The Biggest Threat to the U.S. Financial System
The biggest threat to the U.S. financial system... The white paper that revolutionized an industry... The U.S. government is woefully unprepared... One company perfectly positioned to save the day... And make investors a fortune...
Back in April in a letter to shareholders, JPMorgan Chase (JPM) CEO Jamie Dimon made a bold claim...
He singled out what he believed to be "the biggest threat to the U.S. financial system."
But the top executive of America's largest financial institution wasn't referring to any of the things you might suspect... like plunging stock prices, record debt levels, or growing trade tensions between the U.S. and China.
He was referring to something far more insidious: a failure to defend American electronic networks, online control systems, and computers from relentless cyberattacks.
Chances are good that by now, you've been a victim of a cyberattack yourself...
Cybersecurity company McAfee reports that more than 2 billion people – a staggering two-thirds of Internet users around the world – have fallen victim to an attack.
As my colleague Christian Olsen noted in a Digest last year...
Cybercrime is the world's fastest-growing criminal business. As you can see, the number of data breaches has shot up more than 900% since 2005...
According to one report, all cyberattacks cost the global economy $600 billion last year – up from $445 billion in 2014. Research firm Gartner reports that firms will spend more than $1 trillion on cybersecurity products between 2017 and 2021.
And as Christian detailed in the June 6 Digest, the entire city of Baltimore, where Stansberry Research is headquartered, came under attack in May. It knocked some city services – like the Department of Public Works – offline, rendering the city unable to send out water bills for three full months.
But cyberattacks aren't limited to individuals, corporations, or even cities. In today's Digest, I (Mike Barrett) will explain why the U.S. is working to prepare for and prevent them at a much bigger scale...
You see, Dimon knows better than most people how important cybersecurity is...
Today, Dimon says JPMorgan spends "nearly $600 million a year on these efforts and has more than 3,000 employees deployed to this mission in some way."
That's because five years ago, his bank was hit by one of the largest data breaches in history. More than 83 million accounts were compromised. In the wake of that disaster, JPMorgan quickly hired Rohan Amin as its Chief Information Security Officer.
You've likely never heard of Amin. But prior to joining JPMorgan, he and two other Lockheed Martin (LMT) colleagues co-authored a white paper that has since revolutionized the world of cybersecurity.
In their new book, titled The Fifth Domain, cybersecurity experts Richard Clarke and Robert Knake say this paper "turns the idea that offense has the advantage over defenders on its head."
The authors' key insight was that a cyberattack could only achieve its ultimate objective (e.g. stealing millions of credit-card numbers) by navigating an intricate chain of events, beginning with unauthorized access. To keep attackers at bay, the best defense is to simply break or disrupt that chain somewhere along the way.
In a world where no network is impenetrable, the best cybersecurity systems now embrace this insight by focusing on resiliency. Ray Rothrock, author of Digital Resilience, calls this "a winning strategy in a losing war."
The idea is to prevent every possible incident... rapidly detect incursions once they occur... contain the activities of unauthorized users... and quickly restore essential operations.
Health care giant Aetna – now part of CVS Health (CVS) – has achieved this kind of cyber resiliency. Chief Security Officer Jim Routh knows breaches are unavoidable. That's why he's focused instead on "preventing bad outcomes" once a hacker gets in. One way Routh accomplishes this is by maintaining a portfolio of 600 different security controls, but changing their configuration daily to frustrate would-be cyber attackers.
Unfortunately, 'resilient' isn't a word you'd use to characterize U.S. government cybersecurity today...
In a recent interview, Clarke said...
Very little has been done in the last 10 years to protect major systems in the United States, like our electric power grid, our gas pipelines, and other sorts of critical infrastructure. Very little has been done to protect our own military weapons systems. And almost nothing has been done to secure the government.
Sen. Mike Rounds (R-SD), Chairman of the Senate Armed Services Subcommittee on Cybersecurity agrees. He says cyber is the "weak point" among the military's five domains (air, land, sea, space, and cyberspace).
And yet, the stakes are incredibly high...
Cyberattacks have plundered more than $1 trillion in intellectual property from the United States since 2015.
The risk of cyber sabotage is so high that the Defense Science Board – a committee of civilian experts appointed to advise the U.S. Department of Defense on scientific and technical matters – recommends constructing a second, truly cybersecure military as quickly as possible.
Earlier this year, a survey of 700 critical infrastructure providers found that 90% of them had sustained damage from a cyberattack.
I'm sure you're not surprised to hear that the government has been slow to respond to this growing threat. The good news is, that's beginning to change...
Within the next year, the Pentagon will award a $10 billion contract to build its first-ever 'war cloud'...
It's commonly referred to as the Joint Enterprise Defense Infrastructure contract (or "JEDI").
