cautious on outlook as investors seek growth
The coronavirus pandemic, for all its human and economic tragedy, has spurred a once-in-a-generation opportunity for the technology industry, seized most visibly by the sector’s giants such as Apple Inc., Amazon.com Inc. and Microsoft Corp., and productivity players like Zoom Video Communications Inc. and Slack Technologies Inc.
A lesser-known beneficiary is Okta Inc., a decade-old cloud computing company based in San Francisco. Its software gives corporate customers a kind of border control for the internet, helping them authenticate the identity of their employees and customers as they connect remotely to a sprawling system of online applications.
The Covid-19 outbreak, which has cast most workers out from behind their corporate firewalls and into their home offices, has helped to further popularize Okta’s software. It allows companies to seamlessly manage their employees’ use of the internet and to protect the corporate data on their devices.
The stock has more than doubled since March, when lockdowns began, and has surged more than 10-fold since its initial public offering in 2017. The software maker has become an integral part of our new daily life, with its technology used by organizations as varied as Major League Baseball, Adobe Inc., FedEx Corp. and Seton Hall University. The boom has some investors betting that Okta and similar companies will accelerate their revenue through the crisis, even as it raises questions for executives about their good fortune at a time of suffering and massive job losses in the nation at large.
“It can be mentally and psychologically confusing for me to both read the news and then see customers asking for our service,” said Frederic Kerrest, Okta’s co-founder and chief operating officer. “Because the world is not in a good place, but, you know, we seem to be able to provide some solutions that people really need, which is great.”
From March through July, Okta’s main product, called Identity Cloud, was used almost 16 billion times to access an app or website. The multi-factor authentication service saw usage nearly triple in the period compared with a year earlier, and it hit a single-day peak of 145 million unique logins, the company said.
Quick Climb
Okta has more than doubled sales in two and a half years
Wall Street has bought into the story. The stock has soared 106% since March 12 when U.S. President Donald Trump imposed travel restrictions on Europeans. Now Okta must live up to the lofty expectations that come with a company valued at $27 billion. The shares slipped late Thursday after quarterly results reminded Wall Street that the company may not be able to accelerate sales growth forever.
“We’re still being prudent about the rest of the year and the macroeconomic consequences ahead of us,” Chief Executive Officer Todd McKinnon said in an interview. “Headwinds to the business will be a little stronger in the second half.”
The company has also lost money for most of its existence. However, investors are often willing to look far into the future when assessing cloud-based subscription businesses such as Okta. These companies spend heavily on sales and marketing to win as many customers as quickly as possible. Once the user base is large enough, distributing extra versions of the software online costs very little, and a highly profitable business can emerge -- one example being Salesforce.com Inc.
Okta must lure as many paying customers as it can during this rare work-from-home boom, and then keep hold of them as the world slowly returns to some semblance of normalcy. Its work with FedEx suggests that this is possible.
The logistics giant first partnered with Okta about a year ago, and now has more than 85,000 workers using the software maker’s service to access the FedEx virtual private network. Warehouse employees were given additional iPads to access apps with Okta, so they didn’t have to share devices and could maintain social-distancing rules, said Gene Sun, FedEx’s chief information security officer. Many of the company’s customer-service workers have Okta on their phones for the first time in order to securely pull up customer information while working remotely.
Sun said the company greatly reduced its legacy sign-on system the week of March 16 in favor of Okta.
“Okta really has enabled us to prepare the workforce to work from home in the March timeframe in a really smooth manner,” he said. “The thing about the backdrop of this pandemic is we have come to a conclusion that we should try to be moving aggressively toward using cloud services providers,” whose subscription payment plans help FedEx manage user prices.
Like companies with workers at home, educational institutions have needed to figure out how to teach pupils remotely. Seton Hall University, a private Catholic school in South Orange, New Jersey, had a leg up because students and faculty had been using Okta since 2013. The college went from offering a few hundred online courses in the spring semester to providing more than 2,000 virtual classes in a few days, through Blackboard, which students access via Okta. The university also has an online portal named for its mascot, PirateNet, that is the information hub for its community, used for everything from paying tuition bills to registering for classes.
“Really behind the scenes PirateNet is hundreds of apps inside Okta,” said Paul Fisher, an associate chief information officer of Seton Hall.
When the coronavirus began to spread in March, Okta was among the first U.S. companies to publicly grapple with how to work around the pandemic. The company was scheduled to host a splashy San Francisco conference for customers, partners and analysts -- a software-industry ritual to strengthen future sales and telegraph the company’s strategic direction.
McKinnon, the CEO, had to decide whether to cancel the event, delay until some unknown date or take it online. He opted for a remote conference, appearing from his home, and filmed a sketch in which he said his family promised not to interrupt him. His son walked into the frame anyway.
The playful tone was a professional departure for McKinnon, a 6-foot-2-inch tall bodybuilder and a former CrossFit athlete. Pat Grady, a venture capitalist at Sequoia who invested in Okta and remains on its board, said that in an industry full of CEOs who use lofty language to explain how their apps are changing the world, McKinnon presents his company’s mission in a just-the-facts way that has gained him credibility, and a little criticism.
Okta’s successful navigation of the pandemic has paid off for its co-founder. During these last five months, McKinnon, 48, has become a billionaire on paper. Bloomberg estimates his net worth has climbed to about $1.7 billion from about $900 million at the start of the year. Through a spokesman, McKinnon declined to verify his net worth.
In 2016, McKinnon said Okta would give 1% of its equity to nonprofit organizations in its community. In the aftermath of the May killing of George Floyd, McKinnon and Kerrest pledged more than $1 million each for racial justice issues and said they will match employee contributions to civil-rights organizations. McKinnon and his wife also said they would provide $500,000 for Covid-19 relief efforts.
Despite persistent rumors Okta may sell itself to a larger tech company, McKinnon’s long-term plan is to grow the business he co-founded into one of the world’s largest software makers. He says big challenges motivate him to work harder. Years from now, after the Covid-19 virus has been defeated, he expects his slice of the software market will only grow more essential.
“We’re technology believers,” McKinnon said. “We think it’s not perfect. We think that there’s a lot of work we can do to make it better, easier to use more secure, more helpful for users. But that’s what’s exciting about we’re trying to do. It’s an almost boundless thing.”
<<<
>>> Palantir Technologies Files to Go Public
The data start-up, which has a valuation of $20 billion, would be the largest Silicon Valley tech listing since Uber made its debut last year.
Alex Karp, chief executive of Palantir Technologies, founded the data company in 2003 with the investor Peter Thiel and others.
NY Times
By Erin Griffith
July 6, 2020
https://www.nytimes.com/2020/07/06/technology/palantir-technologies-ipo.html#:~:text=SAN%20FRANCISCO%20%E2%80%94%20Palantir%20Technologies%2C%20a,made%20its%20debut%20last%20year.
SAN FRANCISCO — Palantir Technologies, a Silicon Valley data start-up, said on Monday that it had filed to go public, setting up one of the largest public listings of a technology start-up since Uber made its debut last year.
Palantir is one of the tech industry’s most valuable private companies, with a valuation of $20 billion. Founded in 2003 by Peter Thiel, Joe Lonsdale, Nathan Gettings, Stephen Cohen and Alex Karp, who is its chief executive, the company began working with governments, law enforcement and the defense industry to analyze and process their data, but has expanded into other areas.
Palantir has attracted more than $3 billion in venture capital funding from investors including In-Q-Tel, the investment arm of the Central Intelligence Agency; Founders Fund, Mr. Thiel’s investment firm; Fidelity; and Tiger Global Management.
Despite persistent speculation about its prospects as a public company, Palantir had avoided listing its shares, in part because of the secretive nature of its business. A public listing would reveal a fuller picture of Palantir’s work, particularly with government agencies, for the first time.
“The minute companies go public, they are less competitive,” Mr. Karp said in 2014.
More recently, Palantir has taken steps to prepare for a listing. California requires companies to have one woman on their boards in order to go public, and in June, Palantir added its first, Alexandra Wolfe Schiff, a former Wall Street Journal reporter. Spencer Rascoff, a tech executive, and Alexander Moore, an early Palantir employee, joined the board as well.
