We expect the cat-and-mouse game between organizations, consumers and the cybercriminals who covet their data to intensify this year. The latest concern is a vulnerability in internet software known as Log4j that could jeopardize hundreds of millions of systems globally. This threat follows multiple high-profile breaches in 2021, including the ransomware attack that compromised Colonial Pipeline’s fuel distribution across the eastern U.S. Cyber events like these continue to grow more frequent and costly, especially attacks on critical infrastructure and supply chains. And this threat is likely to only grow more acute as the global economy continues to digitalize and put sensitive data at risk. As a result, we expect heightened awareness of and expenditure on cybersecurity solutions to create long-term tailwinds for the cybersecurity investment theme.
Key Takeaways:
The world now creates an estimated 2.5 quintillion bytes of data every day—that’s 2.5 followed by 18 zeros.4 As a result, hackers have more access to sensitive data than ever, and they will have many more opportunities as the world continues to digitize and data volumes increase. In particular, the Internet of Things (IoT) devices will be a major contributor to the data pool. At the end of 2021, there were 14.6 billion connected devices.5 That number could grow nearly 18% in 2022, and then more than double by 2027.6
The economy’s shift to hybrid and remote work also creates significant opportunities for cybercriminals. Pandemic-induced lockdowns eased in the U.S. in 2021, but as many as 45% of full-time employees continued to work from home at least part-time.7 Whether due to new variants or employee preference, work-from-home initiatives are likely to remain intact, resulting in data vulnerabilities for the foreseeable future. According to an IBM report, remote work was a factor in 17.5% of reported data breaches in 2021.8 The average cost of these breaches was also 16.6% higher than breaches where remote work was not a factor.9
In 2021, several high-profile companies were victims of costly cyberattacks. The ransomware attack on Colonial Pipeline resulted in a $4.4 million payout to their attackers.10 CNA Financial paid ransomware hackers $40 million to decrypt parts of their digital infrastructure from which they locked the company out of.11 And JBS, the largest meat producer in the world, shut down several of its plants due to a cyberattack.12 These examples are just a few of the major attacks that victimized companies last year, at times resulting in multi-million dollar losses.
Even the most sophisticated solutions may not be able to eliminate all vulnerabilities, but they can stymy many threats and help protect against the worst outcomes. In 2021, companies, the U.S. government, and consumers demonstrated a growing awareness of cyber threats and commitment to preventative measures. 
Beyond these fast-growing areas, cybersecurity companies are increasingly looking at consolidation. Typically, cybersecurity providers specialize in specific verticals, forcing customers to secure their data using a patchwork of different providers. This dynamic can lead to costly delays and other potentially damaging inefficiencies; indeed, the average data breach took 287 days to identify and contain in 2021.24 In an effort to improve protection capabilities end to end, several prominent cybersecurity providers engaged in mergers and acquisitions in 2021. Noteworthy activity included CrowdStrike Holdings’ $352 million acquisition of Humio, and Rapid7’s $335 million acquisition of IntSights, allowing the companies involved to field more integrated product offerings.25,26 This surge in consolidation activity is likely to continue in 2022, with antivirus and VPN service providers Norton and Avast set to merge in a deal valued over $8 billion.27
Conclusion
2021 featured some of the most impactful cyber intrusions in recent memory, and the world’s ongoing digital transformation only increases the likelihood of comparable attacks in the future. However, we believe that digital protection lessons learned during this period could further accelerate the adoption of cybersecurity services. In our view, recent financial commitments to thwart cybercriminals can form tailwinds for cybersecurity companies in 2022 and strengthen the long-term investment case for the cybersecurity theme overall.
Related ETF
BUG: The Global X Cybersecurity ETF seeks to invest in companies that stand to potentially benefit from the increased adoption of cybersecurity technology, such as those whose principal business is in the development and management of security protocols preventing intrusion and attacks to systems, networks, applications, computers, and mobile devices.
Click the fund name above to view the fund’s current holdings. Holdings subject to change. Current and future holdings subject to risk.
Authored by:
Date:
Jan 28, 2022
Category:
Insights
Topics:
Audio, Disruptive Technology, Technology
Download PDF 
日本語
한국어
Español
中文
Share this:
Luis Berruga Joins Bloomberg Radio Host Barry Ritholtz on Masters in Business
The Next Big Theme: November 2022
Inflection Points – November 2022
The Next Big Theme: October 2022
Back to All Entries
1. IBM, “Cost of a Data Breach Report 2021,” July 2021.
2. Soffid, “Cybersecurity Trends for 2022,” December 29, 2021.
3. Metric derived from average CAGRs featured in the following sources: Markets and Markets, “”Zero Trust Security Market by Solution Type (Data Security, Endpoint Security, API Security, Security Analytics, Security Policy Management), Deployment Type, Authentication Type, Organization Size, Vertical, and Region – Global Forecast to 2026,” Feburary 2021., Research and Markets, “SD-WAN – Global Market Trajectory & Analytics,” April 2021., Market Growth Reports, “Global Network Detection and Response (NDR) Market Growth (Status and Outlook) 2021-2026,” July 2021., Expert Market Research, “Global Unified Threat Management Market: By Component: Hardware, Software, Virtual; By Service: Consulting, Support & Maintenance, Managed UTM; By Deployment Mode; By Company Size; Regional Analysis; Historical Market and Forecast (2017-2027); Market Dynamics; Competitive Landscape; Industry Events and Developments,” 2021., Markets and Markets, “Secure Access Service Edge (SASE) Market with COVID-19 Impact Analysis, by Offering (Network as a Service and Security as a Service), Organization Size (SMEs and Large Enterprises), Vertical, and Region – Global Forecast to 2026,” August 2021., Global X Analysis.
4. CloudTweaks, “Infographic: How Much Data is Produced Every Day?,” accessed on Nov 15, 2021.
5. Ericsson Mobility Visualizer, “Connected Devices,” accessed on Nov 15, 2021.
6. Ibid.
7. Gallup, “Remote Work Persisting and Trending Permanent,” October 13, 2021.
8. IBM, (n1).
9. IBM, (n1).
10. CNBC, “Colonial Pipeline paid $5 million ransom one day after cyberattack, CEO tells Senate,” June 8, 2021.
11. Bloomberg, “CNA Financial Paid $40 Million in Ransom After March Cyberattack,” May 20, 2021.
12. CNBC, “Meat supplier JBS paid ransomware hackers $11 million,” June 9, 2021.
13. PCH Technologies, “Cost of Cyber Attacks vs. