No longer does it matter whether a company is considered “old world”, for example specialising in energy, or a service company dealing with sensitive client data such as a bank or insurance company, or a company involved in new technologies such as Artificial Intelligence or Crypto assets. The commonality between most businesses nowadays is that they are moving online and, as such, are vulnerable to the ever increasing threat of cybercrime.
Why is Cybersecurity important?
Increasing threats – The number of cybersecurity attacks have been increasing year after year. It was reported by CNBC that the cost of cybercrime was approximately $400-500 billion during 2013 – 2015. By 2021, a Cybersecurity Ventures report estimates the cost of cyber threats will rise to $6 trillion annually.
Severity of attacks – Along with the number of cybersecurity attacks increasing, so is the severity of those attacks, according to a PWC report. The attacks are “becoming progressively destructive and target a broadening array of information and attack vectors”.
Future Outlook – According to David Burg, Global Cybersecurity and Privacy Advisory Leader at PwC, “We’re seeing more and more that cybersecurity can actually become a remarkable way to help a company innovate and move faster. In certain kinds of digital innovation, the security considerations, controls and capabilities, alongside a frictionless means of authentication, are essential to the design and development of these new products and services”.
Failing to act has consequences
Reputational Risk – Fear of reputational damage to an organisation is the biggest motivator to take security measures seriously, according to a study that RAND Europe conducted on investments in Cybersecurity. As the recent Uber example shows, failing to disclose an attack – or worse, covering it up – can lead to significant consumer mistrust that may be difficult to regain.
Obligation to report breaches – Transparency about cyber security breaches will be strengthened due to much anticipated legislative change. An amendment to the Privacy Act 1988 took effect this year. The change will require the majority of Australian companies to notify customers and the privacy watchdog (OAIC) when serious data breaches have occurred. The amendment addresses concerns that data breaches could be exploited, without the customer being aware their data was at risk and being given the opportunity to take their own mitigating action.
Market growth and outlook in Cybersecurity
It is estimated that over US$1 trillion will be spent on products to fight cybercrime between now and 2021 and global spending on security awareness training for employees will reach US$10 billion by 2027, according to the Cybersecurity Ventures report.
One consequence of this increase in cybercrime is the increasing levels of interest and projected growth in the cybersecurity services industry. As governments and companies strive to protect themselves from the online threat, they continue to invest in and drive spending across the entire cybersecurity sector. This presents a particularly compelling investment opportunity.
For investors looking to gain exposure to the growing cybersecurity sector, BetaShares offers the Global Cybersecurity ETF (ASX Code: HACK). HACK currently has exposure to the 36 largest companies in the Cybersecurity sector from around the world, all of whom are working to beat the cyber-criminals at their own game! And while past results should never be used as a guide for the future, the performance of these companies so far has indicated the potential associated with this investment theme, with the performance of the fund since inception in August 2016 to end May 2018 being approximately 20% p.a.
Past performance is not an indicator of future performance. Returns are calculated in Australian dollars using net asset value per unit at the start and end of the specified period and do not reflect brokerage or the bid ask spread that investors incur when buying and selling units on the ASX. Returns are after fund management costs, assume reinvestment of any distributions and do not take into account tax paid as an investor in the Fund.