This ad has been around for more than a year, and I haven’t written about it… partly because the Thinkolator doesn’t have a 100% certain match (we only get a teaser solution wrong about once a year, and I want to keep that 99%+ accuracy rate).
But it is an interesting one, and I started getting questions about it again this week so I guess it’s being pushed again — so I’ll go out on a limb and post a not-quite-sure solution for you this time around just to get the conversation started.
The hook in the ad for Jeff Yastine’s Total Wealth Insider ($47/yr) is that it’s all about a “simple line of code” that will “revolutionize the single greatest piece of technology in the world today…”
“Over the last few months, my team and I have poured through endless stacks of financial documents, consulted with legions of industry contacts, and spent countless 16-hour days researching the latest trends in technology.
“Everything pointed to the same conclusion…
“This simple line of code will soon pave the way for exciting new innovations that propel America into a new golden age of technology. Not only that, it will transform industry, offering companies the chance to save as much as $400 billion each year.”
So what is it? This is all about cybersecurity, and “revolutionizing the internet” to make it safer.
So clearly he’s pitching a cybersecurity stock… but which one? The silly little code excerpt in the ads means nothing (though sure, it looks very official… e=1.getData(16,16,1,1).data,[private]g=e+”,”+e[1+” etc etc)….
… and the actual headquarters building is just a head fake, this is from the ad:
“You see, a team of researchers at this small company … the one in this building right here … has been hard at work to develop an innovative solution that could put an END to cybercrime for good.”
Sometimes we can help confirm a company based on a photo of a building or a location, but not usually with Banyan Hill — they seem to have noticed that the Thinkolator is on the case, and they’ve been just buying stock images of buildings and lying about the occupants. That photo has been sold as a stock photo for illustrating the idea of a “modern office building” for a decade or so now, you can find it at shutterstock here if you’re curious or would like to buy the rights to use the photo.
So we’ll need something else to go on… what else do we learn about this company and its cybersecurity tech?
“What this code does … is it stops cybercriminals BEFORE they strike.
“Essentially, rather than put your information inside one digital safe…
“This code adds one layer of defense after another so cybercriminals can never break in.
“Break through one layer, and there’s another waiting for him.
“Break through that, and another still.
“And another, and another.
“That’s why this code is such a game changer.
“It can stop cybercriminals dead in their tracks.”
Huh, OK — that’s fairly squishy language, lots of cybersecurity systems try to prevent attacks. What else?
“This code cannot be hacked.
“Amazingly, it was designed to be able to detect the precise moment an unauthorized user is about to break in … and not only slams the door shut … but sends every bit of data the organization has to a secure digital ‘vault’ until the threat is destroyed … usually within minutes.
“It’s a powerful solution that could have stopped the Target attack that exposed 110 million people….
“This code will do for cybersecurity what Google did for search … what Amazon did for shopping … what Netflix did for video streaming … and what Facebook did for social media.”
OK, still pretty light clues… though this narrows it down that we’re probably not talking about a company that’s primarily selling firewall systems, and it’s probably not one of the cybersecurity pioneers that’s been around for a few decades. Other clues?
“Fortune 100 companies … the 100 largest companies in the United States … already trust this company with their data.”
OK, so clearly this is not something that’s “just about to go to market” so you have to “get in now!” If big companies are already using this company’s software, then it might be improved but it’s not brand new and unknown.
“It was even honored with a prestigious award recognizing it as the “Best Cybersecurity Company” in the industry…”
That sounds like one of those “awards” that pretty much every company can get at some point from an industry group or trade magazine or conference, but still, it’s a clue.
And we get lots of language in the pitch like “there’s no time to waste” and “the stock could take off any day now” in promoting the timeliness of this urgent idea… but we know that’s just hooey thrown in to urge you to quickly subscribe, the biggest enemy of the ad copywriter is, “I’ll think it over and maybe subscribe later.” They know that if you don’t act now, while the fire is in your belly and the enticing language in the ad is fresh in your mind, that they’ve lost you this time around.
But we know, of course, that this ad is not new at all — we saw pretty much the identical ad back in March of 2018, so we’ve probably got time to think it over before they shake the world with their awesomeness.
What is the stock? Well, as I said, I can’t be sure this time — but based on that pitch I’ll throw out a guess for you: I think this is probably CyberArk Software (CYBR).
Which if they did recommend back in March of 2018 or earlier, would have been a fantastic stock pick — it has more than doubled since then, after spending several years languishing thanks to the rapid deceleration in revenue growth they saw after their first year as a public company. As with many richly-valued young tech stocks, people seem to judge them largely on their growth rate — CYBR came out of the gate with great revenue growth, almost doubling their sales in the first year, but then the revenue growth rate dropped to 50%, then 30%, and got as low as the teens in mid-2017… but it did pick up again in 2018 to the mid-30s and CYBR is now profitable and expected to grow revenue by about 20% a year going forward (and to grow earnings similarly, from about $2 a share this year to almost $3 in 2021).
