Expected and Unexpected Market Events From AP Twitter Hack

 

The AP Twitter hack created panic on Wall Street. We can look back to the LinkedIn breach and learn that security events can move markets in unexpected ways. As the media reported, all of the major stock indexes experienced a miniature flash crash. We can see this in the S&P and NASDAQ futures. According to Bloomberg, $136 billion in value was set on fire.

The reaction in other markets did not receive as much coverage, but were very interesting. The 30 year Treasury and the Japanese Yen had a near opposite reaction. This is very much like the buy it on a breach behavior that we saw with LinkedIn. Is it surprising Treasuries and the Japanese Yen turn out to be the place to go if something were to happen to The White House and the President and what does that say about the herd mentality? If we view the President as the CEO of the country, it seems a little strange to be buying the “stock” of a company that is in need of a new CEO. Perhaps the market is simply bullish on Joe Biden.

 

2013-04-23-ES_F-TOS_CHARTS

2013-04-23-NQ_F-TOS_CHARTS

2013-04-23-6A_F-TOS_CHARTS

2013-04-23-ZB_F-TOS_CHARTS

2013-04-23-6J_F-TOS_CHARTS

RGR At Resistance

RGR has encountered multiple tops near 52.00.  Support is near 44.00.  It moved outside the two standard deviation Bollinger Band after earnings and appears to be reverting to the mean.  Projection Bands and the Projection Oscillator are indicating overbought for now.  Fundamentals suggest that sales will continue to be high for the next 4 years.  After RGR pulls back and consolidates it will most likely move higher.  The Dec 45/40 Bull Put Spread is currently trading for .80.  Setting a Limit order for 1.45 should enter around 46 or 1.75 for an entry around 45.

 

2012-11-11-RGR-Proj-TOS_CHARTS

PFE Loses Lipitor

PFE is having some problems.  In the news, they are suffering from losing Lipitor exclusivity.  We discovered this one from running a Scan searching for below lower 2STDEV BolingerBand and an oversold Slow Stochastic.  On further examination the DMI negative has crossed above the DMI positive and the Money Flow is still pointing down.    For now this continues to look bearish.  The trade selected is a an ATM  Put Calendar. Front month Vol is 2% higher than the back month.  Not a huge difference, but usable.  The trade also allows for a roll into a Dec Vertical.

BOT +3 CALENDAR PFE 100 DEC 12/NOV 12 24 PUT @.26

PFE

The Connection Between Employee Retention And Security

Security professionals are regularly informed that security should align to the business need.  In most cases security professionals consider alignment to be meeting other business units half way or compromising on an issue.  Another way to align to business need is to solve a non-security related problem for another department that has a beneficial outcome for security.

Cross training and personnel rotations can enhance your security program in addition to helping you meet some of the guidelines in ISO 27001/27002.  Gaining support for personnel rotations for the sake of security is normally a difficult thing to win from management.  What if it were possible to show that there is some business value to personnel rotations?

A recent WSJ article on big data reveals some interesting points about workers in certain industries that we should consider.

 

The bank gathered data on turnover, promotions, job changes and external pay to create a statistical model predicting why workers quit. Though the bank had used frequent pay raises to keep staff, the results showed that raising pay across the board by 10% might only shave a half point off the turnover rate.

Workers felt dissatisfied, not underpaid. More rapid job changes, even without promotions or corresponding rises in pay, made it much more likely that high-performing employees would stay, Mr. Nalbantian says.

Rather than sell personnel rotations as a security benefit to executives, we should partner with Human Resources to create a personnel rotation program that is designed to reduce turnover (thereby reducing the risk of disgruntled employees, or risks from hiring new employees) and increase job satisfaction.  If HR gets executive support then it benefits security.  It is also an opportunity to work closely with HR in designing the program.  Any opportunity to take a break from APT, Cloud, DLP, and other BS Bingo phrases to establish better relationships with the business leadership could be a welcome change.

 Personnel rotations by themselves have the benefit of potentially surfacing fraud or wrongdoing if proper observation and inspection are part of the program.  The added benefit to personnel rotations is that the staff is now cross trained.  That puts certain chapters of the business continuity plan ahead, such as the pandemic readiness portion.  The complication of cross training personnel to be ready for the pandemic has already been taken care of.

