Cybersecurity confirmation in March quarter earnings

Cybersecurity confirmation in March quarter earnings

We are in the thick of the March quarter earnings season and following a week of Big Tech earnings that included Apple (AAPL), Alphabet (GOOGL), Facebook (FB), and Amazon (AMZN), the coming week will be an earnings barn burner for constituents in the Foxberry Tematica Research Cybersecurity & Data Privacy Index (FXBYCYBR). One of the key tentpole investment thesis underlying the Cybersecurity & Digital Privacy index should once again be confirmed – as our lives become increasingly connected with accelerating 5G deployments, the expanded scope of connected devices and the internet of things will fuel demand for cybersecurity solutions. The groundwork for what we will hear in the coming weeks reflects the number of high-profile attacks early in the March quarter, the quarterly results and commentary from the handful of index constituents that have recently reported their quarterly results, and newly published reports discussing developments in the cybersecurity market.

10 major attacks during the March 2021 quarter

The COVID-19 pandemic accelerated the digital transformation that was underway for many companies as the adoption of work and learn from home, greater interconnectivity, and the shift to the cloud, all led to a surge in cyberattacks. Findings from Forrester consulting revealed companies felt they “had become more vulnerable” to cyberattacks since the start of the pandemic as total cyber losses among the affected firms rose to $1.8 billion, a 50% increase compared to the prior year. [1] A separate report from Hiscox found companies in the UK and Europe doubled cybersecurity spending to combat the increase in cyberattacks during 2020[2] but a finding published in the 24th Annual Global CEO Survey from PwC shows 47% of CEOs are concerned with cyber threats, up from 46% in 2020.

That increase in concern is understandable given the number of high-profile attacks that occurred during the March 2021 quarter:[3]

  • Threat actors actively exploited four zero-day vulnerabilities in Microsoft’s (MSFT) Exchange Server that resulted in at least nine government agencies and 60,000 private companies in the US alone being affected by the attack.
  • Computer giant Acer Inc. (ACEYY) suffered a ransomware attack and was told to pay a ransom of $50 million.
  • A data breach at aircraft company Bombardier (BDRBF) resulted in the compromise of the confidential data of suppliers, customers, and around 130 employees located in Costa Rica.
  • A cyber-attack disrupted US cyber insurance firm CNA Financial Corp.’s (CNA) customer and employee services for three days with the company forced to shut down to prevent further compromise.
  • London-based Harris Federation suffered a ransomware attack and was forced to “temporarily” disable the devices and email systems of all the 50 secondary and primary academies that it manages.
  • Australian broadcaster Channel Nine was attacked, leaving the company unable to air its Sunday news bulletin and several other shows.
  • A ransomware attack against the internal IT systems at IoT device manufacturer Sierra Wireless (SWIR) led to the company halting production at its manufacturing sites.
  • Cybercriminals engineered an attack on a Florida water treatment facility seeking to poison the plant’s water supply by increasing the amount of sodium hydroxide to a potentially dangerous level.

And while those and other high-profile attacks garner media attention, 30,000 websites were hacked per day in 2020 and every 39 seconds there is a new attack somewhere on the web.[4] To combat the “growing cyber challenge” as the scale of the problem “continues to both change and grow,” businesses are allocating more resources, including a 39% increase in cybersecurity spending.[5] That increase is leading to favorable year-over-year revenue and earnings metrics that have already reported their March quarter results and is poised to do the same at those that have yet to do so.

March quarter earnings

According to Zacks, during April, more than 1,500 companies reported their quarterly results and among there were several favorable reports from index constituents. Several key themes were had including:

  • Revenue and EPS for the March quarter came in ahead of consensus expectations;
  • Upward revisions were had to financial guidance;
  • Warnings that the number of attacks continue to grow even as bad actors continue to innovate new attack strategies.

Check Point Technologies (CHKP) reported a March quarter beat with revenue up 5% year-over-year to $508 million, while EPS for the quarter rose 9% to $1.54. Deferred revenue for the quarter climbed 8% compared to the March 2020 quarter, reaching $1.458 billion.

Per the company: “As hackers continue to find new ways to exploit the pandemic’s disruption, Check Point Research warned organizations about a global surge in ransomware attacks, alongside increases in cyber-attacks targeting Microsoft Exchange Server vulnerabilities. This uptick included a 57% increase in organizations affected by ransomware during a 6-month period.”

March quarter results at F5 Networks (FFIV) topped expectations with revenue for the quarter up 10% year over year to $645 million. According to the company, it is seeing stronger than anticipated demand across the board as “Business and consumers increasing reliance on applications has accelerated all prior expectations about the pace of digital transformation… customers across the globe are scaling their digital assets faster, resulting in a growing demand for F5’s application security and delivery solutions.”

