In September, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) unveiled a new cybersecurity plan for federal civilian agencies. Dubbed FOCAL — an acronym of federal civilian executive branch (FCEB) Operational Cybersecurity Alignment –the blueprint outlines how the agencies can best protect their data and IT infrastructure from cyberattacks.
Since CISA “is the operational lead for federal cybersecurity,” its recommendations carry significant weight in Washington. And because agencies are likely to spend more on cybersecurity in order to meet FOCAL’s requests, the stocks of large cybersecurity firms that generate significant revenue from the federal government could rally over the longer term.
CISA’s Recommendation, Outdated Systems Should Spur Greater Spending
One of the recommendations from CISA involves agencies ascertaining “ their assets and vulnerabilities” in order to increase their ability to identify and react to threats. Moreover, according to Bill Wright, global head of government affairs for Elastic, “too many agencies are still reliant on insecure legacy software and outdated architectures.” Elastic provides AI-powered IT security analytics, and Wright was quoted in an article about FOCAL which was published by Bank Info Security.
Although Wright warned that budgetary issues could make it difficult for agencies to spend adequately on technology going forward, there are reasons to believe that their outlays on cybersecurity will indeed rise meaningfully over the longer term.
Democrats and Republicans Are Prioritizing Cybersecurity
The Biden administration’s budget request ,issued in March ,asked Congress to appropriate $13 billion for the cybersecurity efforts of civilian federal agencies and departments for fiscal 2025. That represented a rather large 10% hike versus the $11.8 billion allocated by Congress for the same purpose for FY24.
And secondly, the incoming Trump administration is expected to continue to seek to protect the U.S. from cyber attacks from other countries. Specifically, the Pentagon under President-elect Trump is viewed as likely to take preemptive measures to prevent foreign adversaries from conducting such initiatives. Indeed, in Trump’s first term, the Defense Department did carry out such steps. For example, the agency warned “trolls and hackers” who were taking orders from Russia not to target other countries.
In order to launch such activities again, Trump’s Pentagon will likely require the assistance of U.S. cybersecurity firms.
Additionally, the new administration will have to implement measures to respond to the hacking of “at least eight U.S. telecommunications carriers” by a Chinese team called Salt Typhoon. As a consequence of this incident, the hackers gained access to almost every phone number on which the Justice Department can conduct wiretapping operations.
Exposed in September, the penetration reportedly may have been achieved through the targeting of systems used by law enforcement to legally wiretap customers. If that turns out to be the case, the incoming administration may have to utilize significant resources and enlist the help of contractors in order to remedy this vulnerability.
Moreover, other, similar vulnerabilities may be present in additional systems utilized by federal agencies. Of course, cybersecurity companies could also assist Washington with eliminating those weaknesses.
Large Cybersecurity Companies That Work for Washington
Among the large, publicly traded cybersecurity companies that work for the federal government are Crowdstrike (CRWD), Palo Alto Networks (PANW), Cloudflare (NET), and Fortinet (FTNT).
CrowdStrike safeguards the Pentagon’s data and provides a cloud solution for civilian agencies. Palo Alto reports that it is “transforming how the federal government secures its networks. Cloudflare provides multiple products that enable federal agencies to create a “zero trust” environment. Fortinet notes that its subsidiary, Fortinet Federal, “delivers trusted cybersecurity expertise and commitment to U.S. Government agencies and their partners.”
| Firm | Ticker | Share Price | Trailing P/E | Market Cap | Analysts Rating | Avg PT |
| Crowdstrike | CRWD | $353 | 718 | $90 billion | Buy | $379 |
| Palo Alto | PANW | $394 | 52.6 | $133.2 billion | Buy | $418 |
| Cloudflare | NET | $111 | N/A | $39 billion | Hold | $95 |
| Fortinet | FTNT | $97.15 | 40 | $76 billion | Buy | $97.10 |
