According to a Lloyds of London report issued in July, a global cyber attack could result in damages of as much as $121.4 billion. But based on the growing frequency of such cyber attacks and hacks, this estimate will likely turn out to be too conservative.
The reason is straightforward. The world’s volume of data has been growing exponentially year after year, with the trend really accelerating after 2005. This gives cyber criminals more and more opportunity to gain access to massive amounts of data in a single breach. And potentially a bigger payoff.
Research from IT services firm DXC.technology gives us an idea of how much of our data is out there, exposed to unsavory people. Its research forecast that…
- By 2020, over one-third of all data will live in or pass through the cloud.
- In 2020, data production is estimated to be 44 times greater than in 2009. That’s a 4,300% increase!
The reality is that our personal data as well as corporate and government data will become more and more exposed to those who would exploit access to such data. That does open though a world of opportunity for investors. More on that later.
But first, more on this nasty underside of life in the 21st century coming to the fore again as the credit-reporting agency Equifax (NYSE: EFX) revealed a massive breach of its cyber defenses.
Equifax, with $3.1 billion in revenues in 2016, has a dual role as both a credit-data bureau and fraud monitor. Yet, its cyber defenses could be best described as a sieve.
The hack, which began in mid-May, went undetected for two and a half months. Exposed were the personal records of up to 143 million Americans. That’s nearly half the U.S. population, folks.
The hackers gained access to both the credit card files as well as the company’s back-end systems that store exhaustive data profiles on consumers. This data included Social Security numbers, driver’s license numbers and other sensitive information.
This isn’t the industry’s first brush with poor security of customers’ data. In 2013, it was discovered that an identity thief in Vietnam ran a service that helped others access millions of Americans’ credit reports from a company Experian PLC (OTC: EXPGY) had recently purchased.
Of course, massive data breaches aren’t confined to just this industry. Last December, Yahoo (now part of Verizon (NYSE: VZ) revealed that attacks between 2013 and 2016 had compromised the personal information of more than a billion users. The data stolen included names, phone numbers, birth dates and passwords.
But Equifax’s approach to the breach seemed particularly egregious to me.
First, it did not report the breach for 40 days – just beating the deadline of 45 days, which certain states require. Then, if you were affected by the hack and sign up for Equifax’s offer of one year of its TrustedID product, which scans the black web for your stolen information, you lose all rights to sue the company.
And finally, three Equifax executives sold $1.8 million worth of stock just days after the breach was discovered. That may have been a coincidence, but still the stench from Equifax is almost overwhelming. Talk about a stock to avoid.
More Dangers Lurk
You and I are more at risk though from more than just fraud being committed in our name. Other types of hackers are aiming at other important targets in our lives.
According to a report from cyber security company Symantec (Nasdaq: SYMC), hackers have breached the operational systems of utility companies in the U.S. Symantec says they are lying in wait with the ability to switch off the power and sabotage computer networks.
The group of hackers goes by several names – Dragonfly, Energetic Bear and Berserk Bear. The group is believed to have ties to Russia and has been around for a while. In 2014, it is believed to have compromised the systems of more than 1,000 organizations in 84 countries.
Access is almost too easy for these hackers. With the recent hack of U.S. utilities, entry was gained by simply tricking employees into opening Microsoft Word documents that steal employees’ usernames and passwords.
The danger is very real. Eric Chien of Symantec said that even if hackers compromised a small electric utility company, they could put the power grid at risk by either removing or putting too much power into the grid.
This should not come as a shock to any of us. In July, the Department of Homeland Security and the FBI warned that the U.S. energy industry had been targeted by hackers.
While these hackers may be waiting for the exact right moment to strike, you should not.
Wall Street continues to largely ignore the threat of cyberattacks and hacks. This has left most cybersecurity stocks trailing the performance of other technology sectors, making them relative bargains.
For the broadest possible exposure to the sector, I like the ETFMG Prime Cyber Security ETF (NYSE: HACK). It is up nearly 13% year-to-date and just 10% over the 52 weeks.
Its portfolio consists of 25 stocks, with its top five positions being: Palo Alto Networks (NYSE: PANW), Cisco Systems (Nasdaq: CSCO), the aforementioned Symantec, Splunk (Nasdaq: SPLK) and the British cybersecurity firm, Sophos Group.
This group of stocks contains my next two choices – Symantec and Palo Alto Networks. These companies are benefiting from the growth of the IT security industry from $75 billion in 2015 to $101 billion in 2018, according to IT research firm Gartner.
Symantec provides a wide range of Internet security solutions to both individuals (41% of revenue) and businesses (59% of revenue). You probably have one of its Norton products installed on your computer.
The company’s last earnings report was strong with revenues jumping nearly 33% year-on-year. These kind of results should continue propelling the stock higher (up 34.5% year-to-date and 31.25% over the past 52 weeks).
Palo Alto Networks offers network security solutions, such as next-generation firewall products, to businesses, service providers and governments. As of the end of 2016, the company was third in the security appliance segment (in terms of revenues) trailing only Cisco Systems and Check Point Software Technologies (Nasdaq: CHKP).
It continues gaining customers, with it recently adding 3,000 to its 42,500 global customer base. I also like the fact that Palo Alto’s balance sheet is strong with cash on the books and no debt obligations.
As with Symantec, its latest quarterly report was good with revenues climbing 27% year-on-year. Those kinds of numbers should finally get the stock going. It is up more than 16% year-to-date, but just 1% over the past year.
Owning some sort of cybersecurity is one of the rare no-brainers in the investment world, especially in light of recent events like the Equifax breach.