This New Cybersecurity ETF Could Benefit From Good Timing

Cybersecurity is a prominent theme for both corporations looking to guard against data breaches and hacks as well as investors looking to profit from the exponential increase in spending devoted to this technology.

Several exchange traded funds (ETFs) are dedicated to cybersecurity with the newest member of that group being the Global X Cybersecurity ETF (BUG), which debuted late last month. While BUG enters a field with some established competitors, it could also prove to be an example of a well-timed thematic ETF that ultimately finds success.

The new BUG follows the Indxx Cybersecurity Index and is home to familiar cybersecurity fare, including Palo Alto Networks (PANW), Check Point Software Technologies (CHKP) and FireEye (FEYE), among others.

As experienced cybersecurity investors know, central to this segment’s thesis is spending by corporate information technology managers. While some recent data points indicate overall corporate IT spending will experience sluggish growth this year, that’s not the case in the cybersecurity realm. Put simply, this isn’t an area companies can afford to skimp because a penny wise, dollar foolish view of cybersecurity is, well, foolish.

“In addition to the 141 percent increase in overall budgeting since 2010, cybersecurity spending has increased around the world and across industries,” according to the RSA Conference. “In 2019, worldwide spending on information security products and services is estimated to reach over $124 billion.”

Good Reasons To Spend On Cybersecurity

Regardless of industry, companies should do everything they can to safeguard customer data. It’s just the right thing to do, but if altruism isn’t enough of a motivator, then perhaps investor security is. As in history confirms that public companies that are victimized by data breaches suffer punishment in another venue: financial markets.

A recent study by CompariTech analyzed 28 US-listed companies that suffered 33 data breaches with as few as 1 million up to 100 million records leaked. For investors, the results were, not surprisingly, negative. Companies in the analysis include scions of technology, such as Apple (AAPL)Facebook (FB) and Microsoft (MSFT).

“Share prices of breached companies hit a low point approximately 14 market days following a breach. Share prices fall 7.27% on average, and underperform the Nasdaq by -4.18%,” according to CompariTech.

What’s interesting about the post-breach market reaction to these companies, and it’s a point that underscores BUG’s potential utility for investors, is that six months following cybersecurity nightmares, victim companies were able to recoup significant chunks of share price losses.

“Six months after a breach, the companies we analyzed actually performed better than they did in the six months prior. In the six months leading up to a breach, average share price grew 4.1%, compared to 7.4% following a breach,” notes CompariTech.

Why BUG Matters

One of the interesting points about cybersecurity ETFs, including the rookie BUG, is that although the industry has experienced exponential growth in recent years, its dedicated components don’t have significant penetration in traditional technology ETFs. For example, the number of overlapping constituents between BUG and the S&P 500 Technology Index is just two, according to the ETF Research Center.

Speaking of sectors, investors looking for groups that will drive revenue growth for BUG member firms going forward need only to look financial services. Companies in that sector spend anywhere from 6% to 14% of their IT budgets on cybersecurity. Data confirm that financial stocks can be punished by cyber attacks.

“They suffered the largest initial downturn following breaches on average, sinking over 17% against the Nasdaq after 16 market days,” said CompariTech. “Although the stocks performed better against the market post-breach than pre-breach, they still underperformed the Nasdaq by a difference of 2% after six months.”

The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.