Cyber-security is one of the fastest growing segments of technology, and companies which specialize in this area are starting to get more and more attention. It’s easy to see why, as high-profile data breaches like those affecting major U.S. retailers and even U.S. government agencies dominate the news.
Cyber-researchers draw attention to themselves by locating serious bugs or vulnerabilities in popular products like the iPhone or online services like Facebook because they want to set themselves up as an expert.
Get The Full Warren Buffett Series in PDF
Get the entire 10-part series on Warren Buffett in PDF. Save it to your desktop, read it on your tablet, or email to your colleagues.
Why cyber-security stocks present opportunities
Analyst Sarbjit Nahal and team at BAML said cyber-security is one of the biggest global risks today with more than 90 million attacks a year. In fact, they report that there are nearly 400 new cyber-threats per minute and that up to 70% of the attacks are not being detected. Further, Americans are especially worried about cyber-attacks. In fact, they're more worried about this type of crime than any other, according to BAML.
Last year in the U.S. along, hackers compromised 1 billion data records. The BAML team thinks cyber-security is one of the biggest threats to what they see as the "three pillars of creative disruption," which are the Internet of Things, the Sharing Economy and Online Services. They call this problem "Cybergeddon," as cyber-breaches cause up to $3 trillion in economic impacts, with the average cost of cyber-crime for U.S. companies hitting a new record of $12.7 million last year. They estimate that cyber-crime "extracts up to 20% of the value created by the internet."
A10 Networks, Cisco among top Enterprise picks
But which public cyber-security firms truly present an opportunity for investors? Analysts at Bank of America Merrill Lynch weighed in on this topic on Thursday. The BAML team breaks cyber-security stocks down into five different categories.
For the Enterprise and Network Security category, they like A10 Networks, which offers networking technology to secure data center applications and is currently expanding into denial of service attacks. They also like Check Point, which focuses on making network security less complex and software blade architecture.
The BAML team also likes Cisco Systems for its sensor and security enforcement technology and network-wide architecture and Juniper Networks for its new software and hardware and next-generation firewalls.
Experian top pick in payments, Splunk top in cloud
For Payment and Components security, the analysts like Experian for its ID theft and fraud protection, Ingenico for its payment processing solutions and terminals, and NXP Semiconductors for its chip-based EMV credit and debit cards, smart ID cards, and auto safety sensors. They also like Shenzen O-film because it's an early mover in fingerprint solutions for China's smartphone supply chain.
The BAML tea suggests Splunk under the Cloud, Data and Threat Intelligence category for its software and big data platforms. They also like VMware's virtual data center apps and secure architecture and design for network-based threats.
Barracuda and FireEye for Threat Protection
Their top pick in Threat Protection is Barracuda Networks for its data storage, content security, and protection and disaster recovery. They also like CyberArk for its privileged account management security, infrastructure, and enterprise applications. Additionally, they suggest FireEye because it's a first mover in a new market and offers strong network security solutions while focusing on traffic behavior.
Other suggestions in this category are Fortinet, which is pioneering UTM network security, Qihoo 360, which is China's top web security solution, and Trend Micro, Japan's top security software supplier.
Booz Allen Hamilton in Homeland Security
And finally, the BAML analysts see Booz Allen Hamilton as a strong play in Homeland Security and Critical Infrastructure. The company is a tier 1 provider for the U.S. government and holds a strong niche position to attract government and commercial spending on cyber-security.