Dividend-Paying Cybersecurity Investments to Buy After Cyberattacks and DOD Response

By: ,

Dividend-paying cybersecurity investments to buy for both growth and income opportunities are gaining visibility after recent hacks led to mitigation responses from the U.S. Department of Defense, other government agencies and the private sector.

The multi-month cyberattacks began in March 2020 against a number of federal agencies but at least the U.S. military members engaging in efforts to thwart such threats have so far found no evidence of any compromise to the U.S. Department of Defense Information Networks (DODIN), an agency spokesman said. Concern about computer intrusions from any successful attacks is leading to targeted actions by the DOD to use stepped-up measures to protect its systems, he added.

“We will continue to work with the whole-of-government effort to mitigate cyberthreats to the nation,” the spokesman said.


Dividend-Paying Investments to Buy After Cyberattacks Can Help to Mitigate Threats and ‘Grave Risk’

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) warned that aggressive hacking poses a “grave risk” to the federal government, state, local, tribal and territorial governments, along with critical infrastructure entities and other private sector organizations. The compromised cybersecurity products faced vulnerabilities as far back as March 2020 without detection until the CISA issued an emergency bulletin this month that warned, among other things, about adversaries using virtual private servers (VPSs), often with IP addresses in the home country of the victim, for most communications to hide the activity among legitimate user traffic.

The attackers also frequently rotate their “last mile” IP addresses to different endpoints to obscure their activity and avoid detection, the CISA reported. The agency expects that the compromised cyber environments will be highly complex and challenging to remedy, since the adversary showed it can exploit software supply chains and use significant knowledge of Windows networks.

Russia is the reported base of the perpetrators, but knowing their origin does not mitigate any damage that has occurred. The cyberattack targeted Austin, Texas-based SolarWinds Corporation (NYSE:SWI), a developer of software that helps businesses manage their networks, systems and information technology infrastructure.

Dividend-Paying Investments to Buy After Cyberattacks Gain Interest After Compromise of SolarWinds’ Products

SolarWinds Corporation shares rose 13.68%, or $1.94, to close at $16.12 on Monday, Dec. 21, as it rebounded after filing a Dec. 14 8-K document with the Securities and Exchange Commission (SEC) that a cyberattack hacked its Orion monitoring products and may have caused servers to be compromised. The stock’s recovery stalled on Tuesday, Dec. 22, when it slid 23 cents a share, or 1.43%, to $15.89, before Wednesday, Dec. 23, when its share price climbed 0.75% from 15.89 to close at $16.01. On Thursday, Dec. 24, SolarWinds slid 26 cents a share, or 1.62%, to $15.75, showing no signs of an upward trajectory.

Chart courtesy of www.stockcharts.com

The company reported the “incident” likely was the result of a highly sophisticated, targeted and manual supply chain attack by an outside nation-state, but SolarWinds indicated it had not independently verified the identity of the attacker. SolarWinds reported in its SEC filing that it has retained third-party cybersecurity experts to aid in an investigation of these matters, including whether a vulnerability in its Orion monitoring products was exploited as a point of infiltration of any customer systems. The experts also will assist SolarWinds in the development of appropriate mitigation and remediation plans.


Dividend-Paying Investments to Buy After Cyberattacks Heighten Profile Amid FBI Probe

SolarWinds confirmed it is cooperating with the Federal Bureau of Investigation (FBI), the U.S. intelligence community and other government agencies in probes of this incident. Based on its investigation to date, SolarWinds found that the vulnerability was inserted within its Orion products and existed in updates released between March and June 2020. But the vulnerability did not exist in the source code repository of those products.

SolarWinds has taken steps to remediate the compromise of the Orion software and is investigating what additional steps, if any, are required. The company announced it is not aware that the vulnerability exists in any of its other products.

However, the fallout could hurt the company and many of its clients in the months ahead. The hackers reportedly obtained sensitive information and communications of SolarWinds clients such as the U.S. Departments of Treasury, Commerce and Energy, as well as the Los Alamos National Laboratory, which oversees the U.S. government’s nuclear weapons.

Dividend-Paying Investments to Buy After Cyberattacks Do Not Include SolarWinds, Money Manager Says

Hilary Kramer, host of a national radio program, “Millionaire Maker,” and head of the GameChangers and Value Authority advisory services, said she would not buy the dip in SolarWinds’s shares because contracts within the industry are so competitive that whenever one vendor shows any sign of weakness, the others pounce to “devour the remaining contracts.” It is a “real shark tank” and there’s blood in the water now, she added.

