Behind the Markets: A Conversation with Aaron Dubin


Key Takeaways

  • Jeremy Schwartz spoke with Aaron Dubin, VP of strategy and business research at Team8, on the latest Behind the Markets podcast about the cybersecurity space. 
  • Aaron compared the current state of AI cybersecurity to internet cybersecurity in 1995, highlighting the higher risk in the early days of the internet and the need for improved security measures in AI systems. He cited examples of AI being tricked in medical imagery diagnostics and other areas. 
  • Aaron discussed the connection between Team8's cybersecurity themes and current events, such as the Linux supply chain attack and the importance of securing code and incorporating security early in the software development process. 

We were excited to speak with Aaron Dubin, VP of strategy and business research at Team8, on the Behind the Markets podcast.

Team8 works with WisdomTree on the WisdomTree Team8 Cybersecurity Index, which is tracked by the WisdomTree Cybersecurity Fund (WCBR), before fees and expenses.

By way of background, Team8’s expertise is in organizing the array of companies providing cybersecurity solutions to the market. One of the most important details regards how a megatrend connects back to different company activities that are meant to play out in the future. Team8 does this through eight distinct cybersecurity themes that represent critical areas for growth as we move forward. Those themes are as follows:

  • Cloud Security
  • Resilience & Recovery
  • AI & Smarter Security
  • Security of Things
  • Perimeterless World
  • Data Security
  • Shift Left
  • Layer 8

Further details on these themes are available in this Market Insight piece.

The conversation covered a wide range of topics in cybersecurity, a few of which we summarize here.

1995 in Our Current “AI Moment”

We recently spoke with Dan Ives on Behind the Markets, and the foundation of that discussion regarded how this moment looks similar to the development of the internet in 1995. Primarily, people use 1995 to think about where we might be relative to a possible tech bubble, which we know burst in 2000.

Aaron made an interesting comparison to where we are with AI cybersecurity today, in the second quarter of 2024, versus where we were with internet cybersecurity in 1995. In those earlier days, there was a significantly higher risk of putting financial information, credit cards or personal details online. Today, while nothing is perfect, we are a lot more comfortable with those things than we were. AI may be on a similar path, and we are similarly early in that many of the large language models with which we are most familiar were released with little, if any, guardrails as to how they could be used.

Some of the most interesting and memorable talks on cybersecurity involve experts showing how to take known systems, like ChatGPT, and “jailbreak" them by breaking through the guardrails that have been put in place. Aaron cited one particularly scary example: AI can be used today in the context of medical imagery, an important diagnostic tool for certain types of cancer. These systems can be tricked into registering a diagnosis opposite to reality. This example demonstrates how the security of medical systems should always be of the utmost importance.

It Takes a Village to Start a Company

Part of the discussion centered on Team8’s activities as a company-builder. It has an expression—it takes a village to start a company—and when we think of cybersecurity and how Team8 operates in the cybersecurity venture space, it starts with its village of 350 chief information security officers (CISOs) at Fortune 500 companies.

An open dialogue with these professionals uncovers certain unmet needs, and from these unmet needs, sometimes companies can be founded and built. The “8” in Team8 comes from Unit 8200 of the Israeli military, which is the elite cyber unit of the Israeli Defense Forces. Nadav Zafrir is the co-founder and managing partner of Team8, and he was commander of Unit 8200 during his military career. Many Team8 founders, particularly in the cybersecurity area, have experience serving in this unit.

Connecting Current Events to Team8’s Cyber Themes

One of the most interesting parts of our discussion with Aaron regarded the connection between the eight aforementioned cyber themes and the current events and headlines that many of us may have seen in different publications.


Aaron’s description of a “supply chain attack” that was thwarted recently was an important illustration of how today’s hackers may be able to access certain systems that many customers use. Many of us might remember SolarWinds. The issue there was not necessarily any single hack but rather how, from that breach, the hackers were able to access the customers who were using the SolarWinds system.

In the Linux case, it appears that a Microsoft researcher thwarted the possible attack before the worst possible scenarios could be realized. It is telling, however, that many developers today are not incentivized to secure the applications they create and that a lot of code is repurposed from various sources. It takes a lot of effort to continually secure and update that code. Think about the effort it takes to ensure that your smartphone is regularly updated.

The shift-left theme refers to the efforts to encourage developers to incorporate security earlier in the development process and continually secure their code. The iPhone was released in 2007, so we’d note that what we think of as the app economy and software-as-a-service have not been around for that long, historically speaking.

