Technology is playing an ever-greater role in our lives, as businesses and the global economy increasingly move online. This structural shift has been accelerated by the COVID-19 pandemic, as people around the world adjust to living and working from home.
However, as the number of internet-connected devices around the world grows, and as our world expands ‘virtually’, so too do the risks. Consider the volumes of sensitive employee as well as customer data, and critical systems infrastructure that needs to be protected across different working environments and devices, especially for businesses like Afterpay, Facebook and Microsoft.
And of course, governments are vulnerable too. It was only just last month that Australia was the victim of a major cyberattack that hit sites including those relating to government, industry, political organisations, education, health, essential service providers.
SOURCE: ABC NEWS
The cost of cybercrime
The cost of cyber-crime is escalating rapidly, and in response, so are the resources devoted to fighting it. Here are some statistics to consider:
- An annual cybercrime study published by Accenture and Ponemon Institute found that companies on average experienced 145 security breaches in 2018, up 67% in the last five years. The study of over 300 companies worldwide found that the economic cost of cybercrime surged 72% over the same time to US$13 million per incident.
- According to AustCyber, the global cybersecurity market is predicted to grow by 86% from US$159B in 2019 to US$270B by 2026.
- The Federal Government this week announced a cybersecurity spending uplift of 10% to $15 billion
The pandemic has accelerated the need for businesses to have robust cybersecurity measures in place, which, coupled with the structural shift towards an online economy could prove to be the catalyst for expansion in an already rapidly-growing industry.
Accessing cybersecurity as a thematic
The appeal of the cybersecurity sector is that the demand for its services is likely to be relatively unaffected by economic cycles. Cyber criminals don’t ease back on their activities during economic downturns, and so governments and business cannot afford to relax their efforts to maintain cybersecurity.
The cybersecurity industry in Australia is underdeveloped relative to global standards, and there are few if any ASX-listed stocks that offer direct exposure to the sector. As a result, investing in cybersecurity requires ‘going global’ - however, investors can do that in a single ASX trade.
A cybersecurity ETF such as the BetaShares Global Cybersecurity ETF (ASX: HACK) offers investors diversified exposure to the cybersecurity growth thematic. HACK currently holds 43 of the leading global cybersecurity companies including Crowdstrike and Cisco, who are at the forefront of the fight against cybercrime. There are also a few other options on overseas markets that use different methodologies.
HACK aims to track the performance of the Nasdaq CTA Cybersecurity Index, which covers global companies engaged in the cybersecurity segment of the technology and industrial sectors.
Dangers of stock picking
As an index-tracking ETF, HACK doesn’t attempt to ‘pick winners’. We think there are significant benefits in gaining exposure via an ETF, rather than investors buying individual stocks in the sector.
For one thing, to invest in individual cybersecurity stocks, an Australian investor will inevitably have to invest on overseas markets. This involves a degree of administration, including having to trade in foreign currency, outside Australian trading hours, and tax forms such as the dreaded W8-BEN.
But perhaps more significantly, an ETF like HACK offers diversified exposure, spreading risk across a portfolio of stocks, and minimising the stock-specific risk of attempting to ‘pick winners’.
An example of the dangers of stock picking was highlighted in 2018 when Symantec, one of the best-known names in cybersecurity (although the cybersecurity business and the rights to the Symantec name have since been sold to Broadcom Inc.) disclosed it was conducting a whistle-blower investigation after a former employee raised concerns around some of the company’s accounting practices.
Following the announcement, equity analysts downgraded the stock, and on the subsequent trading day, Symantec shares lost almost a third of their value.
Prior to this event, Symantec Corp was HACK’s third-largest holding, representing over 6% of the portfolio. Despite the individual stock price falling -33.10% in one day, HACK only suffered a fraction of the decline, with a daily fall of 3.14%.
Looking at performance, HACK has done very well for its investors, returning 20% p.a. from the ETF’s inception in August 2016 to the end of May 2020. With cybersecurity proving mission-critical and demand set to accelerate, we're optimistic about growth in the overall sector over the long-term.
I held HACK for more than 1 year, the return underperformed NDQ a lot, replaced finally.
Hi Alex, very few things have performed as well as the Nasdaq 100 (NDQ) in recent times so that's setting a very high bar! In saying that, in the 12 months to 30 June 2020, HACK returned ~20%. and has returned ~19% p.a. since its inception, which is still pretty decent going in my mind