Kenanga Has ‘Outperform’ Call on LGMS With RM1.50 TP

LGMS Team

With cyber-attacks on the rise, cybersecurity is fast becoming a necessity for organisations. Against this backdrop, Kenanga Investment Bank Bhd believescybersecurity penetration testing expert LGMS Bhd will thrive, be it in an economic boom or a downcycle, and outperform the cybersecurity industry.

“Protégé Associates projects the cybersecurity industry in ASEAN will grow at a 14.2% compounded annual growth rate (CAGR) from RM14.7 billion in 2021 to RM28.5 billion in 2026. But we are confident that LGMS can outdo the industry to grow at 21.3% CAGR during the same period,” Kenanga said in a research report that initiates its coverage on LGMS. (Pic above: The LGMS team with Executive Chairman Fong Choong Fook in centre.)

Surfshark VPN

It has an ‘Outperform’ recommendation for LGMS and a target price of RM1.50, a twenty percent increase over its closing price of RM1.25 yesterday (4 November 2022).

Kenanga said its optimism is premised on the group’s (i) technological leadership in the cybersecurity space; (ii) natural expansion in total addressable market as the need for cybersecurity grows alongside the increasing adoption of digitalisation, especially in the ASEAN market; and (iii) growing emphasis on cyber resilience as part of the environmental, social and governance (ESG) strategies among organisations.


“A fascinating fact is that the group’s impressive revenue growth of 17.6% CAGR in the past three years was achieved by word of mouth from customers and partners such as Alibaba Cloud, TIME dotCom, Measat, and top commercial and investment banks in Malaysia,” Kenanga said.

LGMS is the only Malaysian company with Payment Card Industry Approved Vendor Scanning (PCI ASV) accreditation; there are only 85 such accredited companies globally.

International Data Corporation (IDC) recognises LGMS as one of the world’s leading internet-of-things (IOT) key penetration testing vendors. LGMS is also one of the first Malaysian companies to be certified by the Council of Registered Ethical Security Testers (CREST), an international accreditation and certification body, representing and supporting the technical information security industry.

LGMS has a slight pricing advantage compared with western competitors as its entire team of software programmers are Malaysians. Also, having the ability to communicate in various languages allows the group to serve both the Chinese and western clients.

This puts LGMS “in a sweet spot to ride the increased demand for cybersecurity”, Kenanga said.

Kenanga noted that being an independent cybersecurity service provider that does not sell any hardware or represent any specific brand makes LGMS the ideal candidate for potential clients looking for an unbiased cybersecurity evaluation as well as recommendation for improvement solutions. “This explains why various financial institutions and telecommunication companies prefer LGMS’s services,” it surmised.

The research report highlighted that LGMS has recently developed a “game changing product” called Project Mercury. The in-house developed software performs security assessment on a merchant’s website or platform followed by the issuance of rating and PCI certificate – all without the need for human involvement. The conventional process of obtaining PCI certifications where many human hours are required to conduct the assessment typically cost from RM15k to RM300k. With the newly introduced software, the cost would only be RM3k-5k, making it highly accessible to many smaller online merchants which have yet to be certified.

“The launch of this software is timely as payment card networks like Visa and Mastercard are increasing their scrutiny on payment processors (i.e. GHL, Revenue, Paypal, iPay88) to ensure that the payment processors and their respective merchants are PCI DSS compliant.

“More often than not, many smaller merchants are not fully PCI DSS compliant as payment processors sometimes skimmed through the process in favour of quicker on-boarding of new merchants. However, with this new enforcement by Visa and Mastercard, payment processors would be at risk of termination or a fine if their merchants are not PCI DSS compliant and hacked,” said Kenanga.

“Margins for this project are expected to be higher than its current business due to the lack of humans involved in the certification and assessment process. More importantly, these certifications must be renewed annually as required by PCI which creates a continuity of demand for LGMS’ services,” Kenanga said.

LGMS was listed on the ACE market on 8 June 2022, raising RM45.7 million from the initial public offering (IPO).

It has allocated c.14.2% of the proceeds to increase its technical workforce (e.g. software engineers and programmers) as well as growing its branding with the intention of expanding its presence within Southeast Asia. Another c.16.9% of the IPO proceeds has also been planned for establishing physical cybersecurity test labs in the region with the first one in Singapore as it is the fastest-growing overseas sales contributor at 12% of the group’s annual revenue.

The group will also explore the possibility of setting up cybersecurity test labs in Cambodia and Vietnam via tie-ups with local partners in the respective countries over the next 24 months as it anticipates a growing demand for cybersecurity services in these emerging countries as the adoption of digitalisation continues to grow.