Cybersecurity On The ASX

This story features TELSTRA GROUP LIMITED, and other companies. For more info SHARE ANALYSIS: TLS

It's impossible to picture a future without cybersecurity. The ASX hosts a smorgasboard in potential exposures.

By Nikhil Gangaram

The internet of things has heralded a new era of warfare.

With data fast becoming a new form of currency, corporations, governments and private users are at the mercy to a growing army of cyber pirates.

Globally, cybercrime is estimated to have cost -US$8.4rn in 2022, with that number projected to surpass -US$20trn by 2026.

Of late, issues of cybersecurity have flooded headlines in Australia with one notable company after the other falling victim to hackers.

Initially, a wide-ranging data breach of telco giant Optus kicked-off an industry wide panic as hackers snatched the data of 10 million current and former customers.

A few weeks later, fellow telco Telstra ((TLS)) and National Australia Bank ((NAB)) revealed that the details of 30,000 employees had been compromised.

Online shoppers were then left stunned when Woolworths Group ((WOW)) owned subsidiary MyDeal confirmed 2.2m users had their data breached.

The big kahuna was another break of health insurance giant Medibank Private ((MPL)), with hackers taking away 200Gb of data that included names, numbers, addresses and information about claims. 

And the list keeps growing with up to eight million customers of Latitude Group ((LFS)) in Australia and New Zealand believed to have their data exposed through a malicious security breach.

With customers becoming increasingly disenchanted and pushing toward data sovereignty, both public and private sectors are under pressure to ensure they have a cybersecurity plan, and the appropriate software, hardware, and expertise to implement it.

A hot landscape

The cybersecurity landscape in Australia is growing rapidly and is expected to keep up the pace in the years coming.

In addition to increased demand for cybersecurity solutions and services, government initiatives and industry compliance requirements have fuelled further investment and growth in the industry.

According to a report by Frost & Sullivan, the Australian cybersecurity market was valued at US$3.3bn in 2020, and expected to reach US$5.6bn by 2026, growing at a CAGR of 8.3% during the period.

Globally, cybersecurity spending is expected to exceed US$172bn in 2023.

A survery from leading VPN provider Surfshare ranks Australia 43rd in the world for e-security, lagging behind the likes of Morocco, Malaysia and Uruguay.

Although ransomware and phishing attacks have been around for years, Australia remains behind the ball when it comes to mitigating cyber attacks. 

In an attempt to strengthen its cybersecurity capabilities, the Australian Federal Government launched the Australian Cyber Security Centre (ASSC).

Data compiled by the government body showed 76,000 cyber incidents were reported in the 2022 financial year, a 13% increase from the year before.

The 2020-21 Federal Budget included an additional $201.5m in funding for cybersecurity over the next decade, which will be used to strengthen the ACSC, establish a new Cyber Security National Workforce Growth Program, and support cybersecurity research and development.

In addition to these programs, Australia has also established several industry compliance regulations to enforce organisations and protect end users.

Some of these regulations include; the Notifiable Data Breaches (NDB) Scheme, Australian Privacy Principles (APPs), the Health Information Act and Energy Sector Cybersecurity Framework.

Organisations subject to these compliance regulations must implement appropriate cybersecurity measures to protect sensitive data or risk significant penalties.

Despite these measures, many companies lack the internal IT capabilities to secure their online services.

As a result, organisations are increasingly reliant on outsourced vendors to provide digital defenses against cyber threats.

The vendors

A number of companies vying in the growing pool of outsourced cybersecurity services are listed on the Australian Securities Exchange.

Tesserent ((TNT)) is the largest ASX listed cybersecurity company in Australia,  providing consulting services to various companies and organisations.

Most notably, the company is entrusted with. most notably, the Australian Federal Government.

Tesserent currently has more than 170 dedicated cybersecurity experts working with over 100 Australian and New Zealand Federal and State Departments and Agencies 

The company offers a range of services, including managed security services, threat intelligence, and risk management.

WhiteHawk ((WHK)) is another listed cybersecurity company that provides risk management solutions specifically targeted to small and medium sized enterprises.

The company’s Whitehawk Exchange tool allows clients to identify and address cybersecurity risks, improve their cybersecurity posture, and comply with regulatory requirements.

Despite its diminutive market capitalization of $27m, WhiteHawk invoiced out more than US$3.6m in 2022, bringing in collected revenue of US$858,000 in Q4 alone, leaving the company with a cash position of US$2.171m and no debt for the year.

Another local player is ArchTIS ((AR9)), a data focused security company that aims to prevent malicious and accidental loss of information for its clients.

The company’s platforms NCProtect and Kojensi have been approved by multiple government bodies in providing secure access and sharing sensitive and classified information. Competing in the same space is Macquarie Telecom Group ((MAQ)). 

However, cybersecurity is not limited to the boardroom. Family Zone Cyber Safety ((FZO)) is a cybersecurity company that provides solutions for protecting children from online threats.

The company's platform allows parents to monitor and control their children's online activities, ensuring they are safe from cyber threats.

According to the company’s management, Family Zone is expected to grow at around 40% organically after reporting annual recurring revenue of $80m on August 22 from $77m on June 22.

Rather than trying to pick the winning companies in this fast-growing sector, investors can gain access to the growth of the industry via the Betashares Global Cybersecurity ETF ((HACK)).

The Fund’s portfolio includes established industry leaders as well as emerging global players.

Conclusion

Although the short-term macroeconomic picture is getting hazy, the structural trends underpinning growth in the cybersecurity sector remain the same.

As individuals and companies continue to digitise their operations and cloud-based usage and storage accelerates, cybersecurity remains a huge area of potential growth.

Regardless of an economic slowdown, these structural trends have an innate immunity to the macroeconomic environment.

Although the sector overall offers great promise, there are some roadblocks to investing in the space.

Notably, the cybersecurity landscape itself is constantly evolving which makes it a constant game of cat and mouse between attack and defence.

The sector is also becoming increasingly competitive for new entrants to gain market share in the presence of established players with strong brand recognition. 

The talent pool for cybersecurity professionals is also tapped out as companies haggle to attract and retain professionals.

The regulatory environment of the industry is another hurdle investors have to contend with as the government and companies try to marry new innovations with user privacy.

Lastly, the cybersecurity companies themselves are often on the receiving end of cyber attacks which adds another investment risk to mitigate and the quest to remain ahead of cyber threats can make many companies obsolete.

Small cap companies, in a general sense, are more volatile and vulnerable and the market cap of all the companies mentioned in this story ranges between $12m and $185m, with exception of Macquarie Telecom (1.3bn) which also runs data centres and telecom infrastructure.

Find out why FNArena subscribers like the service so much: "Your Feedback (Thank You)" – Warning this story contains unashamedly positive feedback on the service provided.

FNArena is proud about its track record and past achievements: Ten Years On

Click to view our Glossary of Financial Terms