These Three Companies Are ‘Defense Stocks in Disguise’ – And Here’s How to Play Them

By TradeSmith Editorial Staff

Listen to this post
In the hours before Russian troops marched into Ukraine on Feb. 24, a cyberattack against a satellite system separated thousands of Ukrainians from Internet access.

In that moment, cybersecurity suddenly became the paramount concern for all technologically rich corporations.

Cyberattacks are part of the Russian aggression playbook: Back in 2015, after the Russian invasion of the Crimean Peninsula, suspected Russian hackers pulled the plug on electricity for about 230,000 customers in western Ukraine.

Even before the February attack, U.S. intelligence operatives warned of the new cyberthreat. And in the aftermath of financial and economic sanctions posed against Moscow by the West, U.S. President Joe Biden urged companies to “harden your cyber defenses immediately.”

This “new reality” – one that threatens power, water, communications, traffic, health care, supply chains, banking, and more – is here to stay. Indeed, a cyberattack occurs about once every 39 seconds, or about 2,200 times per day – each and every day.

That makes cybersecurity one of the biggest issues we face. So today we’ll look at the state of cybersecurity here in America and what it means for investors – both in terms of risk and opportunities.

Cyberwarfare 101

There’s a “menu” of cyberattack types. But here are the five most common versions:

  • Malware – any type of malicious software, like viruses or spyware, that bogs down systems or steals data.
  • Ransomware – an attack that encrypts data on a system and requests a form of digital payment (cryptocurrency) to release that data. The Colonial Pipeline hack that occurred in 2021, disrupting the supply of oil and causing gas prices to surge, was an example of ransomware.
  • Phishing – fraudulent emails containing links to harmful software that can steal data or take over systems.
  • Denial of service (DOS) – attacks that flood systems, servers, or networks with traffic in order to overload resources, rendering them incapable of performance.
  • Password attacks – the theft of a password in order to gain network access to steal sensitive information or perform destructive activities remotely.
These activities have created a whole industry whose purpose is to thwart attackers by safeguarding networks and workstation computers with a combination of procedures, software, and in some cases, physical barriers. Market researcher Gartner Inc. estimates that global spending on cybersecurity hit $172 billion last year. That represented a jump of 13% year over year. And that growth is projected to continue at double-digit rates – 11% this year and the same again in 2023.

Other forecasts are even more ambitious: Astute Analytica says spending on cybersecurity will continue at a compound annual growth rate (CAGR) of 13.4% through 2027, when the total bill will reach $346 billion.

Such spending is needed. Although thousands of attacks are thwarted each day, the ones that succeed make headlines. And with government-backed internet assaults becoming part of the “basic warfare kit,” the ante will just keep climbing.

A good first step toward tightening cybersecurity in the private sector has manifested in the form of a new executive order requiring private companies to share information about threats they would’ve normally kept secret.

The question now is this: What has to happen before cybersecurity becomes a bigger concern for the public and private sector? Changes like this – coupled with the headlines made by the Russian cyberattacks against Ukraine – have publicly elevated cybersecurity’s importance and will accelerate change.

In fact, we’ve identified four “catalysts” that will ignite big investments in cyber-protections.

Trigger No. 1: Tougher Minimum Standards

Nobody likes additional rules and regulations, but they’re needed to overcome lax standards, disjointed guidelines, and big disparities in the levels of protection that are in place. That, in turn, will trigger investment outlays.

Trigger No. 2: The Cloud

As a longtime tech entrepreneur, I’m a huge believer in the reality that innovation drives growth. And one of the biggest innovations of the past decade is the cloud. We’ve watching the digital transformation that has shifted us away from local servers and into the cloud – and into the whole software as a service (SaaS) trend. This shift has created new “vulnerability points” that must be addressed.

Trigger No. 3: The COVID-19 Pandemic

Just as the cloud made all sorts of new things possible, so has the remote work trend. Being able to work and collaborate from anywhere is part of a shift toward the “bring-your-own-device” (BYOD) era. That’s been great for corporate and worker efficiency, but it also creates weak points that bad actors can exploit.

Generally, home PCs, laptops, and personal smartphones aren’t as protected from attacks, as they lack fortifications such as corporate firewalls and continually updated security solutions. They are also vulnerable to missteps by less-than-vigilant consumers who bring their lax practices to work.

This vulnerability increases demand for security products that support remote work.

Trigger No. 4: An Escalation in State-Sponsored Cyberattacks

In recent years, the United States, Iran, China, North Korea, and Russia have all embraced warfare on the digital frontier. In a now-well-chronicled story, the Pentagon used cyberweapons to blunt Iran’s nuclear efforts. China has a dedicated internet army. And with its Ukraine assault well underway, Russia now says that it’s become the target of hundreds of thousands of cyberattacks per day, Reuters says — and the Kremlin is holding the United States responsible and has vowed retaliation.

What goes around comes around: The Biden administration says it’s in possession of “evolving intelligence” about potential cyberattacks directed against America.

So, more legislation, the ongoing development of cloud computing, COVID-19, and a credible warning from the Kremlin have all come together to increase demand for cybersecurity services.

