Join our community of smart investors

FTSE 350: Russian threat raises cybersecurity concerns

Need for defences has increased enquires for cybersecurity products
April 28, 2022

The war in Ukraine has heightened executives’ awareness of the need for cyber defences. Just prior to the Russian invasion, the Ukrainian banking sector was hit by a distributed denial of service (DDoS) cyber-attack. For now, such attacks have mostly been limited to Ukraine, but politicians have warned they could soon threaten the UK and the US.

In the UK, the National Cyber Security Centre has already told companies to “bolster online defences”. This call to action brings the abilities of listed cyber defence companies Darktrace (DARK) and NCC (NCC) to the fore.

Darktrace has been on a bumpy ride since its listing last April. The share price almost trebled by October before losing all its gains by the end of the year, partly as a result of a sell call by Peel Hunt. The reasoning was that the market size for its Network Detection Response unit was only expected to grow to $6.5bn (£5.1bn) by 2025 – and Darktrace's low customer review score meant it was unlikely to take the majority of said market.

Darktrace has recovered slightly since then thanks to a strong set of half-year results. Annual recurring revenue (ARR) rose to 105.1 per cent from 99.9 per cent last year, reflecting existing customers upping their spend. Management increased its full-year ARR growth forecast by five percentage points, to between 24 and 29 per cent.

The share price also got a 25 per cent bump at the start of the war. At the time, management said it hadn't seen an increase in attacks, but has seen "an increase in enquiries for its product”.

This may not be enough for investors to jump in yet, as the company is still struggling to turn a profit because of its large marketing spend. But analysts do expect it to start returning a profit earlier than previously expected. Since the beginning of the year, the FactSet 2024 consensus EPS has risen from -0.70p to 2.80p.

Cybersecurity isn’t all about having software to repel attacks once they are in the system. There are also practical steps to be taken to prevent breaches, such as training employees and keeping IT up to date. This is where NCC comes into play.

NCC has a software resilience business – which helps get clients’ software up and running if their provider fails – and assurance, a cybersecurity consultancy service. Software resilience revenue shrank 3.3 per cent in the six months to 30 September last year due to issues retaining sales staff. However, assurance grew 8.8 per cent.

Out of the two listed companies, NCC is a safer bet. It trades on an affordable forward PE ratio of 18 but importantly has an appealing 5.5 per cent forward free cash flow yield. Real cash flow and exposure to a cybersecurity market expected to register a CAGR of 11 per cent from 2021 to 2028, according to Grand View Research, is appealing.

 

NAMEPrice (p)Market cap (£mn)12-month (%)Fwd PEYield (%)Last IC View
Avast5485,70016.0192.2Hold, 574p, 15 July 2021
AVEVA Group2,5217,604-34.0241.5Buy, 3,542p, 10 Nov 2021
Bytes Technology Group4971,1910.0331.3-
Computacenter2,8863,29413.0182.3Buy, 2,718p, 16 Mar 2022
Darktrace4182,924na5390.0Hold, 530p, 3 Mar 2022
FDM Group (Holdings)1,0801,1794.0303.3Buy, 944p, 29 Jul 2020
Kainos Group1,3111,625-14.0341.7Hold, 1,853p, 15 Nov 2021
Micro Focus International3961,329-23.045.0Hold, 407p, 8 Feb 2022
Network International2531,417-39.0210.2Hold, 290p, 23 Sep 2020
NCC Group192594-31.0182.4Buy, 215p, 27 Jan 2022
Softcat1,5042,998-21.0292.9Buy, 1,781p, 22 Mar 2022
The Sage Group7277,40413.0282.5Buy, 770p, 17 Nov 2021
Source: FactSet