Cybersecurity stock shake up

If you’re ever anxious about screwing something up at work, at least you aren’t responsible for a massive worldwide technological malfunction that has left hundreds of billions of dollars in damages in its wake.

As you probably know by now—or have experienced firsthand—banks, airports, and even hospitals all had to deal with massive disruptions from a flawed software update pushed out by cybersecurity firm CrowdStrike this morning. When the update went awry it interrupted customers using Microsoft Windows in what is perhaps the biggest IT outage of all time (don’t worry, at Morning Brew we have Macs).

CrowdStrike clarified that the IT failure wasn’t due to a cyberattack or security breach, but instead a bug in their Windows update.

Beyond the danger and logistical hurdles triggered by the IT failure, the cyber meltdown caused a PR nightmare of epic proportions for a cybersecurity firm that is now in the spotlight for all the wrong reasons.

CrowdStrike shares fell 11.10% by the end of the day, while Microsoft was down 0.74%.

Should you buy the dip?

Analysts have long pointed to cybersecurity as a “recession-resistant” industry due to its necessity for huge firms in any economic environment. After all, as technology gets more advanced, so do cyberattacks and subsequent cybersecurity measures.

But CrowdStrike’s botched update has reminded investors how high the stakes are for cybersecurity companies, and how many people, companies, and institutions are seriously impacted if something goes wrong with the tech.

Despite today’s debacle, Wedbush analyst Dan Ives believes there’s still long-term upside for CrowdStrike—although he acknowledges that the outage is a “clearly a major black eye” for the company and that, “The stock will be under pressure after this global outage.”

The good news? Ives pointed to CrowdStrike’s CEO, George Kurtz, as “one of the best tech CEOs in the world” who’s managed to do some damage control for CrowdStrike. He also noted that CrowdStrike’s “strong brand and global marketing presence” will be helpful for rehabilitating the firm’s image.

But not everyone paints as rosy as a picture. Evercore analyst Peter Levine lowered his price target on the stock from $405 to $350 in the wake of the IT failure today, while maintaining an “outperform” rating on the stock. Levine called the failed update “unprecedented” in his note, while highlighting the still-unanswered questions the company must face: “The questions we have now are what’s the reputational risk, who’s liable for the financial impact, and does this headline alter the platform consolidation narrative?"

On the other hand, this disaster could be a boon to CrowdStrike’s cybersecurity rivals, including SentinelOne (S) and Palo Alto Networks (PANW), which are up 7.80% and 2.16%, respectively, on Friday. But overall the First Trust Nasdaq Cybersecurity ETF (CIBR) was down about 1.44% on Friday.

Overall, investors should have a “wait and see” mentality with how CrowdStrike responds to the outage over coming days, and how other cyber competitors perform.

“It could create opportunity for some competitive displacements, but this will take time to determine the path of CIOs and companies looking ahead and legal actions related to this outage,” wrote Ives.—LB