During the quarter, F5’s transition to a subscription-based model continued with record subscription volume leading subscriptions to account for 79% of its software revenue in the quarter vs. 73% in the year-ago period. Meanwhile, Systems revenue rose 17% year-over-year due to increases in “application traffic, the continued growth of systems-based security use cases as well as the emergence of 5G-driven service provider demand.”

When it reported its March quarter results, FireEye (FEYE) bested consensus expectations with $246.3 million in revenue, a 10% increase vs. the year-ago period, and boosted its 2021 guidance to $1.01-$1.03 billion vs. $941 million in 2020 and $889 million in 2019. During the quarter, the company’s annual recurring revenue climbed 9% to $643 million. Leading that charge was the company’s platform cloud subscription, managed services professional services that amounted to 69% of total billings in the quarter, up from 56% a year ago.

The March quarter also showed FireEye making progress on bagging larger deals as the number of products per customer continued to grow. During the quarter, the company closed 30 transactions greater than $1 million and more than 70% of those transactions included three or more products or solutions, and 60% included consulting services.

On the company’s earnings conference call, it shared its findings that “actors continue to innovate faster than the technologies customers are deploying to protect their networks and organizations are deploying to protect their networks. The attackers are learning new ways to circumvent conventional safeguards that cannot or do not learn from the frontlines in a timely manner.”

Later on in the call, FireEye added the following: “Nearly half of the 294 distinct malware families we observed in investigations last year were new and never seen before. More than 80% of these new malware families were not publicly available, meaning they were privately developed, and availability was restricted in some way. And 70% of all the malware families we observed were only found in a single intrusion set.”

Fortinet (FTNT) reported March quarter revenue that climbed 23.1% compared to the year-ago quarter reaching $710.3 million, nicely ahead of the consensus forecast. EPS for the quarter cruised past consensus expectations as well hitting $0.81 per share. Billings for the quarter jumped 27% year over year to $850.6 million while total deferred revenue exiting the quarter rose roughly 25% to $2.75 billion.

Cloud security solutions were a driving force in the company’s Service revenue, growing to $460 million during the quarter. Support and professional services revenue increased 21% to $210 million, while Fortinet’s subscription revenue grew 21% year-over-year and low-single-digit quarter-over-quarter gains to $255 million. For the current quarter, the company sees revenue of $733-$747 million, up 19%-21% year over year, and ahead of the $732 million consensus.

Upcoming constituent earnings reports

As the pace of quarterly earnings accelerates further in the coming weeks, with roughly 2,540 such reports to be had in May vs. 1,507 in April, a greater number of index constituents are slated to issue their latest quarterly results:

  • Tuesday, May 4: Commvault (CVLT), McAfee (MCFE)
  • Wednesday, May 5: CyberArk (CYBR), Radware (RDWR), Ping Identity (PING)
  • Thursday, May 6: NetScout Systems (NTCT), Cloudflare (NET)
  • Monday, May 10: Norton Lifelock (NLOK), SailPoint (SAIL)
  • Tuesday, May 11: Mimecast (MIME)
  • Thursday, May 13: Nice Ltd. (NICE), Tufin Software (TUFN)
  • Wednesday, May 19: Cisco Systems (CSCO)
  • Thursday, May 20: Palo Alto Networks (PANW), Splunk (SPLK)
  • Thursday, May 27: Okta (OKTA), Zscaler (ZS)

When we held the last webinar at the end of March, before the current earnings season got underway, we commented that the constituents of the Cybersecurity and Digital Privacy Index were poised to grow their aggregate revenue and EPS by more than 20% over the 2020-2022 period. As we tally the upcoming earnings reports, we’ll have a much better sense for the degree to which 2021 cybersecurity industry spending forecasts calling for year over year growth of 10% are conservative and how translates into even faster revenue and earnings growth for the basket of constituents. We continue to see consensus expectations for that basket moving higher over the coming quarters as the increasingly pervasive nature of attacks is once again realized while the combination of new technologies, new business models, and sadly new types of attacks expands the addressable market even further.