Columnist and author Paul Dykewicz interviews money manager Hilary Kramer, whose premium advisory services include IPO Edge, 2-Day Trader, Turbo Trader, High Octane Trader and Inner Circle.

Whether SolarWinds did anything wrong remains to be proven but from Wall Street’s perspective it does not matter, Kramer counseled. It was a $24 stock two weeks ago but bouncing from $14 to $16 may be the only recovery shareholders will see for several years while the company’s reputation recovers, she cautioned.

“Cybersecurity becomes more urgent every year and also more crowded,” Kramer said. “A lot of money is packed into these stocks and they aren’t all going to get a good spot at the table… there’s only a finite number of important contracts available and when all the big enterprises have gotten serious about protecting their networks, that’s it.”

Dividend-Paying Investments to Buy After Cyberattacks Feature Exchange-Traded Funds

“I love the theme, but rather than recommend a concentrated all-or-nothing position on one or two security stocks, a diversified approach has worked a whole lot better here over time to ensure that you’re invested in all the ultimate winners,” Kramer said. “An exchange-traded fund like Global X Cybersecurity (NYSE:BUG) contains all the major players around the world, weighted by current market footprint. It has done extremely well this year. And a look at BUG’s holdings reveals that while SolarWinds made a lot of headlines, it wasn’t really a force in the overall industry.”

Chart courtesy of www.stockcharts.com

BUG offers a modest dividend yield of 0.55%. For investors seeking to purchase individual cybersecurity stocks, CrowdStrike Inc. Holdings Inc. (NASDAQ:CRWD) or FireEye (NASDAQ:FEYE) would be the “purest plays” but they are expensive, Kramer added.


Chart courtesy of www.stockcharts.com

Chart courtesy of www.stockcharts.com

Dividend-Paying Investments to Buy After Cyberattacks Include Two Funds Favored by Pension Chairman

Investors interested in a diversified portfolio of cybersecurity stocks can choose between either of two exchange-traded funds (ETFs), First Trust NASDAQ Cybersecurity (NASDAQ:CIBR) or iShares Cybersecurity & Tech (AMEX:IHAK), said Bob Carlson, chairman of the Board of Trustees of Virginia’s Fairfax County Employees’ Retirement System with more than $4 billion in assets. Carlson, who also heads the Retirement Watch investment newsletter, mentioned both exchange-traded funds are “closely correlated” with each other, though IHAK has slightly higher returns over the last 12 months. The dividend yield of 1.32% for CIBR is nearly double the 0.68% yield for IHAK.

Chart courtesy of www.stockcharts.com

Chart courtesy of www.stockcharts.com

“The SolarWinds hack will generate additional revenue for cybersecurity companies over the next 12 months and increase investor enthusiasm for the stocks, Carlson said. “Rather than trying to pick one or two stocks that would benefit the most and become dominant providers, most investors are better off with a diversified portfolio of quality companies in the sector.”

However, investors should be cautious, Carlson counseled. The cybersecurity stocks have soared during the last two months. Their stock prices could be well ahead of their fundamentals, he warned.

Pension fund Chairman Bob Carlson answers questions from Paul Dykewicz in an interview before social distancing became common after the COVID-19 outbreak.

Dividend-Paying Investments to Buy After Cyberattacks Could Be Combined With Non-Dividend-Paying Zscaler


“The massive data breach and likely Russian cyber-attack just highlights the need for security architecture in place for any major company or organization,” said Jim Woods, editor of Successful Investing, Intelligence Report and Bullseye Stock Trader. “My favorite stock in this space is global cloud security firm Zscaler (NASDAQ:ZS).”


Chart courtesy of www.stockcharts.com

Woods praised San Jose, California-based Zscaler for its combination of strong earnings growth and relative price strength. As the largest provider of cloud-based web security gateways that inspect customers’ data traffic for malware, ZS security software may have plugged the Russian malware attack before it could take root in some of America’s most-sensitive networks, said Woods, who also is the co-leader of the Fast Money Alert trading service.

FireEye has rebounded nicely from the security breach, too, Woods added.

Dividend-Paying Investments to Buy After Cyberattacks Could Gain Support from U.S. Military Mitigation Activities

An analogy to cyber defense in depth exists in securing a building through the use of the brick and steel of the structure, silent alarms, guards, a vault and tags on the money to identify it as stolen, if ultimately recovered later, said Col. Patrick Ryan, a reserve advisor to the commander of the Joint Force Headquarters — DODIN.

