The adage that there are only two kinds of businesses—those that have been hacked and those to be hacked—should never apply to those tasked with preventing hacking.
Over the past 18 months, several companies providing cybersecurity services have reported their own breaches. This includes SolarWinds,
Mimecast and even the company once known as FireEye – generally the first call for other companies and even government agencies after a cyber attack.
Okta now joins that list, with the company this week reporting a hack by Lapsus$ Group, a company that has been causing problems for big tech companies like Samsung lately,
Nvidia and most recently Microsoft,
one of Okta’s main competitors in the identity management system market.
The fact that Okta has plenty of company hasn’t reassured its investors. The stock price has fallen nearly 15% in the past three days since the breach was reported. That’s not an unusual initial reaction — SolarWinds, Mimecast, and Mandiant all saw their stocks fall after reporting their own incidents. But these stocks were trading in the 3x to 6x forward range prior to these hacks; Prior to this week’s news, Okta was one of the more expensive stocks in the cloud category, trading at about 15 times forward sales. And even that came after a 24% year-over-year decline as part of a major correction in the cloud software sector.
Any recovery will take a while. The hack was released about halfway through Okta’s fiscal first quarter, with results not reported until late May. The nature of Okta’s hack, which took place through the computer of a support engineer working for a third party, also complicated the company’s response.
According to Okta’s schedule, it took the contractor’s forensic firm more than a month to provide analysis after the actual breach in January, and that contractor then took another week to relay the information to Okta. The company’s latest statement says less than 3% of its customer base may have been exposed to the injury, but more shoes could fall – especially if the Lapsus$ group decides to post more harmful material online.
Although the attack happened through Sitel — a major outsourcing firm — Okta’s response has drawn criticism. Raymond James’ Adam Tindle downgraded Okta’s shares to a “market perform” rating on Wednesday, noting that “the handling of the recent security incident adds to our growing concerns.” Truist analyst Joel Fishbein wrote in his own downgrade of the shares to a hold rating that “the damage to the Okta brand, which is considered one of the strongest defensive names in the industry, is worrying.”
This contrasts with Okta’s strong position in the market for cloud-based identity management software — a much-needed tool for companies looking to securely manage remote workers. The company’s total revenue rose 56% for the fiscal year ended January to $1.3 billion, and Wall Street expects compound annual growth of 35% over the next three years.
“Ultimately, Okta is the gorilla in the category and hacks are a reality for every business – this will pass and there is no better alternative,” said Alex Henderson of Needham. But he added that the company’s handling of the situation “left a lot to be desired.”
With investors no longer giving cloud companies the leap of faith, Okta has to work even harder to get back into the circle of trust.
write to Dan Gallagher at firstname.lastname@example.org
Copyright ©2022 Dow Jones & Company, Inc. All rights reserved. 87990cbe856818d5eddac44c7b1cdeb8
https://www.wsj.com/articles/okta-faces-long-road-back-11648211400?mod=rss_markets_main Okta has a long way to go