The major overarching theme that we're seeing is that security is merging with many other areas.
Security & Networking
SASE is a major trend already building strong momentum, which is the convergence of security and networking functionality applied to data packets flowing through a network and the Internet. However, a less-covered convergence is that of SecOps and NetOps, which is more about the two different groups sharing the same intelligence source in order to better protect their orgs from adversaries. Despite many years of friction, we are finally seeing traction in these two groups collaborating closer together, greatly facilitated by better software, in the quest to establish better security postures for their orgs. This will be a long-term evolution, and therefore, investors should consider software vendors that can provide security and networking services while also enabling this more seamless collaboration.
Security & Automation
Security and automation are also becoming increasingly intertwined with one another in order to alleviate the many pain points derived from SecOps teams being overworked. There is a global shortage of cybersecurity professionals at the same time the world is experiencing an explosion in data and cyberattacks. As a consequence, SecOps are overburdened and inundated with alerts, leading to high turnover and many threats that slip through the net. Therefore, vendors that can empower SecOps personnel to automate tasks with no-code playbooks will become increasingly demanded. Investors should consider innovative vendors in areas such as SIEM (Security Incident & Event Management) and SOAR (Security, Orchestration, Automation, & Response) that offer next-gen platforms for SecOps.
Security & Software Development/Engineering
The convergence of security and software development/engineering is another major trend, most commonly referred to as shift-left, or SecDevOps. The adoption of cloud for building and deploying applications has resulted in ballooning security vulnerabilities and data breaches. Shift-left is an approach that entails building in security and best practices continuously throughout the application lifecycle, beginning at the earliest point possible, (when the developer begins writing code) right through to when the application goes live in production and thereafter. To capitalize on this trend, investors should monitor vendors offering shift-left solutions, and more broadly, the DevOps space.
Security & Identity
Building security around identity is also becoming increasingly adopted; the major catalyst being the increasing dispersion of workforces and IT infrastructure. In theory, if SecOps, NetOps, and DevOps,
1) can attach an identity to every human and machine in their network,
2) can efficiently manage the access permissions of all these identities, and
3) can create rich contextual data points surrounding each identity that is attempting to access something,
then that lays a robust foundation for enforcing policies, securing the org, and ultimately thwarting bad actors from moving around.
The major issue, however, is that many orgs are now operating in the cloud, which is a very dynamic environment full of ephemeral instances, making securing the org very challenging. Thankfully, there are software vendors that make managing this identity-related complexity much easier.
Despite its importance, an identity-first strategy is still uncommon. Thus leading vendors have a long growth runway and investors ought to expect to see continuing innovation whereby security and identity seamlessly merge.
Security & Big Data
With the proliferation of data and variants of cyberattacks, it is nigh-on impossible to detect all threats via rule-based methods. Hence, top vendors are becoming more reliant on ingesting large amounts of data into machine learning (ML) models as a means for detecting unknown threats. Some vendors in XDR (eXtended Detection & Response) have spent hundreds of millions of dollars in reorganising their data management so that their customers can ingest data and query events much faster and cost-effectively. Ultimately, this leads to a greater velocity of data which is more conducive for effective ML-powered security. Investors ought to expect the future winners in security will be the ones that take some risks in making better data management and ML a major part of their operations.
Prevention vs Detection
In recent times, security software vendors that have provided orgs with detections and alerts regarding potential threats have been handsomely rewarded. Such solutions are still very much needed; however, the next wave of value generation is coming from vendors that provide software that is preventative rather than solely detective. This not only ties into shift-left, but more broadly to SecOps, NetOps, and ITOps.
There is an incredible amount of fragmentation across the cybersecurity industry. A typical org is managing 50+ different security vendor solutions, inadvertently weakening, rather than strengthening, defenses due to the complexity. The dilemma, however, is that oftentimes SecOps need the BoB point solution to have the best chance of defending against a particular vector of attack.
So, the growing need is not just for vendor consolidation, but for consolidation whereby the replacement vendor has a broad platform of BoB solutions, or alternatively, a holistic approach to helping SecOps prevent a wide range of threats and defend the entirety of their org. Such names are few and far between, but these are the players that will outperform the industry for many years to come.
For institutional investors (public and private), on request, we can do tailored research for your requirements. For all types of investors, here are individual reports you can purchase related to the aforementioned topics:
For institutional inquiries, or to pay for individual (a' la carte) reports, please click Subscribe for more information. From there you can also sign up as Premium subscriber if you wish to.
Fortinet Equity Research Report (January 2020) - $50
Follow-Ups #2: Fortinet, Early Signs Of Macro Headwinds But Long-Term Sound (August 2022) - $50
Okta: Defining An Industry (June 2021) - $50
SentinelOne – Data Engineering Brings In Paradigm Shift To The Security Industry (April 2022) - $50
Why We Believe SentinelOne Is Better Than CrowdStrike (September 2021) - Free
Which Cybersecurity Stocks Should You Buy? (June 2021) - Free
Part 1 Of Mini Security Series: Cloud Security (May 2022) - $50
Part 2 Of Mini Security Series: Entry Barriers (May 2022) - $50
Major Tech Trends (July 2022) - $50
Tailored research requests - price negotiable