==============================================================

[1] “Firms are Spending More on Cybersecurity To Combat Growing Threats” available at https://digit.fyi/firms-are-spending-more-on-cybersecurity-to-combat-growing-threats/

[2] IBID

[3] “10 Major Cyber Attacks Witnessed Globally in Q1 2021” available at https://securityboulevard.com/2021/04/10-major-cyber-attacks-witnessed-globally-in-q1-2021/

[4] “How Many Cyber Attacks Happen Per Day in 2020?” available at https://techjury.net/blog/how-many-cyber-attacks-per-day/

[5] “Firms are Spending More on Cybersecurity To Combat Growing Threats” available at https://digit.fyi/firms-are-spending-more-on-cybersecurity-to-combat-growing-threats/

Sizing up thematic returns in February

Sizing up thematic returns in February

Equities continued to swoon during February as investors came to grips with the expanding impact of the coronavirus. Amid a growing sea of corporate warnings that led investors to question earnings forecasts for the current quarter as well as all of 2020, all the major stock market indices finished February down 6.4%-10.1%. The hardest hit was the Dow Jones Industrial Average, and the US stock market barometer that is the S&P 500 fell 8.4% in February, which added meaningfully to its decline year to date. 

Despite investors taking profits in the Technology and Healthcare sectors, they along with Communication Services helped temper the market’s February selloff. Names like Regeneron Pharmaceuticals (REGN), Biogen (BIIB) and Gilead Sciences (GILD) saw gains on advances in potential coronavirus treatment development in particular. While markets overall were impacted by unfolding events during the month Energy, Utilities and Consumer Discretionary names seemed to lead the way down. Muted demand for oil due to reduced manufacturing activity and fears of continued softening in the global economy saw oil prices drop almost 17% during the last week of the month. Unsurprisingly, cruise line operators Norwegian Cruise Lines (NCLH) and Caribbean Cruise Lines (RCL) were among the worst performers this month both posting losses over 30% with Carnival Corporation (CCL) not too far behind losing over 23% of its market value as those companies paired back 2020 expectations due to the coronavirus’s impact. The same was had with airlines with American Airlines Group (AAL) down 29.68% and Alaska Air Group (ALK) off 21.88% as they too canceled flights and reduced schedules owing to the virus.  

At Tematica we’ve often questioned the notion of the S&P 500’s construction as well as the ability of an 11-sector framework to accurately capture the evolving landscapes that we and other investors find ourselves confronting as structural changes associated with our 10 investment themes continue to unfold.  In our view a different perspective is needed, a thematic one, to properly identify those companies at the forefront of these unfolding structural changes. For example, cruise lines such as the ones mentioned above fall into the Consumer Discretionary sector while companies such as Omega Healthcare Investors (OHI) that offer long-term healthcare facilities is classified as Real Estate even though both are feeling the tailwinds of Tematica’s Aging Population investing theme on their respective businesses.

Another example of looking at the world thematically is found in the Tematica Research Cleaner Living Index, which focuses on the shifting consumer preference for cleaner products and services that are better for you, your body, your work, your workplace, and the environment.  Despite sharp February sell-offs in several index constituents, including Acuity Brands (AYI). Fresh Del Monte Produce (FDP) and Hain Celestial (HAIN), solar energy systems companies Sunrun (RUN) and SolarEdge Technologies ((SEDG), as well as plant-based alternative Beyond Meat (BYND) and Tesla (TSLA), led the Cleaner Index to slip by only 3.1% in February. That decline more than offset the index’s modest rise posted during January leaving it down 2.6% year to date vs. the S&P’s 8.6% drop at the end of February. 

Of note during February, 

  • Plant-based meat alternatives notched another win as Beyond Meat announced the Beyond Meat sandwich will be available at Starbucks’ (SBUX) nearly 1,200 coffee shops across Canada on March 3. The sandwich will include cheddar cheese and egg on an artisanal bun. Not to be outdone, Impossible Foods announced its plant-based meats will be available across Walt Disney (DIS) theme parks and cruise lines come Feb. 28. 
  • Confirming the drivers for Cleaner Living are global, during February it was reported by the Fraunhofer Institute for Solar Energy Systems (ISE) that 61.2% of Germany’s net public electricity generation was from renewable sources, marking a new monthly record. 
  • And while Tesla has an early lead in the electric vehicle space, BMW is set to take the wrap off its i4 electric concept car and General Motors (GM) is slated to discuss its electric vehicle and battery strategies at its upcoming EV Day on March 4. GM’s battery facing comments will be ones to watch ahead of Tesla’s “Battery Day” slated for April.

Amid the coronavirus headlines investors were digesting during February, there were two powerful reminders of the growing need for cybersecurity and digital privacy solutions. The first was the announcement from gaming and hospitality giant MGM Resorts International (MGM) that it had been the victim of a data breach in 2019. The second was a statement from the US State Department blaming the Russian military intelligence agency known as the GRU for the cyberattacks that hit Georgia last October and disrupted “several thousand Georgian government and privately-run websites and interrupted the broadcast of at least two major television stations.”

