Cybersecurity Market. PHOTO: Cybercrime Magazine.

Cybersecurity’s Incredible Comeback; Industry Outpaces S&P 500 Recovery

Tracking the stock performance of pure play companies

Zsófia Boros

Tel Aviv, Israel – May 5, 2020

“This is a ‘once in a generation’ depression,” we were told, as the 2008 Recession unfolded. Only a few years later, it became clear that we might need to brace ourselves for another freefall. We did not, however, predict that a pandemic-driven lockdown of this scale and endurance would serve as its impetus. The economy has now been in flux since February with a number of alarming dips and stock prices spiraling. Countless people have lost their jobs while those still employed must work from home with a healthy helping of Zoom calls. Not only have businesses had to shift their operational structures overnight to accommodate such a sprawl, they’ve had to do so while fighting the ultimate battle of “keeping their lights on.”

Interestingly enough, this crisis has also uncovered, hastened and solidified market trends that were already well on their way. Evidently, e-commerce has born this crisis well after online ordering transitioned from a choice of convenience to one of necessity. This question of necessity lies at the heart of a discovery I made in my work as an analyst at YL Ventures. Between February 19th, 2020 — the peak of the S&P 500 before the crash—to April 30th, the cybersecurity industry has made an incredible comeback demonstrating that it too has become a necessity in contemporary business.

I discovered this after tracking closing stock prices of the industry’s top 20 purely cybersecurity companies selected from the First Trust Nasdaq Cybersecurity ETF and monitoring them closely. I also included CrowdStrike, given its outstanding performance as of late.

 Here’s the list of the 21 cybersecurity companies I observed:

  1. Avast
  2. Check Point
  3. CrowdStrike
  4. CyberArk
  5. FireEye
  6. ForeScout
  7. Fortinet
  8. Juniper
  9. Mimecast
  10. NortonLifeLock (formerly known as Symantec)
  11. Okta
  12. Palo Alto Networks
  13. Proofpoint
  14. Qualys
  15. Rapid7
  16. SailPoint
  17. Splunk
  18. Tenable
  19. Trend Micro
  20. Varonis
  21. Zscaler

 I averaged these companies’ stock prices and compared their behavior to the S&P 500.

Figure: S&P 500 vs Avg Stock Price of the 20 listed Cybersecurity Companies

As indicated, the cybersecurity industry started rebounding on March 18th, 2020. It has since recovered at a remarkably faster rate than the market average and outperformed the market every day. As of April 30th, the S&P 500 traded 13.19 percent lower than it did on February 19th, prior to the crash. However, the average stock price of the cybersecurity industry’s top 21 companies is only trading 8.45 percent lower than before. Interestingly, nearly a third of these companies — Symantec, Okta, Zscaler, CrowdStrike, Avast and Qualys — are even trading higher than they were before the crisis.

So, what are the main takeaways from this phenomenon? First, it’s worth noting that cybercriminals are amplifying the chaos of these “strange and confusing times” and further driving the demand of cybersecurity solutions. They’ve ramped up phishing and ransomware attacks, the latter of which are incentivized by the rise in ransom payments, and are feasting on the ill-preparedness of enterprises needing to suddenly support entirely remote workforces.

However, this trend can also be explained by a shift in enterprise perspectives as we mature into the digital era. Over the last decade, cybersecurity has slowly moved from the fringes of C-Suite discourse to a part of it, with the rise of the CISOs and their oversight of entire security teams and departments. We have also seen the cost of failing to embrace it in time or properly in countless breaches that tumbled — or at least humbled — seemingly untouchable behemoths (or at least their CEOs). Just as we as consumers are reliant on technology and digital means to get through our daily work and lives, so too are enterprises. They cannot afford denial of service, privacy infringements, data breaches and ransomware attacks. The risks today have become far too high to both their reputations, performance and shareholders.

Cybersecurity has proven its resilience in this new economy and will emerge as an even stronger field as enterprises finally embrace that it is as necessary for keeping the lights on as their other priorities. CISOs are invited to cautiously rejoice — it looks like the enterprise world is truly embracing cybersecurity as a need.

Entrepreneurs should take note. The new realities born of this pandemic, specifically entire remote workforces, aren’t yet adequately addressed by the market. Even after we transition back to “normalcy” when this is over, and CISOs return to their previous priorities, it will be important for them to have a solid framework in place should a crisis like this ever happen again. These are difficult times, but, as Sounil Yu (CISO-in-Residence) at YL Ventures recently said, “constraints breed innovation.” It’s time for cybersecurity-enthusiastic entrepreneurs to help the market recover and, hopefully, stay healthy.

This post originally appeared on LinkedIn.

– Zsófia Boros is an analyst at YL Ventures, who funds and supports brilliant

Israeli cybersecurity entrepreneurs from seed to lead.