If completed, the listing will be part of a wave of tech initial public offerings. New offerings had dried up in recent months because of volatility caused by the coronavirus pandemic. But in June, with the stock market booming again and some companies in a position to benefit from changes in consumer behavior, the I.P.O.s came back in full force.
Shares of recent listings have soared. Last week, shares of Lemonade, an insurance start-up, more than doubled on their first day of trading. Investors also embraced the I.P.O.s of the car sales start-up Vroom and the sales software company ZoomInfo.
Airbnb, the $31 billion home rental platform, whose business has been pummeled by the lack of travel during the pandemic, has also not ruled out going public this year.
<<<
>>> The Intelligence Community is Keeping a Close Watch on AI
ETF Trends
January 28, 2020
https://finance.yahoo.com/news/intelligence-community-keeping-close-watch-163947092.html
It takes more than a fancy suit and a plethora of mechanical devices at one’s disposal to be an international spy these days. In the current landscape, it’s disruptive technology like artificial intelligence that is paving the way for future innovations in the intelligence community.
Per a Defense One report, “At the Intelligence Community’s Open Source Enterprise, AI is performing a role that used to belong to human readers and translators at CIA’s Open Source Center: combing through news articles from around the world to monitor trends, geopolitical developments, and potential crises in real-time.”
While AI can do a majority of the tedious tasks, it’s still important for the intelligence community to have an understanding of the technology that does the actual work.
“Imagine that your job is to read every newspaper in the world, in every language; watch every television news show in every language around the world. You don’t know what’s important, but you need to keep up with all the trends and events,” said Dean Souleles, chief technology advisor to the principal deputy to the Director of National Intelligence. “That’s the job of the Open Source Enterprise, and they are using technology tools and tradecraft to keep pace. They leverage partnerships with AI machine-learning industry leaders, and they deploy these cutting-edge tools.”
A Pair of Cybersecurity ETFs to Spy On
As AI continues to become a major component of the intelligence community, security-focused ETFs can benefit further, such as the First Trust NASDAQ Cybersecurity ETF (CIBR) and the ETFMG Prime Cyber Security ETF (HACK) .
First up, CIBR seeks investment results that correspond generally to the price and yield of an equity index known as the Nasdaq CTA Cybersecurity IndexSM. The index is comprised of securities of companies classified as “cybersecurity” companies by the CTA.
Next, HACK seeks investment results that correspond generally to the price and yield performance of the Prime Cyber Defense Index. The index tracks the performance of the exchange-listed equity securities of companies across the globe that (i) engage in providing cybersecurity applications or services as a vital component of its overall business or (ii) provide hardware or software for cybersecurity activities as a vital component of its overall business.
For a broad play in disruptive tech, investors can look at the Global X Robotics & Artificial Intelligence Thematic ETF (BOTZ) . BOTZ seeks to invest in companies that potentially stand to benefit from increased adoption and utilization of robotics and artificial intelligence (AI), including those involved with industrial robotics and automation, non-industrial robots, and autonomous vehicles.
<<<
>>> Cyber Security ETFs to Thrive in the Virus-Hit Economy
Zacks
by Sanghamitra Saha
April 9, 2020
https://finance.yahoo.com/news/cyber-security-etfs-thrive-virus-170005956.html
With the coronavirus outbreak infecting around 1.5 million worldwide, a third of the global population is now under lockdown. This has resulted in an unprecedented rise in Internet usage due to work-and-learn-from-home, online retailing of daily essentials, mobile payments to avoid contact transactions and socializing (read: Rising Work-From-Home Trend to Boost 5 Industries & ETFs).
Now, the rampant usage of Internet has raised the risks of cyber threats. In case of work-from-home, proprietary business data is being accessed from personal computers and laptops that may not have the same level of security as in-office setups.
Hackers have already started taking advantage of the coronavirus panic. There have been “phishing efforts by sending out emails designed to look as if they’re official notices from the World Health Organization.”
Then there are email fraudsters who are misguiding executives to transfer money to finance vendors, operations and virus-related-response activities. The FBI too cautioned about increased phishing schemes, specifically business email compromise (BEC).
Public-sector organizations are facing massive problems, per mckinsey. The Mckinsey report added that a big government entity in North America suffered a distributed denial-of-service during this phase. Also, a major hospital in Europe faced a cyberattack that “forced it to suspend scheduled operations, shut down its IT network, and move acute-care patients to another facility.”
To combat such threats, an international group of nearly 400 volunteers has been formed with expertise in cybersecurity at major companies like Microsoft MSFT and Amazon AMZN. The prime motto of the group would be to protect “hacks against medical facilities and other frontline responders to the pandemic.” Michael Sentonas, Global CTO of CrowdStrike CRWD said that “crisis management and incident response plans need to be executable by a remote workforce.”
No wonder, cyber security stocks are good bets for Q2. Below we highlight a few cyber-security ETFs that should be closely tracked during the pandemic (read: 6 Industries & Their ETFs to Protect You from Virus in Q2).
iShares Cybersecurity and Tech ETF (IHAK)
The underlying NYSE FactSet Global Cyber Security Index comprises developed and emerging market companies involved in cyber security and technology, including cyber security hardware, software, products and services. Citrix, Docusign and Akamai Technologies are the top three holdings of the fund.
The fund charges 47 bps in fees. The United States takes about 78.7% of the fund followed by Israel (11.6%). The fund is down 3% in the past month compared with 10.5% decline in the S&P 500 and an 8% drop in the Nasdaq (as of Apr 7).
ETFMG Prime Cyber Security ETF HACK
The underlying Prime Cyber Defense Index utilizes a rules-based investment methodology to select a diverse group of companies actively involved in the cyber security industry. The 54-holdings fund charges 60 bps in fees. Cisco, Cloudflare and Akami are the top three holdings of the fund. HACK has lost 7.6% in the past month.
First Trust NASDAQ CEA Cybersecurity ETF CIBR
The underlying Nasdaq CTA Cybersecurity Index tracks the performance of companies engaged in the cybersecurity segment of the technology and industrials sectors. It charges 60 bps in fees. The fund has declined 6.5% in the past month (read: Solid Q4 Earnings Power Cybersecurity ETFs).
<<<
Cybersecurity - >>> Trump is in a heated fight with Iran and these stocks are benefitting from it
by Brian Sozzi
Yahoo Finance
January 8, 2020
https://finance.yahoo.com/news/trump-is-in-a-heated-fight-with-iran-and-cybersecurity-stocks-are-benefitting-from-it-161818164.html
The broader stock market may be confused on what to do amid rising tensions between the Trump administration and Iran.
But active traders seem more definitive: the cybersecurity space is a can’t miss opportunity. That’s at least as long as the U.S. is battling it out with Iran and even Iraq on the battlefield and Twitter. The ETFMG Prime Cyber Security ETF — donning a cute ticker symbol of ‘HACK’ — is breaking out to new highs as investors bet corporations will aggressively ramp up spending on cybersecurity protection.
Otherwise known among traders as simply the cybersecurity ETF, the investment vehicle counts cybersecurity stalwarts Cisco, Palo Alto Networks and Fortinet as several of its top 10 holdings.
The ETF has outperformed the S&P 500 the last five sessions during the peak of the geopolitical tensions, rising 2.5% versus unchanged for the broader S&P. But cybersecurity names outside of the ETF’s top 10 holdings have been hotter: CrowdStrike has soared 8.7% while FireEye has tacked on 5%.
“Cyberattacks are a key element to modern warfare and are a likely tactic for Iranian retaliation. The potential threat is beneficial to cybersecurity stocks and are a must own for a so-called “war-time portfolio,” says Renaissance Macro strategist Jeffrey deGraaf.
The rotation into cyber security names at the moment is not without merit.
Iran is responsible for a minimum of 14 major cyberattacks around the world in recent years, according to the Center for Strategic and International Studies. From 2011 to 2013, Iran is said to have unleashed cyberattacks on major U.S. financial institutions such as JPMorgan, Bank of America and Wells Fargo.
