Investors in 2020 and 2021 have become familiar with somewhat of a natural ‘ebb’ and ‘flow’ to the performance of different megatrends. Positive performance is always preferred, but the risk of being ‘too positive’ is that investors begin to think they ‘missed it’ or that a ‘correction is around the corner.’ With broad benchmarks continually flirting with new record highs in early November 2021, these are natural concerns.
Can a Business Exist Without Cybersecurity?
A question for anyone reading this blog—step back and think, would you do business with a firm that does not have a cybersecurity strategy in 2021?
Even with all of the advancements in technology seen across the globe, cybersecurity remains a notoriously difficult space for the more positive forces to triumph clearly over nefarious actors.
Consider the case of SolarWinds
Since May 2021, the hackers responsible for the SolarWinds attacks have targeted more than 140 technology companies. It’s rarely the case that such attacks have a 0% success rate—sometimes techniques as simple as guessing user passwords or phishing emails are enough to grant them access. It’s possible that Russia is seeking long-term, systematic access to a variety of points in the technology supply chain1.
It’s also important to consider that true ‘fixes’ take time. The publicity of the SolarWinds attacks was getting into full swing roughly one year ago, and yet it was only during the first week of November, 2021, that the Biden Administration ordered that US federal agencies patch hundreds of cybersecurity vulnerabilities. These actions covered about 200 known security flaws that were discovered between 2017 and 2020, and an additional 90 that were discovered in 20212.
Focusing on the Future of Cybersecurity
WisdomTree benefits from working with expert partners on many of its megatrend approaches. Within cybersecurity, WisdomTree works with Team8, a venture firm with strong expertise in cybersecurity and featuring a leadership team that includes a former director of the National Security Agency (NSA) and Unit 8200.
In their view, Team8 have developed a list of 7 critical themes within cybersecurity that they expect will define the types of services that have a chance at future success.
The seven themes are:
• Smarter Security: Investors should think of the intersection between technologies related to artificial intelligence (AI) and machine learning, and how they can be used to enhance security in digital systems.
• Resilience and Recovery: Investors should be mindful that no security is ever 100% effective, so strategies must exist for possible recovery after a hack.
• Cloud Security: In a world where employees demand to ‘work from- anywhere’, more people are using cloud software than ever before. If not done carefully, this creates many vulnerabilities.
• Perimeterless World: It used to be that the network was centered upon an office or a set location. The world of 2021 is location independent with respect to software, networks and data.
• Shift-Left: The proliferation of the ‘app-economy’ has been incredible, making it more and more critical for developers to think about security at every phase of application development, rather than as an afterthought. Developers should learn from how sophisticated attacks, like SolarWinds, were implemented, building in efforts to defend against them inside of the digital infrastructure.
• Privacy and Digital Trust: If a company loses ‘trust’, it could lose everything. Did the company formerly known as Facebook inspire ‘trust’? Does Apple? Does Amazon? Every company needs to consider this and also align with accepted practices across the globe.
• Security of Things: More devices are becoming ‘software-enabled.’ The car is one of the most recent examples, and many automakers are seeking to benefit from subscription revenues. Anytime there is another device that is internet-enabled, that is another point of data collection and transmission, and it must be secured.
October 2021 was a Strong Month
As WisdomTree considers the cybersecurity space, it has been clear that October 2021 was a month where many of these specific businesses broke out positively in terms of share price performance. The primary themes covered were ‘Smarter Security’, ‘Cloud Security’, ‘Perimeterless World’ and ‘Security of Things.’ Team8 refreshes their take on individual cybersecurity businesses on a semi-annual basis, and one of the most interesting considerations regards which themes evolve into more significant exposures.
We always remind investors that with the potential for outsized growth and outsized returns comes the possibility for higher risk. Focusing on the future usually means smaller or newer companies. However, we keep coming back to the fact that, thinking rationally, cybersecurity should be one of the biggest considerations for any business, globally, in 2021. It’s merely a question of which services or companies will seize on this market.
Sources
1 Source: McMillan, Robert and Dustin Volz. “SolarWinds Hackers Continue to Hit Technology Companies, Says Microsoft.” Wall Street Journal. 25 October 2021.
2 Source: Volz, Dustin. “Biden Administration Orders Federal Agencies to Fix Hundreds of Cyber Flaws.” Wall Street Journal. 3 November 2021.