My Stock Lists

Proofpoint (PFPT) isn’t your daddy’s spam protector.

The highly-rated cybersecurity firm jumped to the cloud in 2008. And within three years of its April 2012 initial public offering, Proofpoint launched social and mobile products that, today, are swiping share from rivals Cisco Systems (CSCO) and Symantec (SYMC).

CEO Gary Steele credits Proofpoint’s nimble nature, which he says hasn’t changed since it was a venture capital-backed Silicon Valley newbie in 2002 with 10 employees. Now, Proofpoint boasts more than 1,300 staffers.

“In a world where you’re in an ongoing war against bad actors, we have to be nimble and responsive to the changes we see in the marketplace,” he told IBD. “And I think that’s one of the things that has truly distinguished the company.”

Proofpoint on Friday cleared a 76.93 buy point from a short consolidation. The stock climbed 0.9% to 77.20 on the stock market today, but in light volume.

Proofpoint stock has surged 19% year to date, outplaying IBD’s 26-company Computer Software-Security industry group, down nearly 8%. But the group, too, is seeing a resurgence and ranks No. 30 out of 197 industries tracked, up from No. 191 over 13 weeks.

IBD’S TAKE: Proofpoint is ranked No. 4 in IBD’s security software group. Go to IBD Stock Checkup to find the top three cybersecurity stocks — and how they stack up vs. Proofpoint.

That’s because cybersecurity spending is taking a larger-than-expected chunk of total IT spending, Dougherty analyst Catharine Trebnick says. Panic spending forced valuations to rocket in 2015 and the first half of 2016 couldn’t keep up.

NA082916But the second half is turning out to be a different story, Trebnick told IBD.

“You’re seeing in IT spending, security is still a No. 1 priority,” she said. “And in this whole security area, email is the No. 1 threat vector. It’s also the place where people feel they have control over their network.”

And that’s where Proofpoint is winning, she says.

Social Engineering Drives Proofpoint’s Thesis

Proofpoint got its start as a spam-blocker. But today’s hackers are less interested in selling a “Rolex” and more interested in credential theft. Thus, social engineering is at the heart of most attacks.

Such was the case in February and March when Seagate Technology (STX) and Snapchat were duped into dispensing thousands of W-2 forms. Seagate’s breach came down to a phishing attack whereas Snapchat was duped by a spoofed email.

Both are nascent email cons. Phishing emails contain legitimate-sounding requests for information. Spoofing changes a key figure in an email address. So in Snapchat’s case, CEO Evan Spiegel’s last name could have been spelled with the number 1.

“The email threat vector is really vulnerable,” Piper Jaffray analyst Andrew Nowinski told IBD. “It’s easier to trick a human into clicking a link than it is to write sophisticated malware.”

Since January 2015, businesses lost a collective $3.1 billion in email compromise schemes across the globe, the FBI found. Last year, 30% of targeted people opened a malicious email, according to a recent Verizon study.

Proofpoint’s targeted attack protection (TAP) aims to solve that equation by filtering out malware-ridden emails before they arrive in the inbox. And for spear-phishing and spoofing, last Wednesday Proofpoint announced the $18 million acquisition of Return Path’s email fraud protection business.

Last year, industry tracker Gartner predicted TAP, data loss prevention and encryption would continue driving secure email gateway (SEG) growth. Overall, the SEG segment is expected to sustain 2%-4% growth annually over the next several years.

“The SEG market is mature. The penetration rate of commercial SEG solutions is close to 100% of enterprises,” Gartner wrote. “Despite the market maturity, companies can’t do without SEG solutions. … Despite the low overall growth, we do see individual vendors that are taking market share.”

Cisco, Symantec, FireEye Losing Out

A Piper Jaffray survey of resellers found Proofpoint is most often beating out Cisco and Symantec, with FireEye‘s (FEYE) on-premises solution trailing, Nowinski told IBD. Mimecast (MIME), which filed its IPO last year, targets small and midsize businesses (SMBs), while Proofpoint’s focus is larger companies and enterprises.

Proofpoint is outgrowing Cisco and Symantec. In 2015, Proofpoint grew its sales 31%, leading 16% growth in Cisco’s security segment. Symantec shrank 10%, though its Blue Coat Systems acquisition will likely help it grow this year.

“Cisco is really pushing their security angle,” Dougherty’s Trebnick said. “They’re trying to establish a bundle, but I wouldn’t say they have any new function or features. Only Proofpoint and Mimecast have whaling (spoofing) detection. … Cisco is late to the game.”

The proof is in the pudding for Proofpoint, Rosenblatt analyst Marshall Senk said in an Aug. 1 research report. During Q2, Proofpoint hit “an inflection point,” crushing Wall Street’s sales, earnings, billings and free cash flow projections, and hitting profitability two quarters ahead of time.

Revenue growth accelerated for a second straight quarter, to 41%, its best gain in seven quarters.

Beyond that, Proofpoint expects to hit $1 billion in annual sales by 2020. To do that, the company would have to maintain a 20%-32% compound annual growth rate. Since 2013, Proofpoint has grown an average 37% annually. Sales have grown by more than a third for the past 11 quarters.

It’s also beaten sales expectations by an average of 4.3% for the past eight quarters. It has met or topped EPS minus items views for the last seven of eight quarters. Nowinski credits Proofpoint’s keen forecasting skill to the fact 97% of its sales stem from subscriptions.

“The average contract length is between 15 and 22 months,” he said. “They have two years of visibility already from all the contracts they’ve been signing.”

Intel, Palo Alto, Microsoft Tailwinds

Perhaps the biggest tailwinds for Proofpoint stem from cooperation. Earlier this summer, Proofpoint announced partnerships with Palo Alto Networks (PANW), Splunk (SPLK), CyberArk Software (CYBR) and Imperva (IMPV) for technical integration.