These are some benefits to working with another part of the organization to help them to help us. HR can be a powerful ally in leading change.  Giving them the encouragement and support can lead to positive security changes and recognition to the security team that goes out of their way to help another department look good.

Yahoo Bull Call Vertical

Yahoo has had a rough week.  After gaping down into the mid 14’s there has been a reversal.  There was a short touch of the third standard deviation Bollinger Band and then a positive candle.  We also have two more candles above the second standard deviation Bollinger Band.  This area might be worth taking a bullish entry with the plan for reversion back to the mean.  This could be done with straight stock or with a SEP 15/16 Bull Call Vertical.  The options are liquid, but there may not be enough movement to make a small sized trade worth while.

 

LinkedIn data breach was $1M and a minor inconvenience

It hit the news today that the LinkedIn (NASDAQ: LNKD) data breach cost between $500K and $1M and that the company will be spending $2M-3M in the current quarter to enhance their security measures.  In the larger picture this is a minor bump in the road.  Revenue forecasts have been raised and on 8/2 they announced that top line growth came in at +89% at $228.2 million, beating analyst estimates of around $215 million.  Bottom line income came in at $2.81 million down from 4.51 million in the prior year.  The projected charge for security enhancements may affect next quarter’s earnings, but that doesn’t appear to be bothering anyone.

As we discussed earlier, in Security & Privacy Are Dead And Nobody Cares, investors do not care about minor security breaches.  Sony and EMC suffered only in the short term.  Blowing up an oil rig in the Gulf of Mexico seems to harm reputation more than having your corporate or customer secrets stolen.  Revenue is what Wall Street and private equity are looking for.  If the buying public doesn’t care, neither will The Street.  With the economy in the state it is, and the move away from traditional job boards such as Monster World Wide, Inc (NYSE:MWW), LinkedIn will surely drive traffic, ad revenue, and premium subscriptions no matter what data they lose.  We should consider the actual impact of the LinkedIn breach.  Rather than running around screaming they were breached, what was breached should be considered.  In this case passwords to users resumes were disclosed.  Sure, someone could log in as that user and attempt to establish connections with other people for social engineering, etc.  But from the user’s perspective the worst that could happen is someone could make their resume false, or simply delete it, which would mean they need to update their resume again.  So in a way the hackers might have been helpful on some level, depending on who you are in the mix of all this.  Yes, that is an oversimplification for the sake of drama, but ask most users and you will find LinkedIn is not a big deal to them, in many respects.

Technical Analysis

Much to the chagrin of security professionals LinkedIn experienced an uptick in their stock price the day the breach was announced.  Why did this happen? People were logging in to change their passwords and were being exposed to advertising which increased revenue.  The bankers felt that the stock was a buy on that news.  No SecurID seeds were stolen, and no cute dolphins were drowning in oil, which means it’s a buy.  After a nice earnings announcement LinkedIn is on its way back up and has broken out of the trading range it was in.  There’s almost an 80% chance it will touch 115 which is a nice move from 92.50 prior to earnings.  This isn’t the price action in a company that is going out of business because some passwords were leaked or because they’re spending a lot to improve their security.

 

 

 

What is worse than an Infosec breach?

In the scheme of things Infosec breaches are low impact events.  Most companies recover in a few weeks.  Quality problems can cost you even more.    How does a software glitch that loses $450 million and reduces stock value by 80% sound compared to LinkedIn’s problems?  There are larger things that can happen besides an Infosec breach that executives are worried about.  Consumers are also worried about things other than security breaches.  This is one reason why Infosec breaches have lower impact to a stock price than manufacturing or software errors, or accidentally serving up blackened crawfish in oil to gulf coast residents.  Wall Street knows that a little bit of credit monitoring, and banks eating 100% of credit card and account fraud means that consumers will not change their behavior because someone else is paying for their choices.  In economics we call this moral hazard, but that’s a topic for another time.

 

ZNGA Back Ratio

Zynga has been having some trouble since earnings.  After a large gap down it continues to move down.

