Afraid of being hacked or cyber-compromised in some other way?
If you want to be very afraid, take a look at the online sites that track the daily flows of global cyber attacks in real time (similar to a real-time map of global airline routes in the good old days when planes actually flew).
For example, threatmap.checkpoint.com currently logs around 30 million attempted attacks a day, with the country locations of the offending and receiving parties changing dynamically from minute to minute.
Usually, the good guys thwart the attacks. But when the ‘black hats’ win over the ‘white hats’ in the constant game of cat-and-mouse, chaos abounds.
The attacks highlight the importance of constant vigilance on the part of government and companies, as well as individuals who remarkably are still vulnerable to the entreaties of disenfranchised Nigerian princesses.
With this week being Australian Cyber Week, what better time to enforce the message?
The silver lining to the dark threats is that cyber crime prevention has become a billion dollar industry – and a thriving ASX sector covering high-level encryption work for sensitive government bodies to blocking children’s access to unsuitable sites.
According to Tesserent (TNT) chief Julian Challingsworth, cyber risk management issues are permeating upwards to be top of the agenda for company boards and government cabinets.
After all, there’s nothing like the deterrent of becoming front page news because of “very public and very value destroying” data breaches.
“Cyber security has transitioned away from being a technology problem – the domain of a chief technology officer or network engineer – to a business risk,” he says.
If boards need any further persuading to take the threats seriously, it’s now mandatory for enterprises with $3 million of revenue or more to report cyber security breaches and – in some cases – inform customers their data has been compromised.
At a national security level, the risks were paraded by Prime Minister Scott Morrison warned of a serious cyber threat from a “sophisticated state-based actor” – presumably Chinese.
In August the government announced a $1.7 billion spend on cyber security measures over ten years. In a separate defence announcement in July the nation’s custodians also earmarked $15 billion for “cyber and information warfare capabilities”, also over a decade.
Canberra is also expected to require companies in sensitive industries to invest in cyber security, which shows that the mutual obligation concept is not confined to Jobseeker recipients.
Target industries include the banks, utilities and healthcare.
The cyber spendoolies are music to the ears of Tesserent, which has emerged as the biggest ASX-listed cybersecurity provider in a burgeoning sector. The company is also the undisputed leader in the Canberra market, including to secret squirrel departments such as defence.
Challingsworth says Tesserent acquisition-fuelled growth may have caught investors by surprise: three years ago the company turned over a “stagnant” $5 million and employed 19 staff.
The company was also losing $3 million a year.
Now the company employs 220 cybersecurity experts and chalked up $20 million of revenue in the year to June 2020.
Tesserent derives about half of this revenue from government departments and agencies and this is only likely to increase.
Tesserent also serves about 700 business customers which account for about 30 per cent of revenue. This sector’s not growing as fast, but is benefiting from the need for extra security for staff who are working at home and especially vulnerable to the online scofflaws
Growth has also been fuelled by an acquisition binge: seven smaller businesses over the last 15 months
Challingsworth adds that with the 5G-enabled explosion of ‘internet of things’ devices, the black hats will have a picnic. “They massively increase the attack surface, in that relatively basic devices provide a way into the organisation for hackers.”
Could the 5G conspiracy theorists be right after all?
Given the strong demand for its wares, Tesserent aims to increase its annualised revenue from $100 million to $150m, partly from more acquisitions in the still fragmented sector.
The company also wants to increase its market cap from $200 million to $300m plus and become profitable by next year.
Similarly, Archtis is Canberra based and is sharing the love going around since Sco-Mo’s cyber boost, having signed $5 million of new deals with the Department of Defence, defence contractor Northrop Grumman and Curtin University.
Archtis’s key offering is a tool called Kojensi Gov, a cloud based platform that enables sensitive documents to be shared without fear of leaks or other breaches.
The gist is that rather than creating a multiple of vulnerable checkpoints (such as user passwords), Kojensi creates an electronic fingerprint on the data or documents determining who can access the material and where and when.
Come to think of it, most other cyber security operators go out of their way to ensure the data is not shared.
Archtis listed in September 2018 but the shares were well askew of the 20c listing price until mid June, when they climbed from sub 5c to as high as 58c.
Whitehawk (WHK), meanwhile, takes the ‘honest broker’ role of an online cyber security exchange. This involves devising a risk scorecard for an SME client and matching the business with the most suitable security provider.
Whitehawk doubled revenue in the June half to $585,835 and also posted a$1.26 million loss.
Based in Washington DC, Whitehawk also consults to government and businesses including the US Department of Homeland Security.
It no doubt helps that Whitehawk CEO Terry Roberts is the former deputy head of US naval intelligence – and can therefore keep a secret.
What we can tell you without fear of rendition is that Whitehawk has struggled to gain traction with investors since listing in January 2018 at 25c apiece, but recent momentum has been more positive.
Other ASX listed cybersecurity exponents include high-level encryption specialist Senetas (SEN), which has been listed since 1999.
Back then, government and business leaders were more concerned about the Millennium Bug, which turned out to be a conspiracy theory created by the IT industry.
A former day traders’ favourite, Senetas turned over $5 million last year but still struggles for consistent profitability (a $3.6m loss). Reassuringly, the company’s $66m market entity backed by $15m of cash and no debt.
As its name implies, Family Zone Cyber Safety (FZO) provides internet screening tools for impressionable young ones.
The $150 million market cap entity turned over $5m and lost $17m the last financial year, but there’s still some way to go in keeping kids free of the online nasties.
For investors unwilling to sort the wheat from the voluminous chaff in a still-maturing sector, there is always the diversified option of exchange traded funds.
With the apt ASX ticker of HACK, the $285 million Global Cybersecurity EFT offers a one-stop exposure to 40 offshore cybersecurity providers.
Disclaimer: Under no circumstances have there been any inducements or like made by the company mentioned to either IIR or the author. The views here are independent and have no nexus to IIR’s core research offering. The views here are not recommendations and should not be considered as general advice in terms of stock recommendations in the ordinary sense.
- The New Criterion: can these fallen soufflés rise twice? - November 27, 2020
- The pandemic boom sectors that slipped under the radar - November 18, 2020
- The New Criterion: local investors can now enjoy mining’s royal(ty) treatment - November 11, 2020