As you know, in the 21st Century digital age, virtually every consumer, business (large or small, in every sector of the economy), and government agency on the planet needs to protect their networks, devices, and digital assets from hackers and malevolent state actors. That being the case, the revenue and earnings growth rates of the leading cybersecurity firms have been growing much faster than the overall market. For investors who don't have the expertise or the incentive to become an expert on picking individual cybersecurity stocks, the alternative is to allocate capital to a diverse group of the best companies via a high-quality ETF. Today, I'll take a look at the Global X Cybersecurity ETF (NASDAQ:BUG) to see if it deserves an allocation in your well-diversified portfolio.
According to Fortune Business Insights:
The global cyber security market is projected to grow from $155.83 billion in 2022 to $376.32 billion by 2029, exhibiting a CAGR of 13.4%.
Meantime, recent high-level hacks on critical infrastructure - like the Colonial Pipeline ransomware attack by Russia's cyber-crime group Darkside (demanding a $4.4 million ransom) - demonstrate just how critical and imperative it is to secure digital infrastructure.
And while the marketing study above expects the overall market to grow at a 13.4% CAGR over the next 7 years, many of the leading cybersecurity companies are growing much (much) faster than that.
That being the case, let's take a look to see how the BUG ETF has positioned investors for success going forward.
The top-10 holdings in the BUG ETF are shown below and equate to a relatively concentrated 56% of the entire portfolio:
However, that concentration is exactly what investors should want in the cybersecurity sector: a focus on the biggest-n-best companies that can leverage economies of scale. The bigger the company, the more clients they have and the more feedback they get on emerging threats. That is, a bigger finger on the pulse of the global cybersecurity market enables these companies to react faster for the benefit of all their clients.
CRWD is down 29% over the past year yet still trades with a forward P/E of 154x. However, in my opinion CrowdStrike could easily become a $10 billion company in a few short years and generate $3-4 billion annually of FCF as it scales up its SaaS-based platform.
Palo Alto Networks (PANW) is the #4 holding with a 5.9% weight. Back in May, PANW delivered a strong Q3 beat: earning an adjusted $1.79 a share on $1.39 billion in revenue (+30% yoy). Going forward, billings rose 40% from a year ago, to $1.8 billion. PANW is one of my favorite cybersecurity stocks and as I opined in my recent Seeking Alpha article - PANW: Arguably The #1 CyberSecurity Platform On The Planet.
The #6 holding in the BUG ETF is Okta (OKTA) with a 5.7% weight.
Okta is arguably the leading independent identity provider:
Source: Investor Presentation
The "Okta Identity Cloud" enables organizations to securely connect the right people to the right technologies at the right time. With more than 7,000 pre-built integrations to applications and infrastructure providers, Okta provides simple and secure access to people and organizations everywhere, giving them the confidence to reach their full potential. More than 15,800 organizations, including JetBlue, Nordstrom, Siemens, Slack, Takeda, Teach for America, and Twilio, trust Okta to help protect the identities of their workforces and customers.
Okta is another great example of a cybersecurity company that is leveraging a large installed base to grow much faster as compared to the overall cybersecurity market:
Zscaler (ZS) is the #7 holding with a 5.4% weight. In May, and like the other leading cybersecurity companies, Zscaler delivered a very strong EPS report that beat consensus estimates on both the top- and bottom-lines:
ZS is still losing money on a GAAP basis. As a result, the stock is down 28% over the past year yet still trades at a forward P/E = 250x. It was recently reported that Zscaler is looking at a $2 billion acquisition of an Israeli company.
The bear-market of 2022 has been brutal to some of these cybersecurity stocks because they were so highly valued heading into 2022 that they had to come back down to Earth:
Note that Palo Alto has been a stand-out performer in the sector. That is one reason PANW remains my #1 pick in the cybersecurity sector.
As for the BUG ETF itself, since inception it has outperformed all of the broad major market averages (the S&P500, DJIA, and Nasdaq-100) as represented by the (SPY), (DIA), and (QQQ) ETFs, respectively:
The following graphic compares BUG's 5-year performance to that of its competitors the iShares Cybersecurity and Tech ETF (IHAK), the First Trust NASDAQ Cybersecurity ETF (CIBR), and the ETFMG Prime Cybersecurity ETF (HACK):
As can be seen, BUG leads the pack.
The cybersecurity sector is not immune to the same headwinds facing all companies these days: the impact of COVID-19 on supply-chains and shutdowns, high inflation, rising interest rates, and Putin's horrific war-of-choice on Ukraine that has effectively broken the global energy & food supply chains. Any of these factors can negatively affect global growth and the global economy. However, note that the recent earnings reports of the leading cybersecurity companies show they continue to grow rapidly and show little-to-no impacts from all these headwinds. Of course, that could change going forward, but considering how critical cybersecurity protection is for consumers, businesses, and governments - I tend to doubt it.
As you can tell by some of the examples discussed above, the BUG ETF's top-10 holdings contain some very highly valued companies. That said, investors need to understand that these companies are still focusing on scaling-up all their highly-scalable SaaS-based platforms that will enable them to easily translate revenue growth into future earnings and free-cash-flow. However, the bear market of 2022 obviously cut the legs out of companies that weren't yet reporting positive earnings (one reason PANW has been an out-performer).
Cybersecurity is a sub-sector of Tech that I want to be exposed to. I like BUG's diversified - yet concentrated - portfolio of the biggest-n-best cybersecurity companies. The 0.50% expense fee, while higher than I would like, is a price I am willing to pay for the diversity and performance potential the fund offers. BUG is a BUY.
This article was written by
Disclosure: I/we have a beneficial long position in the shares of BUG either through stock ownership, options, or other derivatives. I wrote this article myself, and it expresses my own opinions. I am not receiving compensation for it (other than from Seeking Alpha). I have no business relationship with any company whose stock is mentioned in this article.
Additional disclosure: I am an engineer, not a CFA. The information and data presented in this article were obtained from company documents and/or sources believed to be reliable, but have not been independently verified. Therefore, the author cannot guarantee their accuracy. Please do your own research and contact a qualified investment advisor. I am not responsible for the investment decisions you make.