The birth of the internet has given rise to a new breed of criminals, one that does not have to rob a physical bank or person. In fact, much of their work can be done from the comfort of their own home, 24 hours a day, seven days a week. Cybercrime has ballooned into a £27bn per year problem in the UK, fuelling demand for cybersecurity products as a way to protect intellectual property (IP), trade secrets and, of course, money.
The first ever ‘hack’ was carried out in the 1960’s by students at Massachusetts Institute of Technology (MIT) who attempted to improve and test the limits of model trains. They eventually moved on to computers,attempting to improve their efficiency, however, these days hacks are often seen as more malicious attacks on data and sensitive information. By the 1990’s the world had started to adopt the computer as standard and virus and malware numbers had already started to increase exponentially.
Skip forward to 2022 and cyber-attacks have become ever more prevalent and costly to organisations and individuals. The dangers of attacks on sensitive personal information are clear and the list of options available to criminals once this data has been obtained is lengthy. Identity theft, such as using victims’ credit cards, and using sensitive information to harm organisations, are both examples of how personal information can be used by hackers to eventually obtain money. As such, this data is extremely important.
While there have been numerous larger attacks, the 2017 Equifax and 2014 JP Morgan data breaches show the highly sensitive nature of data that can be stolen. Bank details and credit history can be used in a number of ways, leaving fraudulent loans taken out in people’s names or cash simply taken from their bank account. Such financial institutions are entrusted with client information, as well as money and investments, and with millions of US, UK and Canadian citizens effected by both attacks, it calls into question the effectiveness of such firms’ cyber protection, especially given the nature of the data they hold.
However, nowadays there are several reasons for companies to take their data security seriously, not least due to the reputational and financial risk, but also the increasing regulatory scrutiny and penalties that can come with it. Under GDPR rules, breaches can be met with fines of up to €20m or up to 4% of a company’s global turnover, whichever is higher.
Such incentives to protect from the severe risks involved have helped to foster new age cybersecurity companies that utilise the most advanced technology in order to protect their client’s data. Firms such as Darktrace and Crowdstrike have created and nurtured extremely complicated and advanced products that use artificial intelligence and machine learning to both learn from previous attacks, as well as predict future ones, helping to build a broad-based and highly effective defence against cyber-attacks. Typical legacy cybersecurity providers have long since lacked the investment into research and development (R&D), developing products that are typically easily sidestepped by hackers and sold on a one-off basis, meaning that their customers are faced with large invoices from the start.
The new, high-tech firms, however, typically sell their products on a subscription basis, meaning that businesses have low, regular monthly payments and any upgrades to the products are often included in the price with perhaps small, occasional uplifts in cost each year. This has meant that such firms, which are often small or medium-sized businesses, have been excellent investments, typically right from the point at which they listed on the stock market. Since its initial public offering (IPO) in April of this year, UK-based Darktrace has outperformed the CBOE UK All Companies index by over 77% and Crowdstrike, a US-based competitor, has risen an astronomical 347% since its IPO in June 2019. These instances of incredible share price growth are not without merit. Both companies have been working hard on pushing the advantages of their products, spending heavily on R&D and sales and marketing, subsequently growing revenues exponentially by taking market share from the legacy incumbents.
We would expect this trend to continue as such companies continue to embrace technologies that are able to constantly improve their product and ensure their customers remain protected from malicious cyber-attacks. The industry itself offers a wide array of attractive demand tailwinds from corporate risk mitigation to legal adherence and this should see it grow at a consistent and healthy rate for some time to come. With fast-growing, new-age technology companies the norm, the sector remains a stock picker’s paradise, with those companies carving out market share likely to remain very strong investments for some time.
Please note that this communication is for information only and does not constitute a recommendation to buy or sell the shares of the investments mentioned. The value of investments and any income derived from them may go down as well as up and you could get back less than you invested.
This article was taken from the
November 2021 Market Insight. To subscribe to our investment publications, please visit
www.redmayne.co.uk/publications.