2012-08-04-ZNGA-TOS_CHARTS

 

How to take advantage of this?  One possible way to attack the topic is with a Back Ratio.  The risk is different in this case since the $0 level becomes the lower strikes of a butterfly spread.  This was trading for a credit a few days ago which makes this trade a no lose strategy.  Over the weekend it’s still a $0 + commissions risk if it stays where it is and if it drops even more it could be worth more.  This should be treated like a lottery ticket Butterfly trade.  It’s somewhat unlikely the price drop into the profitable range, but if it does this could be a winner with a max profit of around $100 per spread.

2012-08-04-ZNGA-Analyze

BTU Short Call Vertical

Today a fellow trader suggested a fundamental reason for getting bullish on BTU after the next pull back.  Since there’s an expectation for a pull back then we need to take a look at this.

 

BTU has been in a down channel since February.  Something may change eventually, but until it breaks out of the channel it’s still in a long term down trend.  Two days ago it touched the trend line with a long legged doji pattern.  The next day it closed below the doji and the previous day’s open.  A reversal may be starting.

The MACD has started to roll over, Stochastic, and RSI are also pointing down.  PPS is also giving a sell signal.  There are only 11 days left in July  so that may be taking on too much Gamma.   The Implied Volatility is 61% in August which is close enough to July.  Today we decided to go with a short call vertical with the short strike around 30 delta.  The Aug 26/27 spread looks the most interesting.  We managed to get a fill at .32 per spread just below the highs of the day.  Today the spread closed up 6% from BTU dropping over 1.00.

XRT Unbalanced Butterfly

XRT is the Retail sector ETF and has been as low as 56 after failing a double top breakout at 63.

It could be possible to sell a call spread against XRT, but there’s another strategy that can be tried.  Instead of a regular Butterfly we can look into the 61-62-64 broken wing butterfly for a 0.15 Credit.

This has some interesting properties.  The P/L graph in red is for August expiration on 8/18.  Notice that if the underlying ETF goes below 61 it’s still above the zero line meaning it’s possible to make money no matter how low it goes.  Between 61 and 63 the P/L turns into a pyramid and then drops off sharply after 63.  This is a strategy that one would want to use if you are confident the underlying will not go above the outer wing of the Butterfly.  You’re hoping for it to stay stuck in the sweet spot between 61 and 63, as close to 62 as possible by 8/18, but if it drops off from here, there’s no risk to the downside.

Court of Justice Of The European Union Rules On Used Software Sales

In a recent release from the Court of Justice of the European Union has ruled that the author of software can not prevent the resale of that software on the used market.  The case involves UsedSoft who sells used software licenses.  Consumers of these licenses then download the software from the creator’s website.  Oracle ($ORCL) had sought to block this practice.  The court has ruled that a copyright holder who sells in the EU loses the right to oppose the resale of the intellectual property.  The ruling applies to both physical copies and to downloaded copies of the software.  It also nullifies any language in the license agreement binding the purchaser to not resell the software.  It also entitles the purchaser to updates and patches for an unlimited period.  If the creator updates the software, the license holder is has the right to obtain those updates even if the maintenance agreement is for a limited period.

This has some interesting business implications in the EU.  Companies can now buy used software at a fraction of the cost of going to the creator.  UsedSoft is only selling the license.  Malware should not be an issue since the license holder is entitled to downloads of the most recent version from the software vendor’s website.  This new ruling can benefit companies of all sizes who have an office in the EU.  Open Source solutions are useful in some circumstances, but an ERP system will most likely be a commercial purchase due to capabilities and workforce experience with a particular platform.  Another interesting implication is for multi-national companies to consider running their IT operation out of their European subsidiaries.  Since a legal entity in the EU would be making the purchases of used licenses they would fall under the coverage of this ruling.  Offices outside the EU could “outsource” their IT needs to the European subsidiary.  The accountants and attorneys would need to determine the best structure for that business.  It is unlikely that a company would open a European subsidiary for the sole purpose of taking advantage of used software licensing; however, if a European office is in your company’s future, software will be much cheaper in Europe.

From an investment perspective, this may somewhat disruptive and will push companies to pursue a SaaS model if revenues from new boxed/downloaded software begin to decline.  If legislation in other countries allows for this it could be very bad for traditional software sales.  Entrepreneurs should take note if there is legislation in your country that has a possibility of passing.  Setting up a used software business could be quite lucrative like the used CD/DVD business was, but in this case electronic distribution is covered as well so it should have even better longevity.