Cybersecurity Stocks Seeing Early AI Gains
Cybersecurity is becoming increasingly important in the age of AI, as the number and sophistication of threats increase. Combining cybersecurity with AI has a natural affinity as cyberattacks are computer generated, and in turn, computers are uniquely capable of finding computer-generated threats. Utilizing AI to identify threats and for pattern recognition and anomaly detection is not new by any means, but rather what is now rapidly coming to market are platforms enabled with generative AI, to enable threat detection and prevention before attacks occur.
Despite cybersecurity being one of the most promising sectors to reap the benefits from AI, popular stocks have stumbled this year. CrowdStrike had a faulty update that caused global outages with high profile airlines affected. Palo Alto also recorded its largest-ever one-day decline as it cut its outlook; the company is taking a near-term hit as it pivots toward becoming a platform, which will fare better for AI purposes rather than a collection of disparate vendor products.
AI offerings are becoming more prevalent, and the first signs of AI-related growth are arising in the leading names in the industry. Below, I look at the demand environment for leading cybersecurity stocks CrowdStrike, Zscaler, Palo Alto, and Fortinet, and which ones have key metrics hinting toward underlying strength.
AI Opening New Opportunities as Threats Rise
Nearly one year ago, the I/O Fund discussed for its free newsletter readers how cybersecurity was the next industry to be disrupted by AI, not only by improving threat detection and prevention capabilities but also because AI-based attacks were on the rise. AI is aiding enterprises to expedite threat prevention, yet hackers are similarly expediting the end-to-end attack life cycle, and could potentially execute larger and more complicated attacks faster than ever before.
According to McKinsey, 51 percent of organizations believe generative-AI is driving new risks in cybersecurity, down slightly from 53 percent in a similar survey from 2023. However, only 33 percent of organizations are actively working to mitigate AI-related cybersecurity risks, with 16 percent already witnessing a negative consequence or event.
A report from the World Economic Forum predicts that AI could push cyber incidents and data breaches to a new record high in 2024, even after a 72% YoY increase in data breaches in 2023. Palo Alto said it is seeing an “uptick in mega-breaches” with multi-billion dollar impacts, as ransomware public extortion activity has risen more than 50% from 2022. Zscaler also sees ransomware attacks continuing to rise, up 18% YoY, though victims and payloads have gotten increasingly large, with 57% more victims and 144% more payloads.
Zscaler sees ransomware attacks continuing to rise, up 18% YoY, though victims and payloads have gotten increasingly large, with 57% more victims and 144% more payloads
Source: I/O Fund
The new dynamic created by AI in the industry from both a threat and protection standpoint offers a long-term growth runway. As Palo Alto puts it, the year 2024 “will be a phenomenal year in the utilization of AI in cybersecurity,” but it “will pale by comparison to what is yet to come.”
Palo Alto Networks: 4x Growth to $200M AI ARR
Palo Alto’s management believes AI “continues to generate significant excitement in the market,” and “adoption is proceeding at a rapid pace faster [than] any other new technology.” They see AI not only creating “transformative use cases” enabling new revenue streams and efficiencies, but also enabling cybercriminals to broaden attacks, improve targeting, and scale beyond what can currently be controlled by humans.
Palo Alto is rolling out a comprehensive AI product suite, with the launch of AI Access, AI SPM, and AI Runtime Security in May, combined with its AI-driven SecOps platform Cortex and AI integrations in its Prisma Cloud and SASE offerings. Palo Alto noted in Q4’s earnings call that its AI Access could be deployed to its 5,000+ Prisma Access customers, while nearly 1,000 customers were also interested in AI Access. This is an incredibly strong response given that early access to the solution was launched in July, only one month prior to management’s comment.
In fiscal Q4, Palo Alto disclosed that its AI ARR (AI Access, AI SPM, AI Runtime) had surpassed $200 million to close out the year, for 4x YoY growth. While growth is rapid, AI’s scale is still small, due to the recent timing of launches. However, AI already accounts for nearly 5% of Next-Gen Security (NGS) ARR, and is set to grow its share of NGS ARR as products scale.
