Cyber Security

New software helps hotel guests rest easy amid security threats

The largest hotel chain in the world just disclosed a giant data breach that happened in November. Some 500 million customer accounts were impacted. Later, Marriott International (MAR) said the theft also includes 5.25 million unencrypted passport numbers.

Potential identity theft and fraud aren’t just keeping guests up at night. Company execs are also losing sleep over cybersecurity worries.

That’s a big opportunity for investors.

Even as businesses shore up their digital defenses, hackers grow more sophisticated. Increasingly, they are sponsored by authoritarian states with deep pockets and nefarious longer-term objectives.

According to an Associated Press report, FBI analysts believe the Chinese Ministry of State Security is behind the breach at Marriott, which counts among its brands W Hotels, St. Regis, Sheraton, Westin, Element, Aloft, Le Méridien, Four Points and Starwood.

The passport information is especially valuable. It would allow CMSS, the Chinese version of the CIA, to compile detailed dossiers on global political and business leaders. That includes access to their health and financial records.

Combine that with credit card data gathering, and tracking when, where and with whom the target traveled is a cinch.

The espionage and blackmail possibilities are endless. And in the digital era, data is everywhere.

Fancy Bear, an elite Russian hacking group, and the GRU, Moscow’s military intelligence service, combined in 2017 to infiltrate hotel Wi-Fi networks in one Middle Eastern and seven European capitals.

The thieves used stolen NSA hacking tools and malicious Microsoft Word macros to silently collect cached usernames and passwords. The code was so sophisticated, users didn’t even have to sign in to become compromised.

The heist was possible because traditional cybersecurity involves building armies of security appliances around applications. Fancy Bear cracked that defense by getting inside the Wi-Fi application.

Zscaler (ZS) builds walls around data, not applications. The San Diego company makes cloud-based, next generation firewalls, sandboxing and vulnerability management software.

Cloud security software provider Zscaler was the first big tech IPO of 2018. The company priced its May IPO at $16. Shares are up 179.4% since then.

The concept is resonating because the security appliances business, currently dominated by Cisco Systems (CSCO), Siemens and General Electric (GE), is hopelessly broken.

Appliances are expensive. They do not scale well. The only way to add more capacity is to buy more appliances.

Unfortunately, that increases bottlenecks and latency — the anathema of the hybrid and cloud-based infrastructure that dominates modern enterprise computing.

More important, appliances have proven no match for sophisticated hackers. To overcome these issues, enterprises are moving data to containers that appliances cannot see.

In 2017, Network World reported the Financial Industry Regulatory Authority moved 75% of its infrastructure to Amazon Web Services to avoid security appliances.

Security Stack-as-a-Service is the future of cybersecurity in the cloud …

And the Zscaler Internet Access platform is the technology leader.

Zscaler operates the world’s largest SSaaS. It processes 35 billion requests, with 125,000 unique security updates every day. The cloud architecture means every client, from powerful workstations and laptops, to smartphones and tiny Internet of Things devices, get the same level of security.

When Zscaler finds a threat anywhere, it blocks it everywhere. In the process, customers get better performance and lower costs than security appliances.

The list of converts is long. Even legacy security appliance companies Siemens and General Electric have come around. They are now working with Zscaler to help enterprise customers transform the way they approach cybersecurity.

Partnerships like these are leading to blazing-fast growth.

Zscaler had revenues of $190 million in fiscal 2018, a 51% increase over 2017. Gross income ballooned 55% to $152 million.

Corporate hacks, like the Marriott debacle, represent a big opportunity for cybersecurity firms. Zscaler software gives enterprises the ability to build walls around data, even when networked applications inside delis, taxicabs and hotel rooms have been compromised.

After reaching $47.50 in August, Zscaler shares have fallen back to $41. At 520x forward earnings, shares are expensive. However, this is a high-growth business at the center of digital security.

The prospects are bright. Longer-term investors with some appetite for risk can buy the stock on pullbacks. For more recommendations like these — complete with timely, specific buy and sell signals — consider joining me here.

Best wishes,

Leave a Reply

Your email address will not be published. Required fields are marked *

Comments 1

Eric January 9, 2019

FINRA moving to AWS didn’t improve their security, in fact they are likely more vulnerable living on shared infrastructure.

Once the Chinese finally break into AWS (if they haven’t already) every company WI be held hostage.