The biggest story in cybersecurity in July wasn’t due to hackers or a cyberattack. Instead, chalk it up to a software glitch.

A routine software update by cybersecurity firm CrowdStrike caused a significant IT outage on July 19, disrupting businesses globally. The update, which affected Windows hosts, led to widespread technical issues, including the notorious “blue screen of death” for many Microsoft users. Airlines, hospitals, financial services, and media outlets were among the sectors hit hardest by the outage.

CrowdStrike CEO George Kurtz promptly addressed the situation, confirming that the issue had been identified and isolated and that a fix had been deployed. He clarified that the incident was not a security breach but a defect in a single content update. Mac and Linux hosts remained unaffected. Kurtz issued an apology on NBC’s “TODAY” show, acknowledging the impact on customers and emphasizing the company’s commitment to restoring services.

In Great Britain, the Royal Surrey Hospital declared a critical incident, and the NHS experienced widespread disruptions. American Airlines and other carriers faced operational halts, while German insurer Allianz reported major outages affecting employee access.

Cybersecurity experts described the outage’s scale and impact as unprecedented, highlighting the challenges of managing privileged security software. Full recovery was slated to take several days, as the solution requires manual intervention for each affected endpoint¹.

CrowdStrike’s decisive actions and transparency are pivotal as they navigate this crisis, rebuilding customer trust and system stability moving forward.

Check Point Software Technologies Ltd

In July, Check Point was named a Leader in the Forrester Wave: Mobile Threat Defense Solutions, Q3 2024 report. This accolade underscores Check Points innovative approach to mobile security, a key part of its comprehensive Infinity Platform. By leveraging their Harmony Mobile advanced threat defence, Check Point demonstrates a strong commitment to safeguarding organizations against modern cyber threats.

The Forrester report highlighted Check Point’s ability to keep personally identifiable information (PII) gathered through mobile devices on-premises, a critical feature that allows Check Point’s Harmony Mobile to offer robust protection against attacks from apps, files, networks, or operating systems while ensuring user privacy and device performance remain intact.

Check Point received the highest possible scores in 14 criteria, including application integrity, network defence, and vulnerability mitigation. The company’s alignment with the Zero Trust Model and flexible deployment options were particularly noted. Customers praised the security capabilities and the support Check Point’s teams provided. With nearly a decade of expertise in mobile threat defence, Check Point continues to be a pivotal force in the field and the growing emphasis on mobile security, as evidenced by the Forrester Wave report².

Also in July, Check Point announced results for Q2 (ending June 30, 2024). The company reported total revenues of $627 million (up 7% YoY). Security subscription revenues reached $272 million (up 14% YoY). GAAP operating income stood at $209 million, constituting 33% of total revenues, while non-GAAP operating income was $265 million, accounting for 42% of revenues³.

CACI International Inc

CACI International announced in July that it won three notable contracts collectively valued at up to $1.18 billion over the next five to ten years, reflecting its strategic expertise and robust market positioning in the defence and intelligence sectors.

Firstly, CACI received a five-year task order worth up to $319 million from the U.S. Army’s Communications-Electronics Command (CECOM). This contract mandates CACI enhance the Army’s capabilities through high-fidelity threat and signals analysis, modelling, simulation, and reprogramming support. The task order will enable CACI to deliver advanced threat data in a continuous integration/continuous delivery (CI/CD) software cycle, supporting multi-domain operations and ensuring the most current threat assessments⁴.

In a further testament to its expertise, CACI was awarded a five-year task order worth up to $414 million to support the U.S. Army Combat Capabilities Development Command (DEVCOM) – C5ISR Center. This contract delivers critical assessments, technical expertise, and countermeasure insights to address current and emerging threats. The task order encompasses technology assessments, training, and research to bolster force protection and survivability⁵ .

Additionally, CACI secured a ten-year contract worth as much as $450 million to support the Joint Navigation Warfare Center (JNWC). This centre, part of the U.S. Space Forces, is pivotal for navigation warfare (NAVWAR) operations. CACI will provide 24/7 operational support, including adversary positioning and navigation assessments. This contract involves enhancing the U.S. and allied forces’ ability to operate effectively in environments disrupted by positioning, navigation, and timing (PNT) challenges through comprehensive operational field assessments and threat simulations⁶ .