Palo Alto is also seeing strong growth in Cortex, with ARR surpassing $900 million in fiscal 2024. Cortex XSIAM delivered north of $500 million in bookings, with customer count rising 4x YoY. Palo Alto has previously noted that XSIAM drives much higher ARR, with customers who adopt XSIAM having >5x ARR compared to those that do not. Continuing to accelerate customer adoption of XSIAM while growing Cortex’s customer base (up nearly 20% YoY to >6,100) can drive strong long-term growth for the fastest-growing product in Palo Alto’s history.
With the strengths arising in AI, Palo Alto is expecting NGS ARR growth to remain robust, though headline growth is decelerating due to the law of large numbers. NGS ARR is guided to increase 34% to 36% YoY in Q1 of fiscal 2025, reaching between $4.33 billion to $4.38 billion. On a dollar basis, that represents YoY growth of $1.13 billion, marginally higher than the $1.12 billion it added from Q1 2023 to Q1 2024, where YoY growth was reported at 53% — essentially, Palo Alto is maintaining the same growth in dollar terms despite operating at a larger scale.
Zscaler: AI Contributing 3 Points to Growth
Zscaler launched its AI Analytics solutions at the end of 2023, and is already seeing strong contributions from these new products, including its Risk360, Business Insights, Unified Vulnerability Management and more. Zscaler’s management believes that “the increasing use of AI is creating new avenues of growth,” and “the rising adoption of Gen AI is exposing new gaps in organizations’ security posture.”
Management said that AI Analytics was “seeing strong traction” in Q4, and “contributed nearly 3 points to new and upsell business growth in Q4 and 2 points for the entire fiscal ‘24,” even with the products being available for just a portion of the year. While Zscaler did not break out AI’s contribution in dollar terms, it noted that it saw record new and upsell business in Q4 and a record $1 billion-plus in quarterly bookings (driven by the new and upsell business), suggesting that the AI Analytics was a strong driver for the quarter under the hood.
Zscaler is also prioritizing data center and AI investments to support this growth in AI Analytics. For fiscal 2025, management said that they expect “data center CapEx to be approximately 3 points higher as a percent of revenue compared to fiscal 2024,” due to investments to upgrade cloud and AI infrastructure. Property and equipment purchases have been accelerating on a quarterly basis to nearly $50 million in Q4, and totaled 7% of revenue for the entirety of FY24, so Zscaler looks to be eyeing a move closer towards the 10% range. As a result of these increased data center investments, free cash flow margin is expected to decline from 27% in FY24 to 23.5% to 24% in FY25.
Zscaler’s property and equipment purchases have been accelerating on a quarterly basis to nearly $50 million in Q4, and totaled 7% of revenue for the entirety of FY24
Source: I/O Fund
Additionally, despite closing out its fiscal 2024 with a double beat in Q4, Zscaler’s guide for FY25 was light, pointing to a revenue growth deceleration of ~6 percentage points YoY. Zscaler also left clues that AI Analytics and other new products will continue to see strength in FY25, saying that sales productivity was better than expected, driven by new and upsell business. The trend is set to continue in FY25 and strengthen in the second half of the fiscal year.
Fortinet: AI-Driven Ops Account for 10% of Billings
Fortinet did not break out AI revenue or ARR like Palo Alto has, but management said that in fiscal Q2, “AI-driven SecOps accounted for 10% of total billings,” an increase of 1 point QoQ but flat YoY. Fortinet’s FortiAI solution is currently available in its FortiAnalyzer, FortiSIEM, and FortiSOAR products but will be expanded to more products in the future.
However, AI-driven SecOps’ billings have been lumpy, and are lower in Q2 than they were in Q4. Based on the 10% figure, Q2’s AI-driven SecOps billings were approximately $154 million, up just over 22% QoQ but down more than (17%) from $186 million in Q4. AI-driven SecOps also has not surpassed 10% of total billings in each of the last four quarters.