What CYBR is really known for is privileged access security, which they offer as a cloud subscription service to some degree. That security layer is essentially monitoring and protecting accounts so that intruders can’t get in through a trusted admin account and use that to leverage their access to the whole tech infrastructure of the company, because their behavior when using that account would flag them as being unusual and the account could be quickly frozen and their permissions restricted.
I’m not at all a cybersecurity expert, sadly (that’s partly why we don’t host credit card info or anything else sensitive on our own servers, that’s best left to the experts), but it sounds impressive. CyberArk has been a company I’ve had half an eye on for a while, since it’s folks like CYBR and a company I do own, Okta (OKTA), that make sense to me on the cybersecurity end — they’re the ones who are dealing with it primarily from an insider/account perspective, helping to go beyond “this password gets you access to the kingdom” and actually thinking about what happens if some baddie gets the mighty passwords. I don’t understand firewalls or a lot of the other security systems that are clearly an important part of cybersecurity, but I can wrap my head around things like permissions and passwords and credentials, and it does make sense tome that CyberArk’s systems are focused on flagging unusual behavior instead of just assuming that anyone with a password is safe doing whatever they want.
So that’s how I think about it, but I don’t currently own shares of CYBR — interesting idea, one I’ve thought about for diversifying my position in cybersecurity a bit (OKTA is the only stock in the sector that I own right now), but I haven’t done anything with it.
The valuation is rich, of course — they’re expected to grow earnings about 20% a year and are trading at about 50X next year’s earnings estimates, so that’s pretty scary but not particularly unusual. OKTA is bigger and growing faster, with revenues likely to grow at a 30%+ clip, but is not expected to be profitable for at least a couple more years, for example, and cybersecurity is a clear and obvious secular growth story, with everyone eager to spend more to make their companies and networks safer, so all the cybersecurity companies who have some revenue growth are trading at lofty prices.
If you like the general idea of cybersecurity but don’t want to pick stocks, there are also a couple ETFs that cover this group — they also include some companies that are not as precisely 100% focused on security, like Cisco (CSCO) and Splunk (SPLK), but those stocks tend to move together anyway so they do tend to get the trend. Here’s what the past few years have looked like for those ETFs, CIBR (orange) and HACK (light blue), compared to a few of the more commonly touted stocks in cybersecurity (Palo Alto Networks (PANW, dk blue), CyberArk (CYBR, green), Okta (OKTA, purple) and Fortinet (FTNT, red)):
What does that chart tell you? That there have been a few hot names driving higher in cybersecurity… but if the ETFs have trailed behind those names so dramatically there must be some stocks in this sector that are doing much worse. Here’s what those ETFs look like compared to some of the weaker performers in the sector in recent years, which were also pretty widely touted at one point or another (Check Point Software (CHKP, red), FireEye (FEYE, green), and Symantec (SYMC, purple)):
Just a reminder that sometimes the hot stocks in a sector that draw investor attention change, partly because of the search for something new and partly because revenue growth follows the new products or new technologies that do something a little better, and it’s very hard to pick the best stock for the sector at the best time without really becoming an expert at the technology (and even then, of course, most folks get it wrong as often as they get it right). If you were to go back in time you’d want to own Symanatec for cybersecurity in 2001, or Palo Alto Networks in 2014, but you’d also want to make sure that you weren’t picking FireEye in early 2015, or Symantec in 2005. There are wild swings in these stocks, partly because of shifting leadership and big trends like “who gets to use the word ‘cloud’ in their offerings first,” and there hasn’t been much indication that I’ve seen that there’s one winner who you can count on to consistently lead for more than a year or two before a disappointment or a dip in revenue sends everyone searching for the next hot ticket.
It’s definitely a growth industry, and I think it’s worth having exposure to the sector, but you should expect volatility even for the ETFs, and if you rely on just one or two stock picks you should be ready for a rocky ride. The ETFMG (was PureFunds) Prime Cyber Security ETF (HACK) is the one that’s been around longest, and you can see that the almost five years of its life have brought some nice returns… but, as always, your perspective depends on when you bought. Here’s what it looks like if you compare HACK to the S&P 500 since HACK’s inception:
And here’s what it looks like if you waited to buy HACK after it was popular and a few cybersecurity stocks had soared in mid-2015 (including FireEye, by the way, which had its huge implosion not long after):
Growth is nice, but the price you pay for it still matters. I think it makes sense to build a position in some cybersecurity stocks, whether through individual stock picking or ETFs, but I wouldn’t push you to go “all in” betting on a particular price or a particular stock that’s going to revolutionize the world in a matter of months, and, of course, we know that a newsletter pitch that’s been unchanged in its “today is the day!” urgency for over a year shouldn’t be allowed to impact our sentiment for that stock very much. CyberArk and Okta have been the world beaters so far this year in the sector… but as for what’s next, well, that’s your call to make — it is, after all, your money at risk. Let us know what you’re thinking with a comment below… and thanks for reading!