Big Tech heads to The Capitol

In 2021 (so far), we’ve had a series of ransomware attacks which have left not only businesses, but governments reeling; hackers shut down a gas pipeline (Colonial) and a major meat producer (JBS).

In addition, the far-reaching SolarWinds hack, fuelled concerns that other critical infrastructure might be at risk.

While T-Mobile’s latest hack is hardly earth-shattering (both in its nature and outcome), it comes on the back of a meeting at the White House aimed at addressing the challenge of ever-increasing and sophisticated cyberattacks, and will likely have huge implications for the industry.

While we’ve recently heard noise from the White House on cybersecurity (see Biden’s Executive Order in May), this is the first time the private sector has been called upon at this scale.

The CEOs of Apple (Tim Cook), Amazon (Andy Jassy) and Microsoft (Satya Nadella) rode into town as the industry’s knights in shining armour, with President Biden happily securing promises from the biggest tech players to spend significant sums improving the nation’s cyber resiliency.

So why is President Biden turning to the private sector to solve these public sector issues?

In our increasingly connected world, an attack against one company can be an attack against the entire country. We saw this exposed in particular with the SolarWinds hack. A tech firm with both private and public clients. Cyber criminals do not care whether the data they can monetise comes from the private or public sector, but just how many bitcoins they can extort it for.

President Biden’s circling the wagons isn’t just posturing; it’s a statement of intent. In July he warned that if the U.S. were to end up “in a real shooting war with a major power – it’s going to be as a consequence of a cyber breach of great consequence and it’s increasing exponentially”.

By raising the bar on cybersecurity governance across the board, President Biden aims to create a more cohesive and secure cybersecurity infrastructure. No bad thing for this industry. This should make companies and governments more serious about protecting their networks and digital infrastructure, which should translate into higher demand for those cybersecurity companies at the forefront of our theme in the future.

“Their Security Is Awful”

These are the words uttered by John Binns after he used an unprotected router to access millions of T-Mobile’s customer records in the mobile carrier’s latest breach (August 16th). Incredibly, this is the fifth time that T-Mobile had been hacked in recent years.

Binns, a 21-year-old American who moved to Turkey a few years ago, claimed responsibility for the security breach and has, as is the industry fashion, asked for payment in bitcoins (6 coins worth around $270,000) for a subset of the data containing 30 million social security numbers and driving licenses. That leaves a further 20 million people’s data left to be sold. These numbers are staggering.

However, it just isn’t that surprising. The breach is just the most recent in a series of high profile attacks exposing cracks in cybersecurity infrastructure across industries.

“Zero Trust” is the latest cybersecurity buzzword, with organisations increasingly adopting the approach. Federal Chief Information Security Officer Chris DeRusha described the core principles behind the strategy as, “Verifying every user, validating every device, and then within that, limiting access intelligently.

This is obviously a shift away from the prior trust model that assumed if a user is behind a firewall, then you know they can be trusted. Obviously, this isn’t bearing out anymore.”

Since we wrote about the SolarWinds hack, we’ve seen the spotlight on cybersecurity intensify.

Will we look back on 2021 and view the SolarWinds hack as the catalyst which forced a coherent effort from both the public and private sectors?

As ever with thematic investing it’s important to be mindful of the current landscape:

Cybersecurity as a theme¹ has gained a solid 10.5% over the last quarter to 31 August 2021 (vs 5.5% for the S&P500 Index), and is up about 23% from 13th May – 31st August. By comparison, the broader S&P500 Index has returned 10.5% over the same period.

This recent outperformance comes on the back of several companies that have already reported results, giving positive forecasts more broadly. Within the theme, Palo Alto Networks, a company that provides advanced firewalls and cloud-based solutions, has been one of the strongest performers, seeing its shares rise by 42.4% from 13th May – 31st August, driven by stronger than expected earnings in recent quarters.

A niche player, Palo Alto looks set for strong growth, with 26% increase in billings while it closed out its fiscal 2021 in July, with full year profits and revenue also up 28% to $1.2billion, - not bad for a company many people aren’t following closely.

As both the private and public sectors rally to create new cybersecurity regulations and corresponding investment, 2021 is shaping up to be an interesting year for cybersecurity, a theme which is already reaching record highs.

¹Nasdaq CTA Cybersecurity IndexSM

Important Information

This financial promotion is issued by First Trust Global Portfolios Management Limited (“FTGPM”) of Fitzwilliam Hall, Fitzwilliam Place, Dublin 2, D02 T292. FTGPM is authorised and regulated by the Central Bank of Ireland (“CBI”) (C185737). The Fund is also regulated by the CBI.

Nothing contained herein constitutes investment, legal, tax or other advice and it is not to be solely relied on in making an investment or other decision, nor does the document implicitly or explicitly recommend or suggest an investment strategy, reach conclusions in relation to an investment strategy for the reader, or provide any opinions as to the present or future value or price of any fund. It is not an invitation, offer, or solicitation to engage in any investment activity, including making an investment in a Fund, nor does the information, recommendations or opinions expressed herein constitute an offer for sale of a Fund.