Skip to Content

Are Cybersecurity Stocks a Buy Today?

Colonial ransomware attack highlights the demand tailwind.

The ransomware attack on Colonial Pipeline has drawn the spotlight back to cybersecurity stocks, but this incident is just one of many that have targeted companies and governments around the world. As the world evolves to become more digitized, so too do its threats.

For investors in cybersecurity stocks, these attacks are one of several tailwinds, says Morningstar senior equity analyst Mark Cash.

The “heightened threat environment, networking changes due to the coronavirus changing how security works, legislation ramping up fines for miscues, spending becoming proactive and commanding a larger portion of IT budget, and these headline grabbing breaches all help the demand,” he says.

While valuations on some cybersecurity stocks are hard to justify, Cash says, overall, the outlook is positive for the group. And some, such as Palo Alto Networks and Check Point Software Technologies are currently undervalued compared to his fair value estimates for the stocks.

Here’s Mark Cash’s take on seven key companies focused on cybersecurity. Later in the article we’ll highlight three names that are big players in the space, but where cybersecurity is not the dominant source of revenue.

Check Point Software Technologies CHKP

“In our view, Check Point benefits from enterprises desiring to reduce security vendors to lower network complexity and manage security through a singular policy. We believe Check Point's consolidated security architecture provides ample upsell and cross-selling opportunities as enterprises increase their reliance on cloud-based products and distributed networking.”

CrowdStrike Holdings CRWD

“We believe that CrowdStrike has uniquely positioned itself within the endpoint and workload security markets, aided by its threat intelligence and remediation expertise, and it has the ability to move into adjacencies like log management and identity to support strong long-term growth.”

FireEye FEYE

“FireEye’s pivot from a supplemental product to a front-line defense platform with exceptional services is being aided by immense breaches occurring over the last few months as well as organizations attempting to update security while keeping business continuity. FireEye’s threat intelligence and breach remediation services, which supplement overwhelmed security teams within organizations, are key differentiators in today’s heightened threat environment.”

Fortinet FTNT

“We think Fortinet has established customer switching costs and has a nice runway for growth within its vast customer base by developing a holistic approach to network cybersecurity, which enables its users to upgrade their security capabilities through Fortinet's product ecosystem, while at the same time increasing its revenue stream from the stickier enterprise segment with nascent security offerings for cloud and software-defined networking.”


“Okta's cloud-delivered software solutions for identity-based cybersecurity profoundly disrupted how business and government entities secure their internal users and customers. We believe that Okta's innovative methodology for user access and security will provide it with a sustainable presence, and we expect strong revenue growth alongside significant margin expansion.”

Palo Alto Networks PANW

“We expect that Palo Alto will continue to outpace its security peers by focusing on providing solutions in areas like cloud security and automation. Palo Alto's concerted efforts into machine learning, analytics, and automated responses could make its products indispensable within customer networks.”

Zscaler ZS

“We see a long runway for growth as enterprises adopt cloud-centric security and zero-trust architectures. Zscaler’s software-as-a-service business model and the benefits that accompany this mode of software consumption, combined with an innovative product suite and a differentiated channel sales model, are all factors that we think will facilitate continued success winning enterprises that are consuming more cloud-based resources.”

Here's a look at their performance since the start of 2020:

And here’s Cash’s view on three stocks with exposure to cybersecurity:

Cisco Systems CSCO

“The company is the dominant supplier of switches, routers, cybersecurity, and complementary networking products. We believe that Cisco--which earns about 6% of revenue from cybersecurity-related businesses--is uniquely positioned to interweave complimentary necessities, like networking and security, together to provide comprehensive solutions for clients.”

F5 Networks FFIV

“F5 is well positioned for the surging reliance on applications for internal and external facing operations, especially as organizations undergo application modernization and face increased security concerns. For FFIV, an estimated 27% of revenue comes from cybersecurity.”

VMware VMW

“Beyond software-defined data center offerings for hybrid clouds, we anticipate VMware will see growth through its expanding portfolio of software-defined networking, security, and storage products. The company has a growing security franchise, with about 20,000 customers, and worth about $1 billion toward the end 2020. VMware is uniquely positioned by already being installed where cybercriminals are trying to attack.”

More on this Topic