10 cybersecurity terms investors should know, and 2 industry-leading stocks to buy

With the rise of artificial intelligence that can both defend and attack computer networks, 2025 will be a decisive year for cybersecurity. The rise in ransomware attacks and data breaches disrupting businesses around the world has investors searching for cyber companies like Palo Alto Networks and CrowdStrike, portfolio names that can translate security capabilities into consistent revenue growth and profitability, and increasingly higher stock prices. This year's biggest attacks affected companies like Yahoo, Alibaba, Microsoft's LinkedIn, Meta Platforms' Facebook, and Marriott; just a few of them. The rise of artificial intelligence cuts both ways; It makes it easier for bad actors to launch more frequent and sophisticated attacks, while also strengthening the tools companies use to counter them. This dynamic puts CrowdStrike and Palo Alto Networks in the enviable position of selling solutions every business can't live without. It's a formula that pays off. CrowdStrike is up over 55% year to date, making it one of our best stocks of 2025. Palo Alto has gained about 12% this year. As businesses move more workloads to the cloud and use AI tools, the opportunity expands and the bar for security standards rises in increasingly complex digital environments. Both companies are leading the industry's platformization shift by offering one-stop shop security platforms that simplify and unify the way businesses protect their data. This helps explain why cybersecurity spending remains one of the few areas of IT budgets that continues to grow even as organizations cut costs elsewhere. To help investors better navigate this fast-moving industry and stay on top of trends, we spoke with Jerry Perullo, a professor in the school of cybersecurity and privacy at Georgia Tech. He is also the founder of Adversarial Risk Management, which provides consultancy services to the industry. Perullo helps us break down 10 common cybersecurity terms and what they reveal about where the industry and its leaders like Palo Alto and CrowdStrike are going next. 1. Vendor In cybersecurity, a vendor is a company that sells hardware and/or software tools designed to protect data and networks, typically through recurring subscription models rather than one-time purchases. Companies like Palo Alto and CrowdStrike fit this model. “Almost everything in cybersecurity these days is subscription-based,” Perullo said. “People don't buy software that's theirs forever, they subscribe to it.” This model provides sellers with predictable recurring revenue, the kind of high margin consistency that Wall Street loves. 2. Annual Recurring Revenue Since Palo Alto and CrowdStrike are subscription-based, their business is valued based on annual recurring revenue. Investors focus on whether a company can expand ARR by adding new customers or increasing prices. "Investors want to know what companies' average subscription fee is, and can they increase it by adding more customers or charging existing customers more," Perullo said. he said. “Those are the two items that fall into the ARR.” Increasing ARR indicates strong customer retention and pricing strength. 3. Attack surface area An organization's attack surface area refers to every possible entry point a hacker could exploit. From devices and cloud servers to employee logins. “This is how many points you have where someone can interface with your system and potentially abuse your system,” Perullo said. “Each is another opportunity for a vulnerability to be found. With the rise of AI agents, automated bots, and interconnected software systems, this surface has expanded significantly. Perullo explained how these tools can now initiate actions and make decisions on behalf of users. This increases efficiency across a business while also increasing the number of digital identities and endpoints that need to be protected. Palo Alto and CrowdStrike specialize in identifying and defending these entry points. 4. Cloud security Cloud security protects data and software Perullo said “Traditionally, before the cloud, the attack surface was in company-owned data centers,” he said. “But with the advent of the cloud around 2007, the idea was to replace these internally managed data centers with the top three cloud players,” he added. The professor called it a “paradigm shift” because as companies moved workloads to the cloud, cloud-based tools were positioned to meet growing enterprise demand. “Alto offers more tools in this area,” he added. 5. Firewall Firewall was born from the idea of separating fire from passing through a wall by filtering traffic and blocking malicious activity,” Perullo explained. In a cloud-first world, firewalls are less critical; many legacy systems still depend on them. “You could say a firewall is dead because of cloud security,” Perullo noted, “But there's still a lot of legacy infrastructure, so these markets aren't falling off the cliff overnight.” In fact, Palo Alto has built its business around next-generation firewalls. But its evolution towards cloud and platform-based security has helped businesses stay relevant as they modernize their defenses. 6. Non-Human Identity A non-human identity refers to a digital entity, such as an AI agent or bot, that interacts with systems without human input. “Since the beginning of data center computing, some processes have always had to run without human interaction,” he said. “The important thing is to understand what non-human identity is and whether it is right for the task.” As AI continues to proliferate, companies need to secure both humans and machines. He explained that Palo Alto can take advantage of this new layer of security, like CrowdStrike's identity threat protection. 7. Endpoint security Endpoint detection and response (EDR) software protects devices like laptops, smartphones, and tablets—the “endpoints” that employees use every day. “This is the bread and butter of CrowdStrike,” Perullo said. That's where they lead." These platforms constantly monitor device activity using artificial intelligence to detect suspicious behavior. Perullo explained that the number of endpoints is increasing with today's hybrid work dynamic, so demand for CrowdStrike's Falcon and Palo Alto's Cortex and is a cloud-based framework that protects data. “It used to be that everyone was in the office and protected by the same firewall,” Perullo said. "With people working from home, that model has been disrupted.” Palo Alto's Prisma Access, along with offerings from Zscaler and Cloudflare, helps securely connect distributed workforces. Information and Event Management (SIEM) tools collect and analyze data such as login attempts, firewall alerts, and application logs, Perullo said, adding, “Each failed login or password attempt enables a system to assess cybersecurity with exponentially increasing security data.” 10. Security Operations Center Security Operations Centers (SOCs) use AI to help companies reduce alert fatigue and increase detection accuracy. “It used to be a physical location,” Perullo said. “Now, it's about the team that performs that function as cyber attacks become more frequent.” As digital threats become more sophisticated and organizations expand to the cloud, demand for more unified, AI-driven cybersecurity protects an ever-expanding attack surface using automation, broad data intelligence, and integrated platforms. We have a buy-equivalent 1 point on CrowdStrike and a $520 price target. (See here for the full list of stocks.) You'll receive a trade alert before you buy or sell a stock in his charitable foundation's portfolio. After Jim talks about a stock on CNBC TV. waits 72 hours before executing. DISCLAIMER, NO LIABILITY OR DUTY WILL EXIST OR CREATE IN CONNECTION WITH THE RECEIPT OF ANY INFORMATION PROVIDED IN CONNECTION WITH THE INVESTMENT CLUB.