Those attacks are but the latest high-profile ones to be reported and point to the increasing need for companies, governments, other institutions and individuals to protect their data, especially as the regulatory environment could increase the frequency of financially motivated cyber-attacks. Each week in Thematic Reads, we share some of the latest headlines and news stories surrounding the Foxberry Tematica Research Cybersecurity and Data Privacy Index. As society becomes increasingly connected as part of our Digital Lifestyle investment theme and as new technologies associated with our Digital Infrastructure investing theme look to connect more devices than ever before, we continue to see an increasing demand profile for the constituents that comprise the Foxberry Tematica Research Cybersecurity & Data Privacy Index. During February the index fell 8.2% as gains registered in the shares of Cloudflare (NET), Norton Lifelock (NLOK) and ForeScout Technologies (FSCT) were offset by declines in Palo Alto Networks (PANW), Globalscape (GSB) and Mimecast (MIME) shares. 

Turning to the Tematica’s Thematic Dividend All-Stars Index, which is comprised companies with at least ten consecutive years of increasing annual regular dividend payments and whose business models will benefit from multiple thematic tailwinds tracked by Tematica’s Thematic Scorecard, its total return for February was -8.1% vs. the total return for the S&P 500 of -8.3%. Among the index’s 65 constituents, only Healthcare Services Group (HCSG), Albemarle Corp. (ALB) and Target (TGT) finished higher in February, leaving meaningful declines at Aaron’s (AAN), Nu Skin (NUS) and Invesco (IVZ) to have a greater impact on this equally weighted index. 

Generally speaking, companies that continually increase their dividends to shareholders tend to see a positive step function higher in their share prices. During the first two months of 2020, just over 25% of the index constituents announced fresh dividend increases including Aaron’s (AAN), Analog Devices (ADI), Digital Realty Trust (DLR), Best Buy (BBY) and AT&T (T). Given the positive impact of tailwinds associated with Tematica’s investment themes, we look forward to sharing news of new dividend increases at the other 72% of the index constituents in the coming months. 

GRU’s Grand Day Out and MGM’s Bad Privacy Luck

GRU’s Grand Day Out and MGM’s Bad Privacy Luck

In the last twenty-four hours, we’ve had two powerful reminders of the growing need for cybersecurity and digital privacy solutions. The first was the announcement from gaming and hospitality giant MGM Resorts International (MGM) that it had been the victim of a data breach in 2019. The second was a statement from the US State Department blaming the Russian military intelligence agency known as the GRU for the cyberattacks that hit Georgia last October and disrupted “several thousand Georgian government and privately-run websites and interrupted the broadcast of at least two major television stations.” 

As the digital world becomes increasingly pervasive so too does the need for cybersecurity and data protection solutions. The passage of General Data Protection Regulation (GDPR) in the European Union and the California Consumer Privacy Act are both driving spending on security measures as companies race towards compliance with these new personal data privacy regulations.

In the case of the MGM breach, the personal details of more than 10.6 million guests of the resort chain were published on a hacking forum, including information from driver’s licenses, passports, and military ID cards. While the company doesn’t have any current operations in California, it does have operations in Maryland, Massachusetts and New York. All three of those states introduced new privacy laws in 2019, which are pending in Maryland and Massachusetts but active in New York as of January 2020. 

Those new laws and a growing number of similar legislative acts emerging in other states are intended to increase the cost to companies of data breaches compared. As we noted in “A Whitepaper on Cybersecurity and Privacy”, fines associated with privacy law violations can be $100-$750 per user, which could be financially devastating. If a company doing business in California experienced an attack similar in size and scope to MGM’s, it would be staring down a potential fine between $1-$8 billion. For some perspective, the MGM breach paled in comparison to the 2018 breach at Marriot International (MAR) that exposed data of up to 500 million guests. 

Luckily for MGM, this data breach occurred in 2019 before new privacy laws were enacted this year. Even so, in response to the attack, MGM retained two cybersecurity forensics firms to conduct an internal investigation into the server exposure and has “strengthened and enhanced the security of our network to prevent this from happening again.”[1] That means spending on cybersecurity and data privacy solutions. Given the evolving nature of attacks, this will not be a one-time investment. MGM, and all companies facing such risks, will need to be perpetually vigilant in safeguarding their networks especially customer data. 

