Stock markets surrender to the era of cybersecurity

The first half of this year has been particularly positive for listed companies in the cybersecurity sector. In the United States, CrowdStrike shares have accumulated a rise of nearly 40% since January, while Zscaler has soared by more than 60%. Although with more moderate growth, companies such as Palo Alto Networks and Fortinet have also registered advances, with increases of between 5% and 6%. The trend shows a market clearly focused on a sector that continues to gain prominence.

Renta 4 Gestora endorses this positive trend. The Renta 4 Megatendencias Tecnología fund has maintained a strong commitment to cybersecurity for years, currently representing 10% of its portfolio, according to its manager, Diego Santo Domingo. Among its main positions is Zscaler, with a weighting of nearly 4% and an annual appreciation of 74.5% in dollars. Also notable are the advances of Check Point and CyberArk , with increases of 20%, compared to the more modest performance of others such as Palo Alto and Fortinet.

This stock market revaluation is due to underlying structural factors. Javier Cabrera, a market analyst, attributes the rally in cybersecurity companies to the rise of artificial intelligence (AI) and the increase in geopolitical tensions, which have forced governments and companies to strengthen their digital defenses against more complex threats. In Spain, he points out that nearly 10% of the increase in defense spending expected this year will be allocated to cybersecurity, a figure higher if other items linked to digital infrastructure are included.

This trend, also visible globally, is driving the sector's revenues, with expected growth of 15% in 2024. The market, he says, is already anticipating a broader expansion cycle, which is driving up the multiples of listed companies.

In addition to Zscaler and Palo Alto, Nacho García Egea, CISO of Gigas, highlights the momentum of CrowdStrike and Cloudflare , "which are setting the pace with cloud-native solutions and Zero Trust architectures." He comments that Europe "is beginning to make its move, as shown by the revaluation of Eviden (Atos) and the strategic moves of Thales in managed services and sovereign cloud." At the national level, he highlights the strength of Indra , which combines capabilities in defense, technology, and critical cybersecurity. Its shares have risen almost 120% so far this year, currently hovering around €37.

At the European level, TRC embodies, according to Gustavo Martínez, professor of Finance at Francisco Marroquín University, Spain's most coherent effort to lead a cybersecurity strategy that is less dependent on external sources. He values its evolution from healthcare software to solutions like Cervus and Frontek, as well as its involvement in the development of its own European catalog. Initiatives like this, he maintains, "are essential at a time when Europe is seeking to protect itself against digital threats without systematically turning to suppliers from the US or Israel."

Moving toward more autonomous European cybersecurity isn't enough to simply strengthen what already exists: new players and a consolidation strategy are needed. José Fernández Tamames, director of the Bachelor's Degree in Computer Engineering at UNIE University, highlights the role of firms such as Telefónica Tech and Indra-Minsait, key to protecting critical infrastructure , OT systems, and threat intelligence. Although their international visibility is still limited, they could gain global influence if they focus on high-value niches—such as IoT or digital authentication—and rely on the EU regulatory framework to scale in regulated sectors.

Beyond large groups, the ecosystem also thrives on companies capable of detecting specific gaps. Fernando Mateus, CEO and founder of Kymatio, defends his commitment to human risk, "a flank poorly covered by traditional solutions." His SaaS platform, modular and aligned with regulations such as NIS2, DORA, and ENS , is already operating in Spain and Latin America with the support of Wayra. Although he anticipates a period of concentration, he believes that specialized firms will continue "to be key due to their ability to adapt quickly and offer innovative solutions."

This innovative agility contrasts with the growing complexity of the threat landscape. Juan José Sánchez Peña, director of the Master's Degree in Cybersecurity at UAX, warns about the advance of deepfakes and adaptive malware, capable of bypassing barriers in real time. He also points out the risks of "overrelying on AI tools, which can generate false positives or reproduce biases from training." In this context, technology SMEs "are gaining prominence due to their rapid reaction to more sophisticated challenges."

This rise in more advanced threats is generating divergent responses depending on the regional approach. While the United States prioritizes cloud automation to scale protection and efficiency, Europe is betting on digital sovereignty, data control, and regulatory adaptation. According to Pedro Viana, Head of Pre-Sales at Kaspersky for Iberia, "the key lies in a hybrid approach that combines AI and predictive analytics with local or hybrid deployments tailored to the needs of each client. A model that, regardless of geographic context, seeks a balance between innovation, resilience, and trust."

Fortinet is also attempting to integrate AI more structurally. Acacio Martín, vice president of Fortinet Iberia, explains that the company has been working in this field for more than 15 years and has accumulated more than 500 AI-related patents. Compared to more specific solutions, Fortinet is committed to native integration that encompasses everything from chips to the operating system, with the goal of anticipating threats, reducing costs, and simplifying operations through automation and natural language interfaces supported by generative AI.

Regarding the strategic challenges these companies face to sustain their growth in such a fragmented and competitive market, Santo Domingo of Renta 4 points out that cybersecurity "has gone from being a defensive expense to becoming a guarantee of operational continuity. Although sales cycles have slowed due to macroeconomic uncertainty, budgets in this area remain a priority."

Santo Domingo adds that the consolidation of the sector "favors players with broad platforms and recurring revenue models." Despite pressure on margins and constant technological demands, he believes that the leaders "will continue to grow solidly in a sector increasingly perceived as a safe haven within the tech universe."

Adding to this sectoral analysis is the competitive analysis of market analyst Cabrera, who points out that the biggest challenge for these companies is "building differentiated services with high switching costs. If the customer perceives they can switch providers without friction, the value drops." In contrast, an integrated solution connected to the customer process creates loyalty and allows for higher prices. The problem, he adds, is that "without constant innovation and pricing capacity, returns deteriorate and the market quickly punishes weaker companies."

Regarding the potential for appreciation, Cabrera believes the sector "may correct if growth expectations are not met, although its structural trend is positive." In the medium term, cybersecurity will remain essential, even if geopolitical conflicts cool. Some companies could be penalized by inflated valuations, but the market is still expanding. In his opinion, the cycle has not peaked, and certain companies could normalize their multiples if liquidity persists, prolonging the sector's stock market appeal.