Cybersecurity is always at the forefront of geopolitics
By Christopher Gannatti, CFA
Global Head of Research
We recently held a Working hours webinar on disruptive growth megatrends. During the audience poll, “geopolitics” was an important topic. Looking at global investment flows to different megatrend investment vehicles, cyber security was also a big topic.1
However, despite all the attention people are giving to cybersecurity, the performance of companies’ stock prices has not been great.
Looking at the photo and the landscape, we notice:
- Much attention has turned to cybersecurity following the Russian-Ukrainian crisis. Microsoft recently released a report summarizing some of Russia’s very real attack efforts against Ukraine and other NATO members.2
- The way cybersecurity is done has evolved, especially with the COVID-19 pandemic and the need for many people to access all kinds of data from anywhere. Many of the companies offering these innovative solutions are newer and may have only recently entered the public markets. As they seek to reach the ladder they may have incomebut they may not have positive results yet free cash flow or earnings.
- The macroeconomic context operates independently of any specific cybersecurity concerns – to put it simply, inflation is high and central banks are undertaking policies to combat it. A side effect is that new companies that do not yet have positive earnings have been penalized by negative share price performance and a decline valuations. The first half of 2022 has seen this approach use a very broad brush, so we believe that at some point it will again be appreciated that a company providing cybersecurity solutions should be treated differently than a company providing a more discretionary.
Here we can look at some of these different factors in turn.
Microsoft cybersecurity report on conflict in Ukraine so far
A notable factor, which would not have been the case in a previous conflict, is that Ukraine was able to transfer much of its most critical systems and data to the cloud. Microsoft noted the provision of services worth $107 million (provided free to the Ukrainian government) to facilitate this transition to the cloud. The result is that there is no “on-site” physical data infrastructure for Russia to target and destroy.3
Russia is conducting cyberattacks on multiple fronts and operational units4:
- GRU (Main Directorate of the General Staff of the Armed Forces of the Russian Federation): The GRU tries to steal data with phishing attacks through its operation STRONTIUM. Its IRIDIUM operation features some of the types of malware that aim for data destruction. DEV-0586 is also involved in data destruction and influence operations.
- SVR (the Foreign Intelligence Service of the Russian Federation): Operation NOBELIUM extended to Ukrainian diplomatic targets and NATO members.
- FSB (the Federal Security Service in Russia): FSB operations ACTINIUM, BROMINE and KRYPTON are mainly involved in phishing attempts and other data theft.
The report also notes that Russia has been very adaptive in its cyberattacks, for example combining them with physical attacks against specific targets. The right words to describe the efforts made so far might be “strategic” and “deliberate”. To date, there have been no attacks using “wormable” malware like the 2017 NotPetya attack, in which the malware could jump from one computer network to another. The attacks appear to be designed to stay inside Ukraine.
The report also details 128 Russian network penetration and cyber espionage operations outside Ukraine. About half of these government agencies targeted, but mostly the success rate was only 29%. It’s worth remembering that cybersecurity attacks can be a numbers game, but it’s worth noting that if the world is now fully focused on this, they are able to mount at least a somewhat effective defense, at least until now.
Let’s look at CrowdStrike
CrowdStrike is a well-positioned company for today’s cybersecurity environment, helping with cloud security and endpoint protection. In its latest quarterly results, CrowdStrike actually raised its full-year guidance. Like many other security vendors, CrowdStrike said it had seen no clear evidence that customers were going to reduce their security spending. When articles are written and analyst coverage is relayed, it is usually very positive and focused on a strong long-term story for CrowdStrike.5
So where is the disconnect coming from, especially with such a difficult share price performance in 2022? While we probably can’t know for sure why a stock is trading the way it does, we can see that CrowdStrike has tended to have a very high valuation relative to earnings or revenue. Perhaps the long-term growth story can support this, but in the current macro environment, exposure to a company with such high multiples can lead to short-term volatility, regardless of the product or the service provided.
Conclusion: SaaS Companies Should Negotiate Based on the Problem They’re Solving
It’s amazing how much the Software as a Service (SaaS) space can be. Consider Shopify, a great company. Their reward, at least one of them, for being a great e-commerce platform is to compete with Amazon Prime. Think Zoom, a household name. Now they can compete with Microsoft Teams, a tall order. It’s great that these newcomers can keep some of the biggest companies in the world on their toes, constantly improving their product offerings.
However, cybersecurity, in our opinion, is a bit different from other SaaS companies. Although the companies people can work with differ, every company and really every person needs to have some sort of cybersecurity strategy to protect their data and other digital endeavors. Moreover, the space is constantly changing, whether due to the COVID-19 pandemic, the Russian-Ukrainian crisis, or other factors. We think that somehow you need to focus on new companies that offer more advanced solutions. Even though the coming months can be volatile, we like the longer-term case of this megatrend.
For those interested in the cybersecurity space, consider the WisdomTree Cybersecurity Fund (WCBR).
As of 7/7/22, WCBR held 5.35%, 0%, 0%, 0%, 0% of its weight in CrowdStrike, Shopify, Amazon, Zoom Video Communications and Microsoft, respectively.
1 Sources: WisdomTree, Morningstar and Bloomberg. All data as of 3/31/22 from WisdomTree’s Quarterly Thematic Classification Study and subsequent quarterly updates.
2 Source: “Defending Ukraine: Early Lessons from Cyberwarfare”, Microsoft, 6/22/22.
3 Source: Microsoft, 6/22/22.
4 Source: Microsoft, 6/22/22.
5 Source: Eric J. Savitz, “CrowdStrike Posts Strong Earnings, Improves Guidance, But Stocks Slip,” Barron’s. 6/2/22.
Originally published by WisdomTree on July 7, 2022.
For more news, insights and strategy, visit the Modern Alpha Channel.
Important risks related to this article
Christopher Gannatti is an employee of WisdomTree UK Limited, a European subsidiary of WisdomTree Asset Management Inc.’s parent company, WisdomTree Investments, Inc.
There are risks associated with investing, including possible loss of capital. The Fund invests in cybersecurity companies, which generate a significant portion of their revenue from security protocols that prevent intrusions and attacks on systems, networks, applications, computers and mobile devices. Cybersecurity companies are particularly vulnerable to rapid changes in technology, rapid obsolescence of products and services, loss of patent, copyright and trademark protection, government regulation and competition , both nationally and internationally. Shares of cybersecurity companies, especially internet-related ones, have experienced extreme price and volume swings in the past that have often been unrelated to their operational performance. These businesses may also be smaller, less experienced businesses with limited product or service lines, markets or financial resources, and fewer experienced management or marketing personnel. The Fund invests in securities included in or representative of its index, regardless of their investment merit and the Fund does not attempt to outperform its index or take defensive positions in declining markets. The composition of the Index is highly dependent on quantitative and qualitative information and data from one or more third parties, and the Index may not perform as intended. Please read the Fund’s prospectus for specific details regarding the Fund’s risk profile.
The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.