Playing defense with cybersecurity stocks

Businesses are woefully underprepared for the increasing frequency and sophistication of cyber-attacks. The total cost of these across the world is expected to reach $10.5 trillion by 2025, more than three times greater than the $3 trillion estimate for 2015 and more than the economic damage done by natural disasters.^[1]

Organizations around the world appear to underestimate the problem. Companies spend around $150 billion a year to protect themselves from the cyber menace, but they should be spending closer to $1.5 trillion to $2 trillion to cover all their vulnerabilities, according to consultancy McKinsey.^[2]

Meanwhile, insurer Swiss Re believes businesses are only covered for about 10% of the likely losses from cyber-attacks.^[3] These include a variety of factors, ranging from direct theft of money, data and intellectual property to service disruption and lost productivity, along with the need to repair and restore compromised systems.

Concerns for equity investors

Investment-decision makers at the world’s major financial institutions are acutely aware of these risks. In an authoritative study on the outlook for global equities, conducted by EquitiesFirst in collaboration with Institutional Investor, a majority of those polled highlighted rogue cyber-attacks on companies and governments as one of the biggest current geopolitical worries, ranking cybersecurity risks just behind climate change and war in Europe.

Image source: https://equitiesfirst.com/int/ii-partnership/

This finding is especially notable for individual investors who may not fully appreciate the true extent of the risks. There are two main reasons why this is often the case.

First, apart from high-profile attacks such as the Colonial Pipeline ransomware attack or massive social media data breaches, we tend not to hear much about them. Yet they are pervasive, with around 2,200 cyber-attacks occurring each day.^[4] According to the US Department of Justice, only one in seven cyber-crimes is reported, presumably owing to embarrassment, fear of reputational harm, or the belief that law enforcement will not be able to help.^[5]

Second, the impact of data leaks and breaches may not be felt for months or even years after they take place. Chances are, your data has been compromised – consider that recent data breaches of Facebook and LinkedIn compromised well over a half billion accounts each, while the mother of all breaches – suffered by Yahoo in 2013 – compromised 3 billion accounts.^[6] The full cost of these breaches will perhaps never be determined.

The risk from cyber-attacks weighs on investors focused on all the markets covered in the study, in North America, Europe and Asia.

Investors focused on North American markets – where the most high-profile cyber-security solutions providers, including CrowdStrike, Palo Alto Networks, Datadog, Okta and Splunk,^[7] are listed – are significantly more concerned about cyber-attacks than the global average.

More systemic risks

Along with the rise in cyber-crime affecting businesses and individuals, the World Economic Forum warns that attempts to disrupt critical technology-enabled resources and services will become more common, with attacks anticipated against agriculture and water, financial systems, public security, transport, energy and domestic, space-based and undersea communication infrastructure.^[8]

Already, concerted attacks of these sorts have been evident in the Russia-Ukraine war, showing how vulnerable the critical functioning of whole economies have become to cyber-attacks.

Those vulnerabilities are multiplying as a consequence of an ever-expanding “attack surface.”^[9] There are now more than three times as many networked devices on earth than there are people,^[10] and the number of networked sensors embedded around us is set to balloon from 1 trillion to 45 trillion over the next 15 years.

The cybersecurity landscape is further complicated by continued advances in artificial intelligence, which can be used by both attackers and defenders. Moreover, many fear that the advent of quantum computing – which threatens to destabilize virtually all current encryption systems – could tip the balance towards the attackers in the unending arms race between the two sides.

Riding the defensive wave

Faced with the chilling prospect of cyber criminals gaining the upper hand, and as they become more aware of the risks, businesses are likely to ramp up their spending on cybersecurity considerably in coming years.

This could benefit cybersecurity stocks, which appear to have lagged the overall tech sector so far in 2023.^[11] With a recession looming, they may also benefit from their defensive nature, given the need to guard against cyber risks in both good times and bad.

Individuals wishing to access liquidity to either invest in cybersecurity stocks or shore up their own cyber defenses could consider securities-backed financing. By using their equity or crypto as collateral, they can obtain non-recourse, non-purpose capital at competitive terms, while retaining all beneficial ownership and upside from the underlying assets upon completion of the financing term.

It is always wise to have a good defense. But given the heightened uncertainty in equity markets and the scale of the threat posed by cyber crime, investors would do well to be prepared.

[1] https://www.forbes.com/sites/rajindertumber/2019/01/05/cyber-attacks-igniting-the-next-recession/?sh=1c3747eddbe4

[2] https://www.mckinsey.com/capabilities/risk-and-resilience/our-insights/cybersecurity/new-survey-reveals-2-trillion-dollar-market-opportunity-for-cybersecurity-technology-and-service-providers

[3] https://www.swissre.com/institute/research/topics-and-risk-dialogues/digital-business-model-and-cyber-risk/cyber-insurance-strengthening-resilience.html

[4] https://www.cobalt.io/blog/cybersecurity-statistics-2023

[5] https://www.anapaya.net/blog/the-unseen-problem-of-unreported-cybercrime

[6] https://www.csoonline.com/article/2130877/the-biggest-data-breaches-of-the-21st-century.html

[7] https://www.fool.com/investing/stock-market/market-sectors/information-technology/cybersecurity-stocks/

[8] https://www.weforum.org/reports/global-risks-report-2023/digest/

[9] https://www.ibm.com/topics/attack-surface

[10] https://www.cisco.com/c/en/us/solutions/collateral/executive-perspectives/annual-internet-report/white-paper-c11-741490.html

[11] https://www.investors.com/news/technology/cybersecurity-stocks/

Disclaimer

Past performance does not guarantee future returns, and individual returns are not guaranteed or warranted.