CYBR ETF: Diversified Investing in Cybersecurity

A cybersecurity ETF offers a great alternative to gaining exposure to this industry without being locked into any single security and without the hassle of hand-picking individual stocks. ETFs allow you to diversify by investing in multiple companies in multiple markets, ensuring that a single market shock won’t tank your portfolio.

Canada’s first cybersecurity ETF, Evolve Cyber Security Index Fund (TSX Ticker: CYBR), invests in global companies involved in the cybersecurity industry. For more information, visit the fund page here: https://evolveetfs.com/cybr/.

Portfolio Strategy and Activity

For the month, Check Point Software Technologies Ltd made the largest contribution to the Fund, followed by Varonis Systems and CACI International Inc. The largest detractors to performance for the month were CrowdStrike Holdings Inc, followed by Booz Allen Hamilton and Zscaler Inc.

 

Sources

1. Bishop, K. & Kharpal, A., “CrowdStrike issue causes major outage affecting businesses around the world,” CNBC, July 19, 2024; https://www.cnbc.com/2024/07/19/crowdstrike-suffers-major-outage-affecting-businesses-around-the-world.html

2. “Check Point Software is Named a Leader in Mobile Threat Defense Solutions Report by Independent Research Firm,” Check Point Software, July 16, 2024; https://www.checkpoint.com/press-releases/check-point-software-is-named-a-leader-in-mobile-threat-defense-solutions-report-by-independent-research-firm/

3. “Check Point Software Announces New CEO & Reports Strong 2024 Second Quarter Results,” Check Point, July 24, 2024; https://www.checkpoint.com/press-releases/check-point-software-announces-new-ceo-reports-strong-2024-second-quarter-results/

4. “CACI Awarded $319 Million Task Order to Provide Intelligence Systems Expertise to the U.S. Army,” CACI International, July 31, 2024; https://investor.caci.com/news/news-details/2024/CACI-Awarded-319-Million-Task-Order-to-Provide-Intelligence-Systems-Expertise-to-the-U.S.-Army/default.aspx

5. “CACI Awarded $414 Million Task Order to Provide Global Operational Support for Unmanned Systems to the U.S. Army,” CACI International, July 29, 2024; https://investor.caci.com/news/news-details/2024/CACI-Awarded-414-Million-Task-Order-to-Provide-Global-Operational-Support-for-Unmanned-Systems-to-the-U.S.-Army/default.aspx

6. “CACI Awarded $450 Million Contract to Provide Support to U.S. Space Command’s Joint Navigation Warfare Center (JNWC),” CACI International, July 30, 2024; https://investor.caci.com/news/news-details/2024/CACI-Awarded-450-Million-Contract-to-Provide-Support-to-U.S.-Space-Commands-Joint-Navigation-Warfare-Center-JNWC/default.aspx

Source: Getty Images Credit: Funtap

The contents of this blog are not to be used or construed as investment advice or as an endorsement or recommendation of any entity or security discussed. These contents are not an offer or solicitation of an offer or a recommendation to buy or sell any securities or financial instrument, nor shall it be deemed to provide investment, tax or accounting advice. The information contained herein is intended for informational purposes only.
Commissions, management fees and expenses all may be associated with exchange traded funds (ETFs). Please read the prospectus before investing. The indicated rates of return are the historical annual compound total returns net of fees (except for figures of one year or less, which are simple total returns) including changes in unit value and reinvestment of all distributions and do not take into account sales, redemption, distribution or optional charges or income taxes payable by any securityholder that would have reduced returns. ETFs are not guaranteed, their values change frequently and past performance may not be repeated..
Certain statements contained in this blog may constitute forward-looking information within the meaning of Canadian securities laws. Forward-looking information may relate to a future outlook and anticipated distributions, events or results and may include statements regarding future financial performance. In some cases, forward-looking information can be identified by terms such as “may”, “will”, “should”, “expect”, “anticipate”, “believe”, “intend” or other similar expressions concerning matters that are not historical facts. Actual results may vary from such forward-looking information. Evolve Funds undertakes no obligation to update publicly or otherwise revise any forward-looking statement whether as a result of new information, future events or other such factors which affect this information, except as required by law.

Tags check point software  Crowdstrike  cyberattack  CYBR etf  Hackers