Sometimes markets behave in ways that don't make sense, as investors get carried away with a particular idea.

This dynamic appears evident in early 2026 when looking at the share price performance of certain cybersecurity stocks. To understand the current picture, it's important to place two concepts in mind:

1. Artificial intelligence (AI) software continues to increase in capability. Collectively, we saw the virality of what is now referenced as OpenClaw¹ in contextualizing what an agentic AI future could really look like—and this is simply the most recent example. Enterprises have finite technology budgets. If AI can do more, firms may require less of their ‘other software' solutions. Put another way, sometimes it's postulated that employees can just ‘vibe code' customized software solutions to suit company needs².

2. It is also true that nearly every time I am seeing OpenClaw mentioned, I am seeing or hearing references to potential cybersecurity issues³. It makes sense, in that if this software is taking actions and has access to important systems without being directed in every instance, it's possible that the user may not agree with all of those actions. There is no guarantee that important private data would not be shared or mishandled.

The implication: If OpenClaw represents an important window into our potential agentic AI future, proper cybersecurity practices will only become more important for both companies and individuals.

The Market Performance Picture

The WisdomTree Cybersecurity Fund (WCBR) is a strategy that focuses on a specific group of cybersecurity providers⁴. Before progressing further, instead of just saying ‘cybersecurity', which can mean many things, let's zoom in on the specific types of cybersecurity these companies must focus on to have the potential for inclusion in this strategy⁵:

• Cloud Security – Enterprise cloud migration is accelerating, making security foundational to protecting data, applications, and workloads while maintaining governance, visibility, and control across distributed environments.
• Security of Things – Expanding Internet of Things (IoT) adoption multiplies connected endpoints, each a potential breach vector, requiring device-level protection, identity management, and continuous monitoring to mitigate exponentially rising risk.
• Perimeterless World – Traditional network perimeters are obsolete; zero trust and modern identity and access management are essential to secure users, devices, and applications in remote-first environments.
• Data Security – As data becomes the enterprise core asset, focus expands beyond confidentiality to include integrity and availability, ensuring trustworthy, resilient, and continuously accessible information systems.
• Resilience & Recovery – Cybersecurity must prioritize rapid recovery and operational continuity, enabling organizations to restore systems and data quickly after disruption, attack, or infrastructure failure.
• Shift-Left Security – Embedding security earlier in the software development lifecycle ensures vulnerabilities are addressed proactively, reducing risk, improving code quality, and easing pressure on understaffed security teams.
• Smarter Security – Growing complexity and talent shortages demand automation, analytics, and AI-driven orchestration to enhance threat detection, streamline response, and maximize human security expertise.
• Layer 8 (Human Risk) – Humans remain the primary attack surface; effective security requires training, monitoring, empowerment, and in some cases automation that reduces reliance on error-prone manual processes.

If we can agree that these eight areas of focus at least sound reasonable if a company is seeking to provide cybersecurity solutions to businesses, it allows us to move to looking at performance.

The primary question:How does a group of cybersecurity-focused companies that have a strong focus in at least one of these eight areas look, performance-wise, as of mid-February 2026?

Figure 1a tells the story…

• Relative to the S&P 500 Index benchmark—a primary benchmark for many U.S. equity investors—WCBR's track record looks bleak.
• The one-year number in particular, where WCBR's NAV performance lagged the S&P 500 by more than 36%, creates a stark contrast.
• The recent track record is so rough that the 5-Year figure for WCBR has been pulled to a negative 20 basis points (bps) per year, whereas the S&P 500 Index was up 13.77% per year over the same period.

Figure 1a: A Study in Extreme Contrast

Figure 1b: Standardized Performance

Conclusion: Why do Firms Invest in Cybersecurity Solutions?

Cybersecurity is an area where protection from threats such as hackers and ransomware is only part of the story. Another part is putting together a picture of activities such that a company's cybersecurity strategy appears ‘credible' and ‘up-to-date.' If an issue ever were to occur, it is helpful to be seen to have subscribed to different providers who are amongst the best at such things as network security, identity management, endpoint protection, observability…and the list goes on. There is never a guarantee that issues will never occur, but if or when they do, it's better to be seen as having a comprehensive set of solutions that are accepted as amongst the best-of-breed at what they focus on⁶.

It's possible that, since many cybersecurity-focused companies are ultimately ‘software-as-a-service' (SaaS), and the equity market at least in early 2026 seems to be running away from this business model, it's possible that there could be a lack of discrimination. It's possible that people see such things as software or SaaS and they seek to position elsewhere and they may not be thinking more deeply about what the software is meant to do⁷.

Can the downdraft continue? Of course, but it is often that investors tell me they are looking for dislocations and areas where they have not already missed the price appreciation. Cybersecurity in early 2026 may represent one such opportunity.

¹ Source: OpenClaw. (n.d.). OpenClaw — Personal AI assistant. Retrieved February 12, 2026, from https://openclaw.ai/

² Source: ShiftMag. (2025, The Illusion of Vibe Coding: There Are No Shortcuts to Mastery). ShiftMag.dev.

³ Source: Stokel-Walker, C. (2026, February 3). OpenClaw is a major leap forward for AI — and a cybersecurity nightmare. Fast Company.

⁴ WCBR is built to track the total return performance of, before fees and expenses, the WisdomTree Team8 Cybersecurity Index.

⁵ Source: The WisdomTree Team8 Cybersecurity Index defines as part of its selection criteria that companies must have a strong solution in at least one of the eight themes to be eligible for further screening and possible index inclusion.

⁶ Sources: LegalClarity.org. (2026). Building a legally compliant cyber security strategy; Fortinet. (2026). Why compliance is a critical part of a cybersecurity strategy; Larcker, D. F., & Tayan, B. (2022). Building effective cybersecurity governance. Harvard Law School Forum on Corporate Governance.

⁷ Sources: Cohan, P. (2026, February 6). Why SaaS stocks are falling as AI reshapes software. Forbes; Lipman, D., Callahan, G., Fiore, G., Kieffer, G., & Bosche, A. (2026). Why SaaS stocks have dropped—and what it signals for software's next chapter. Bain & Company.