“The most likely course of action [cyberattack] is still against an ally that has possibly spent less time and energy on hardening themselves against cyber threats. Saudi Arabia likely presents an easier target with less ability to retaliate effectively,” writes strategists at Academy Securities.
<<<
Cybersecurity - >>> As Cyber Fraud Increases, It’s Artificial Intelligence to The Rescue
ETF Trends
January 29, 2020
https://finance.yahoo.com/news/cyber-fraud-increases-artificial-intelligence-170443622.html
As technology continues to advance, it gives cybercriminals more tools to defraud consumers and in turn, companies are fighting back with artificial intelligence (AI). This gives disruptive-focused ETFs more prominence as AI sets out to fight the good fight.
“In response, many financial sector companies are adopting AI to combat both staff and customer fraud,” wrote Jeff Palmer in IT Pro Portal. “Banks already use AI to detect and prevent payment fraud and employ image-recognition systems for security. What is less widely known is that some companies are also now successfully using AI to comb call records for GDPR breaches or even monitor live calls to flag mis-selling and rogue trading in real-time.”
“Among the variety of applications of AI in the financial sector is speech recognition, which offers numerous possibilities, including voice-based account servicing, robo-advice, autonomous analysis of audio archives and live ‘sentiment analysis’ of customer calls as well as the real-time transcription of any audio feed to allow instant decisions to be made,” Palmer added. “Giants such as Deloitte are now using AI to help enforce compliance and mine their audio data for additional business insights. For instance, automated speech recognition (ASR) technology in audio monitoring can set live triggers on chosen keywords, which can include major financial announcements and other announcements that can have an impact on share prices. This monitoring capability can also detect potential issues, signs of insider trading and patterns of misconduct such as rogue trading.”
Secure Profits in Cybersecurity with These ETFs
As AI continues to become a major component of the intelligence community, security-focused ETFs can benefit further, such as the First Trust NASDAQ Cybersecurity ETF (CIBR) and the ETFMG Prime Cyber Security ETF (HACK) .
First up, CIBR seeks investment results that correspond generally to the price and yield of an equity index known as the Nasdaq CTA Cybersecurity IndexSM. The index is comprised of securities of companies classified as “cybersecurity” companies by the CTA.
Next, HACK seeks investment results that correspond generally to the price and yield performance of the Prime Cyber Defense Index. The index tracks the performance of the exchange-listed equity securities of companies across the globe that (i) engage in providing cybersecurity applications or services as a vital component of its overall business or (ii) provide hardware or software for cybersecurity activities as a vital component of its overall business.
For a broad play in disruptive tech, investors can look at the Global X Robotics & Artificial Intelligence Thematic ETF (BOTZ) . BOTZ seeks to invest in companies that potentially stand to benefit from increased adoption and utilization of robotics and artificial intelligence (AI), including those involved with industrial robotics and automation, non-industrial robots, and autonomous vehicles.
<<<
>>> How to Invest in Cybersecurity Stocks
The cybersecurity industry is growing fast; it’s also changing fast. Here’s your comprehensive guide to making an investment.
Nicholas Rossolillo
Aug 2, 2019
https://www.fool.com/investing/how-to-invest-in-cybersecurity-stocks.aspx
As the increasingly digital world transforms the way we live, the bad guys are changing how they live and work, too. That means cybercrime is on the rise around the globe, both in frequency and in complexity. In fact, according to a 2018 study conducted by security outfit McAfee, cybercrime costs an estimated $600 billion a year -- just shy of 1% of global GDP (the value of all goods and services provided in any given year).
That enormous cost has put companies, government entities, and other enterprises under pressure. Protecting their own sensitive information and keeping customer data safe and secure are top priorities in today's digital age. A breach in security can lead to lost trust, lost credibility, and ultimately lost business.
Enter the cybersecurity industry, a service sector that is growing and changing fast to keep up with online threats. Since it doesn't produce a tangible good or service the everyday consumer can recognize, cybersecurity doesn't make for the sexiest of technological investments. And the rate of change required to stay ahead of those with nefarious intent means investing in cybersecurity companies can be tricky.
Still, there's no doubt investors are keen to get in on this growing sector of the economy. And there are plenty of investments from which to choose.
All sorts of businesses are lining up to keep the digital world safe. Some offer security as part of a larger technology offering, while others make cybersecurity their one and only focus. The type of cybersecurity also differs, with some companies working to offer a comprehensive software package to keep data secure, while others aim to solve a specific pain point with software for login security or device security.
With attacks via the internet not going away anytime soon, investors looking to make money from the trend should look at investing in the stocks of cybersecurity-only companies to maximize growth potential. Read on for an in-depth look at how to figure out how to invest in cybersecurity stocks.
The basics of analyzing cybersecurity companies
Investing in cybersecurity stocks, especially those representing companies that are solely focused on cybersecurity, is not as simple as picking the companies posting the largest sales growth. Many outfits that make cracking down on cybercrime their only endeavor are not yet profitable, so understanding a few less obvious measures is helpful.
Generating income and holding onto it
Revenue (money earned for providing a service or selling a product) is of course the logical place to start, but gross profit margin is important to look at, along with the top line. Gross profit margin subtracts from revenue the cost to provide a service or the cost to produce and sell a product. The larger the gross margin, the better; that means the company keeps more money. Software-based services generally scale to a higher profit margin than hardware sales because the product is produced once and can be sold countless times after that (versus hardware, which needs to be manufactured for every customer). Thus, as cybersecurity is basically a software industry, many cybersecurity companies have the potential to become lucrative businesses.
However, developing software is expensive up front and doesn't start paying off until enough customers sign up for the service. Newer companies will thus typically have lower gross margin than established companies as they make less money and have to spend more to acquire customers -- making fast revenue generation an important factor to consider when looking at small start-up cybersecurity companies.
Not all services are created equal
Then there are the specifics surrounding how a company gets paid. Most cybersecurity companies break revenue into two basic categories: (1) subscriptions and (2) support and professional services.
Subscription revenue (sometimes called product or software revenue, as the category covers recurring service delivered via a piece of software or other security product) is far more valuable, as it is less-labor intensive once established. That's often the case because a company can sell the same package many times with minimal work. Subscriptions are also sold as ongoing licenses or contracts, which means the revenue stream is more predictable and stable over the long term. The more predictable a business is, the fewer negative surprises will crop up for investors, and this helps keep the stock price less volatile.
By comparison, purchase of the support and professional services backing up the software tends to be billed as lumpy one-time payments and isn't as profitable for the company. For example, during the first quarter of 2019, Okta made $8.1 million in professional services revenue. However, the cost to produce those services was $10.6 million, leaving a $2.5 million loss for the segment due to high labor costs. However, subscriptions generated $117.2 million in sales and ran at a 79.1% gross profit margin, meaning the company kept $92.7 million of that total.
Track the number of customers
For a smaller company trying to establish itself, adding fresh customers will be the most important metric pointing out how well the company is building a profitable base.
For a larger company, existing customer activity is equally -- if not more -- critical. Look for what are called net dollar retention or dollar-based net expansion rates, which measure the amount of money existing customers are spending compared year to year. If the figure is under 100%, the implication is that customers are leaving or spending less. If the metric is over 100%, it means the business is selling more to its customers. Loyal patrons who spend more on services over time can be a powerful force that boosts the bottom line.
How much it costs to run the business
Moving down the income statement, operating expenses can be a tricky item to get a read on. Operating expenses cover costs not associated with producing a service but still necessary to keep the lights on. Because cybersecurity is growing and changing fast, research and development expenses can require a hefty cash outflow every year. Sales and marketing also tend to be elevated for companies that are jockeying for new clients. High costs in these areas tend to be the biggest reason a cybersecurity company operates in the red.
However, many of them are profitable on an "adjusted" basis. Thus, adjusted operating expenses (and therefore adjusted earnings) are important to look at as they back out things like stock-based compensation to employees and only factor in actual cash expenses. Investors will want to see stock-based pay decrease as a company matures, but while it's in growth mode, that expenditure tends to be elevated as companies use it as an incentive to attract and retain talent.
