- Biden’s executive order on cybersecurity will help companies with government connections, experts say.
- The order will also help companies with relevant niches, such as Dragos, Interos and GovReady.
- It could encourage acquisitions as large companies add tools for large companies.
- See more stories on the Insider business page.
The big winners of President Joe Biden’s new executive order on cybersecurity will be the big cloud security companies with existing relationships with the government (think CrowdStrike, FireEye, Microsoft and Palo Alto Networks), as well as more niche companies the services of which suddenly become critical according to experts.
In an order issued Wednesday, the White House set new policies and deadlines for the cybersecurity industry, which faces attacks from SolarWinds, Microsoft Exchange and Colonial Pipeline. The order requires more information shared by federal agencies and businesses about cyber threats, a game book for cyberattack responses, further modernization of security when developing applications, and more attention to chain security. supply and industrial facilities.
Large public companies will earn more government spending, and private industry will see a running effect, an expert said. “This is because of who currently has the contracts and who doesn’t,” Eric Cole, a former Obama cybersecurity officer and longtime industry consultant, told Insider. “And what the government does, the industry goes on.”
The order pushes the government toward approaches such as “zero trust” cloud computing programs that rely on user verification and automated intrusion detection. Large companies with long-standing relationships in government that may no longer have these skills can swallow smaller companies than they do, according to Cole.
“This is establishing mergers and acquisitions,” he added.
“That could translate into consolidation,” said Dan Ives, an analyst at Wedbush.
Large government contractors like Lockheed Martin and Northrop Grumman could pick up cybersecurity companies to complete their government-focused products, Ives said, as did Microsoft.
George Kurtz, the CEO of CrowdStrike.
He and Cole highlighted several other companies they saw as big winners.
CrowdStrike, the $ 41 billion Silicon Valley company, which is a powerhouse among the new wave of cloud security firms, is included in many federal contracts through defense contractors and other vendors. Government agencies already trust the company, provide various cybersecurity tools, and may be looking to add more features.
“We love a good acquisition,” George Kurtz, CEO of CrowdStrike, told Insider in September.
FireEye, which uncovered the extensive SolarWinds attacks, could also benefit, as the respected incident response company helps government agencies and companies respond more quickly to cyberattacks, as required by the order.
And Microsoft and Palo Alto Networks, two of the largest companies providing cybersecurity, are likely to expand their contracts, experts said.
“Palo Alto Networks will continue to work with the U.S. government to move these policies toward actionable results,” CEO Nikesh Arora said in a statement.
Large companies that have delayed their initial public offerings, such as Tanium, Netskope and Snyk, will also benefit, as they are able to remodel their businesses as needed to meet order requirements, without the supervision of shareholders.
“It’s the companies that could really take advantage of the industry changes here,” Cole said, because they have hundreds of millions of capital and more freedom to pivot toward new lines of business.
Rob Lee is the CEO of Dragos.
The order calls for the need for more industrial security, such as the protection of power plants and dams, and operational security companies like Dragos could benefit, Ives de Wedbush said. Dragos CEO Rob Lee told Insider that “the executive order is another promising step in the progress we have seen since the Biden administration towards protecting our nation’s industrial infrastructure against emerging threats “.
Other startups with a strong niche could also benefit. Dragos has just signed a partnership with IronNet Cybersecurity, led by Keith Alexander, formerly the top U.S. head of cybersecurity as head of the National Security Agency and Cyber Command. IronNet could benefit from its state-of-the-art approach to sharing cybersecurity data between companies, which Biden stressed in the order.
“We need to put in place the goals set by the executive order so that they can build bridges between the public and private sectors to enable the delivery of public-private threats in real time,” Alexander told Insider.
GovReady, which helps agencies automate compliance packages, will be sued, Washington Dcode’s startup accelerator said. Dcode’s Ion Channel could also benefit from its supply chain security tools.
Interos CEO Jennifer Bisceglie.
Without visibility into supply chain vulnerabilities, the government cannot fight major attacks, Jennifer Bisceglie, CEO of Interos, told Insider. But the order does not have the economic influence it would have had if the Senate had not exhausted Biden’s stimulus package of much of its funding for cybersecurity, he added.
“Agencies can only do what they are funded to do,” Bisceglie said. Otherwise, another big attack will attack agencies and companies that, without question, shrugged when asked what happened to SolarWinds. “The shoulders were earrings,” Bisceglie said. “We don’t want to do it again.”