Human Error (Layer 8)

The eighth theme that Team8 has on its list—the most recently added—focuses on humans. Even if we might picture popular movies where complex firewalls seem to be getting breached with ease, we discuss how the vast majority of hacks in the real world do not occur from breaking complex encryptions or doing incredibly technical things. They stem from human error.

Aaron noted that the most obvious source of breaches, at least in the second quarter of 2024, from what he is seeing, comes from misconfiguring cloud access points. It’s not that the cloud itself is not secure. It is that the humans who are setting up cloud access are making mistakes.

What Is Zero-Trust?

It says a lot that many of us might have heard of two-factor authentication. Simply put, if you are logging into a system and your cell phone generates additional code, that is an example of this practice at work. Zero trust, however, is less commonly used in popular media.

A zero-trust software architecture can be thought of as constant verification. When people are accessing systems, those systems could be constantly monitoring what they are doing and how they are doing it to determine if those individuals are where they should be and that the system itself is secure. How this works is similar to how credit card companies use anomaly detection to send out notifications about transactions that appear “odd” compared to what the primary account holder usually does. The same principle can apply to accessing a company’s network. There are the things that users normally do, and there are possible big deviations from those things that can be flagged and addressed.

Cybersecurity: A Megatrend for All Seasons

As we write these words in the second quarter of 2024, cybersecurity is no longer an option. Every individual and every company needs an approach. Without one, they are taking a huge risk. Of course, when we look company by company, it is never certain which businesses will rise to the top of the heap and provide the best solutions. This is the benefit of our regular dialogue with Team8, in that it helps us continually understand developments in the cybersecurity space that can evolve quickly.

Enjoy our most recent discussion with Aaron Dubin, available here, or listen below.



1 Source: Kevin Roose, “Did One Guy Just Stop a Huge Cyberattack?” The New York Times, 4/3/24.

Register to get insights from WisdomTree
Individual investors who register can access dashboard, daily blog posts, latest videos, podcasts and stay current with industry insights. On top of that, Financial Professionals get additional access to the tools, technology, resources and support they need to take the business to the next level.

Important Risks Related to this Article

To learn more about the various stock market indexes, industry terms, acronyms and abbreviations mentioned in the podcast above, please visit the glossary.

For current Fund holdings, please click here. Holdings are subject to risk and change.

There are risks associated with investing, including possible loss of principal. The Fund invests in cybersecurity companies, which generate a meaningful part of their revenue from security protocols that prevent intrusion and attacks on systems, networks, applications, computers and mobile devices. Cybersecurity companies are particularly vulnerable to rapid changes in technology; rapid obsolescence of products and services; the loss of patent, copyright and trademark protections; and government regulation and competition, both domestically and internationally. Cybersecurity company stocks, especially those related to the internet, have experienced extreme price and volume fluctuations in the past that have often been unrelated to their operating performance. These companies may also be smaller and less experienced, with limited product or service lines, markets or financial resources and fewer experienced management or marketing personnel. The Fund invests in the securities included in, or representative of, its Index, regardless of their investment merit, and the Fund does not attempt to outperform its Index or take defensive positions in declining markets. The composition of the Index is heavily dependent on quantitative and qualitative information and data from one or more third parties, and the Index may not perform as intended. Please read the Fund’s prospectus for specific details regarding the Fund’s risk profile.

Back Arrow IconPrevious Post All Blog Posts Menu IconAll Posts Next Post

About the Contributor

Global Head of Research

Christopher Gannatti began at WisdomTree as a Research Analyst in December 2010, working directly with Jeremy Schwartz, CFA®, Director of Research. In January of 2014, he was promoted to Associate Director of Research where he was responsible to lead different groups of analysts and strategists within the broader Research team at WisdomTree. In February of 2018, Christopher was promoted to Head of Research, Europe, where he was based out of WisdomTree’s London office and was responsible for the full WisdomTree research effort within the European market, as well as supporting the UCITs platform globally. In November 2021, Christopher was promoted to Global Head of Research, now responsible for numerous communications on investment strategy globally, particularly in the thematic equity space. Christopher came to WisdomTree from Lord Abbett, where he worked for four and a half years as a Regional Consultant. He received his MBA in Quantitative Finance, Accounting, and Economics from NYU’s Stern School of Business in 2010, and he received his bachelor’s degree from Colgate University in Economics in 2006. Christopher is a holder of the Chartered Financial Analyst Designation.