Closely related to this is the free cash flow metric -- or money left over after basic operating expenses and capital expenditures are paid for. This is a much more accurate measure of any company's true profitability. For example, when reporting on its fiscal 2019 third quarter (the three months ending April 30, 2019), cybersecurity leader Palo Alto Networks (NYSE:PANW) reported a net loss of $20.2 million on revenue of $727 million. After making adjustments, though, free cash flow was positive $276 million, good for a profit margin of 38% and up 30% year over year. Making non-cash adjustments can tell a very different story.
The digital age ups the ante for cybersecurity
In recent years, a couple of key trends in technology have led to cybersecurity becoming a hot industry. One is the boom in cloud computing.
The cloud refers to computing being done remotely at a data center. Video streaming is an example of cloud computing that millions of Americans make use of daily. Rather than play a movie or TV show at home on a DVD or Blu-ray player, consumers are making use of a library of entertainment content contained at a data center (like one hosted by Netflix), which they access via the internet for a fee.
That remote cloud-based business model has surged in popularity in the business world as well. Rather than expending their own computing power or purchasing software that needs to be downloaded at the office, companies are utilizing the cloud to get the digital tools they need. Cloud computing -- and the subscription-based model it often employs -- has been a winning strategy in recent years.
It also creates an expanding need for security services to protect all of that information being stored and used online. According to internet infrastructure company Cisco, global internet traffic is expected to grow an average of 26% every year through 2022. That's a lot of new data that needs to be kept safe.
Another development boosting the need for cybersecurity is the proliferation of devices connected to the internet, often identified by the catch-all phrase the "Internet of Things," or IoT. It's not just computers, tablets, and smartphones anymore. On the consumer side of the equation, everything from wearables like watches and headphones to household items like TVs and appliances is getting hooked up to the internet. For a business, connected devices can include industrial equipment, vehicles, or shipping containers.
The number of devices hooked up to the internet -- and the trail of digital data they create that needs to be collected and secured -- is staggering. Cisco estimates there were 2.4 networked devices for every man, woman, and child alive in 2017. Through 2022, the number of devices per person is expected to grow to 3.6. Put more simply, that would be roughly 28.5 billion devices connected to the internet in 2022, up from 18 billion in 2017.
How data is being protected
With data getting created all over the place by billions of devices, the responsibility placed on companies to keep it all secure is getting heavier all the time. The onus of that responsibility is increasingly being placed on cybersecurity companies and their various solutions.
Hardware versus software
Firewalls have traditionally been the first line of defense. A firewall is either a physical device attached to a network or software that acts as a gatekeeper, monitoring traffic and deciding what data to allow in and what data to block. Companies like Cisco still offer firewalls in hardware form, but with so much of computing moving to the cloud, software-based firewalls are gaining in importance. Top vendors migrating to cloud-based gatekeeping include Palo Alto Networks and Fortinet.
Technology to the rescue
The sheer amount of sensitive information and mission-critical data out in cyberspace isn't the only challenge, though. The complexity of attacks is also increasing, with bad actors looking for and exploiting holes in the vast communication and data networks between organizations, their employees, and their customers. Artificial intelligence and its subdiscipline machine learning -- a software system that mimics the human brain and learns from experience -- will be key factors in suppressing digital crime. Security software providers like Palo Alto Networks and Fortinet are putting the technology to use and are among the leaders in this area. Palo Alto, for example, launched an AI-based service called Cortex that hunts down, attacks, and automates threat detection.
New developments in cybersecurity
Then there are newer defense mechanisms that analyze information and adapt to operational changes in real time. These approaches include SIEM (security information and event management) and SOAR (security orchestration, automation, and response) and are among the fastest-growing segments of the cybersecurity industry. Legacy technologist IBM offers SIEM with its QRadar product. Newer entrants to the scene, like FireEye, have come out with similar offerings, and Palo Alto Networks and big-data analytics firm Splunk have added SOAR services to their respective software lineups.
All of these various companies and services have been moving toward simplifying the security process for companies' IT teams. Security operations can be complicated for organizations, so a one-stop-shop solution (or as close to one as possible) carries substantial appeal, but there are other offerings that cater to more specific needs.
Endpoint protection, which secures the hundreds of millions of new devices (computers, tablets, smartphones, and other connected devices being used by a company's employees or customers) coming online each year, is one such niche. CrowdStrike Holdings (NASDAQ:CRWD) specializes in endpoint security and recently completed a successful public debut on the stock market. IAAM (identity, authentication, and access management) is another specialized need that helps organizations ensure that only those who should have access to data are getting into the network. Okta is a leader in the IAAM space.
How big is the potential?
Although cybersecurity is a newer industry, and many companies are not yet profitable, the long-term potential is nevertheless great. According to research firm Global Market Insights, the industry's overall growth is expected to be 12% a year through 2024, going from $120 billion a year in 2017 to more than $300 billion. That means smaller cybersecurity pure-play stocks could be big winners in the years ahead.
While larger companies that aren't pure players could be less volatile -- such as Cisco or software giant Oracle, which offers security capabilities as part of its larger suite of services -- it's smaller companies that are poised to get the biggest bump if they succeed at disruption. Smaller niche players and start-ups could end up eating the lunch of their bigger and clunkier peers.
CrowdStrike is a perfect example. Though the company was founded in 2011 and completed its initial public offering of stock (IPO) in June 2019, it's already valued at a market cap of $14 billion (as of this writing). Okta is another example. It posted 50% revenue growth during the first quarter of 2019 and is currently valued at $14.8 billion. By comparison, Palo Alto Networks is currently the largest cybersecurity-focused company out there and is currently valued at $20.3 billion.
How to pick cybersecurity investments
The easiest way for investors to play the general rise in the importance of cyberprotection is via an exchange-traded fund like the First Trust NASDAQ Cybersecurity ETF (NASDAQ:CIBR) or the ETFMG Prime Cyber Security ETF (NYSEMKT:HACK). Both offer passive exposure to the industry through a portfolio of stocks and charge investors an annual fee of 0.6%.
There are a few key differences to keep in mind, though. Larger companies make up a larger percentage of First Trust NASDAQ Cybersecurity ETF's stock portfolio, and it excludes the smallest of cybersecurity stocks (anything with a market cap under $250 million gets tossed out). ETFMG Prime Cyber Security ETF weights its various stocks more equally -- regardless of how large the company is -- and includes smaller start-ups (valued all the way down to $100 million).
Getting in on tiny start-ups early sounds appealing, but it doesn't always pay off quickly. In this case, First Trust NASDAQ Cybersecurity ETF's focus on larger firms has yielded a 44% return compared to ETFMG Prime Cyber Security ETF's 30% since the summer of 2015 -- the earliest common date since the two funds' inception. In this case, focusing on larger companies that have jumped out to an early lead has been the better strategy.
Choosing individual companies
Investors who want to get pickier with their cybersecurity stocks could focus on the largest players in the security space. They could also focus on those companies with the strongest momentum right now. Here's a checklist of things for investors to consider:
Look for companies that are not just adding new customers but also expanding relationships with existing ones.
If a company is growing more slowly than the security industry (about 12% a year though the next five years, according to some estimates), is there a good reason why? If not, pass.
If a cybersecurity company is not yet profitable, make sure it's making headway on gross margin, operating margin, or adjusted earnings.
Operating expenses are often elevated or rising faster than sales, so check that the spending is translating into revenue generation. For a larger and established company, revenue growth should be outpacing spending; for a smaller or start-up company, the gap between revenue growth and high expense growth should be narrowing over time.
Innovation is a must in this fast-changing industry. Is the company investing in research and development to stay relevant? Is it succeeding?
Are there rivals to a cybersecurity company's service? If so, compare the other company's growth rate and resulting valuation. If one company trades at a premium to its peers, there should be a good reason why (i.e., higher revenue growth, higher profit generation, etc.).
