While many Americans were sleeping last night, information-technology (IT) systems were going down all around the world, including the IT systems for major airlines and banks. Experts are reportedly calling it the “largest IT outage in history.” And stock market darling CrowdStrike Holdings (NASDAQ: CRWD) is right at the center of the crisis.
CrowdStrike operates a cloud-based cybersecurity software platform. Being cloud-based, an update can come out at any time. The latest update had a “defect”. And this defect caused Microsoft Windows operating systems to get stuck on a “blue screen of death,” unable to function properly.
Co-founder and CEO George Kurtz says that CrowdStrike already identified the problem and deployed a fix. The recovery is consequently underway. For example, United Airlines says that it’s already resuming flights.
CrowdStrike is one of the most popular stocks on the market. Earlier this month, shares were up more than 50% in 2024. But as of 10:20 a.m. on Friday morning, shares were down 9%. Investors rightly want to know what to expect next. And there’s truly a lot to unpack here.
Is this an overreaction?
Investors often overreact to news in the short term, losing long-term perspective. However, with CrowdStrike and its peers, a short-lived problem can have long-term consequences. Companies selling physical products usually aren’t materially changed overnight. But things can quickly break down for a cloud-based software business such as this.
In the risk section of its financial filings, CrowdStrike says, “Because our cloud native security platform is complex, it may contain defects or errors that are not detected until after deployment.” This is exactly what happened last night.
CrowdStrike’s management says that if a defect goes out it, “Could harm our reputation and adversely affect our business, financial position and results of operations.” That’s a hugely consequential statement.
The good news for CrowdStrike’s investors is that this wasn’t a cybersecurity-related problem. Kurtz quickly pointed this out by saying, “This is not a security incident or cyberattack.” The bad news is that its software defect still shut down major sectors of the global economy for long enough to cause real problems.
What’s next for CrowdStrike stock now?
Shareholders may be tempted to breathe a sigh of relief now that things are getting back up and running. And on one hand, it’s encouraging how quickly CrowdStrike was able to implement a fix. But it’s too soon to leave today’s news in the rearview mirror.
For starters, airline travel was greatly impacted this morning and it will take time for the airlines to get everyone to where they need to go. Thousands of travelers had to change their plans and the cost to the airlines is real and substantial. There’s zero chance these companies will willingly foot the bill. They’ll be looking for CrowdStrike to make restitution.
It will take time to know how much this mistake could wind up costing CrowdStrike. Moreover, it will likely take even longer to understand the potential reputational damage. Yes, this is a massive cybersecurity company with nearly $3.3 billion in trailing-12-month revenue. But it’s hardly the only show in town. And smaller competitors such as SentinelOne would love to capitalize on CrowdStrike’s mistake.
CrowdStrike’s potential reputational damage will be a hard thing for investors to objectively evaluate from here. But one potential approach could be to monitor the company’s remaining performance obligations (RPO). Its RPO stood at $4.7 billion as of April 30.
CrowdStrike’s RPO represents future revenue under contract related to its customers’ subscriptions. The company points out that customers normally can’t cancel once they sign on the dotted line. However, they can cancel if they have cause. And it’s possible that many of its customers could say they have just cause to cancel after today’s incident.
If the growth rate for CrowdStrike’s RPO slows or if it outright drops, that might signal that there’s damage that could set the business back, at least for a time.
Even after dropping 9% this morning, CrowdStrike stock still trades at an expensive valuation of about 24 times its trailing sales. This lofty valuation assumes many years of robust growth ahead — growth it’s delivered on up until now. But if this event results in slowing growth for the company, then I would fully expect the stock to drop more and bring down the valuation to more appropriate levels.
On the flip side, if CrowdStrike maintains its current growth trajectory despite today’s incident, that would suggest this business is even stronger than investors give it credit for. And if it improves its systems and processes to prevent a mistake of this caliber from ever happening again, it might wind up being in an even stronger competitive position for the long term.
Should you invest $1,000 in CrowdStrike right now?
Before you buy stock in CrowdStrike, consider this:
The Motley Fool Stock Advisor analyst team just identified what they believe are the 10 best stocks for investors to buy now… and CrowdStrike wasn’t one of them. The 10 stocks that made the cut could produce monster returns in the coming years.
Consider when Nvidia made this list on April 15, 2005… if you invested $1,000 at the time of our recommendation, you’d have $741,989!*
Stock Advisor provides investors with an easy-to-follow blueprint for success, including guidance on building a portfolio, regular updates from analysts, and two new stock picks each month. The Stock Advisor service has more than quadrupled the return of S&P 500 since 2002*.
*Stock Advisor returns as of July 15, 2024
Jon Quast has no position in any of the stocks mentioned. The Motley Fool has positions in and recommends CrowdStrike and Microsoft. The Motley Fool recommends the following options: long January 2026 $395 calls on Microsoft and short January 2026 $405 calls on Microsoft. The Motley Fool has a disclosure policy.
Experts Are Calling It the Largest IT Outage in History: What’s Next for CrowdStrike Stock Now? was originally published by The Motley Fool
