The need for cyber security permeates all levels of society. The threat of highly damaging attacks means that security spending will likely increase further to record levels.
Recent headlines have highlighted how cybersecurity is top of mind for companies and the public alike. As the nature of the threat evolves ever more quickly, this presents a unique opportunity for investors looking to benefit from exposure to this exciting theme.
Today, one of the top three reported risks for doing business in the US is the risk of cyber-attack. With 100 ransomware attacks taking place every 20 minutes, it is no surprise that global cyber security spending is expected to reach over $1 trillion from 2017-2021 (Cybersecurity Ventures, 2017).
The ‘WannaCry 2.0’ ransomware attack that brought NHS systems to a standstill is just one such example. These attacks infiltrate computers and encrypt all data, often irreversibly since the ‘ransom’ elements can be hoaxes and the costs to businesses of successful attacks present a serious risk to shareholders.
The impact of these losses has helped drive the trend of cyber security growth. Despite many benchmarks declining over the course of 2018, the cyber security sector was far more resilient – it outperformed the MSCI World Index by nearly 15% in 2018.
But not every cybersecurity company has the necessary skills or tools to deal with every single type of attack. Thinking about just a few years ago, each of us might have personally used McAfee or Symantec to secure our desktops. But the security requirements of businesses for example might include data encryption, financial transaction protection and email security. Beyond this, the needs of governments are yet higher since this often includes the protection of citizens’ most sensitive data. When the consumer base of cybersecurity services broadly covers every person, company and government, the further potential for growth in the sector is enormous.
A trend which might also reappear in the near term is that of new entrants to the publicly traded market and increased merger and acquisition activity. A few cyber security companies notably came to market a few years ago but a number more such as Palantir are expected to complete their initial public offering (IPO) this year. At the same time, we expect there to be some consolidation in the market as larger cyber security firms look to expand their coverage and expertise into new areas. We would also expect some more mutually beneficial collaborations between cyber security firms and IT services companies, similar to that pursued by FireEye and Hewlett Packard in 2015 which brought many complementary benefits to both companies.
When approaching cybersecurity as a thematic investment, active research into the fundamentals of the drivers of the growth of these multiple types of cybersecurity companies is crucial. The key aim of such an approach is to give the investor a purer and diversified exposure to theme itself, not necessarily the specific geography or sector subset.
US equities saw an increasing number of sharp reversals in performance last year, but we caution against extrapolating this to mean that a change of trend is around the corner.