KeyBanc Downgrades CrowdStrike: Investing in AI/Data Leaders Like Snowflake & Okta

On January 12, 2026, KeyBanc adjusted its rating on CrowdStrike to Sector Weight from Overweight, reflecting a recalibration of near‐term expectations. The downgrade stems from several interrelated concerns: CrowdStrike’s valuation is seen as already elevated, comparisons with strong prior performance (tough comp‐year effects) loom, and the firm perceives limited clarity around how materially AI will drive additional spend in 2026 across its addressable security markets. While CrowdStrike still retains positive long‐term qualities—namely platform consolidation power and relevance in securing emerging AI workloads—KeyBanc is waiting for more tangible triggers of budget acceleration.

Relative to CrowdStrike, KeyBanc is more constructive on a different cohort of names—Snowflake, Datadog, Dynatrace, and Okta. These are being favored for their alignment to stronger AI stories, earlier product cycles, better execution, and positioning in observability or data usage, which KeyBanc sees as the consumption themes most likely to benefit in 2026. In contrast, CrowdStrike may be more dependent on spending in the security sector which KeyBanc believes will grow modestly, lagging broader IT spend.

Empirical data from KeyBanc’s partner/VAR and CIO‐surveys support this strategic differentiation. IT budget growth expectations for 2026 have increased, but more modestly; security VARs report slower growth in security budget meets & beats; cloud spending remains strong; and observability and AI inference workloads are emerging areas of differentiated spend. The sectors KeyBanc is positive on are those where customers appear to be increasing investment more consistently, often via usage‐based models, driven by data movement, AI product maturation, and observability demands.

Strategic implications:   • CrowdStrike may face pressure to deliver clearer proof points in its AI security roadmap, to justify the current valuation and to accelerate net new ARR. Its product launches and identity security initiatives (e.g. recent acquisitions) will be critical.   • Competition from names KeyBanc favors may tighten; Snowflake and Datadog’s strength in observability and cloud data platforms may draw away incremental enterprise spend.   • The sector broadly may see continued tool rationalization and spending discipline—platform vendors who can consolidate tool stacks and provide strong long-term security & AI integration may outperform pure security vendors trading on premium multiples.

Open questions remain: What proportion of security budgets will shift to securing non-human & AI agent identities, and how fast? How effectively can CrowdStrike scale margins in the face of elevated R&D, SPAC‐style spending, and recent acquisitions? When will AI-driven security spend move from pilot to material, repeatable line item? And to what extent will economic headwinds, macro uncertainty, or geopolitical risk delay purchase cycles in 2026?