So, You’re Thinking about Building a Cybersecurity Strategy?

One of the biggest themes across megatrend investing—at least, in our opinion—is cybersecurity. Every time a new technology is introduced, it simultaneously needs to be secured. This is true of autonomous vehicles, the metaverse, space, artificial intelligence…the list goes on.

It is hard to think of a theme that is equally “required” across the board, even if we must admit that we cannot necessarily take this logic all the way through to finding the strongest-performing companies. We know the concept is needed—we don’t know exactly which companies will execute the best for years to come.

WisdomTree’s Thematic Universe

WisdomTree is regularly tracking all of the different exchange-traded funds (ETFs) that it deems to be part of the “Thematic Universe.” The regular report is available here. It affords us to pick topics—in this case, cybersecurity—and do comparisons to some of the biggest and most longstanding funds. While we recognize performance always ebbs and flows, and no single fund outperforms all others all of the time, it is our view that thematic topics run hot and cold.

If we have reason to believe a topic is hot, then that is the time to denote whether different funds aiming at exposure to the topic are capturing the performance.

Cybersecurity Got HOT in Late 2023

As with many investments, there is a constant push and pull between the company fundamentals and the overall macroeconomic backdrop. In late 2023, we had many firms reporting earnings for the third quarter of 2023, and then we had an overall view that maybe the U.S. Federal Reserve would have to consider lower policy rates at some point in 2024.

Downward-trending interest rates and strong revenue growth are a good recipe for cybersecurity companies—particularly newer companies that have entered the public markets more recently.

Figure 1a: Standardized Performance as of September 30, 2023

For the most recent month-end and standardized performance and to download the respective Fund prospectuses, click the relevant ticker: WCBR, HACK, CIBR

When we analyze ETFs focused on cybersecurity stocks, HACK and CIBR are the two largest on the basis of assets under management as of December 15, 2023. CIBR is not far from $6 billion in assets.

WCBR is a newer entrant, launched in early 2021 as opposed to late 2014 (HACK) or mid-2015 (CIBR). 2023 offers an opportunity to review a period when we know the topic of cybersecurity got hot, when existing geopolitical threats are real (Russia, Iran) and, possibly, geopolitical threats are on the horizon (Taiwan).

How did these different funds respond?

• WCBR has tended toward a higher volatility than either HACK or CIBR, but when the topic got hot in November and half of December 2023, there was a clear acceleration in returns.

• HACK and CIBR also accelerated in terms of their performances, but they were very similar to each other and did not have the same upward-sloping trajectory as WCBR.

We would note that this is merely one instance—it may not be the same in the future—and investors should always review many different performance periods when analyzing different ETFs.

Figure 1b: WCBR vs. HACK & CIBR in 2023 (December 31, 2022, to December 15, 2023)

For the most recent month-end and standardized performance and to download the respective fund prospectuses, click the respect ticker: WCBR, HACK, CIBR

How Close to Cutting-Edge Can You Get?

I have heard it said in terms of cybersecurity: the attackers only need to be right once, whereas the defenders need to defend against 100% of attacks. Think of generative AI—on the one hand, an incredible tool, but on the other, a new way for attackers to repurpose it into doing multitudes of more sophisticated attacks.

There is a premium on accessing the newest companies pursuing the most current defenses.

WCBR, HACK and CIBR are all tracking the returns of indexes, so the primary question regards how close these indexes can get to the newest technologies. We can learn a lot by looking at the top 10 positions.

In figure 2, we see:

• WCBR, CIBR and HACK all have a similar weight in the top 10 holdings—45% to 50%, roughly speaking.

• As part of the process behind the WisdomTree Team8 Cybersecurity Index (tracked by WCBR), Team8, with its cybersecurity expertise, rates what each company is doing in cybersecurity against what they believe are the eight most important critical functional areas of the discipline. The focus is on the future of what will be needed in cybersecurity, and a broad focus is telling us that the company is doing at least three things that Team8 views as critical to the future of cybersecurity.

• The Nasdaq CTA Cybersecurity Index (tracked by CIBR) is focused on cybersecurity within the Technology and Industrials sectors. It looks to see that the companies are engaged in the building, implementation and management of security protocols applied to private and public networks. When we look at figure 2 and see #N/A, this is telling us that Team8 did not give the company a rating that fit within one of its eight distinct focal points on the future of cybersecurity.

• The Prime Cyber Defense Index (tracked by HACK) is focused on cybersecurity within hardware, software and services. Again, the #N/A is telling us that those companies did not meet Team8’s standard of being involved in one of their eight critical cybersecurity areas.

We recognize that there is no true benchmark of the performance of any thematic equity strategy, and in many cases, the largest strategies were around for the longest periods. Strategies can evolve with the times—we try to design ours with this in mind—but we also recognize how difficult that is. Working with Team8, which has among its professionals people who have been dealing with cyber activities in Israel’s military and the U.S.’s National Security Agency, is the way in which we ensure that the focus of the companies on cybersecurity is in fact evolving with as much speed as possible within the Index.

Figure 2: Top 10 Company Exposures within WCBR, CIBR and HACK (Average Weights from December 31, 2022, to November 30, 2023)

Conclusion: Will a Necessary Thematic Get an Interest Rate Tailwind in 2024?

Pure-play cybersecurity companies have been volatile—in 2021, this volatility was in the upward direction, whereas in 2022, it was in the downward direction. Part of the reason for this is that we saw interest rates going from basically the record lows of easy-money policy to some of the highest levels we have seen in nearly 20 years. If 2024 has more of a downward than an upward trend in rates, this could create a tailwind behind these stocks at a time when the world is constantly thinking about protection amidst increasing geopolitical risks.

We think that WCBR represents a high sensitivity to both this megatrend and interest rates, but we have no doubt that investors may want to do their own analysis under the hood of these three Funds.

Figure 3: Further Information Supporting the Comparison of Different Funds

If you’re interested in diving more into the comparison of these Funds, please check out our Fund Comparison Tool.