That brings us to the big question: Now that we understand the threat — and understand the “triggers” that will drive investment into neutralizing it — who will be the biggest beneficiaries that you can invest in?

We’ve identified three for you to look at right now.

Cybersecurity Beneficiary No. 1: Microsoft Corp. (MSFT)

There’s an irony in having a company nicknamed “Mr. Softy” involved in a rough-and-tumble cybersecurity skirmish, but as a massive software player and a superbly run company, it’s the logical first place to start. Plus, it was Microsoft that initially reported attacks on Ukraine’s digital infrastructure.

Cybersecurity is a big opportunity – and Microsoft is ready to land some hard punches. CEO Satya Nadella recently disclosed that cybersecurity revenue exceeded $10 billion annually – and said that part of the company’s business is growing at a hefty 40% per year.

Microsoft isn’t just relying on its in-house resources, either: It recently spent $500 million to snag RiskIQ, a company that manages security threats. And it also picked up CloudKnox Security last July.

Microsoft has also planted a flag in the metaverse, urging software companies to work together on “interoperability” capabilities. Those intersections can be exploited by hackers too. So Microsoft is looking for ways to make the metaverse work smoothly – and mitigate any threats.

The TradeSmith algorithms show that MSFT is currently in the Green Zone. But you can see that it’s also been a volatile couple of months – with the stock seesawing into the cautionary Yellow Zone at least three times since the beginning of the year.

But Microsoft is a popular stock, and its push for dominance in cybersecurity will only support its position in the months ahead. MSFT qualifies as one of our top-ranked Growth stocks, and it appears on our Best of the Billionaires list.

MSFT is recommended in eight financial newsletters we track and is among the holdings of 12 investors in TradeSmith’s Billionaires Club. It presents a medium risk with a Volatility Quotient (VQ) of 22.57%. However, it’s currently in a downtrend.

The Takeaway: Now is not the time to strike on Microsoft. But it’s a great company, has been a great-performing stock, is an innovator, and is worth adding to your watchlist.

Cybersecurity Beneficiary No. 2: Fortinet Inc. (FTNT)

As the United States braces for counterstrikes in cyberspace, Fortinet should benefit from the increased focus on cyber-defense spending.

Well-established companies will see a bigger bump in revenue – over and above what they’ll already be getting from stepped-up outlays on the cloud, the metaverse and other tech-focused growth areas.

Fortinet is already benefiting: In its recently reported fourth-quarter financial results, it actually beat forecasts by a hefty 6.96%.

Guidance forecasts by management are currently tracking bearish, but the new focus on cybersecurity could be a near-term trigger for the stock – and will certainly serve as a longer-term catalyst.

This is a highly volatile stock, with a VQ of 34.14%, so you can expect mild price swings in bullish or bearish directions. FTNT just reentered the Green Zone on March 18, after a brief pullback into the cautionary Yellow Zone – a bullish sign. And the stock has soared 248% in the two years since its entry signal on March 24, 2020.

The Takeaway: FTNT qualifies for three of our Ideas Lab strategies, including Low Risk Runners and Kinetic VQ. It also appears in two of the newsletters we track.

Cybersecurity Beneficiary No. 3: CrowdStrike Holdings (CRWD)

If you’re an investor who’s truly adventurous, then CrowdStrike (CRWD) might be worth a look. Candidly speaking, with a VQ of 52.39%, this stock has sky-high risk.

But CRWD has good numbers. The company’s fourth-quarter revenue of $431 million represented a year-over-year increase of 63% — a huge surge. For the current quarter (which ends April 30), CrowdStrike is forecasting revenue between $458 million and $465.4 million – a year-over-year jump of as much as 54%.

Those are impressive growth numbers in any instance. But when you’re talking about revenue, it’s particularly stunning.

Sales are forecast to jump 63.8% to $1.43 billion for the full year – and the global uncertainty and the opportunity we’re seeing in cyberspace will be a big reason why.

Our algorithms reveal that CrowdStrike just climbed out of the Yellow Zone and into the Green Zone on March 22. It’s currently in a sideways trend and has demonstrated choppy performance since the beginning of the year. But that’s expected with a VQ as high as CrowdStrike’s.

In the week since advancing out of cautionary territory, it had already gained nearly 4%, climbing from $217.06 on March 22 to $224.96 by the last day of the month.

The stock is recommended by three newsletters we track and appears in the portfolio of at least one billionaire investor in the Billionaires Club.

The Takeaway: Use your best judgment, but there is a lot to like about this stock if you’re looking for growth.

How We Handle Cybersecurity

That’s three cybersecurity plays for your consideration. It might be a good idea to track these in a watchlist to see whether any bump they receive from current events is short- or long-lived.

As long as innovation – especially innovation based on need – is a catalyst for growth, technology will continue to be a long-term wealth builder. And when it comes to need, it’s hard to top cybersecurity.

I can tell you we take cybersecurity seriously at TradeSmith, providing internal training to staff, two-factor authentication, and state-of-the-art encryption wherever necessary to protect the integrity of our systems.

Do you think cybersecurity has the potential to be the technology investment opportunity of 2022? I’d like to hear what you think. Email me and tell me how you see it evolving over the next couple of months.

Now, go change your password. 😉