Traditional metrics like price-to-earnings ratios usually don't help when deciding which cybersecurity stock to invest in. If a company doesn't have earnings, the metric doesn't exist. For small, fast-growing stocks, pick ones with high rates of revenue growth and compare their price-to-sales ratios (the lower the ratio, the more of a value it is). However, a more expensive stock might still be worth the money if it is growing faster than its peers.
For larger, established companies, use the price-to-free-cash-flow ratio to decide on a better value. Even larger cybersecurity outfits should be growing by double-digits at this stage of the game, but the lower the price-to-FCF ratio, the greater the value. However, a higher number is acceptable if growth is outpacing that of other large companies.
A note on risk
It is worth bearing in mind that, whether investing in a basket of cybersecurity stocks via an ETF or creating your own collection of stocks, the cybersecurity industry is a volatile one. As is the case with high-growth sectors, stocks tend to bounce around in value quite a bit, and steep declines are the norm. This can be driven by anything from a high-profile security breach at a large organization, a miss in expected revenue growth at a security comapny, or higher-than-anticipated expenses to acquire customers or develop new technology.
No matter the direction you choose, though, investing in cybersecurity stocks holds a lot of promise. Keeping the digital world a safe place is a big job -- one that will only get bigger. The swift pace of change in the underlying technology means the ride will be an especially bumpy one. Investors will therefore want to stay focused on the long term and expect some turbulence. But for those who can be patient and have the fortitude to buy when stock prices dip, investing in cybersecurity should be a profitable endeavor for the long haul.
<<<
>>> Nasdaq Settles ETF Legal Fight Over 'HACK'
ETF.com
May 4, 2020
https://finance.yahoo.com/news/nasdaq-settles-legal-fight-over-171500801.html
A years-long battle over control of the world’s first cybersecurity exchange-traded fund may soon be over.
Nasdaq and ETF Managers Group announced May 1 plans to settle their dispute over the ETFMG Prime Cyber Security ETF (HACK) and four other ETFs with combined assets of $2.1 billion. Nasdaq will take over the funds from ETFMG in the second half of 2020, according to the press release.
What’s at stake is control of the funds along with the lucrative fund fees paid by investors. In December, a federal judge ordered ETFMG to pay $80 million to Nasdaq for breach of contract, but did not grant Nasdaq’s request to wrest day-to-day control of the funds away from ETFMG.
The brief statement gave few details. It’s unclear whether all of the disputed funds will be covered by the deal. It’s also unclear what role, if any, ETFMG or Sam Masucci, the firm’s founder and chief executive officer, will play in the funds after the settlement. Financial terms were not disclosed. A spokesman for Nasdaq declined to comment; a spokesman for ETFMG did not immediately respond to a request for comment.
Cash Payments & Change Of Control
Nasdaq and ETFMG have agreed to certain cash payments from ETFMG to Nasdaq and PureShares, and have executed an asset purchase agreement to transfer certain ETFMG intellectual property and related assets, to a Nasdaq affiliate, according to the May 1 statement. “The transaction is expected to close in the last half of 2020.”
The settlement marks the end of a tangled feud that began nearly four years ago, shortly after Nasdaq bought the International Securities Exchange. The acquisition included ISE’s small ETF incubator, which helped would-be issuers bring new funds to market.
One such hopeful was Andrew Chanin, a former ETF trader and co-founder of PureShares, a New Jersey ETF startup. ISE provided the financial backing for Chanin’s PureFunds ETFs in exchange for the lion’s share of any profits—a risky venture, since most new funds fail.
Cash Payments & Control Transfer
HACK was by far the partnership’s biggest success. The fund debuted in November 2014, days before Sony Pictures suffered a massive cybersecurity breach. The publicity helped HACK raise $1 billion in assets in its first year.
To manage day-to-day business of the PureFunds ETFs, Chanin and ISE hired ETFMG, a New Jersey firm run by Masucci, a former mortgage trader turned ETF entrepreneur.
As the advisor to the funds, ETFMG collected the management fees from investors—at times as much as $600,000 a month from HACK alone—and used the money to pay the fund’s bills, including ETFMG’s own fees. Any profits—at times more than $300,000 a month just from HACK—were forwarded to ISE, which paid Chanin his share.
Nasdaq reaped the bulk of the profits while the ETFs traded under Chanin’s PureFunds brand, but the arrangement gave Masucci significant operational control. Masucci also led the board of trustees for the funds.
Arrangement Breakdown
The arrangement began to fray after Nasdaq bought ISE in June 2016. The final rupture came in 2017 when ETFMG stripped the PureFunds brand from the ETFs, renamed the funds with the ETFMG moniker, and claimed that ETFMG was entitled to keep all the fees for itself. Nasdaq sued in October 2017 in the U.S. District Court for the Southern District of New York.
In December 2019, Federal Judge Paul Engelmayer sided largely with Nasdaq, ordering ETF Managers Group to pay $80 million to Nasdaq. Engelmayer ruled that ETFMG had breached its contracts with Nasdaq and misappropriated millions of dollars in fund management fees.
Though ETFMG appealed, it was a major setback. Engelmayer called ETFMG’s conduct “little more than an act of theft.” In his 166-page judgment, Engelmayer described portions of Masucci’s testimony as “contrived and unpersuasive,” “threadbare and unconvincing,” “incredible—and clearly false,” consisting of “uncorroborated after-the-fact assertions,” “demonstrably false,” “knowingly false” and “fictitious” and “overwhelmingly disproven by the evidence at trial.”
(The full text of Engelmayer’s Dec. 20 opinion can be found at www.pacer.gov. The case is Nasdaq Inc. v. ETF Managers Group, LLC et al, in the U.S. District Court for the Southern District of New York.)
The deal announced May 1 will also settle a separate lawsuit brought by PureShares against ETFMG in New Jersey Superior Court. Chanin declined to comment.
Unanswered Investor Questions
The brief statements from Nasdaq and ETFMG leave several questions unanswered.
It’s unclear whether the deal covers all five of the former PureFunds ETFs now trading under the ETFMG name. All five are passive funds tracking industry indexes. HACK is by far the largest, with $1.29 billion in assets under management.
The other ETFs are:
ETFMG Prime Junior Silver Miners ETF (SILJ) with almost $140 million in assets under management.
ETFMG Prime Mobile Payments ETF (IPAY) with about $561 million in assets. Wedbush ETFMG Video Game Tech ETF (GAMR) with about $81 million in assets And the fund now known as the Wedbush ETFMG Global Cloud Technology ETF (IVES), which has about $32 million in assets. Until recently, IVES invested in the drone industry and traded under the ticker IFLY, but last month the fund changed its name, index, ticker and investment objective. The settlement announcement also leaves a number of unanswered questions for investors.
The settlement is still “subject to future negotiations and approvals among independent third parties,” the statement said. It’s unclear whether the PureFunds brand will be restored to the funds, or indeed whether PureFunds will have any future role in the marketing or operation of the ETFs.
It is also unclear whether the settlement requires Masucci to resign from the board of trustees governing the funds, or whether the deal seeks to replace other independent trustees. It’s additionally unclear whether Nasdaq will continue to use benchmarks created by Prime Indexes, a firm run by a former ISE employee who had been involved in ISE’s ETF business before Nasdaq’s acquisition.
For the time being, little has changed for investors. The funds continue to trade under the same tickers, tracking the same indexes.
<<<
More on HACK lawsuit - >>> ETF Issuer Ordered To Pay $80M To Nasdaq
ETF.com
December 20, 2019
Asjylyn Loder
https://www.etf.com/sections/features-and-news/etf-issuer-order-pay-80m-nasdaq?mod=article_inline
A two-year court battle over the allegedly stolen ETF fees came to a head Friday when a judge ordered ETF Managers Group (ETFMG) to pay almost $80 million to its former partner Nasdaq Inc.
At the heart of the dispute is who is entitled to the profits from the former PureFunds ETFs, especially the popular cybersecurity exchange-traded fund best known by its ticker ETFMG Prime Cyber Security ETF (HACK).
