The Cybersecurity “Ace in the Hole” Company D.C. and Silicon Valley Need Right Now

By Defense + Tech SpecialistMoney Morning • @Robinson_STI  

Editor's note: From robotics to cloud computing… artificial intelligence to cryptocurrency… the coming months could be more exciting and profitable than anything we’ve seen before. If you really want the potential to make A LOT of money faster than ever, you need to look at the smaller companies on the brink of skyrocketing growth. Start with this.

Dear Red Alert Reader,

Stamping out the coronavirus pandemic is the new administration's stated top priority, for obvious reasons.

But there has been an urgent national security cyber-crisis - an attack, to be clear - unfolding, largely under the radar, since at least October 2019.

This is another grave threat the incoming Biden team will have to grapple with quickly.

Federal officials are almost certainly correct in their allegations that a team of foreign hackers - known as "Advanced Persistent Threat 29," or "Cozy Bear" - penetrated as many as 250 corporate and government networks.

The hackers, armed with "top-tier offensive capabilities," aimed to break into the huge, vulnerable "digital supply chain."

Unfortunately, they hit the bull's-eye.

The initial target (that's since become shorthand for the attack itself) was SolarWinds Inc., an Austin, Texas-based software firm. The attack is thought to have affected some 18,000 SolarWinds clients around the United States, from massive private sector firms to 10 entire departments of the U.S. government.

Ironically, the victims include some elite Silicon Valley leaders; we're talking Cisco Systems Inc. (NASDAQ: CSCO), Intel Corp. (NASDAQ: INTC), and Nvidia Corp. (NASDAQ: NVDA), to name a few. Federal institutions reportedly breached include the National Institutes of Health, the Department of Homeland Security, and the Pentagon, among many others.

2021: Breakout trends could mint a new wave of millionaires. Get the details.

Now you can see why I say the global cybersecurity market is essential, set to grow by 151.5% to $281 billion by 2029.

Today, I'm going to name a cybersecurity firm whose specialty is preventing devastating attacks like this with a product that, out of the box, could help the government toughen up America's "soft digital underbelly" while also handing you double the profits...

We Still Don't Know How Bad the Attack Was

As I mentioned, the attack began at SolarWinds, when hackers, ostensibly working for the Russian government, inserted malicious code - "malware" - called SUNBURST into the company's Orion security software.

From then on, SolarWinds' enviable client roster, from Silicon Valley to the Pentagon, were like so many sitting ducks.

When clients updated their SolarWinds software, the Cozy Bear hackers and their SUNBURST malware came along for the ride. Once they'd gained access, what they did and who else they hacked becomes unclear.

Officially, no classified information was accessed in breached U.S. agencies. Unofficially, however, sources tell The New York Times that they don't really know what information was taken.

Similarly, Intel and Cisco, for example, say they've found no evidence of intrusion. Both companies are so critical to the workings of U.S. business - to the Internet itself - that if the hackers had done something there, the harm would have been enormous.

Initially, Microsoft Corp. (NASDAQ: MSFT) reported it hadn't been breached... only to announce on Dec. 17 that it and the resellers it uses were in fact compromised.

To call this attack "widespread" is really an understatement, but it has served to put cybersecurity front and center in public discourse and government and corporate decision-making.

Locking Down the "Keys to the Kingdom"

As the SolarWinds hack has shown, cybersecurity best practices going forward will undoubtedly include tighter security for privileged access accounts.

These are the kinds of accounts that IT workers worldwide use to access critical computer systems. If you've ever had trouble setting up an office printer, say, and called your company's IT department to help out, you'll know what I mean.

A privileged access account represents the proverbial "keys to the kingdom."

It's exactly these types of special accounts hackers need to breach in order to accomplish their crimes. That's the only way to really cause damage - to access the most sensitive data or to destroy it. That's also the only way to insert backdoors and malware into the foundations of the network or to hide one's tracks.

PATTERN IDENTIFIED: There's a unique crypto phenomenon almost nobody is paying attention to. But this experienced crypto trader is watching, and he's discovered double-, even triple-digit moves in a matter of days nearly every time Bitcoin jumps. See this chart...

It takes firms an average of six and a half months - 200 days - to discover a privileged account breach like SolarWinds. That's why securing these accounts is critical; otherwise, the thieves can be long gone before a problem is discovered.

In my view, there's really only one place for governments and corporations to turn for help...

How to Play This Emerging IT Trend

CyberArk Software Ltd. (NASDAQ: CYBR) is the firm that makes the industry's most comprehensive, easiest-to-deploy privileged access protection software platform.

For example, the firm's Cloud Entitlements Manager uses AI to detect and prevent hidden, mistaken, or unused user accounts from being misused for nefarious means. All its findings are displayed in a single, easy-to-grasp dashboard that allows IT security to monitor, add, or remove user accounts and privileges.

Meanwhile, the firm's Endpoint Privilege Manager helps companies deal with its remote workers. Using it, IT departments can easily make sure people working from home have the least-privileged accounts they can while still doing their jobs.

It also allows them to control applications and stop credentials from being stolen from remote computers.

CyberArk has started a comprehensive public- and private-sector cybersecurity outreach; most of its homepage is dedicated to responding to the hack. That tells you how big of a problem SolarWinds is, but also how quickly CyberArk is moving on it.

That kind of outreach brings new business, to be sure, but CyberArk already has an incredible client roll...

  • Pharmaceutical giants such as AstraZeneca Plc. (NYSE: AZN), Novartis AG (NYSE: NVS), and Pfizer Inc. (NYSE: PFE).
  • Tech companies such as Qualcomm Inc. (NASDAQ: QCOM), Braun, Duracell, Motorola Solutions Inc. (NYSE: MSI), and BT Group Plc. (OTC: BTGOF).
  • Food and restaurant companies such as Yum! Brands Inc. (NYSE: YUM), ConAgra Brands Inc. (NYSE: CAG), and Hershey Co. (NYSE: HSY).

There are many, many others; I expect the roster to become even more crowded once more governments and corporations realize the value CyberArk offers.

Even before SolarWinds, Fortune Business Insights was forecasting the world's cybersecurity market to grow from $112.01 billion in 2019 to $281.74 billion by 2027.

That's an average annual growth rate of 12.6%, but I think, in light of all that's happened, that figure could prove a bit too conservative.

Clearly, CyberArk is a stock with a lot of upside ahead. To be sure, earnings were off sharply in the most recent quarter, but much of that had to do with accounting for employee stock compensation, not operating issues.

CyberArk has been growing per-share earnings at 38% a year. At that rate, they will double earnings in less than two years. Buy it at market, add to a position if it moves lower, and watch the profits roll in.

In fact, my Nova-X Report readers following along got the chance to do just that when they sold CyberArk for a double - and that's just one of the tech stocks I research for this tech-centric service. You can learn a little more about that right here...

Red Alert Frequently Asked Questions

Follow Money Morning onFacebook and Twitter.