Buy These 2 ETFs To Gain Exposure To The 10.2% CAGR Cybersecurity Industry

Cybercrime is one of the most pressing issues globally. Cyberwarfare, state-sponsored attacks, IP theft, Identity theft, and network compromises will continue increasing. In this fast-pacing industry, picking individual stocks is very risky. A single breach can bankrupt the responsible cybersecurity firm. We recommend ETF investing, thereby gaining exposure to a rapidly growing industry, without being exposed to the risk of a single stock collapsing. In this article, we’ll discuss the First Trust NASDAQ Cybersecurity ETF (CIBR) and ETFMG Prime Cybersecurity ETF (HACK)

Market Overview:

Last September, research firm MarketsandMarkets issued a report on the cybersecurity industry, in which they estimated a 10.2% CAGR until 2023. Cybersecurity is a necessity amongst all industries and entities as well as all individuals. More than 4 million records are stolen on a daily basis, resulting in more than 12 billion records being stolen in 2018 alone. As of writing, more than 60 million US citizens have already been impacted by identity theft.

2018 has been marked by the some of the following events:

  • The Facebook (NASDAQ:FB) data scandal. Political data firm Cambridge Analytica collected the personal information of approx. 87 million Facebook users.
  • Aadhaar, the 12-digit unique ID of every Indian citizen, had a data breach. More than 1.1 billion personal records were compromised.
  • Global news about multiple industrial firms having their intellectual property stolen. Affected firms work in the military defense industry, technology and manufacturing industry, as well as many other key industries.
  • An increase in malware and cryptojacking on personal computers.

The table below, compiled by NASDAQ and based on data from Teiss, shows what cyberattack methods are deployed most frequently throughout key industries.

cybercrime by industry and segment

Source: NASDAQ

The US government has dedicated an annual budget of $15 billion to their cybersecurity. Meanwhile, major institutions such as JPMorgan (NYSE:JPM) stated that they will not have a cap on their cybersecurity spending. It is a matter of whatever it takes. This sentiment is increasingly spreading amongst many major firms, as the threat of cyberattacks is continually increasing.

As a result, the cybersecurity industry is thriving. Though a fair amount of the future growth potential has been priced in already, there still is significant upside for as long as the industry keeps growing. Investment opportunities are abound, but the risks are high for stock pickers. The industry is moving at an incredibly fast pace and keeping up with all the latest developments requires a full-time commitment.

Investors with a strong understanding of the industry can build their own portfolio of small-, mid-, and large-cap stocks within this market. To those who rather have a passive approach, there are ETFs available that can match your needs.

The First Trust NASDAQ CyberSecurity ETF

The CIBR ETF is the second cybersecurity ETF to come to market, following the HACK ETF. The fund is weighted by liquidity and each fund holding requires a minimum $250 million market capitalization. The 10 largest fund holdings, which account for 46.27% of total assets, are shown below:

top 10 CIBR stock holdings

Source: Yahoo Finance

We believe that this ETF is an excellent choice for investors that want exposure to the industry growth, without bearing the volatility faced by ETFs that hold small-cap firms. In a strong market environment, CIBR will underperform against HACK. However, in such a market environment, we nonetheless expect an 8-10% annual growth. The fund primarily consists of large-cap firms, most of which are on aggressive acquisition sprees to further their service offerings and increase revenues.

The firms held by the CIBR ETF are primarily large-cap firms that are well-established in all verticals of the cybersecurity space. There is less existential threat to these firms than in the $100-250M small-cap firms held by the HACK ETF. The CIBR ETF will weather negative market conditions better than HACK, and therefore, we recommend CIBR for investors that have a long-term holding strategy.

Chart of CIBR ETF since Inception

Source: Countach Research chart on Tradingview

ETFMG Prime Cybersecurity ETF

HACK is a more diversified ETF, with no fund holdings above 5%. The main difference between HACK and CIBR is that HACK only requires a $100 million market capitalization per fund holding. This gives it exposures to many high-growth small-cap firms. Fund holdings are smaller on average, as shown below.

HACK fund holdings

Source: Yahoo Finance

In a market growth environment, as we are expecting for the coming years, we favor having exposure to these small-cap firms. Most of these firms have a very specific focus for their work and services. These firms are attractive to the large-cap firms for their acquisition strategy, as they can expand the range of services that they provide to their clients. In the CIBR segment, we stated that we anticipate a strong trend of acquisitions in this industry, many of which we expect to be acquisitions at significant premiums.

We recommend HACK to investors with a short- to medium-term holding strategy. In the long term, we do not expect that HACK will outperform due to two reasons. Firstly, because we do not expect the heavy acquisition spree to continue for many years, and secondly because an upcoming global market downturn will affect the small-cap stocks most significantly.

HACK ETF chart since inception

Source: Countach Research chart on Tradingview

Alternative ETF Choices

The SPDR Kensho Future Security ETF (XKFS) is a great play on government cybersecurity spending. The US government recently announced that they are budgeting a minimum of $15 billion annually on cybersecurity. The XKFS ETF offers exposure to firms focused on cybersecurity, advanced border security, military applications, and virtual/augmented reality. We believe that this fund will perform well given the increasing government spending on cybersecurity and innovative military tools.

The ALPS Disruptive Technologies ETF (DTEC) offers exposure to 10 fast-growing technology segments. These segments are all weighted equally. We deem the fund to be a bit all over the place, and the total AUM of $44 million does not portray a lot of investor confidence.


The investment choice is dependent on the risk tolerance and intended holding period of the investor. We think that HACK is a better choice for investors with a short- to medium-term holding strategy. The HACK ETF provides more exposure to small-cap firms that will flourish in the coming years. The volatility will be more significant than with CIBR; therefore, investors need to decide beforehand whether they can stomach the wild swings in the forthcoming period.

We think that CIBR is best suited to investors that prefer to hold their investment for a longer time period. In this case, they will have exposure to the total market growth over the coming years without having to bear the strong volatility that HACK has.

Note: we exited our positions in cybersecurity ETF’s by late may 2019.

If you know any friends who'd like to read this, please share it with them

Scroll to Top