Fee Fund Fight
Nasdaq filed a civil suit in October 2017 in the U.S. District Court for the Southern District of New York alleging that ETFMG illegally kept millions of dollars in management fees generated by the funds.
On Friday, U.S. District Court Judge Paul Engelmayer sided with Nasdaq.
“The court further funds that ETFMG blatantly breached its contractual duty to furnish those profits to Nasdaq and PureShares by appropriating these profits for itself, as it continues to do this day,” Engelmayer wrote in his 166-page ruling.
ETFMG issued a statement Friday saying they disagree with Engelmayer's ruling and will appeal.
Joint Venture Agreement
The funds were a joint venture among ETFMG, PureFunds and the International Stock Exchange (ISE), which was bought by Nasdaq in 2016.
ISE, and later Nasdaq, paid the operating costs for the funds in exchange for most of the profits. The funds traded under the PureFunds brand, but ETFMG had significant operational control.
HACK, which now has $1.5 billion in assets, was by far the most successful, generating about $300,000 a month in operating profits, according to estimates Nasdaq provided to the court.
The relationship among Nasdaq, PureFunds and ETFMG soured after Nasdaq purchased ISE. In 2017, ETFMG ousted PureFunds, stripped the PureFunds brand from the funds and replaced it with the ETFMG name.
Nasdaq Claims
Nasdaq claimed that ETFMG also began pocketing the operating profits for HACK and two other profitable PureFunds ETFs: a mobile payments fund, ETFMG Prime Mobile Payments ETF (IPAY) and ETFMG Prime Junior Silver Miners ETF (SILJ), a silver-mining fund. The damages awarded to Nasdaq by Judge Engelmayer includes lost and prospective profits for the three ETFs.
“Nasdaq is pleased with the court’s ruling that acknowledged the significant damages we suffered from ETFMG’s breach of its contractual obligations,” Matthew Sheahan, a Nasdaq spokesman, said in an emailed statement. “This is a victory for the ETF industry.”
The damages award includes the share Nasdaq would have forwarded to PureShares “but for ETFMG’s theft of all profits,” Engelmayer wrote.
Andrew Chanin, founder and CEO of PureShares, said Friday that he’s pleased Nasdaq prevailed. “It’s clearly not done yet but it’s really nice to see something positive.” Chanin has a separate lawsuit against ETFMG that is still pending in New Jersey Superior Court.
For the time being, Friday’s ruling does not appear to change ETFMG’s role as the adviser of the funds, the ETFs continue to trade under the ETFMG brand.
<<<
ETFMG Cyber Security ETF (HACK) - a lawsuit over fees -
>>> From drones to... Daniel? An ETF makes a surprising turn
MarketWatch
April 7, 2020
By Andrea Riquier
https://www.marketwatch.com/story/from-drones-to-daniel-an-etf-makes-a-surprising-turn-2020-04-07?siteid=bigcharts&dist=bigcharts
Not the most radical shift this fund company has ever made, but perhaps not the most compelling either
An exchange-traded fund company known for radical reversals in strategy is making another surprising pivot.
On Tuesday, the ETFMG Drone Economy Strategy ETF US:IFLY will become the Wedbush ETFMG Global Cloud Technology ETF.
The change sets out a trifecta of unconventional decisions for investors: the fund will now pursue a hodgepodge thematic approach to investing, charge a premium for branding tied to a lesser-known name, and ask investors to trust their money to a company with known legal woes.
The new ETF tracks an index called the “Dan Ives Global Cloud Technology Prime Index,” and bears the ticker IVES. That’s for Daniel Ives, a long-time Wall Street technology analyst now with Wedbush Securities.
The new fund will focus on companies that are “undercover gems of cloud technology,” according to a press release, which notes that in the next two years, the share of work loads managed in the cloud will increase to 55% from 33%. “The current COVID-19 pandemic is further driving stay at home/remote working applications,” according to public relations materials
It’s worth noting, however, that the drone technology theme of the old fund might also have benefitted from the coronavirus pandemic, as households try to avoid contact with other humans as much as possible. The decision to remake the ETF predated the pandemic, however.
More to the point, ETFs with narrow themes can be chancy, said Ben Johnson, director of global ETF research at Morningstar, and bundling together a few themes, as IVES does with cloud technology, cyber security, and 5G, doesn’t necessarily help.
The track record of the earlier drone ETF “is emblematic of what we’ve seen in the thematic space. People find a sexy narrative, try to capitalize on it, a lot of money flows in, and then money flows back out,” Johnson told MarketWatch.
“It’s a throw-stuff-against-the-wall-and-see-what-sticks approach,” Johnson said. After being open for nearly four years, IFLY had only attracted about $37 million, according to a Dec. 31 fact sheet. Some of ETFMG’s other funds have had more success: its Prime Mobile Payments ETF IPAY, +3.38% has $477 million in assets, and a silver miner fund SILJ, +5.44% has over $100 million.
This pivot isn’t as extreme as the one the ETFMG may be best known for: turning a lagging Latin American real estate fund into a cannabis-themed one MJ, +1.32% .
And it’s not the first ETF to attempt to capitalize on the persona or brand name of an individual, Johnson noted, though some earlier attempts may have had somewhat broader name recognition than Ives does. In 2016, for example, asset manager Mario Gabelli launched the Gabelli Media Mogul fund. There were also efforts to create a music-themed ETF branded after Quincy Jones. “QJ” never came to fruition, Johnson said.
Also worth noting: ETFMG is the company at the heart of a set of lawsuits over fees for a cyber security ETF called HACK. “From our perspective, EFTMG is sub-reputable and a firm that is going to be undergoing some financial hardship as it seeks to meet its obligations with the court case,” Johnson said. “Anybody who’s paying attention sees the writing on the wall and steers clear.”
ETFMG did not immediately respond to a request for comment.
Perhaps most surprising about this step, to Morningstar’s Johnson, is the idea that ETF issuers would continue to tie their investing approach to narrow “idolatry,” in his words, whether of a theme or a figurehead. The ongoing out-performance of broad index funds has rested on “eliminating idiosyncratic risks and not trusting any one individual or team to make smart decisions,” Johnson said.
IVES will charge a management fee of 68 basis points, more than 10 times as much as some of the most popular broad index funds that have beaten narrow-themed, actively managed funds over the past cycle. Even a more targeted approach like Vanguard’s Information Technology ETF VGT, +3.79% only charges 10 basis points.
A fund like this one may also represent a revenue opportunity for Wedbush at a time when traditional Wall Street business lines like asset management and investment research are also struggling, Johnson pointed out. Wedbush did not respond to a request for comment.
<<<
>>> CrowdStrike Holdings, Inc. (CRWD) provides cloud-delivered solutions for next-generation endpoint protection in the United States, Australia, Germany, India, Romania, and the United Kingdom. It offers 11 cloud modules on its Falcon platform through a software as a service subscription-based model that covers various security markets, such as endpoint security, security and IT operations, and threat intelligence to deliver comprehensive breach protection even against today's most sophisticated attacks. The company primarily sells its platform and cloud modules through its direct sales team. CrowdStrike Holdings, Inc. was founded in 2011 and is headquartered in Sunnyvale, California. <<<
>>> CrowdStrike stock surges as platform feels right at home in a coronavirus work-from-home world
MarketWatch
March 20, 2020
By Wallace Witkowski
https://www.marketwatch.com/story/crowdstrike-stock-surges-as-platform-feels-right-at-home-in-a-work-from-home-world-2020-03-20?siteid=bigcharts&dist=bigcharts
Cloud-based cybersecurity company issues strong guidance for 2020, sees no coronavirus disruptions
CrowdStrike Holdings Inc.’s stock soared Friday after the cybersecurity company demonstrated in its quarterly results and outlook that it’s well-positioned for the new realities of a work-from-home world still reeling from the spread of COVID-19.
CrowdStrike CRWD, +2.63% shares soared nearly 25% Friday to hit an intraday high of $51.97, and closed up more than 17% at $49.01. Shares are up 24% for the week, but are down 1.7% for the year.