Fortinet’s Q2 AI-driven SecOps billings were approximately $154 million, up just over 22% QoQ but down more than (17%) from $186 million in Q4
Source: I/O Fund
Management guided for billings to be approximately flat to up low single-digits QoQ in Q3, implying that AI-driven SecOps’ contribution will not rise significantly unless SASE or Secured Networking declines significantly, which is unlikely to be the case. As a result, Fortinet may not see its AI-driven products meaningfully contribute to billings growth or drive a newfound acceleration in the metric.
Despite this, Fortinet took steps to broaden its AI security portfolio, acquiring Lacework in Q2. Management expects Lacework’s “organically developed AI-driven cloud-native application protection platform will be combined with the power of Fortinet’s Security Fabric platform, ensuring broad protection across the network, cloud, and endpoint.” The move is expected to add $10 billion to Fortinet’s TAM, per management’s projections.
CrowdStrike Discusses AI Opportunities Without Disclosing AI Numbers
While peers Palo Alto and Zscaler put forth some early AI revenue and growth numbers, CrowdStrike has not, but management has discussed AI-related opportunities in some detail.
CrowdStrike has not broken out any AI-specific growth numbers or contribution, but arguably has a very strong product suite with its Falcon platform and its new generative AI-powered security analyst Charlotte AI. Management sees a long runway ahead for AI in cybersecurity, with a $225B 2028 AI-native security TAM, explaining that “decreasing TCO and increasing efficiencies through AI and automation are clearly voiced organizational priorities and will be for years to come.”
CrowdStrike believes Charlotte AI holds “an incredible amount of promise,” and has been training this AI security assistant to “be a malware reverse engineer, … to translate threat hunting queries, … to help automate reporting, … [and] to do some incident response use cases,” to improve efficiency and accelerate back-end processes when working in conjunction with humans. Management says that its “best-in-class module adoption” is “supercharged by Charlotte AI [and] makes the Falcon platform sticky for all users.”
Adoption rates for CrowdStrike’s modules remain strong, with adoption of 6+ and 7+ rising 1 point each sequentially to 45% and 29%. Additionally, similar to Palo Alto, CrowdStrike’s ‘hypergrowth’ products (LogScale next-gen SIEM, Cloud and Identity Security) are witnessing strong growth, with ending ARR for the group surpassing $1 billion, up 85% YoY.
Conclusion
Cyberattacks are rising in both number and sophistication. While 2024 has been a bit of a wild ride for the industry, cybersecurity is only growing in importance in the age of AI. The industry’s leading companies are progressing with AI-powered product deployments, seeing long runways ahead despite minimal signs of growth at the moment.
Palo Alto’s AI portfolio is contributing ~$200 million, or 5%, of total ARR, while Zscaler’s products are contributing just 3 points to upsell growth. Fortinet is seeing AI-driven SecOps contribute 10% of billings, though that has been relatively unchanged for four quarters. Meanwhile, CrowdStrike has yet to put a firm number on AI-related growth, though next-gen products are recording rapid growth.
Cybersecurity stocks command a premium to the broad SaaS universe with early signs of AI growth.
Source: YCharts
Due to their early exposure to AI and revenue streams, cybersecurity stocks command a premium to the broad SaaS universe. Despite its valuation crunch after its incident, CrowdStrike remains the third most-expensive software stock on a top-line basis, with Palo Alto also in the top ten. Fortinet and Zscaler both trade around the 10x forward revenue level, nearly double the median 5.5x multiple for the sector.
Our goal (always) is to perform deep dive research to identify winners, and then to subsequently identify a good entry. I will be direct and say our firm is not a buyer in this market as I believe most tech stocks will trade lower in the next 3–6 months. Yet, it’s never too early to perform research and get our ducks in a row for when the market affords solid entries. Interestingly, despite cybersecurity AI revenue numbers looking low, it’s one of the only software verticals where there is AI revenue. I think investors should pay attention to these early green shoots.
While Wall Street is worried about how much AI is costing, the I/O Fund is busy calculating how big the AI opportunity can get in the next few years and how investors can participate. Learn more about the I/O Fund’s holdings and consistent deep dive research on AI stocks, crypto and more here.
Visit us at io-fund.com and sign up for our free newsletter covering tech stocks weekly.