The basic idea is to create a single cloud capable of supporting real-time decision-making by warfighters anywhere in the world. Currently, the Pentagon operates more than 500 cloud-computing platforms, which require thousands of servers and different cloud providers. It's a mess, and it makes it difficult to quickly access and analyze data.
Bank of America Chief Security Scientist Sounil Yu says one way to beat cyber attackers is to move faster than them. Today, the most resilient systems possessing the requisite speed are being built in the cloud. JEDI won't just give warfighters real-time data wherever they are... it'll also vastly improve network speed and resiliency. It will likely become a model for other federal agencies as they pursue their own cybersecurity upgrades.
'We'll be largely immune from cyberattacks within five years'...
That's what the Chief Information Security Officer of a major financial institution told Clarke and Knake during their research for The Fifth Domain. This bank in particular is gradually replacing legacy systems that aren't secure with next-generation ones that are.
Improving cybersecurity by upgrading legacy data systems is a tremendous opportunity across the federal government.
The Office of Management and Budget estimates some $3 billion of federal IT equipment will reach the end of its useful life by 2020. In the meantime, more than 80% of annual federal IT spending – approximately $64 billion – is used to keep these aging systems up and running. That's almost as much as the U.S. Department of Education's entire budget for 2018!
The problem is, federal agency IT staffs typically lack the technical expertise and experience to properly vet modernization alternatives and implement selected upgrades. So they rely heavily on outside contractors and vendors to do this work for them.
Tech giants Amazon (AMZN) or Microsoft (MSFT) are the two most likely recipients of the JEDI contract, though the Pentagon – at President Donald Trump's urging – is reevaluating the award process.
But it really doesn't matter who ends up winning the JEDI contract... The real prize will be the contracts to handle the migration of massive amounts of data from those other 500 clouds on to JEDI. These companies will be in high demand for years to come as other agencies explore their own unique modernization initiatives, many of them likely modeled after JEDI.
Of course, as with any megatrend, there's a way for investors to profit...
And in the August issue of Extreme Value, my colleague Dan Ferris and I found the company we expect to be the biggest beneficiary of the massive government cybersecurity upgrade that's coming.
This company has been deeply involved in cybersecurity for decades, long before most people even knew it was a thing. That has given it an important leg up on the competition.
It's exceptionally well-managed and, surprisingly, trading nearly 40% below our estimation of its intrinsic value.
We expect this stock to be a mainstay in the Extreme Value portfolio for years to come. Get immediate access to the August issue with a subscription to Extreme Value by clicking here.
New 52-week highs (as of 8/26/19): Agnico Eagle Mines (AEM), Alexco Resource (AXU), Sprott Physical Gold and Silver Trust (CEF), DB Gold Double Long ETN (DGP), Equinox Gold (EQXFD), Franco-Nevada (FNV), SPDR Gold Shares (GLD), Barrick Gold (GOLD), Hershey (HSY), Invesco Value Municipal Income Trust (IIM), Kirkland Lake Gold (KL), Leagold Mining (LMCNF), Lundin Gold (TSX: LUG), MarketAxess (MKTX), Pan American Silver (PAAS), Royal Gold (RGLD), Sabina Gold & Silver (SGSVF), Torex Gold Resources (TORXF), Wheaton Precious Metals (WPM), and short position in Advance Auto Parts (AAP).
In the mailbag... Monday's edition of our free DailyWealth e-letter – Steve Sjuggerud's pitch to retire the penny – seems to have stirred the pot with some of our readers. As always, send your thoughts (good or bad) to feedback@stansberryresearch.com.
"Dear Dr. Sjuggerud: I usually agree with everything you say, but I have to disagree this time. The US Government has spent so much money that it doesn't have, it can no longer afford to put silver into the money... or redeem the dollar for gold... or put copper into the penny. To address the problem (rather than put a band-aid on the result), Congress needs to stop spending money it doesn't have. As I once told Porter Stansberry: 'I hope you become a billionaire too, I just hope it isn't inflation that makes you one!'." – Paid-up subscriber Kurt S.
"Getting rid of the penny is likely to happen, I am sure there are people focused on this. But is it worth writing about? $85 million sounds like a lot of money, but if we look at the overall US budget and deficit, it is roughly comparable to a guy who earns $100,000 per year and is spending $125,000 per year (with a total debt over $500,000), worrying about an annual expense of $2. Yes, he probably shouldn't spend it, but it is totally irrelevant to his situation. This is the sort of topic that gets people emotionally stirred up, but is a total waste of time. You can do better, and usually do." – Paid-up subscriber Gordon F.
"I'm all in favor of getting rid of the penny and the nickel while we're at it. Less loose change to carry around. When I was living in New Zealand, everything was rounded up or down. They have no penny or 5 cent piece and it worked just fine. Seems like things are just slow to change here. If you can't buy anything for a penny, what is its value???" – Paid-up subscriber Gary A.
Regards,