Not only did CrowdStrike top Wall Street estimates for the fourth quarter, but also the company issued a strong outlook for 2020 late Thursday that it characterized as conservative.
Of the 21 analysts who cover CrowdStrike, 16 have overweight or buy ratings, four have hold ratings, and one has a sell rating. Six analysts hiked their price targets while three cut theirs, resulting in an average price target of $73.15, up from a previous $72.35, according to FactSet data.
As California and New York adopt shelter-in-place orders to combat the spread of the SARS-CoV-2 coronavirus, the ranks of millions working from home is only looking to increase, and that increases the need for more dynamic cybersecurity measures.
JPMorgan analyst Sterling Auty, who has an overweight rating and Wall Street’s most bullish price target on the stock of $109, said CrowdStrike is benefiting from a “couple of significant advantages” right now.
“First, the largest installed base of endpoint security in the corporate world belongs to Symantec and post its acquisition, customers and channel partners are driving significant share shift over to CRWD as the leading technology provider,” Auty said.
On the analyst call late Thursday, CrowdStrike co-founder and Chief Executive George Kurtz confirmed that the company has taken share from Symantec’s enterprise security business following its recent acquisition by Broadcom Inc. AVGO, +0.33%.
“Second, the architecture of its solutions being cloud first with the ability to implement without the need for a host (laptop, server, virtual cloud server, etc.) or needing to reboot is key given the need to implement these solutions remotely,” Auty said. “Third, cybersecurity spending is resilient even in tough economic times as bad actors look to exploit any situation that they can.”
Jefferies analyst Brent Thill, who has a hold rating and a $55 price target, said CrowdStrike return on investment “as a security cloud becomes even more evident with customers shifting toward a more distributed and remote workforce.”
“Cybersecurity remains mission critical for business, particularly as they look to protect endpoints and workloads in a more distributed remote workforce,” Thill said. “CRWD has not seen any operational disruptions as 70% of its workforce already worked remotely.”
Stifel analyst Gur Talpaz, who has a buy rating and a $90 price target, remarked on how upbeat the analyst call was given the wealth of dreary news as of late.
“Listening to CrowdStrike’s Q4 earnings call, you’d be hard-pressed to believe that we were in the midst of a global pandemic that has already left its mark on multiple industries and the broader economy,” Talpaz said.
“CrowdStrike has always run a distributed organization with both company leadership and employees dispersed across the globe,” Talpaz said. “We believe this has served the company well but, more importantly, means they are well-equipped to handle the potential challenges that come from a broader remote workforce.”
CrowdStrike’s gains are beginning to mirror those of another stock that’s cashing in on the work-from-home trend: Zoom Video Communications Inc. ZM, -0.85% Shares of Zoom, which closed up 5.5% Friday, are up 92% on the year.
In comparison, the ETFMG Prime Cyber Security ETF HACK, +1.90% declined 0.2%, and is down nearly 26% for the year. The S&P 500 index SPX, +0.58% fell 4.4% Friday, and is down 29% on the year, while the tech-heavy Nasdaq Composite Index COMP, +1.65% fell 3.8%, and is down 23% on the year.
<<<
>>> Another Cybersecurity ETF Arrives
MarketWatch
By ETF Professor
Oct 30, 2019
https://www.marketwatch.com/story/another-cybersecurity-etf-arrives-2019-10-30?mod=investing
For all the attention that the cybersecurity theme and software stocks receive, it might be reasonable to assume the market is awash in dedicated cybersecurity exchange traded funds.
Actually, there are just four such funds on the market today following Tuesday's debut of the Global X Cybersecurity ETF BUG, +0.22%.
Another addition to Global X's storied line of thematic funds, BUG “seeks to invest in companies that stand to potentially benefit from the increased adoption of cybersecurity technology, such as those whose principal business is in the development and management of security protocols preventing intrusion and attacks to systems, networks, applications, computers, and mobile devices,” according to the issuer.
The new BUG will compete against three established, but its primary rivals will be the ETFMG Prime Cyber Security ETF HACK, +0.05%, the oldest cybersecurity ETF; and the First Trust NASDAQ Cybersecurity ETF CIBR, +0.28%. HACK and CIBR have $1.44 billion and $1.03 billion in assets under management, respectively.
CIBR and HACK may seem to be immovable objects for the new BUG, but Global X has been down this road before. Earlier this year, the issuer launched the Global X Cloud Computing ETF CLOU, +0.03% to compete with a rival First Trust fund. CLOU now has $459 million in assets under management, easily making it one of this year's most successful new ETFs.
Additionally, BUG has another way of competing with the aforementioned rivals. Its annual fee of 0.50%, or $50 on a $10,000 investment, is 10 basis points lower than the fees on CIBR and HACK.
The new Global X ETF tracks the Indxx Cybersecurity Index and holds 31 stocks. Its top 10 top holdings combine for over 56% of the rookie fund's roster.
Cybersecurity spending is on an exponential, upward trajectory. That favorable fundamental trait coupled with BUG's lower fee could be catalysts to drive assets to this new thematic fund.
“Global spending on security-related software, hardware and services could reach $124 billion by year-end as the number of malicious programs registered reaches a record 925 million,” according to Global X research. “By 2022, total global spending could reach $170.4 billion, a five-year compounded annual growth rate (CAGR) of 10.9%.”
<<<
>>> Best Cyber Security ETFs for 2020
The Balance
BY KENT THUNE
June 25, 2019
https://www.thebalance.com/best-cyber-security-etfs-for-2018-4176623
Investing in cyber security ETFs can be a smart way to profit from the growing threat of cyber crime, such as cyber attacks, data breaches and extortion. When you invest in a cyber ETF, you get exposure to a basket of the top cyber security stocks in the U.S. and around the world. Here's what to look for in the best cyber security funds.
Why Invest in Cyber Security ETFs
Cyber crime is on the rise and this trend does not appear to be slowing down. This means that the businesses that help to protect against cyber crimes and those that aid in reacting to them are in greater demand than ever. Arguably, the best way to profit from the trends in cyber crime is with cyber security exchange-traded funds, also known as ETFs.
Here are some of the cyber crime trends that will drive the demand for cyber security:
State-Sponsored Cyber Attacks: Since 2016, Russia, North Korea and Iran have been found guilty of infiltrating government and businesses. Experts believe this new trend may be just the tip of the iceberg and state-sponsored cyber attacks are part of a new normal in the world today.
Cyber Attacks on Universities: In March 2018, the US Department of Justice indicted nine Iranian hackers for allegedly attacking more than 300 universities across the globe, as well as several other public organisations and 47 private ones.
Growing Number of Data Breaches: Through the middle of the year, there were already 600 known data breaches, which represents 22 million records of information. There were 1,300 data breaches in 2017 and that number is expected to grow in 2018.
Prevalence of Cyber Liability Insurance: The fact that cyber liability insurance has recently become a mainstream offering at many major insurance companies, such as The Hartford and Insureon, demonstrates the sad reality that cyber crime and the damage it can do is real concern for businesses of all sizes.
Make your tax filing decision easier by dispelling some of the myths and misconceptions that surround hiring a tax pro versus a DIY tax filing.
With cyber crime on the rise and no end in sight to this disturbing trend, the demand for the products and services for the prevention and recovery of cyber crimes is sure to rise. In fact, Cybersecurity Ventures projects that the resulting damages will cost $6 trillion annually by 2021, up from $3 trillion in 2015. Investors can profit from this trend by investing in one of the best cyber security ETFs.
Best Cyber Security ETFs
Since cyber crime is a relatively new phenomenon, there are only a handful of cyber security ETFs available on the market. We highlight three ETFs that offer investors exposure to stocks of companies in the cyber security industry.
Generally the best index funds, which includes most ETFs, have the lowest expenses. Since many ETFs within the same category invest in the same or similar securities, a low expense ratio often translates to superior performance. Also, funds with higher assets can offer greater liquidity. This helps an investor to buy shares close to the fund's net asset value. These search criteria apply to almost all ETFs, including Cyber Security ETFs.
