Threats to society’s cybersecurity are as old as the internet but Russia’s invasion of Ukraine has made the issue more acute for investors, as has more remote working in a post-pandemic world. Backing the wider theme through a low-cost ETF makes sense for several reasons, and we believe the L&G Cyber Security ETF (ISPY) ticks many of the right boxes for investors.

The ETF is large enough so that liquidity is not a problem, broad enough for reasonable diversification, and has scale to lower costs, which it did last year.

It’s still not particularly cheap for a tracker fund, with ongoing costs of 0.69%, but it does have an attractive five-year total returns track record when most of its peers have only been around for a year or two, such as the WisdomTree Cybersecurity ETF (CYSE) and the Global X Cybersecurity ETF (BUGG).

On a five-year basis the L&G Cyber Security ETF has delivered 17% annualised returns.

WHY YOUR PORTFOLIO NEEDS CYBERSECURITY

The space includes companies that provide security basics, like firewalls, anti-virus defence and passwords protections, but fighting off hackers is the much larger threat.

Where hackers were often tech-savvy individuals or small groups motivated more by ideology and putting one over on the establishment than money making, hackers today are far more sophisticated, organised and better funded, typically either state sponsored actors or criminal gangs looking to make vast profits.

This year the Ukrainian government was forced to bring in swathes of underground hackers in response to massive cyberattacks which were suspected to come from Russia as part of its war against the country.

Other countries were also put on alert, including the UK, and in January the nation’s National Cyber Security Centre called on businesses to ‘bolster their online defences’ from potential Russian hackers.

As a result, the cybersecurity industry looks set to benefit from the significant rise in attacks on government agencies and major businesses which need to increase their spending on digital defence, and investors have already started to react.

PERFORMANCE IS PICKING UP

This year the L&G Cyber Security ETF is down 5.4%, according to FE Analytics data. The performance was a lot worse until recently, with the ETF having rallied 22% since mid-June, bolstered by the $2.4 billion buyout of US-listed Ping Identity and takeover talk surrounding the UK’s Darktrace (DARK), the fund’s largest single stake at a little more than 6% of assets.

Other leading companies in the ETF portfolio include network security specialist Cloudflare (NET:NYSE), big data analytics platform Splunk (SPLK:NASDAQ) and identity management tools firm CyberArk (CYBR:NASDAQ).

The ETF also has a stake in Trend Micro (4704:TYO), the Japanese company that provides cloud computing protections to hyperscale cloud players including Amazon’s (AMZN:NASDAQ) AWS, Alphabet’s (GOOG:NASDAQ) Google Cloud and Microsoft’s (MSFT:NASDAQ) Azure.

BEING TAKEN MORE SERIOUSLY

Cybersecurity is a complex space and a rapidly expanding area for investment, with the issue widely recognised as business critical. According to Gartner, 88% of company bosses accept digital protections and safety is now a board level topic, with potential impacts of not doing enough too big and too costly to ignore.

Data from industry specialist McAfee shows the global cost of cybercrime went from an estimated $300 billion in 2013 to $945 billion in 2020, while the average cost of a data breach has jumped 17% in the past few years to $4.2 million, say IBM (IBM:NASDAQ) analysts.

INVESTMENT POURING IN

Cybersecurity companies have tended to develop systems in-house and use mergers and acquisitions to build out product sets and expand into vertical markets. Even the very biggest tech companies are expanding in this area.

For example, Alphabet has plans to spend over $10 billion to improve cybersecurity in the next five years while the overall industry is forecasted to hit $352 billion in 2026, up from $156 billion in 2020, according to Mordor Intelligence.

In March 2022, Alphabet agreed to pay $5.4 billion for cybersecurity firm Mandiant to bolster its Google Cloud platform, with clear intentions of combining its own automation expertise with Mandiant’s intellectual property.

Microsoft has committed to spend $20 billion in security research and development over the next five years, dwarfing the R&D spend of any specialist security players.

Clients do not want to be tied to one supplier of cybersecurity tools, part of their own risk mitigation, which means taking a sector-based approach makes sense for retail investors.

The L&G Cyber Security ETF physically replicates the ISE Cyber Security UCITS index of 45 stocks. This basket includes a mix of infrastructure providers developing software and hardware for protecting access to files, websites and networks and service providers offering consulting and cyber-based services.

Companies in the broader investment universe are only eligible if they meet size requirements and have a three-month average daily traded value of at least $1 million. The underlying index applies a modified equal weight methodology where company weights are relative to the size of their respective sector and their liquidity versus peers within each sector.

Constituents are also screened against Legal & General Investment Management’s Future World Protection List, which flags companies that violate the United Nations Global Compact. The latter is a pact to encourage businesses around the world to adopt sustainable and socially responsible policies.

‹ Previous2022-08-25Next ›