In 2025, cybersecurity is no longer a technical issue whispered about in IT departments. It has broken into boardrooms, earnings calls and geopolitical strategy meetings. What began as a conversation about firewalls and antivirus software is now about economic resilience, national security and investment risk.

We've arrived at a point where ransomware can stall a global manufacturing operation in hours, a compromised login can unlock millions in financial losses, and a single software vulnerability in one vendor can ripple across hundreds of downstream companies. This isn't theory—it's reality, and it's happening with increasing regularity.

To understand where we are now, we must first recognize what has changed.

The Rise of RansomwareasaService

In the past, cyberattacks were often the domain of skilled individuals or nation-states. Today, ransomware has become a business. With Ransomware as a Service (RaaS), anyone with a motive can rent the tools and support to launch an attack, with pre-written code, customer service portals and revenue sharing.

This model has dramatically lowered the barrier to entry. In 2024 alone, public intelligence sources recorded record highs in ransomware victim counts.¹ These attacks aren't just encrypting files—they're stealing data, leaking it and sometimes threatening physical systems. The economic damage is measured in billions.

What Companies Are Doing aboutIt

To respond, an entire ecosystem of public cybersecurity companies is arming enterprises with layered defenses. One of the first and most crucial lines of defense is something called endpoint detection and response (EDR). Think of this as the security guard for every laptop, server and smartphone. Companies like CrowdStrike, SentinelOne and Palo Alto Networks provide EDR platforms that use artificial intelligence to detect and neutralize threats as they emerge.²

But sometimes the threat slips through. That's where data backup companies like Rubrik, Commvault and NetApp come in. They provide tools to take "snapshots" of data that can't be changed or deleted by attackers, enabling businesses to restore operations quickly without paying a ransom.³

And finally, there are the companies trying to stop the threat before it even reaches your device. Zscaler, Cloudflare and Fortinet offer secure access platforms that act like custom-built roadblocks, deciding who gets in and where they can go.⁴ This model, known as Zero Trust, assumes every user or device is a potential threat until proven otherwise.

The Supply Chain's Soft Underbelly

Beyond the direct attacks lies a more insidious risk: supply-chain infiltration. In many cases, hackers don't target their primary victim directly. Instead, they exploit a weaker link—a software vendor, a contractor, even a cloud services provider—to gain access.

This happened in the MOVEit breach, where a vulnerability in a file-transfer tool exposed millions of individuals' data.⁵ Governments around the world now refer to supply chains as the "soft underbelly" of national security.

Here, companies like Tenable, Qualys and Rapid7 shine. They specialize in scanning an organization's infrastructure for vulnerabilities before attackers can find them. At the same time, edge-security vendors like Akamai, Fastly and Cloudflare are building digital checkpoints to inspect every request and block suspicious activity in real time.⁶

Industrial Systems Go Online

As factories, power plants and water utilities digitize, their old, isolated control systems are being connected to the internet. This creates new opportunities for efficiency—and new openings for attackers.

A cyberattack on an oil pipeline in 2021 caused fuel shortages across the Eastern U.S. That was a wake-up call.⁷ Since then, cybersecurity for operational technology (OT) has become critical. Companies like Fortinet and Palo Alto Networks now offer industrial-grade firewalls and sensors built for harsh environments, while Trend Micro and CrowdStrike are developing tools to detect threats inside factory networks without disrupting operations.

Specialist firms like AhnLab in South Korea and Digital Arts in Japan are also gaining traction, particularly in Asia, by offering regionally customized industrial-security solutions.

Identity: The Front Door to Everything

For all the complexity of modern attacks, sometimes the biggest weakness is still the simplest: stolen passwords. Whether through phishing or leaked credentials, attackers often walk in the digital front door.

That's why identity and access management (IAM) is booming. Okta offers secure single sign-on systems, while CyberArk focuses on protecting the most sensitive accounts—like the digital keys to your company's vault. Identity-focused tools are now using behavior analysis to detect when a legitimate user is acting suspiciously. CrowdStrike, Zscaler and Cloudflare are all leaning into this area as well.⁸

Cloud Sprawl and Security Blind Spots

As more companies move their operations to the cloud, the attack surface grows. Every cloud service, app and integration is another potential weak point. Misconfigured access controls or forgotten storage buckets can become open doors.

