The perils of betting on the cyber security investment megatrend | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Unlock the Editor’s Digest for free

Megatrends are an appealing investment concept. The theory is that some sectors are set to grow faster than GDP, and a rising tide lifts most boats. A broad investment in sectors undergoing secular growth, for instance via an ETF, should therefore be a relatively easy way to make money.

That thinking is riddled with bugs. The cyber security sector provides an opportunity to reflect on this. 

As megatrends go, cyber security ticks many boxes. Attacks are becoming a bigger risk: a JPMorgan executive this week bemoaned a wave of attacks as fraudsters get “more devious, more mischievous.” There is more data around, and users access it from different places. Companies, governments and even cultural institutions such as the British Library are vulnerable.

Would-be hackers are becoming ever more sophisticated. The latest trend is to use artificial intelligence to identify security weaknesses. As KKR’s Henry McVey points out, that makes cyber security a very different way to play the AI boom. 

Investment in security is increasing accordingly. This year, it will be up 14.3 per cent from 2023, according to Gartner. The UK’s Darktrace this month raised full-year revenue growth forecasts to between 23 and 24.5 per cent. Meanwhile, the current sector spend — expected to be $215bn in 2024 — is only a fraction of the potential market, which McKinsey puts at $1.5-2tn. 

With that tailwind, you might expect cyber security ETFs — catchily named HACK, CIBR and BUG — to be racing ahead. They are not. Over the past three years, they have underperformed the S&P 500. Over the past five years, even the pick of this bunch has only slightly outperformed the Nasdaq.

Cyber securities

One reason the cyber security megatrend has been so hard to tap into via an index is that — unlike say, supermarkets — today’s winners are not particularly likely to outperform tomorrow. Products have a short shelf life. Criminals are innovative and the nature of the threat keeps changing. New security tools need to be rolled out quickly.

That makes even market leaders vulnerable to upstarts. Indeed, the first wave of cyber security products were sold by network companies which have since lost share to specialised outfits such as Fortinet and Palo Alto. 

This may be changing, however. Some companies, says Shaul Eyal of TD Cowen, are attempting to turn themselves into cyber security one-stop-shops, the metaphorical equivalent of Walmart or Tesco. Outfits such as Palo Alto are developing multiple technologies and supplementing them through bolt-on acquisitions, which should make them both larger and more resilient to changing threats.

Buying into such cyber platforms may be a better way to crack this investment megatrend. 

Lex is the FT’s concise daily investment column. Expert writers in four global financial centres provide informed, timely opinions on capital trends and big businesses. Click to explore


Click Here For The Original Source.

National Cyber Security