This Document is intended solely for accredited investors, sophisticated investors, professional investors, or otherwise qualified investors, as may be required by law or otherwise, and it is not intended for, and should not be used by, persons who do not meet the relevant requirements. The content provided herein is for informational purposes only and is general in nature and not targeted to any specific objective or financial need. The views and opinions expressed in this Document have been prepared by third parties and do not necessarily reflect the views and opinions of EquitiesFirst. EquitiesFirst has not independently examined or verified the information provided herein, and no representation is made that it is accurate or complete. Opinions and information herein are subject to change without notice. The content provided does not constitute an offer to sell (or solicitation of an offer to purchase) any securities, investments, or any financial products (“Offer”). Any such Offer shall only be made through a relevant offering or other documentation which sets forth its material terms and conditions. Nothing contained in this Document shall constitute a recommendation, solicitation, invitation, inducement, promotion, or offer for the purchase or sale of any investment product by First Holdings, LLC or its subsidiaries (collectively, “EquitiesFirst”), nor shall this Document be construed in any way as investment, legal, or tax advice, or as a recommendation, reference, or endorsement by EquitiesFirst. You should seek independent financial advice prior to making an investment decision about a financial product.

This Document contains the intellectual property of EquitiesFirst in the United States and other countries, including, without limitation, their respective logos and other registered and unregistered trademarks and service marks. EquitiesFirst reserves all rights in and to their intellectual property contained in this Document. The Document should not be distributed, published, reproduced or otherwise made available in whole or in part by recipients to any other person and, in particular, should not be distributed to persons in any country where such distribution may lead to a breach of any legal or regulatory requirement.

EquitiesFirst make no representation or warranty with respect to this Document and expressly disclaim any implied warranty under law. You acknowledge that EquitiesFirst is not liable under any circumstances for any direct, indirect, special, consequential, incidental, or punitive damages whatsoever, including, without limitation, any lost profits or lost opportunity, even if EquitiesFirst has been advised of the possibility of such damages.

EquitiesFirst makes the following further statements that may be applicable in the stated jurisdiction:

The information contained on this Document is intended for persons located in Australia only and classified as a Wholesale Client only as defined in Section 761G of the Corporations Act 2001. The distribution of information to persons outside this criteria may be restricted by law and persons who come into possession of it should seek advice and observe any such restriction.

The material contained in this Document is for information purposes only and should not be construed as an offer or solicitation or recommendation to buy or sell financial products.

The information contained in this Document is intended to be general in nature and is not personal financial product advice. Any advice contained in the Document is general advice only and has been prepared without considering your objectives, financial situation or needs. Before acting on any information, you should consider the appropriateness of the information provided and the nature of the relevant financial product having regard to your objectives, financial situation and needs. You should seek independent financial advice and read the relevant disclosure statements or other offer documents prior to making an investment decision about a financial product.

Hong Kong: Equities First Holdings Hong Kong Limited is licensed under the Money Lenders Ordinance (Money Lender’s Licence No. 1681/2023) and to carry on the business of dealing in securities (Type 1 licence) under the Securities and Futures Ordinance (“SFO”) (CE No. BFJ407). This Document has not been reviewed by the Hong Kong Securities and Futures Commission. It is not intended as an offer to sell securities or a solicitation to buy any product managed or provided by Equities First Holdings Hong Kong Limited and is only intended for persons who qualify as Professional Investors under the SFO. This document is not directed to individuals or organizations for whom such offers or invitations would be unlawful or prohibited.

Korea: The foregoing is intended solely for sophisticated investors, professional investors or otherwise qualified investors who have sufficient knowledge and experience in entering into securities financing transactions. It is not intended for, and should not be used by, persons who do not meet those criteria.

United Kingdom: Equities First (London) Limited is authorised and regulated in the UK by the Financial Conduct Authority (“FCA”). In the UK, this Document is only being distributed and made available to persons of the kind described in Article 19(5) (investment professionals) and Article 49(2) (high net worth companies, unincorporated associations etc.) of Part IV of the Financial Services and Markets Act 2000 (Financial Promotion) Order 2005 (‘’FPO’’) and any investment activity to which this presentation relates is only available to, and will only be engaged in with, such persons. Persons who do not have professional experience in matters relating to investment or who are not persons to whom Article 49 of the FPO applies should not rely on this document. This Document is only prepared for and available to persons who qualify as Professional Investors under the Markets in Financial Instruments Directive.