BY: HANS ALBRECHT, CIM®, FCSI, VICE-PRESIDENT, PORTFOLIO MANAGER AND OPTIONS STRATEGIST, HORIZONS ETFS
June 12, 2019
We’re presently in the midst of the fourth industrial revolution, or “Industry 4.0”. Essentially, it involves the meeting of the physical and digital in a way that is significantly transforming our world.
Investors interested in this highly compelling technological shift can gain exposure to it via the Horizons Industry 4.0 Index ETF (“FOUR”). It provides exposure to companies involved in five areas of technology: cloud & big data, advanced robotics, augmented reality & 3D printing, the internet of things (“IoT”) and cyber security.
While cyber security may be the least “sexy” of the five, its importance cannot be overstated. In fact, as the other four pockets continue to grow in importance, cyber security must grow with them.
Mobile security is lacking on a level that is shocking, and thus represents a current preferred target for cyber criminals. The need for mobile antivirus software has not dawned on most mobile users despite the fact that our phones often know our location, have a camera and microphone, and 61% of us do mobile banking on them1. According to Statista, it is projected that IoT-connected devices will grow to 75.4 billion worldwide by 2025 – five times the amount from 20152. We are looking at tens of billions of devices that are being designed and manufactured with security as an afterthought. That’s not good news.
Does this mean someone will hack your toaster to burn your toast? While that may be a fun prank to pull for some, what is more likely is that they will use your toaster (or refrigerator or car) as an entry point to gain access to your digital network, thereby compromising your personal data and possibly much more (e.g. disarming your alarm system or gathering other sensitive information).
Shockingly, some of the biggest companies in the world (and ironically some of the heavyweights of technology) are facing threats. Last year alone, 52.5 million Google+ users’ data was compromised3. Facebook was breached for names, phone numbers and email addresses for close to 29 million users4. Quora was breached for data on 100 million users5. Twitter revealed a data breach that affected 330 million users6. Amazingly, some companies had no idea they experienced breaches until years later. For instance, Marriott revealed a breach of 500 million guest and client accounts and when investigated, the company found that successful breaches had been occurring for up to four years before they were discovered7.
Recent reports show that USD $ 600 billion is being lost to cybercrime globally due to hacking methods such as ransomware attacks and malware viruses that identify and scrape personal data.8 Unfortunately, the costs are growing significantly each year as anonymizing services like "TOR" (a free software product that enables anonymous and untraceable internet activity) and the dark web help to "give cybercriminals both an arsenal and a sanctuary".8 As mobile usage expands rapidly, and IoT devices proliferate, the pool of nefarious opportunity expands. Cybercrime requires fewer computer skills than ever and as a result it will likely flourish for the foreseeable future.
If the biggest companies in the world are falling victim, should we just give up and succumb to all the ‘Dr. Cyber Evils’? No, but you can absolutely bet that having proper cyber security protocols in place will soon be as mandatory as having basic insurance. At the moment, 7 out of 10 companies are not ready for a cyber-attack9. According to IBM Cyber Resiliency Group, 77% of organisations don’t have an adequate cyber-attack plan at all10. This year, the company Norsk Hydro was brought to its knees by ransomware that encrypted their data and paralyzed many physical processes11. Remember, as more of our world “goes online”, there will be more opportunities for hackers and not just in the cyber realm. Could someone theoretically hack into an autonomous vehicle and send the passengers to a remote location to be held for ransom? Why not? Industry 4.0 is about the unprecedented melding of the digital with the physical – but we had better be aware of all the implications.
The wake-up calls are multiplying quickly. Less than 10% of IT budgets in small and medium-sized enterprises are allocated to cyber security12. That is nowhere near enough. Companies will need to get with the program.
As cyber security budgets increase, companies that are involved in security consultancy, security protocol implementation and security software should see earnings expand. In my opinion, this area will become a must-have focus for companies as pressures to improve security arise from both private and public sectors. For example, since November 1, 2018, investment companies must now disclose data breaches under Canada's Personal Information Protection and Electronic Documents Act, under potential penalty of significant fines for each account affected13. The associated opportunity for investors is vast. FOUR is designed to provide them with exposure to the cyber security space.
Think you already have this exposure by owning the Nasdaq 100 Index? Barely. Symantec, likely the most important name in mobile security, currently accounts for only a 0.156% weighting in the Index, near the bottom of all holdings. Palo Alto Networks and Fortinet, among the leaders in cloud security, are not even in QQQ (an ETF that tracks the Nasdaq 100 Index). Palo Alto Networks has been growing revenue at multiples of the rates of some of its peers, and now is focussing efforts on the next phase of effective security – one that uses artificial intelligence14. One of FOUR’s top mobile security performers in 2019, Zscaler, isn’t in QQQ either.
FOUR holds seven of the top 25 cyber security names, as named by The Software Report in December 201815. Think you’re exposed to this important space with a QQQ holding? Yes. But is it enough? This is one of the reasons that we consider FOUR as a perfect complement to holders of QQQ as it hones in on the most cutting-edge Industry 4.0 innovation, growth, and importantly… security to protect it all.
1Source: ‘8 reasons why smartphones are privacy nightmare’, TechRadar Pro, March 6, 2018.
2Source: ‘Internet of Things (IoT) connected devised installed base worldwide from 2015 to 2025 (in billions)’, Statista, 2019.
3Source: ‘Another Google+ data bug exposes info for 52.5 million users’, Engaget, December 12, 2018.
4Source: ‘Facebook now knows how many users were hacked last month: 29 million’, Vox, October 13, 2018.
5Source: ‘100 Million Quora Accounts Hacked: What to Do’, Toms Guide, December 3, 2018.
6Source: ‘Twitter bug causes passwords to be stores in plain text – go change your password now’, Global News, May 5, 2018.
7Source: ‘Marriot discloses massive data breach affecting up to 500 million guests’, The Washington Post, November 30, 2018.
8Source: ‘Economic Impact of Cybercrime – No Slowing Down’, McAfee, February, 2018.
9Source: ‘How Can 73 Percent of Companies Not Be Prepared for Hackers’, Inc.com, February 22, 2018.
10Source: ‘IBM Study: More Than Half Organizations with Cybersecurity Incident Response Plains Fail to Test Them’, IBM, April 11, 2019.
11Source: ‘Norsk Hydro Calls Ransomware Attack ‘Severe’’, ThreatPost, March 19, 2019.
12Source: ‘Cybersecurity in Enterprise’, Int Tech Solutions, February 13, 2019.
13Source: ‘Cybersecurity breaches should put financial professionals on alert’, The Globe and Mail, February 21, 2019.
14 Source: ‘Palo Alto Networks’ Results Accelerated During Its Second Quarter’, The Motley Fool, March 5, 2019.
15 Source: 'Top 25 Cybersecurity Companies of 2018', The Software Report.
The views/opinions expressed herein may not necessarily be the views of Horizons ETFs Management (Canada) Inc. All comments, opinions and views expressed are of a general nature and should not be considered as advice to purchase or to sell mentioned securities. Before making any investment decision, please consult your investment advisor or advisors.