The above charts show that both the two cybersecurity ETFs have underperformed their technology peers by more than 20%, despite holding stocks that are active in the fight against network malware and computer viruses, similarly to biotechs like BioNTech (NASDAQ:BNTX) and Moderna (NASDAQ:MRNA) producing cures to address the coronavirus threat.
Now, antivirus companies have been around for years, even decades, but the problem is that the threat level has increased exponentially as from the end of 2020 when Microsoft’s (NASDAQ:MSFT) was hacked through the supply chains attack when hackers made use of SolarWinds(SWI)monitoring software. Moreover, as shown by the high degree of sophistication of the recent ransomware attacks impacting colonial pipeline where millions of dollars of ransom money had to be paid to attackers, there is the involvement of bad actors at the nation-state level.
This is synonymous with aggression against the U.S., thus prompting the Biden administration to come up with a Cybersecurity executive order in May literally “forcing” federal agencies to boost IT defenses. As a result, public institutions have started to increase related expenses.
As for private institutions, they are also at a higher degree of risk due to the rapid adoption of the cloud, with workloads now also residing on employees’ laptops at home, making them more vulnerable to hacking as they are less protected by centralized corporate firewalls. Hence, there are multiple threat vectors facing CIOs, with many large enterprises reassessing their approach to cybersecurity altogether.
Hence relative underperformance in 2021 and an escalated threat landscape have created a massive opportunity for well-positioned cyber security vendors with the right products and proposition. For this matter, companies that come to mind are Cisco (NASDAQ: CSCO), Palo Alto (NASDAQ:PANW), and Fortinet (NASDAQ:FTNT), with their sophisticated zero trust protection (“ZTP”) mechanism. ZTP, in a way, resolves the problem which cannot be solved by the more traditional perimeter fencing security where the corporation is protected assuming it to be functioning within four walls. This is far from being the case in the current decentralized/WFH environment. Exploring further, HACK holdings also include companies that provide IT security for a wide variety of purposes including desktop as well as their web infrastructures.