With that backdrop in mind, here are three cyber security ETFs to consider:
ETFMG Prime Cyber Security ETF (HACK): With approximately $1.7 billion in assets, HACK is the largest cyber security ETF on the market. The portfolio consists of 52 stocks that have direct or indirect relation to the cyber security industry. Top holdings include Cisco Systems (CSCO), Tenable Inc (TENB), and FireEye Inc (FEYE). The expense ratio for HACK is 0.64 percent, or $64 for every $10,000 invested.
First Trust NASDAQ Cybersecurity ETF (CIBR): This ETF tracks the CTA Cybersecurity Index, which includes 38 stocks of companies primarily involved in the building, implementation, and management of cyber security for private and public networks, computers, and mobile devices. Top holdings include Raytheon (RTN), CSCO, and Symantec Corp (SYNC). Expenses for CIBR are 0.60 percent.
ALPS Disruptive Technologies ETF (DTEC): Investors not wanting full exposure to cyber security stocks may consider DTEC, which holds stocks of companies that are part of trends in the economy, such as advances in technology. Expenses for the DTEC ETF are 0.50 percent.
Investors considering the purchase of a cyber security ETF should keep in mind that cyber security stocks can have significant price volatility. While cyber security ETFs can have long-term growth potential, the short-term market risk should be noted. ETFs that are highly concentrated in a narrow niche industry should represent a small portion, such as 5-10 percent, of a diversified portfolio.
<<<
>>> 2 Cybersecurity ETFs to Consider
Investopedia
By BARBARA BANDY
Jun 6, 2019
https://www.investopedia.com/articles/etfs-mutual-funds/042616/2-cybersecurity-etfs-consider-cibr-hack.asp
Cybercrime continues to rise globally, leading to a heightened need for solutions to deal with the threat. That's why MarketsandMarkets is forecasting that the cybersecurity market will grow from $15.66 billion in 2018 to $31.82 billion by 2023, at a compound annual growth rate (CAGR) of 15.2%. For most investors who want to take advantage of this growing market, it makes sense to invest in a wide spectrum of cybersecurity stocks through exchange-traded funds (ETFs) instead of just betting on one or two stocks. Two ETFs are specifically dedicated to cybersecurity: First Trust NASDAQ Cybersecurity ETF (NASDAQ: CIBR) and the ETFMG Prime Cyber Security ETF (NYSEARCA: HACK). The information presented here was accurate as of Oct. 2, 2018.
Cybercrime is becoming more sophisticated, targeting individuals and businesses alike
The cybersecurity market is already a multi-billion industry, expected to double in just 5 years.
Investors can gain access to this growing segment through the use of ETFs that invest in cybersecurity and related firms.
First Trust NASDAQ Cybersecurity ETF (CIBR)
The First Trust NASDAQ Cybersecurity ETF was launched in July 2015 to track the NASDAQ CTA Cyber Security Index, which focuses on companies building and managing the security protocols of private and public networks, computers and mobile devices. Software companies dominate the ETF portfolio with 53.45% of its holdings, followed by the communications equipment sector at 19.23% of holdings. The top three holdings are Raytheon Company (RTN) at 6.27%, Symantec Corporation (SYMC) at 6.22% and Cisco Systems, Inc. (CSCO) at 6.17%. The fund's net assets are $848 million, with 38 stocks in the portfolio. The 30-day Securities and Exchange Commission (SEC) yield is 0.09%.
ETFMG Prime Cyber Security ETF (HACK)
The ETFMG Prime Cyber Security ETF (formerly the PureFunds ISE Cyber Security ETF) was launched in November 2014 to track the ISE Cyber Security Index, which focuses on companies developing hardware and software to protect data and those providing cybersecurity as a service. Software and IT services companies are the biggest industry sector in the fund, representing 87.73% of its holdings, followed by communications equipment at 8.88%. The top three holdings are Fortinet Inc. (FTNT) at 5.13%, Cisco Systems, Inc. at 4.67% and Palo Alto Networks Inc. (PANW) at 4.62%. The fund's net assets are $1.81 billion, with 37 stocks in the portfolio. The 30-day SEC yield is 0.01%.
Differences Between the Two ETFs
There are strong similarities between these two ETFs, but there are also some subtle differences. The ETFMG Prime Cyber Security ETF, which is the more established fund, includes companies that have market capitalizations as low as $100 million, while the First Trust NASDAQ Cybersecurity ETF established a minimum market capitalization of $250 million for the companies in its portfolio.
Based on these criteria, the ETFMG Prime Cyber Security ETF is more likely to own faster-growing but riskier cybersecurity companies. In a strong market environment, the ETFMG Prime Cyber Security ETF could well outperform, making it a good candidate for investors looking for short-term plays. The First Trust NASDAQ Cybersecurity ETF has more exposure to larger companies that may be less volatile and could be a better option for investors with longer time horizons.
<<<
Name | Symbol | % Assets |
---|---|---|
Zscaler Inc | ZS | 7.58% |
CrowdStrike Holdings Inc Class A | CRWD | 6.69% |
Accenture PLC Class A | ACN | 6.31% |
Okta Inc A | OKTA | 6.27% |
Cisco Systems Inc | CSCO | 5.90% |
Cloudflare Inc | NET | 3.89% |
Fortinet Inc | FTNT | 3.81% |
Varonis Systems Inc | VRNS | 3.76% |
CyberArk Software Ltd | CYBR | 3.51% |
Palo Alto Networks Inc | PANW | 3.36% |
Name | Symbol | % Assets |
---|---|---|
Check Point Software Technologies Ltd | CHKP | 8.24% |
Palo Alto Networks Inc | PANW | 7.93% |
Fortinet Inc | FTNT | 6.71% |
NortonLifeLock Inc | NLOK | 5.74% |
Avast PLC | AVST.L | 5.47% |
Tenable Holdings Inc | TENB | 4.85% |
Trend Micro Inc | 4704 | 4.78% |
Zscaler Inc | ZS | 4.75% |
Okta Inc Class A | OKTA | 4.71% |
CrowdStrike Holdings Inc Class A | CRWD | 4.60% |
Name | Symbol | % Assets |
---|---|---|
Cisco Systems Inc | CSCO | 3.04% |
KnowBe4 Inc Ordinary Shares - Class A | KNBE | 3.04% |
Cloudflare Inc | NET | 2.88% |
Splunk Inc | SPLK | 2.85% |
Fortinet Inc | FTNT | 2.44% |
SailPoint Technologies Holdings Inc | SAIL | 2.44% |
Palo Alto Networks Inc | PANW | 2.40% |
Darktrace PLC | DARK.L | 2.39% |
FireEye Inc | FEYE | 2.26% |
Sumo Logic Inc Ordinary Shares | SUMO | 2.25% |
Name | Symbol | % Assets |
---|---|---|
Check Point Software Technologies Ltd | CHKP | 5.45% |
Citrix Systems Inc | CTXS | 5.05% |
Fortinet Inc | FTNT | 4.71% |
Palo Alto Networks Inc | PANW | 4.71% |
Juniper Networks Inc | JNPR | 4.48% |
VMware Inc Class A | VMW | 4.09% |
Akamai Technologies Inc | AKAM | 4.06% |
Booz Allen Hamilton Holding Corp Class A | BAH | 3.83% |
CrowdStrike Holdings Inc Class A | CRWD | 3.82% |
DocuSign Inc | DOCU | 3.65% |
Name | Symbol | % Assets |
---|---|---|
SolarEdge Technologies Inc | SEDG | 8.06% |
NICE Ltd | NICE | 7.93% |
Wix.com Ltd | WIX | 7.92% |
NovoCure Ltd | NVCR | 7.52% |
Check Point Software Technologies Ltd | CHKP | 6.86% |
Amdocs Ltd | DOX | 5.86% |
Fiverr International Ltd | FVRR | 5.24% |
Varonis Systems Inc | VRNS | 3.83% |
Playtika Holding Corp Ordinary Shares | PLTK | 3.54% |
CyberArk Software Ltd | CYBR | 3.26% |
Volume | |
Day Range: | |
Bid Price | |
Ask Price | |
Last Trade Time: |