The World Economic Forum (WEF), sometimes known as ‘The Men of Davos’, has attracted a lot of criticism from conspiracy theorists over the last year.
This is mainly around the fact they were involved in a training rehearsal for a global pandemic just before Covid hit, but also for the speed with which they brought forward their proposals for The Great Reset.
One does not have to be a conspiracy theorist however, or to worry about The Great Reset, to note that in fact much of what the WEF talks about is undoubtedly happening.
In particular, their past championing of the ‘Fourth Industrial Revolution’, the digitalisation of manufacturing, with a combination of AI, automation and robotics, digital health, cloud computing, 3D Printing, Quantum computing and the Internet of Things.
This framework has been a key driver to many of the digital sub themes that have emerged for investors over the last few years. It is also at the heart of the Chinese initiative, Made in China 2025 (now 2030), which triggered much of the New Cold War antagonism between the US and China.
On the other hand, if one were conspiracy minded, then one might be concerned about the next training rehearsal that the seemingly Covid-prescient WEF are planning for next month – a major cyber-security attack.
With the greater digital connectivity comes the greater risk of cyber-crime and undoubtedly, with recent hacking incidents like the ransomware attack on the Colonial Pipeline and the Solar Winds attack at the end of last year, digital security has advanced up the agenda of ‘things to worry about’.
Cyber security as policy
So, we should note that the extensive work done by think tanks such as the WEF and others into cyber security is now undoubtedly driving government policy.
For example, last year Mike Pompeo announced the Clean Network, essentially a US version of China’s Great Firewall, and just recently President Joe Biden issued an executive order on cyber security that calls for the US federal government to ‘bring to bear the full scope of its authorities and resources to protect and secure its computer systems, whether they are cloud-based, on-premises, or hybrid’.
In effect, what was already a strong corporate tailwind behind cyber security as an investment theme has just received a powerful policy impetus.
Last year accelerated a number of the Fourth Industrial Revolution trends. In particular, the dramatic increase in working from home and the need to shift a lot of mission critical corporate computing systems to cloud based networks, there was a huge jump in IT spending, with estimates for associated cyber security spending rising to $120bn in 2021 and ultimately, according to WEF and others, reaching $1tn by 2035.
Obviously this represents a significant opportunity for investors, but, as with most themes, cyber security has a mix of sub-themes, some pure plays and some companies that cross between them.
Also, like most themes, it has a number of traditional companies that are adapting their business models and a number of new entrants. In the terminology these are known as digital nomads and digital natives.
How to access it?
Some of the biggest pure plays are stocks like Crowdstrike, which is cloud-based and provides security for devices connected to a network and is thus a real remote working beneficiary, or Zscaler, which provides secure Web Gateways and works in tandem with a device security provider.
Fortinet is a large legacy company and a firewall provider, while another legacy provider, Palo Alto, has been expanding into the area through a conglomerate approach, buying up smaller digital or cloud natives.
They all have different angles on cyber security, but one that sums up the new world is Okta, which is a system requiring constant identification for users and is essentially described as being based on a world of Zero Trust.
In essence though, digital security as a theme is a subset of software, and in particular the theme of software as a service and there are a number of other companies, such as Splunk, that might conceivably be considered cyber security beneficiaries.
So, one could perhaps just buy the Software and Services (SaaS) sector generally via the IGV US ETF. If however, you want a purer play on cyber security, but with less idiosyncratic risk, then there are a number of ETFs available.
HACK US is reasonably diverse, with 60 stocks, but is more at the small and mid cap end, while BUG US, the newest, is more concentrated, with only around 27 stocks.
The biggest in terms of market Cap is CIBR, which sits between the two at around 40 stocks ,while the most diversified is LOCK LN which tracks the Cyber Index with around 103 stocks.
The bottom line is that all the other themes around the Fourth Industrial Revolution of automation, IoT, blockchain, fintech, digital factories and so on, can not function without digital security, which is why they should be part of any thematic growth strategy.
Mark Tinker is a former top-rated sell side strategist and successful Global Thematic Equity fund manager for Axa Investment Managers both in the UK and Hong Kong.
He recently founded Market Thinking as an Investment Advisory Boutique with a focus on investment solutions and tactical asset allocation. Mark blogs regularly at market-thinking.com.