The partnerships open Proofpoint up to nonoverlapping customer bases like Palo Alto Networks’ 26,000 customers, Wells Fargo analyst Gary Powell wrote in a July 25 research report. Meanwhile, Intel (INTC) McAfee is obsoleting its services and recommending customers to Proofpoint.

Nowinski models an $80 million to $100 million McAfee opportunity for Proofpoint. Steele wouldn’t put a dollar-figure on the potential windfall. Dougherty’s Trebnick expects it to be a five-year push.

On top of that, the transition to Microsoft (MSFT) Office 365 adds another three- to four-year charge. Microsoft launched its cloud-based Office 365 in 2011. But only about 13% of all publicly listed firms have made the switch to cloud-based office systems, Trebnick says. It has online threat protection built in, and offers sandboxing on its enterprise model, but doesn’t include spoofing protection.

“CIOs (chief information officers) say that there’s too much latency with (Microsoft’s) new products, so they’d rather choose the (enterprise) version with either the Mimecast piece of it or install the Proofpoint piece,” she said. “They work in conjunction.”


Proofpoint Battens Against Spoofers, Phishers With $18 Million Buy

Proofpoint Hits Stratosphere On EPS Beat, First-Ever Profit

Cisco Tests Palo Alto, Check Point; CyberArk, Proofpoint Niches Safe

Article source:

Posted in Symantec | Comments Off on My Stock Lists

From ransomware to mobile malware: Cyber defence in-depth with Kaspersky

David Emm, Principal Security Researcher at Kaspersky Lab, has worked in the anti-malware industry since 1990 in a range of roles spanning McAfee and Dr Solomon’s Software.

CBR caught up with him to find out what he thinks are the big cyber threats facing the business world right now.


CBR: What do you think is the number one threat vector right now?

Emm: There are several threat vectors.  These include the use of social engineering to trick people into clicking on attachments and links in messages, the use of vulnerabilities in applications, the threat from compromised web sites (so-called ‘drive-by downloads’) and the danger of spreading malware via USB devices.  Three types of malware that have grown dramatically in the last few years are ransomware, banking threats and mobile malware.  In Q2 2016 alone, we saw 9,296 modifications across 28 ransomware families (and this from a total of around 26,000 ransomware modifications in total).  In the same period, Kaspersky Lab products blocked mobile banking Trojans on 1,132,031 computers.  3,626,458 malicious mobile installation packages were discovered in this period (83,048 of them were mobile ransomware programmes).


CBR: 2016 has been a big year for ransomware.  What do you think are the big threats that we will see in the future?

Emm: I think the three types of threat outlined above, including ransomware, will continue to grow.  They are all ways to make easy money and while they prove to be lucrative for cybercriminals, they will continue to invest in them.  That’s why we have seen such diversification in ransomware methods (e.g. infecting at a sector level, encrypting data on servers, using scripting languages for flexibility).  More aspects of life are becoming connected, offering a wider attack surface than ever before.  So we will see attacks on various aspects of the Internet of things – already, researchers have shown how connected ‘things’ as diverse as cars, children’s toys and CCTV cameras can be subverted.


CBR: There have been a range of big breaches recently. Are there any unifying themes and lessons that organisations can learn from them?

Emm: I think it’s vital that organisations work on the basis that their defences will be breached.  That isn’t to say that perimeter defence isn’t important – it is.  But defence in-depth is vital, so that if a breach does occur, attackers aren’t able to make off with valuable data – including sensitive customer data.  This means developing a security strategy based around people and processes, as well as technology.  It means limiting the scope of any attack by limiting the rights employees have on computers (i.e. not assigning admin rights by default) and segmenting the network to limit the spread of an attack.  It also means investing in education of staff, to make it harder for attackers to trick staff into doing something that jeopardises security.  With regard to customer data specifically, it’s important for providers to hash and salt passwords and to provide multi-factor authentication to make it harder for criminals to make use of stolen data.


CBR: Do you see the security world moving towards more unified architecture?

Emm: I see a lot of diversity.  Alongside traditional endpoint devices (desktops and laptops) mobile platforms have become an integral part of business and personal life.  On top of this, manufacturing and industrial systems use other systems.  If we consider the Internet of things, it’s clear that connectivity is implemented differently across the spectrum of devices.  The key, moving forward, is for those implementing connectivity in IoT devices to build in security at the design stage – because retro-fitting it after something bad has happened, is a lot harder.


CBR: 2016 has also seen unprecedented attacks on financial systems, such as the SWIFT attacks. Do you expect more of these and what can be done?

Emm: Historically, attempts to make money directly have involved attacking bank customers, rather than bank infrastructure.  But the latter have become more common in last few years.  Some involve attacks on common infrastructure, such as SWIFT (and also infection of Point-of-Sale devices), but some campaigns are designed to infiltrate bank systems directly and steal money – e.g. Carbanak, Metel and GCMAN.  Some of these (Tyupkin and Skimer are notable examples) infect ATM machines in order to steal money this way.  I think cyber criminals will certainly continue to  look for ways to undermine security in financial institutions.

Article source:

Posted in Kaspersky | Comments Off on From ransomware to mobile malware: Cyber defence in-depth with Kaspersky

Pat McAfee announces fundraiser for Kokomo – Indianapolis Star

One of the multiple tornadoes to touch down in Indiana during the day hit Kokomo, leaving scores homeless in and near the Cedar Crest subdivision, Wednesday, Aug. 24, 2016.
Robert Scheer/IndyStar

Article source:

Posted in McAfee | Comments Off on Pat McAfee announces fundraiser for Kokomo – Indianapolis Star