Trump plans to sign AI cybersecurity executive order! Which companies are worth watching?
On May 21, President Trump announced he would sign a new executive order as early as this Thursday, with the primary goal of protecting U.S. critical infrastructure from AI-driven cyberattacks.
This executive order continues the Trump administration's longstanding 'minimal burden' approach to AI, favoring voluntary public-private collaboration and information sharing to counter cybersecurity threats.The statements emphasizing 'no mandatory administrative approval' and 'no large-scale mandatory regulation' signal a policy stance of inclusiveness,partially alleviating market concerns that mandatory regulation could stifle the iterative development efficiency of AI models.
Three key points of this executive order
Enhanced information sharing:Revise the existing U.S. cybersecurity information-sharing program to include leading artificial intelligence companies such as OpenAI, Anthropic, and Reflection AI in its scope of collaboration.
Promote voluntary security testing:It will advocate for voluntary government-led security testing of frontier AI systems to help federal, state, and local networks, as well as critical infrastructure, identify and remediate security vulnerabilities.
No mandatory administrative approvals:Contrary to earlier rumors of tighter regulation, the directive will not mandate that cutting-edge AI models obtain federal government approval prior to release or deployment, thereby avoiding the imposition of large-scale compulsory regulatory burdens.
The White House has already briefed executives from leading AI firms, semiconductor companies, cloud service providers, cybersecurity firms, and banks on the policy and invited several tech industry leaders to attend the signing ceremony.This marks a shift where AI safety is no longer just a software issue,but is now deeply integrated into a coordinated ecosystem spanning hardware (semiconductor chips), computing infrastructure (cloud security), and application layers (banking risk controls).
With the explosive advancement of large models, AI is comprehensively reshaping the global cybersecurity landscape.According to industry data:
The global AI-powered security operations market reached $25–34 billion in 2025, growing at an annual rate of 19–24%—far outpacing the traditional security market—and is projected to surge to $93.8 billion by 2030. This explosive growth is driven by enterprises’ urgent demand for monitoring, cloud security, and data governance as they widely deploy AI.
Meanwhile, the cybersecurity industry is undergoing a 'reshuffling' of its technological paradigms and competitive landscape:
Technological Paradigm Leap: Security operations are evolving from an 'AI-assisted (Copilot)' model to an 'AI-autonomous (Agent)' paradigm. AISOC/Agentic SOC (Agent-based Security Operations Center) has now become the industry’s mainstream product direction, with leading global and domestic security vendors—including Microsoft, Alibaba Cloud, and Google Cloud—accelerating their investments in Agentic SOC.
Shifting Competitive Barriers: Foundational large-model capabilities are rapidly becoming democratized, making it increasingly difficult to gain a significant edge through model parameters alone.High-quality domain-specific security data will become the new moat. Future core competitiveness will pivot toward engineering capabilities in cleaning, governing, and operationalizing massive volumes of security data.
Diverging Competitive Landscape: AI foundation model companies with core underlying technologies are directly disrupting traditional security vendors, accelerating the divergence between market leaders and mid-tier players.
Strongly advancing AI cybersecurity— which companies stand to benefit?
If this executive order and subsequent supporting policies are vigorously implemented, U.S. cybersecurity stocks and tech giants are expected to benefit. Previously, we outlined leading companies across various sub-sectors poised for catalysts in the AI security era. Specifically:
Threat Detection
– $CrowdStrike (CRWD.US)$ : Endpoint security leader. CrowdStrike is a disruptor in next-generation cloud-native cybersecurity, renowned for its iconic Falcon platformwhich has revolutionized how enterprises protect endpoints (such as laptops, servers, and IoT devices).
– $Palo Alto Networks (PANW.US)$ : Cybersecurity platform giant. Palo Alto initially gained recognition for inventing the next-generation firewall (NGFW), but under its current CEO, it has successfully transformed into the most comprehensive global cybersecurity platform—one of the few industry players capable of offering end-to-end integrated solutions.
IT Services & Consulting
– $Infosys (INFY.US)$ : Global IT consulting giant. Unlike pure-play 'product-oriented' cybersecurity vendors such as CrowdStrike or Palo Alto that offer standardized software and hardware, Infosys acts as an 'integrator.'andThe critical role of the 'Implementer.'
– $Leidos (LDOS.US)$ : The largest IT services provider to the U.S. government and Department of Defense.
– $Booz Allen Hamilton Holding Corp (BAH.US)$ : A top-tier think tank for government and enterprise, deeply engaged in national-level cybersecurity consulting.
– $Parsons (PSN.US)$ : Specializes in federal government networking, cyber warfare, and critical infrastructure security.
Cloud Security
– $Cloudflare (NET.US)$ : Cloudflare holds a uniquely positioned role—not only is it a cybersecurity company, but it is also a global internet 'infrastructure' provider. A very high percentage of global web traffic passes through Cloudflare's network.
– $Rubrik (RBRK.US)$ : An emerging player in zero-trust data security, specializing in ransomware protection and data backup.
– $Datadog (DDOG.US)$ : A cloud-native observability platform offering critical security monitoring for LLM applications.
Cybersecurity vendors
– $Cisco (CSCO.US)$ Cisco has long been known as the world's largest incumbent provider of networking hardware (routers and switches). Its $28 billion acquisition of Splunk, a leader in data analytics and observability, marks Cisco’s largest-ever deal and directly positions it at the forefront of AI-driven cybersecurity and massive-scale data governance.
– $Fortinet (FTNT.US)$ Leader in cost-effective firewalls with proprietary ASIC chips and SD-WAN solutions.
– $F5 Inc (FFIV.US)$ Expert in Application Delivery Controllers (ADC) and Web Application Firewalls (WAF) for multi-cloud environments.
– $Gen Digital (GEN.US)$ Formed from the merger of Norton and Avast, focused on consumer-grade cybersecurity and privacy.
– $A10 Networks (ATEN.US)$ Automation-focused cybersecurity, traffic orchestration, and application delivery.
– $Check Point Software (CHKP.US)$ Veteran Israeli cybersecurity giant and pioneer in firewall technology.
Vulnerability management
– $Tenable Holdings (TENB.US)$ Undisputed leader in vulnerability risk management, emphasizing preventive security.
– $Rapid7 (RPD.US)$ Specializes in dynamic vulnerability scanning and cloud attack surface management.
Data security and analytics
– $Varonis Systems (VRNS.US)$ : An expert in automated data governance and compliance, perfectly aligned with the trend of 'secure data cleansing and governance.'
Biometric Authentication
– $Clear Secure (YOU.US)$ : A pioneer in identity verification using biometric traits (eyes, face, fingerprints).
Although policy-driven catalysts and market demand are advancing in parallel, investors should remain cautious of risks:
Policy implementation is cyclical; it typically takes several quarters from the signing of executive orders to the release of corporate compliance budgets. If subsequent legislative support proves inadequate or if companies’ voluntary adoption falls short of expectations, earnings realization for related firms could lag behind market expectations.
Moreover, cloud giants such as Microsoft and Google are accelerating the development of proprietary AI security tools, leveraging their vast ecosystem footprints. This 'platform-driven' downward integration is intensifying industry competition and steadily eroding the market share of independent cybersecurity vendors.
Risk Disclaimer: The above content only represents the author's view. It does not represent any position or investment advice of Futu. Futu makes no representation or warranty.Read more
Comments (2)
to post a comment
60
196