Cloud Hosting

Cybersecurity, Lala said, is one of the few areas within technology to be considered non-discretionary spending by corporate clients: Even if the customers are having a tough go from a financial perspective, cybersecurity is one of the last areas that theyre going to cut their spending on.

Toronto-based Evolve manages the $133-million Evolve Cyber Security Index Fund launched in 2017, the oldest and largest thematic ETF of its kind in Canada. Its one of five Canadian-listed cybersecurity ETFs, all of which are based on indexes.

Joining this investing theme in 2021 were the First Trust Nasdaq Cybersecurity ETF and the Horizons GX Cybersecurity Index ETF. Subsequent entrants, both launched last year, are the CI Digital Security ETF and the iShares Cybersecurity and Tech Index ETF.

Karl Cheong, head of distribution with Toronto-based First Trust Portfolios Canada, said he expects stock investors will be more focused on fundamentals and less on concept stocks in the current sluggish market.

If so, that should favour cybersecurity companies. From sales to operating margins to earnings, the businesses are growing quite healthily, Cheong said.

Mark Noble, executive vice-president, ETF strategy, with Toronto-based Horizons ETFs Management (Canada) Inc., said cybersecurity is more mature and established than other thematic plays such as cryptocurrency or artificial intelligence, which are at earlier stages of adoption. I would look at cybersecurity being probably closer to traditional internet-software technology companies.

The Horizons ETF obtains its exposure by holding currency-hedged units of a NASDAQ-listed ETF managed by its U.S. affiliate Global X Management Co. LLC. Global X expects cybersecurity spending to outpace the rest of the information technology sector in the near to medium term as cyberattacks become more frequent and sophisticated.

The trend toward at-home or hybrid employment and the shift to cloud-based data storage add to corporations vulnerability to hackers.

Companies, governments and other entities are unable to battle hackers and ransomware on their own due to shortages of skilled labour. Because of that shortage of human capital, companies cant find enough staff to meet their cybersecurity needs, Lala said. So what they end up doing is outsource the majority of their cybersecurity work.

That translates into robust growth for companies like California-based Fortinet Inc., which is among the top holdings in all five ETFs. Fortinet reported 32% revenue growth in 2022 to US$4.4 billion, and net income of US$857 million. That marked its 14th consecutive year of profitability since its initial public offering in 2009.

Other common holdings, all U.S.-based, include Palo Alto Networks Inc., Okta Inc. and CrowdStrike Holdings Inc.

By taking a basket approach, such as with the Horizon ETFs 40 stocks, investors can be assured of participating in the growth of the sector, Noble said. The last thing you want to do is be picking a stock that has individual dispersion from that theme for whatever reason, and then as a result you dont participate in that theme.

Though the portfolios of the five ETFs have many similarities, some include broader technology exposure. The CI holdings, for instance, include large-caps Microsoft Corp., Alphabet Inc. and NVIDIA Corp., none of which are primarily cybersecurity providers.

Among the pure plays is the Evolve ETF, which holds about 43 stocks of hardware, software and consulting companies, all with market capitalizations of at least US$100 million.

We really wanted to make sure we had the companies that were truly earning 90%100% of their revenue from cybersecurity work, Lala said.

Evolves portfolio also provides exposure to companies that investors might not otherwise own, since theres little overlap with large-cap indexes like the S&P 500 or the NASDAQ 100.

The First Trust ETF also has some exposure to broader technology companies, among them Broadcom Inc. and Cisco Systems Inc., and requires a minimum US$500-million market cap for its roughly 35 holdings.

Having large-cap companies as part of the mix provides better downside characteristics compared to its pure-play peers, Cheong said, and that should hold true over time. But the First Trust portfolio might lag, he added, when market conditions favour smaller-cap and higher-beta stocks.

Despite the cybersecurity industrys positive attributes, all three ETFs with a full calendar year of returns in 2022 lost money last year. Lala, whose Evolve fund was down 36.6%, blames indiscriminate selling during a down market.

First Trusts ETF lost 21.4%. Cheong noted that among the roughly 90% of the First Trust holdings that were cash-flow positive, some were selling off more than stocks that werent.

High valuations are partly to blame for volatility among cybersecurity stocks. The whole market recognizes the long-term demand for cybersecurity, and these stocks are just expensive, said Noble, whose Horizons ETF lost 35.4% last year.

They are being impacted by the fact that the high valuations are generally very vulnerable to rising interest rates.

In a welcome development, returns of cybersecurity ETFs turned positive this year.

The Evolve ETF, the only one with a five-year track record, has posted an annual return of 9.1% over that period.

And while cybersecurity valuations remain somewhat higher than the broad market, theyve come down considerably. Early this year, the average price/earnings ratio of profitable stocks in the First Trust ETF was 21, down from 28 over the past year.

The valuations are not excessive relative to the [S&P 500] benchmark, Cheong said, but the earnings and sales are far superior and expected to continue in that path for the foreseeable future. So that is where we think there will be a floor for this sector, given the positivity of those trends.

More:
Fighting hackers a potential growth industry for ETFs - Investment Executive