Nothing like being at the center of the largest IT “event” in history to send a stock tumbelling.
Last week CrowdStrike (CRWD), one of the biggest makers of cybersecurity software, pushed out a flawed update that caused an error in the Microsoft Windows operating system that runs millions of computers at point of sales terminals and reservation systems at business such as Starbucks, at airports and airlines, and at banks and financial markets. The file “C-00000291*.sys,” was buried in an update for CrowdStrike’s Falcon sensor product and caused an error in Microsoft Windows operating system. Repairing the damage is expected to take months such much the work has to be done manually. As I understand it, each affected computer needs to be manually rebooted.
Meanwhile CrowdStrikes shares are in free fall. The shares lost 11% on Friday and dropped another 13.5% today July 22.
After Microsoft, CrowdStrike is the second-biggest maker of endpoint protection software and controls 18% of the $12.6 billion market, according to research firm IDC, with 29,000 customers around the world.
When CrowdStrike reported quarterly earnings data on June 4th, 2024, it missed analysts’ consensus estimates of $0.21 by a penny. Before this event analysts expected earnings for CrowdStrike to grow by 55.56% in the coming year. (The company is expected to next report earnings on Wednesday, September 4th.)
That market position, customer lists, and expected earnings growth rate make the drop in CrowdStrike shares a very tempting moment for buy-on-the-dip investors. The stock is down $113.46 a share, or 30%, from its July 15 close at $377.37 as of the July 22 close at $263.91.
The worry, though, is that the drop isn’t finished. Every analyst on Wall Street expects the company to face a tsunami of lawsuits. That plus customer defections will hurt results. Already in the past few days, I’ve seem downgrades from two Wall Street investment houses. And I’m sure more downgrades will come.
Especially since no one knows exactly how big a liability CrowdStrike faces. The company’s typical contract limits CrowdStrike’s liability to “fees paid” by the customer. Those terms would significantly reduce the financial impact on the company. But some customers may have negotiated different terms.And some customers will claim that CrowdStrike was negligent or in breach of contract. Successful lawsuits on that basis would be significantly more expensive for CrowdStrike.
Here’s how I expect the uncertainty to play out. For the next month or two I expect analysts to work hard at estimating the costs of this event to the company. I think a lot of that analysis will wind up sounding pretty dire and to lead to further downgrades of the shares.
The September 4 earnings call will, probably, put an end to much of that speculation because the company will release its own assessment of the damage.
That is, in my opinion, likely to put a bottom in on negative speculation. I’d look to be a buyer in that timeframe.
One other long term uncertainty. CrowdStrike has been aggressively attacking Microsoft on security weaknesses in Microsoft’s endpoint security protection in an effort to win market share. This event doesn’t bolster that argument certainly. But the fact that the event hinged on a Microsoft product could limit CrowdStrike’s competitive losses to Microsoft. Many corporate chief information officers are likely to conclude that the real danger is in an over-dependence on any single vendor. Which might work to the benefit of competitors such as SentinelOne (S), up 6.72% on July 22.
