Security Stocks Burn Rubber

Security Stocks Burn Rubber
L. Taylor - April 27th, 2000

Event Summary

On February 9th, there was a fury of Distributed Denial of Service attacks that rocked the cyberworld. In response to this attack, numerous security technology corporations are seeing rapid marketcap growth.

Market Impact

Internet Security Systems (NASDAQ: ISSX), an Atlanta based Internet security vendor, specializes in providing leading security management solutions for the cyberworld. In January of this year it reported its 18th consecutive quarter of growth. However, since the flurry of Distributed Denial of Service attacks during the second week of February, it has seen its stock surpass the NASDAQ and S&P 500 in leaps and bounds.

According to Tom Noonan, president and chief executive officer of ISS, "Our entry into one of the fastest growing segments of the Internet security industry - Managed Security Services (MSS) - has dramatically increased ISS' market potential and expanded our solutions to include both security management software and remote monitoring services critical to serving a broad customer base. As we look to 2000, the rapid growth in the business-to-business and business-to-consumer markets will continue to drive our leadership and momentum in providing the security management solutions essential to ensuring safe and uninterrupted e-business."

Mr. Noonan appears to be right on track, and ISS, founded in 1994, now with over 5,000 customers, seems to be in the right place at the right time.

Fig. 1. Internet Security Systems 3 Month Stock History

Having started out with one product known as the Internet Security Scanner, ISS has expanded into a full-suite of security offerings branded as SAFEsuite. Expanding from security risk assessment, SAFEsuite now includes intrusion detection, and enterprise management decision support solutions.

Last month ISS opened a Middle East office in Cairo, Egypt hoping to make in-roads into the International petroleum and agriculture markets. Backed by the Sarhank Group for Investment, ISS is well positioned to be a leading player in Middle East security solutions. In the last two years, international sales now account for more than 18% of the company's revenues.

Cyberguard Corporation (OTC: CYBG), a Ft. Lauderdale based Internet security provider to Fortune 1000 companies, reported last month that its revenues were up 30% over the previous 6 months. With the largest backlog since its inception, Cyberguard has been able to pull itself into profitability. It attributed its current success to its new KnightSTAR firewall appliance. Cyberguard was formerly the computer systems division of Harris Corporation, and was spun-off and incorporated in 1994.

Under the leadership of David Proctor, the former COO of Platinum Software Corporation, Cyberguard has become a maverick firewall vendor with educational institutions. It provided Syracuse University the detailed presentations and documentation on configuring and administering network security, which were used to develop the syllabus and curriculum for a course, titled "Building Internet/Intranet Security." The course has since been licensed to three other universities; giving Cyberguard significant industry exposure.

Fig. 2. Cyberguard 3 Month Stock History

Each student taking the course receives a CD with a CyberGuard Firewall along with the associated manuals and documentation. Chief Technology Officer, Mike Wittig, has stated that this is a great way to train the Internet security professionals of tomorrow. James Shea, director of the Center for Business Information Technology at Syracuse University says that, "To ensure that our students are among the IT leaders of the future, Syracuse University is partnering with cutting-edge technology companies like CyberGuard."

Other universities that Cyberguard has partnered with include the University of South Carolina with campuses in Charleston and Columbia and Charlotte, N.C., the New York Institute of Technology in Manhattan and the University of New England in Portland, Maine.

Irvine, California based Rainbow Technologies last quarter reported record growth with its Internet segment of products and services up 400%. Founded in 1984, Rainbow Technologies has a worldwide presence with nine international offices in the United Kingdom, France, Germany, Australia, China, India, the Netherlands, Russia, and Taiwan as well as distributors in 45 countries.

Rainbow's security solutions include the iKey 1000 Universal Serial Bus (USB) based authentication token.

Fig. 3. iKey 1000

With the recent announcement of the Chinese State Encryption Management Commission's decision to approve Windows 2000, and the number of Internet users in China expected to double annually in the next few years, this paves the way for a huge iKey market in the Pac-Rim.

Fig. 4 Rainbow Technologies 3 Month Stock History

Another crown jewel at Rainbow is its CryptoSwift e-commerce encryption accelerator. Supporting SET merchant servers, as well as SSL, SSH, TLS, IPSec/IKE, and SWAN, CryptoSwift boasts that it can support 600 transactions per second, per card. Since it is scalable, you can put multiple CryptoSwift cards on an e-commerce server and double or triple the number of transactions per second depending on how many cards you insert. CryptoSwift supports best of breed encryption algorithms including RSA, Diffie-Hellman, DSS, and Modular Exponentiation. CryptoSwift can process a 1024bit RSA transaction in less than 5 milliseconds.

With the ability to integrate into seven e-commerce platforms (AIX, Windows NT, BSDi, Linux, Solaris, HP/UX, and FreeBSD), CryptoSwift is sure to speed up Rainbow's revenues stream as fast at it speeds up Website transactions.


The next time cyberspace gets hit with an outbreak of security attacks, there's a good chance that this will kick security technology market capitalization even higher. Increased market capitalization in turn, will provide additional resources for security firms to make synergistic acquisitions, or invest in corporate marketing, sales or product development. It also significantly reduces the relative risk of making product acquisitions from these companies.

In all cases, a thorough financial analysis should be conducted of your potential product or services partner in the security space, and tough questions should be asked about resource allocation across both product and services development. Keeping an eye on leading security vendors and mapping their market response to Denial of Service attacks could prove to be a lucrative research and investment endeavor.

User Recommendations

Internet Security Systems has a leading line of security analysis, intrusion detection, and management products branded under the name ISS Safesuite. If you are a company that provides Security Vulnerability Assessments as an out-sourced or ASP service, their scanning products, though a bit pricey, provide a broad range of depth in ferreting out security holes. The ISS Internet Scanner, ISS Database Scanner, and ISS System Scanner can give your ASP customers' Intranets, database servers, and UNIX and NT systems a security workout to be reckoned with.

Rainbow Technologies' end-user authentication systems provide cutting-edge security for portable desktops and embedded systems. Their secure ASIC microcircuits have been extremely popular with military and Department of Defense customers. Manufacturers of hardware devices will want to find out how Rainbow's embedded secure microcircuits can add industry standard IPsec security to their product lines.

As appliance firewalls are leading the firewall market, we anticipate that the Cyberguard KnightSTAR will see vast increases in its user base. Cyberguard also sells SNMP supported firewalls for HPOpenview, Tivoli, and CA-Unicenter. As well, Cyberguard offers NT hardening for firewalls built into their SecureGuard NT firewall product. The KnightSTAR is one of the few firewalls that have a secure NMS agent currently available. ASPs and ISPs will want to take a look at the KnightSTAR if NMS interoperability is critical.

comments powered by Disqus