Cybersecurity: Discovering Growth in a Recession

Nov 23, 2022


The COVID-19 pandemic was fuel for the economy’s digitization. Rapid adoption of cloud, multiplication of devices, and increase in data generation ended up straining existing systems, exposing gaps in enterprise defenses. Parallelly, cyberattacks saw a broad uptick worldwide. Both factors are now pushing global businesses to ramp up spending on security solutions. Cybersecurity pure-play vendors serving emerging demands across enterprise, consumer, and government use cases are seeing growth accelerate. This presents an opportunity for investors seeking exposure to growth themes amidst the ongoing macro-induced challenges.

Key Takeaways

  • Cyberattacks are growing in frequency and sophistication. Security of digital operations continues to be a major concern for global enterprises.
  • Leading cybersecurity solutions vendors are witnessing growth accelerate as security spending increases. Earnings display resilience in billings, revenues, and margins.
  • We expect increasing use of technology to further strengthen tailwinds. Cybersecurity spend will likely continue to outpace the rest of the IT market in the near to medium term.

Attack Landscape Is Getting Worse

The threat of COVID-19 may be receding, but the increased digital activity that the pandemic spurred isn’t. First, hybrid work remains popular and is likely to be standard practice for many businesses. Even if they’re largely back in the office, employees expect to be able to work from anywhere. This dynamic enhances the surface area that enterprises must defend, requiring investment in specialized solutions.

Second, the conflict in Ukraine illustrates new threats that companies face. Hacking organizations, hacktivists, and criminal organizations are seen targeting infrastructures of nation states they do not agree with. Businesses are often caught in the middle, which has elevated cyber security from an engineering challenge to an executive concern. Even the U.S. government recommends businesses place tighter protections in place.1

Third, we appear to be in the middle of a broad digital transformation where enterprise data and applications are moving to the cloud. Securing this shift of data assets is a priority area of investment.

Fourth, the operational technology running critical infrastructure such as pipelines, dams, electric grids, and the industrial control systems running supply chains and production facilities are being digitized. Securing these nodes presents challenges for governments around the world.

The threat landscape is increasingly dangerous. For the first half of 2022, ransomware attacks grew nearly 52% year-over-year (YoY).2 Ransom-ware-as-a-service attacks from well tracked and notoriously popular hacking organizations such as Conti and LockBit, which caused some of the worst ransomware outages during COVID-19, grew 500% YoY.3 Encrypted threats continue to grow as well.4 Other common attacks include Distributed denial of service (DDoS), malware, and simple attacks like phishing and social engineering. An average U.S. business can lose $9.4 million in a data breach.5 The longtail impact of such attacks can be far worse. Data assets, credentials, and company secrets are often seen changing hands on the dark web for decades after the attack.6

Earnings Show Resilience

Cybersecurity businesses may be able to leverage strengthening tailwinds to accelerate growth. Cybersecurity companies grew revenues by approximately 19% year-over-year (YoY) for the most recently reported quarter on an annualized basis, up 680 basis points (bps) sequentially and 1,250 bps year-over-year (YoY).7 In our view, this acceleration is the best evidence of increased enterprise spending.

Looking deeper at the fundamentals of these companies, gross margins for cybersecurity companies remained healthy, averaging more than 70%.8 Earnings before interest and taxes (EBIT) margins at -0.5% showed some contraction because of the current macro-induced hiccups.9 Free cash flow margins were over 20%.10

Demand for subscription-first platforms is particularly strong. Palo Alto Networks, a network security software provider, grew its top line by 27% YoY for Q2 2022 and revised its Q3 2022 guidance to the upside.11 Sales for CrowdStrike, a vendor of endpoint security software, grew its top line by ~59%, beating estimates by 3.6%.12 CrowdStrike also raised its guidance.13 Traffic monitoring software vendor ZScaler grew its top line by ~61% YoY and revised guidance to the upside.14 Industry bellwethers Fortinet, Sentinel One, and Checkpoint all beat estimates for the last reported quarter.15,16,17

Many of these companies are also pushing innovative frameworks and approaches in a bid to capture incremental share. Zero Trust architecture is a comprehensive security framework that distrusts all software and hardware agents by default, thereby enforcing the need to verify each end system every time it interacts with a broader network.18 Another emerging framework called SASE combines best practices of traditional network security with cloud-native security frameworks – allowing remote logins and endpoint interactions in a much more secure fashion.19

Cybersecurity M&A Hasn’t Slowed Down

As the market grows, we believe that leading solution providers positioned as one-stop shops will be able to consolidate more share, boost margins, and grow more efficiently than their competition. Mergers and acquisitions (M&A) activity remains high with leading cybersecurity companies looking to acquire smaller startups and fill gaps in their product portfolios. Palo Alto Networks acquired Apiiro for $600 million in September.20 CrowdStrike acquired Humio for $400M in Nov 2021.21

Other potential buyers of cybersecurity companies include big cloud franchises and hyperscalers looking to bolster their existing infrastructure software portfolios. For these companies, security software can be a way to retain large clients and improve margins. Also, private equity companies are becoming major players in cybersecurity M&A. The playbook is simple: Buy smaller cyber businesses within a specific category and bundle them to create a market dominating player.