Threat intelligence firm KELA identified the culprit behind the MGM attack as a member of the GnosticPlayers[2], a hacking group responsible for the hacks of more than 45 companies and the leaking of over one billion user records throughout 2019. The new privacy laws in the US and the European Union expand the potential damage such hacking groups can inflict on companies, increasing the need for cyber protection lest they leave themselves vulnerable to attacks and privacy-related fines. The new privacy regulations increase the potential financial harm to a company from hacking, creating yet another powerful incentive for preventative security spending. 

While the attack on MGM was a clear example of the need for better corporate cybersecurity and data privacy, the cyberattack on Georgia, is one of cyber warfare. The Georgia attack knocked out thousands of government, private sector, and media websites, and interrupted broadcasts of at least two major television stations.

The UK’s National Cyber Security Centre (NCSC), concluded, “with the highest level of probability, “the attacks, aimed at web-hosting providers, were carried out by the GRU (a Russian military spy agency) in a bid to destabilize the country. The GRU is also believed to be behind NotPetya, a June 2017 cyberattack that invaded global corporate networks crashing many systems worldwide, disrupting business for companies including “Maersk, pharmaceutical giant Merck, FedEx’s European subsidiary TNT Express, French construction company Saint-Gobain, Mondelez, and Reckitt Benckiser. “[3]

In terms of the size of the NotPetya attack, “According to confirmation received by WIRED from former Homeland Security adviser Tom Bossert, the result of this attack was more than $10 billion total loss in damages.”[4] That compares to losses of $4-$8 billion associated with the WannaCry virus in May 2017.

While the attack on Georgia is gaining renewed exposure, the reality is it is just the latest in a growing number of cyber warfare attacks; a list of such attacks is being compiled by the Center for Strategic & International Studies. 

The bottom line is in a world of increasing connectivity that brings ever greater accessibility, companies, governments, and institutions are facing a cyber arms race that will generate continual and growing demand for evolving cyber defense solutions. If a company opts not to secure itself, it risks devastating fines. We suspect the more prudent companies will instead engage with cybersecurity and data privacy companies that comprise the Foxberry Tematica Research Cybersecurity & Data Privacy Index.


[1] ZDNet, “Exclusive: Details of 10.6 million MGM hotel guests posted on a hacking forum”, 2020. Available at https://www.zdnet.com/article/exclusive-details-of-10-6-million-of-mgm-hotel-guests-posted-on-a-hacking-forum/

[2] ZDNet, “Exclusive: Details of 10.6 million MGM hotel guests posted on a hacking forum”, 2020. Available at https://www.zdnet.com/article/exclusive-details-of-10-6-million-of-mgm-hotel-guests-posted-on-a-hacking-forum/

[3] NS Tech, “Russia’s GRU launched cyberattacks aimed at destabilising Georgia, says NCSC”, 2020. Available at https://tech.newstatesman.com/security/russia-gru-cyber-attacks-georgia-ncsc

[4] Business Standard, “NotPetya: How a Russian malware created the world’s worst cyberattack ever”, 2018. Available at https://www.business-standard.com/article/technology/notpetya-how-a-russian-malware-created-the-world-s-worst-cyberattack-ever-118082700261_1.html

Internet Crime Costs Americans Billions

Internet Crime Costs Americans Billions

While investor focus this week looks to be squarely on COVID-19 and its potential economic impact, the very real costs of cybersecurity threats, which are features in our Safety & Security investment theme, continue to grow at an impressive pace, rising nearly 30% in 2019 from 2018 and nearly 340% over the past 5 years.

Infographic: Americans Are Losing Billions Due To Internet Crime | Statista You will find more infographics at Statista

 

According Statista,

“The FBI’s Internet Crime Complaint Center (IC3) has released its 2019 Internet Crime Reportwhich found that 2019 was a record year for both victims of internet crime and dollar losses in the United States. 467,361 complaints were logged by IC3 in the last calendar year – 1,300 per day on average. The most frequent internet crimes recorded in 2019 were phishing, non-payment/non-delivery scams and extortion. Individuals and businesses lost $3.5 billion in total, an increase on the $2.7 billion lost in 2018.”

Donna Gregory, the chief of IC3, said that while the FBI did not see an increase in new types of fraud in 2019, “criminals are getting so sophisticated” and that “it is getting harder and harder for victims to spot the red flags and tell real from fake.” The companies in the Foxberry Tematica Research Cybersecurity & Data Privacy Index look to provide solutions for and benefit from this growing problem.

 

Infographic: Top Cybercrimes in the U.S. | Statista You will find more infographics at Statista

 

Source: • Chart: Americans Are Losing Billions Due To Internet Crime | Statista