“In cyber defense, we have a perimeter boundary, rout them out and harden the terrain,” Col. Ryan said.

The boundary, mid-point and end-point protections work together to harden terrain, but the duty is to secure, operate and defend the cyber warfare domain against adversary action, while reducing risk and threats that undermine mission assurance, Col. Ryan said.

Dividend-Paying Investments to Buy After Cyberattacks Have a Role to Play in Protecting DOD and Other Entities

The U.S. military’s cyber services need to ensure planes can take off, Navy ships can navigate and satellites can operate safely in space. Basically, in today’s digital world, all military missions operate in, through and from the cyber domain.

One strategy of U.S. military cyber defenses is to increase the cost to adversaries that attempt to harm U.S. interests and interfere with its operations, Col. Ryan said.

“The harder we make the job of the adversaries, the realization for them could become not to engage with the DODIN, specifically,” Col. Ryan said.

Cyber security is important for ground, air and space missions.

Dividend-Paying Investments to Buy After Cyberattacks Service Military and Civilians Clients


Lt. Col. Stacey Shade, a member of the National Guard who is part of the intelligence directorate at the Joint Force HeadquartersDODIN, has served in the U.S. military for 28 years and works in information technology (IT) and cyber security.

“We face the same issues in the military and civilian world,” Lt. Col. Shade said.

DODIN uses a threat-informing methodology to prioritize vulnerabilities, Lt. Col. Shade continued. A sheer volume of 146,000 vulnerabilities exist in the database that is compiled, cataloged and tracked by the National Institute of Standards and Technology (NIST).

COVID-19 Crisis Does Not Damage Dividend-Paying Investments to Buy After Cyberattacks

Even though the COVID-19 pandemic is not halting the ascent of most cybersecurity stocks, the virus has caused severe economic fallout and job cuts. A recent surge in cases ensnared President Trump, who was hospitalized between Friday, Oct. 2, and Monday, Oct. 5. The overall weekly hospitalization rate is at its highest point in the pandemic, with steep jumps in individuals aged 65 years and older, according to the Centers for Disease Control and Prevention (CDC).

COVID-19 cases have totaled 18,655,012 and led to 329,097 deaths in the United States, along with 79,447,410 cases and 1,744,068 deaths worldwide, as of Dec. 25, according to Johns Hopkins University. America has the dubious distinction of suffering the most cases and deaths of any country.

United States added 228,131 new coronavirus cases and 3,359 deaths on Thursday, Dec. 24, Johns Hopkins University reported. The number of hospitalizations in the United States hit a record 120,155 on Dec. 24, according to the COVID Tracking Project.

The dividend-paying investments to buy after cyberattacks tend to trade at higher valuations compared to those from many other industries, so bargain hunters hoping for a pullback before purchasing may need to be patient and be ready to pounce when such an opportunity arises. But the recent cyberattacks that alarmed U.S. officials and business leaders alike show a huge need exists for cybersecurity that may maintain a fairly firm floor under these investments, despite any short-term pullbacks that could occur.


Related Posts:

Paul Dykewicz

Connect with Paul Dykewicz

Paul Dykewicz

Paul Dykewicz, www.pauldykewicz.com, is a respected, award-winning journalist who has written for Dow Jones, the Wall Street JournalInvestor’s Business DailyUSA Today, the Journal of Commerce, Crain Communications, Seeking Alpha, Guru Focus and other publications and websites. Paul can be followed on Twitter @PaulDykewicz, and is the editor and a columnist at StockInvestor.com and DividendInvestor.com. He also serves as editorial director of Eagle Financial Publications in Washington, D.C., where he edits monthly investment newsletters, time-sensitive trading alerts, free weekly e-letters and other investment reports.

Paul is the author of an inspirational book, “Holy Smokes! Golden Guidance from Notre Dame’s Championship Chaplain,” with a foreword by former national championship-winning football coach Lou Holtz. In addition, Paul serves as a commentator about investing, economics, business news, politics and motivational guidance. 

Paul earned a master’s degree in business administration with a focus on finance at Baltimore’s Johns Hopkins University, where he was elected to two terms as president of its Finance Club. He earlier received a master’s degree from Michigan State University’s School of Journalism, where he was inducted into the Kappa Tau Alpha honor society. Paul received a bachelor’s degree from the University of Michigan in Ann Arbor, focusing on political science, business and economics.

Search Dividend Investor