In today’s digital world, data is gold, and more malicious actors are trying to get their hands on the prize. Just recently, two heavyweight technology companies provided customer data to hackers disguised as law enforcement officials proving that their cyber defences are not as robust as they should be.
This raised concerns, which were exacerbated by the cyberwarfare component of Putin’s attack on Ukraine, putting nerves on edge as individuals, companies, and governments consider who may be lurking within their networks. In response, the Biden administration warned companies of potentially higher levels of cybercrime related to Western-imposed sanctions and tense geopolitical relationships. In this environment, no one can escape cyber attacks, but they can work to prevent them. As a result, we expect cybersecurity spending to continue to increase and cybersecurity companies to attract investor interest due to their recurring revenue model. In our view, these factors, along with the Cybersecurity theme’s ability to help manage geopolitical risk in a portfolio make this exposure essential.
The SolarWinds hack was a call to action
The SolarWinds hack discovered in December 2020 was a pivotal moment for cybersecurity. This hack is believed to be the work of the Russian Foreign Intelligence Service and was a wake-up call on how invasive and widespread the implications can be, especially when attackers compromise highly-utilized software. In light of Russian aggression into Ukraine, the Biden Administration increased their message of urgency to U.S. businesses regarding the need to protect against cyber-attacks. The downstream implications will likely be more spending on cybersecurity.
And then there was war and more spending on cybersecurity
Recent cybersecurity threats targeting Ukrainian banks and government departments bring the Cybersecurity theme to the frontlines of war. To help defend Ukraine from cyberattacks, the European Union provided a cyber rapid-response team comprised of experts from Lithuania, Croatia, Poland, Estonia, Romania, and the Netherlands. The private sector is lending a helpful hand as well. Just before Putin’s invasion, Microsoft’s Threat Intelligence Center identified unusual activity aimed at Ukraine’s government departments and financial institutions and quickly became involved in disclosing it.
These responses resemble the public-private action plans started by the Biden Administration to secure the electricity, pipeline, and water sectors in the United States, and to use governmental authority to mandate new cybersecurity and network defence measures. The administration’s goal of modernizing cyber defences also includes continued cooperation with numerous international allies and partners to thwart ransomware strikes and publicly attribute cybercriminal activity.
The close coordination of the Technology sector with Ukraine’s government, the EU, and the North Atlantic Treaty Organization (NATO) is unprecedented in its scope and pace. The response speaks to the advancement of cyber technology and the critical role it plays in the global economy. We expect efforts like these to continue and likely increase spending on cybersecurity, as cybercrime is a persistent risk.
Cybersecurity could be a high growth opportunity
The war in Ukraine and the geopolitical machinations associated draw further attention to the importance of strong cyber defence. Executive orders and the White House’s new cybersecurity strategy will likely increase adoption, particularly when there are plans for government oversight and rules mandating minimum standards. We believe that shifting cybersecurity from a voluntary investment into a regulated investment necessary to do business is likely to increase rapid adoption in the U.S., Europe, and elsewhere.
Cybersecurity technologies work to proactively shield against possible attacks while mitigating and repairing the damage from incidents that already occurred. Increased occurrence and severity of cyberattacks demonstrates the permanent need for cybersecurity spending. For cybersecurity companies, this increasingly critical need creates a business model that generates robust recurring revenue. As a result, by investing at the broader level of this theme, investors can diversify their exposure across companies because the factors spurring adoption are unlikely to wane anytime soon.