Shady RAT
The Shady RAT Operation, which revealed several US government agencies fell victim to a hack attack, is nothing shocking from what one security expert sees. REUTERS

Investors worried about the fallout from McAfee's Operation Shady RAT report about cyber intrusions could be rewarded financially by prudent investments in security stocks.

Not only are there some very profitable software security players already in the market. There are also plans for several security IPOs soon.

If the last decade was a harbinger of a trend, this one promises to be more so: good security players get acquired by bigger ones. McAfee itself was bought by Intel last year for $7.7 billion, as the world's biggest chipmaker sought its software technology for future products, especially for new mobile platforms.

Previously, EMC, the biggest storage maker snapped up RSA Security Systems for $2.1 billion and Hewlett-Packard, the No. 2 global computer services provider, paid about $1.5 billion for ArcSight, to get its SIEM products, technology that watches networks while monitoring threats. ArcSight had been studying an IPO for years.

What's left? First, old-hand Symantec, of Mountain View, California, with a market capitalization around $13.3 billion. Shares have gained 35 percent in the past year. Then Israeli pioneer Check Point Software Technologies, with an $11.5 billion cap, up 63 percent. And Sourcefire, the Columbia, Maryland developer with close defense ties, with a $737 million cap, up 16 percent.

Just being in the sector is no guarantee of a pop, though. VeriSign, the Mountain View, California company that handles domain names has a nearly $5 billion cap. And Japan's Trend Micro, a stalwart, has a $3.88 billion cap. Both stocks have no year-over-year return.

On Wednesday, McAfee Vice President Dmirty Alperovich called the intrusion into 72 websites and government agencies "a massive transfer of wealth in the form of intellectual property that is unprecedented in history." So investors might watch for IPOs by some of the private players with new technologies.

One might be Palo Alto Networks, which just hired VeriSign's CEO, Mark McLaughlin, as its CEO. The Santa Clara, California company has some crackerjack venture capital directors, including one from Greylock Partners and Sequoia Capital. Chief Technologist Nir Zuk is a Check Point alumnus who sold his last company to Juniper Networks.

Another could be Q1 Labs, in Waltham, Massachusetts, which focusses on event management and security information. Q1 Labs investor include Globespan Capital Partners and Menlo Ventures. CEO Shaun McCannon sold his last company, Okena, to Cisco Systems.

Imperva, in Redwood Shores, California, filed an IPO in June with the Securities and Exchange Commission, which hasn't approved it yet. CEO Shimon Kramer is yet another Check Point alumnus. Venture capital backing came from Greylock, Accel Partners and other blue-chip investors.

For sure, investors are betting on proved industry veterans with sound backing. They could also stick with the biggest technology players, headed by IBM, HP, Oracle, EMC and Dell, all of which have helped themselves in the past.