Cybersecurity providers including FireEye Inc and Microsoft Corp could not prevent a huge network breach disclosed this month by numerous U.S. agencies and companies, yet their shares are soaring for a second straight week.
The months-long penetration exposed weaknesses in security tools as well as network management programs, most notably SolarWinds Corp’s Orion software widely used to oversee networks.
Recalls and scandals affecting products such as automobiles, food and toys tend to hurt shares across an industry, as investors brace for broad declines in consumer confidence and sales, according to two experts who have studied such scenarios.
But the spillover from the cybersecurity scare has been different. Wall Street is betting that governments and businesses – having invested years in moving to digital infrastructure – will only accelerate purchases of the latest IT tools.
“What’s the alternative?” said Venkatesh Shankar, marketing professor at Texas A&M University.
Airbag recalls or Listeria outbreaks tend to affect shares within a narrow supply chain, from restaurants and auto dealers down to parts and ingredients suppliers, he said.
But “the magnitude of this breach is not just within the software industry,” he said, noting SolarWinds’ customers span countless industries.
Kartik Kalaignanam, a University of South Carolina marketing professor, said traders are expecting organizations will bolster their defenses even if it means purchasing services from companies that were hacked.
“Although one could argue each one of them has some sort of flaw in their system, there’s a feeling there’s going to be more spending happening, and the market will be pushed up overall,” Kalaignanam said.
A BlackRock iShares fund of cybersecurity stocks surged nearly 10% last week and rose another 3.5% this week entering Thursday. FireEye rose this week to a 5-year high, Microsoft topped a 90-day peak and Palo Alto Networks, which said it blocked intrusions related to SolarWinds, jumped to an all-time record.
Mark Cash, who analyzes stocks for research firm Morningstar, said the SolarWinds breach “will certainly benefit” security companies. Once called in to repair defenses, they inevitably get a contract to stick around, Cash said.
Shankar and Kalaignanam said they expect industry shares to stay elevated for about six months to a year.