HACK: How To Invest In Cyber Security

| About: PureFunds ISE (HACK)
This article is now exclusive for PRO subscribers.


The same technologies that make business and government more productive create security vulnerabilities that can be exploited by domestic and foreign enemies.

Hacking into corporate and government technology systems has become a major problem.

In response, there is growing demand for information security solutions.

An Exchange Traded Fund named the PureFunds ISE Cyber Security ETF is now available to invest in this rapidly growing industry.

Cyber threats are a major problem facing modern society. Nearly every week, there is news of a hack into corporate or government information systems. Sensitive personal data and national security information are at risk. The PureFunds ISE Cyber Security ETF (NYSEARCA:HACK) is a good way for investors to tap into the growing need for cyber security solutions.

Some say that cyber security is not a major problem since there's no physical violence. I say that cyber attacks are the next big threat to business and national security. Prior to the attacks of 9-11, policymakers believed that aviation security was merely a regulatory matter, rather than a national security issue worthy of greater attention and resources. Unfortunately, it often takes tragic incidents such as the events of 9-11 to convince obstinate people of emerging threats to security.

Power to the people: a mixed blessing

Security was simply not a top concern when designing the Internet, according to Cyber War: The Next Threat to National Security and What to Do About It by former top national security official Richard A. Clarke. Clarke writes that the Internet was designed, in part, by left-of-center academic researchers in the 1960s. The researchers were interested in a decentralized information system beyond the control of government and billionaires. That is, there was a power-to-the-people theme behind the early design of the Internet.

Today, the Internet has become wildly successful. It is difficult to imagine life without Web-connected computer devices. One of the downsides to Web technology is that it creates huge security vulnerabilities, ranging from a common thief stealing your credit card information to a foreign enemy waging cyber war against the United States. The proliferation of mobile devices is adding to the security woes associated with modern technology systems.

High-profile hacks

Recently, the federal government's network was targeted. The personnel agency in charge of issuing national security clearances was hacked, reportedly by China. The hack affected about 4 million current and former federal workers and could be linked to a similar cyber attack against health insurance company Anthem, according to an article in The Washington Post. There is speculation that China is building a secret database on Americans.

As business and government become more dependent on computer networks, cyber attacks are likely to shine a spotlight on the threat posed by hacking. Cyber attacks not only compromise sensitive information, hacks could shut down financial markets, disrupt the power grid, cause U.S. defense weapons to malfunction, and throw the air traffic control system into disarray.

There is growing demand for solutions. Major corporations and government agencies are spending big money to address cyber vulnerabilities. The cost of cyber attacks to the global economy has been estimated at $445 billion annually, according to an article by The Daily Telegraph.

Cyber security is a booming area within the information technology sector. This trend is likely to persist for decades. The market for cyber security is projected to expand at an 11.84% compound annual growth rate between 2014 and 2019, according to market research firm RnR.

Information security is moving from an obscure area to something that every organization needs to consider. A study by the Economist Intelligence Unit and Arbor Networks showed that only 17% of senior leaders in business across the country and around the world believe that they are "fully prepared" for a cyber attack, according to a recent article in the Huffington Post.

Now comes the PureFunds ISE Cyber Security ETF: HACK

As of this writing, HACK is the only cyber security ETF in the marketplace, as far as I know. HACK tracks the ISE Cyber Security Index created by the International Securities Exchange, or ISE, based in Europe. The market-capitalization weighted index provides a benchmark for investors seeking to track the performance of cyber security stocks.

Each company in the ISE Cyber Security Index must have a market capitalization of at least $100 million. No individual holding can account for more than 20% of the index, with individual holdings of 5% or more comprising no more than 50% of the index in total, according to the International Securities Exchange index methodology.

HACK has performed well since inception in November 2014. The following graph shows HACK compared to the market, as measured by the SPDR S&P 500 Trust ETF (NYSEARCA:SPY):

HACK Chart

Source: YCharts

HACK charges 0.75% a year in expenses, which is rather high for a passive index fund. Over time, there could be competing cyber security ETFs with lower expenses entering the marketplace. Until then, HACK's expense ratio could be worth the cost when balanced against the benefits of exposure to this specialized part of the financial markets.

Companies in cyber security provide hardware, software, and services to detect, report, and counter information security threats and maintain the integrity of technology systems. Below is a snapshot of HACK's holdings:

Source: Author's presentation of data from Morningstar.

One of the fund's components, FireEye (NASDAQ:FEYE), made headlines recently over a deal with Visa (NYSE:V). FireEye is set to co-develop software security tools and services with the giant credit card company to guard against advanced cyber attacks, according to an article in Investor's Business Daily.

Risk analysis

The naysayers could be correct. Cyber security may not be the next big threat to business and national security. Information security attacks do not involve the same kind of physical violence as, say, a bank robbery or a land invasion by a foreign army.

The cyber security industry is still in the early stages of formation. Many of HACK's component companies are small or micro-cap stocks facing high business risk. Buying a diversified ETF such as HACK, rather than betting on individual stocks, makes sense from a risk-reward perspective. Currently, none of the individual holdings comprises more than 6% of HACK.

Since HACK is less than a year old, there is not enough data to analyze correlation with the market. However, my sense is that cyber security will continue to grow even in hard times. That is, the information security industry could perform well when the economy and the stock market are down.

HACK is a highly specialized ETF. As such, it should not represent a large percentage of your overall investment portfolio. Rather, HACK is best used to overweight the cyber security portion of the information technology sector within a broadly diversified portfolio.

The bottom line

Cyber security is an investment theme that could offer outsized rewards over the coming decades. Individual stocks within the cyber security domain are a risky investment since this industry is still in its infancy. Buying a diversified index fund, such as HACK, is a good way for investors to gain targeted exposure to the growing need for information security solutions.

Disclosure: The author has no positions in any stocks mentioned, and no plans to initiate any positions within the next 72 hours.

The author wrote this article themselves, and it expresses their own opinions. The author is not receiving compensation for it (other than from Seeking Alpha). The author has no business relationship with any company whose stock is mentioned in this article.