To manage this, vendors like Palo Alto Networks, Datadog and Elastic offer tools that monitor cloud environments for missteps, misconfigurations or unauthorized activity. This is where cloud-native security lives: not just protecting a data center, but securing thousands of decentralized services in real time.⁹

And because more of this traffic happens over the internet, companies like Akamai and Fastly are becoming essential infrastructure—inspecting and filtering data before it reaches its destination.

Even the Defenders Are at Risk

Ironically, as security platforms themselves become more complex and more connected, they, too, become targets. In 2024, cybersecurity firm Palo Alto Networks was listed among the most-exploited vendors in the U.S. government's known vulnerabilities catalog.¹⁰

That's why we're now seeing a surge in what's called "attack surface management." Firms like Tenable, Rapid7 and Qualys offer services that simulate hacker reconnaissance, constantly probing for exposed systems—even inside security companies themselves.

What Comes Next

Cybersecurity today is a race—between the growing sophistication of attackers and the layered defenses of the companies trying to stop them. But there is no finish line. Threats evolve, technology shifts, and so the landscape constantly changes.

For investors, the takeaway is not to find a single "best" company, but to understand which companies are solving the most urgent problems. Ransomware protection, supply chain integrity, industrial system security, identity management, cloud risk visibility—these are not niche concerns anymore. They are foundational to how modern economies operate.

As governments tighten regulations and boards face liability for breaches, the market for these solutions will only grow. In 2025, cybersecurity is not just about defense. It's about trust, resilience and operational continuity. That makes it a macro trend—and a long-term investment story worth watching.

Conclusion: Performance of a Strategy Focused on Cybersecurity Equities

The WisdomTree Cybersecurity Fund (WCBR) represents a basket of cybersecurity equities as defined by the WisdomTree Team8 Cybersecurity Index. On a semiannual basis, Team8's cybersecurity research professionals are evaluating publicly traded cybersecurity companies that are focused on providing solutions aimed at the future of cybersecurity.

Even if we might think that the risks in cybersecurity are consistently rising and the focus on cybersecurity needs to keep pace, how are the equities performing?

Figure 1: Standardized Returns

Figure 2 is interesting to us because many associate 2025's equity performance, so far, with volatility. WCBR has been strong when compared to U.S. broad market equities, such as the S&P 500 Index benchmark.

Figure 2: Amid the Noise: Cybersecurity Has Led in 2025

It's also important to look at revenue growth—the concept that customers are demanding more and more of the cybersecurity services. In figure 3, we look at median sales growth so as not to be unduly influenced by outlier values. One would expect faster-than-S&P-500-Index-level sales growth, but we think these figures are particularly robust for these past periods of one, three and five years. We'll continue to monitor this to see how it continues.

Figure 3: Outgrowing the Market: Cybersecurity's Long-Term Sales Strength

¹ Source: GRIT, "GRIT 2025 Ransomware and Cyber Threat Report" (p. 8–9), GuidePoint Security, 2025.

² Source: United Kingdom Parliament, "A hostage to fortune: Ransomware and UK national security" (House of Commons and House of Lords Joint Committee on the National Security Strategy, Evidence RAN0017, RAN0033), 2024. https://committees.parliament.uk/publications/42087/documents/205936/default/

³ Source: Honeywell, "2025 Cyber Threat Report: Insights and Actions to Manage Cyber–Physical Threat Convergence (p. 6–8), Honeywell International Inc., 2025.

⁴ Source: Honeywell, "2025 Cyber Threat Report," 2025.

⁵ Source: UK Parliament, "A hostage to fortune," 2024.

⁶ Source: GRIT, "Ransomware and Cyber Threat Report," 2025.

⁷ Source: Cybersecurity and Infrastructure Security Agency, "The Attack on Colonial Pipeline: What We've Learned & What We've Done Over the Past Two Years," 5/7/23.

⁸ Source: Honeywell, "2025 Cyber Threat Report," 2025.

⁹ Source: GRIT, "Ransomware and Cyber Threat Report," 2025.

¹⁰ Source: GRIT, "Ransomware and Cyber Threat Report," 2025.