Most recent cybersecurity acquisitions were completed at a premium to the rest of the technology market. As of June 2022, the median deal multiple for deals announced was at over 9 times revenues, nearly 25% higher than average sales multiple for cybersecurity companies.22

Governments Expected to Ramp Up Cyber Spending

Securing the online operating environment for businesses is a priority for governments around the world. Global businesses lost nearly $6 trillion annually to cybercrime because of lost data, penalties, productivity loss, ransoms, and attacks that led to total business failure.23 Cybercrime’s impact can be particularly damaging for small businesses.

The U.S.’ fiscal year 2023 budget increased cybersecurity spending by nearly 10% YoY.24 The budget included $11 billion for the Department of Defense to implement zero-trust architecture across its vendor systems.25 In addition, the Infrastructure and Jobs Act included a couple billion dollars to secure local government assets.26 We believe the U.S. government’s commitment to cybersecurity may be a sign of cyber spending to come as other governments ramp up their defense.

Conclusion: Cybersecurity Appears Well Positioned in This Recession

Cybersecurity must evolve in lockstep with broader technology. As attacks rise and businesses consume more technological products, the importance of cyber defenses will be paramount. Even in a potential recessionary environment in 2023, we believe security spending will be the last item squeezed. Chief Information Officers around the world call out cybersecurity as a top priority budget item in 2023.27 It is estimated that global security spending will grow ~7% to more than $165 billion in 2022, following ~14% growth in 2021 and nearly 7% in 2020.28,29

Spending is expected to be particularly visible in cloud security, end point security, data security, ID and access management, and infrastructure security, which were brought into focus by computing needs surfaced during the pandemic. Nearly 50% of all cybersecurity spending today goes to custom services, and cloud deployed solutions can also attack this pocket.30

Overall, we expect spending growth rates to likely remain elevated over the next 5 years, boosted by appetite for more scalable cloud-deployed solutions. Meanwhile, cybersecurity stocks are trading down 28% year-to-date as of Nov 10, 2022.31 Given this growth trajectory and pullback, we see attractive potential upside for the theme.

Related ETFs

BUG: The Global X Cybersecurity ETF seeks to invest in companies that stand to potentially benefit from the increased adoption of cybersecurity technology, such as those whose principal business is in the development and management of security protocols preventing intrusion and attacks to systems, networks, applications, computers, and mobile devices.

CLOU: The Global X Cloud Computing ETF seeks to invest in companies positioned to benefit from the increased adoption of cloud computing technology, including companies whose principal business is in offering computing Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), Infrastructure-as-a-Service (IaaS), managed server storage space and data center real estate investment trusts, and/or cloud and edge computing infrastructure and hardware.

Click the fund name above to view the fund’s current holdings. Holdings subject to change. Current and future holdings subject to risk.

Category: Articles

Topics: Audio, Thematic

Index returns are for illustrative purposes only and do not represent actual Fund performance. Index returns do not reflect any management fees, transaction costs or expenses. Indexes are unmanaged and one cannot invest directly in an index. Past performance does not guarantee future results.

This material represents an assessment of the market environment at a specific point in time and is not intended to be a forecast of future events, or a guarantee of future results. This information should not be relied upon by the reader as research or investment advice regarding the fund or any stock in particular.

Investing involves risk, including the possible loss of principal. Cybersecurity Companies are subject to risks associated with additional regulatory oversight with regard to privacy/cybersecurity concerns. Declining or fluctuating subscription renewal rates for products/services or the loss or impairment of intellectual property rights could adversely affect profits. The investable universe of companies in which the Funds may invest may be limited. The Funds invest in securities of companies engaged in Information Technology, which can be affected by rapid product obsolescence and intense industry competition. International investments may involve risk of capital loss from unfavorable fluctuation in currency values, from differences in generally accepted accounting principles or from social, economic or political instability in other nations. The Funds are non-diversified.

Shares of ETFs are bought and sold at market price (not NAV) and are not individually redeemed from the Fund. Brokerage commissions will reduce returns.

Carefully consider the funds’ investment objectives, risks, and charges and expenses before investing. This and other information can be found in the funds’ full or summary prospectuses, which may be obtained at Please read the prospectus carefully before investing.

Global X Management Company LLC serves as an advisor to Global X Funds. The Funds are distributed by SEI Investments Distribution Co. (SIDCO), which is not affiliated with Global X Management Company LLC or Mirae Asset Global Investments. Global X Funds are not sponsored, endorsed, issued, sold or promoted by Indxx, nor does Indxx make any representations regarding the advisability of investing in the Global X Funds. Neither SIDCO, Global X nor Mirae Asset Global Investments are affiliated with Indxx.