What You Need to Know About Investing in Cybersecurity

There have been many headlines in the past decade about cybersecurity breaches and hacks -- not the least of which was the one that led to Target paying out nearly $300 million to cover damages.

Attitudes around online security are rapidly changing, as companies all over are waking up and starting to deal better with e-security. As a result, the sector is projected to grow to more than $170 billion by 2020.

In this clip, The Motley Fool's Chris Hill and David Kretzmann talk about the recent past and the promising future of cybersecurity providers.

A full transcript follows the video.

The next billion-dollar iSecret

The world's biggest tech company forgot to show you something at its recent event, but a few Wall Street analysts and the Fool didn't miss a beat: There's a small company that's powering their brand-new gadgets and the coming revolution in technology. And we think its stock price has nearly unlimited room to run for early in-the-know investors! To be one of them, just click here .

This podcast was recorded on 12/3/2015.

Chris Hill: Target has agreed to pay $39 million to settle claims related to the data breach in 2013. $20 million of that goes to the banks, $19 million to reimburse MasterCard card issuers. Earlier this year, Target reached a similar settlement with Visa .

And all told -- this is a little surprising to me -- all told, the company has said that they have spent nearly $300 million related to this data breach. And all I can think, David, is, I have to believe that at least one executive at Target is pounding the table, saying, "I told you for three, four, five years, I told you we should be spending more on data security." I mean, hindsight is 20/20, but don't you think that they could have paid a fraction of this amount, and made their security much much greater?

David Kretzmann: Certainly. Cyber security, I think, for that reason, is growing really quickly now. The global cyber security market right now is growing at about a 10% pace each year, and it's expected to grow to more than $170 billion in size by 2020. So, clearly, there's a lot of tailwinds behind that market as more companies recognize the risk. They don't want to be in the headlines like Target or Home Depot or Sony or even the federal government with the Office of Personnel Management earlier this summer, who had a massive hack.

So, in Target's case, they lost $40 million in credit and debit cards, and those were vulnerable for theft. And that obviously puts your customers at risk, it puts your brand reputation at risk, and certainly, the cost could have been a lot less than $300 million if they had been a bit more proactive in their security management. Part of the issue with, when we're talking about cybersecurity, a lot of the focus is placed on what we call "the firewall," it's like the perimeter around the network of a company.

But once a hacker gets through that network, and you can do it by accessing the credentials of a vendor, like with Target or Home Depot, then they can access your network, penetrate that firewall, or that perimeter around the network, and all of the accounts within that network don't have very much security. So, for example, if you have an administrative account, you might have 20 or 30 employees who all have access to the account, with the same password. So, if you're a hacker, as soon as you get that password, you blend right in with the employees. There's no way to tell that someone actually hacked the system.

And then you have massive data breaches like this. So, you have some smaller companies like CyberArk , which is focused on securing those internal accounts, they're also called privileged accounts. So, really, the cybersecurity landscape is really evolving and expanding very quickly.

And I think companies are recognizing now that it's not just a matter of regulatory compliance anymore. I think, maybe 10 or 20 years ago, that's what people thought about when they thought about cybersecurity, and that's how companies treated it. But now, they recognize, we have to be proactive with this. So, thanks to these big companies taking the hit in the headlines, I think companies are becoming more proactive.

Hill: When you look at a company like FireEye , which is very much in the business of cybersecurity, and the fact that their stock has been cut in half over the last 12 months, more so, as an investor, if you think, "OK, I hear everything David's saying, this is a space I want to look at." Is the risk and reward much greater for a FireEye than it is for a company like, say, Cisco Systems , which is a behemoth, and has deep enough pockets to be able to throw more money at this than FireEye ever could?

Kretzmann: Sure. There's a wide array of companies on this spectrum. So, you have some of the smaller companies like FireEye, versus some of the larger companies like Cisco or, Check Point is another one. Just companies that are turning out a huge amount of cash. They're not growing as quickly like companies like Palo Alto Networks or FireEye, but they're also not losing gobs of money like Palo Alto and FireEye.

So, you definitely have to evaluate that. You definitely don't want to go all in on, probably, any one of these companies, especially with those younger, newer companies, which are really focused on R&D, they're hiring a lot of people, they're spending a lot on marketing, they're not making money today. So, obviously, that amplifies the risk a good deal.

The article What You Need to Know About Investing in Cybersecurity originally appeared on

Chris Hill has no position in any stocks mentioned. David Kretzmann owns shares of FEYE and CHKP. The Motley Fool owns shares of and recommends CHKP, FEYE, MA, and V. The Motley Fool recommends CSCO, CYBR, HD, and PANW. Try any of our Foolish newsletter services free for 30 days . We Fools may not all hold the same opinions, but we all believe that considering a diverse range of insights makes us better investors. The Motley Fool has a disclosure policy .

Copyright © 1995 - 2015 The Motley Fool, LLC. All rights reserved. The Motley Fool has a disclosure policy .

The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.

The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.

In This Story


Other Topics


Latest Markets Videos

    The Motley Fool

    Founded in 1993 in Alexandria, VA., by brothers David and Tom Gardner, The Motley Fool is a multimedia financial-services company dedicated to building the world's greatest investment community. Reaching millions of people each month through its website, books, newspaper column, radio show, television appearances, and subscription newsletter services, The Motley Fool champions shareholder values and advocates tirelessly for the individual investor. The company's name was taken from Shakespeare, whose wise fools both instructed and amused, and could speak the truth to the king -- without getting their heads lopped off.

    Learn More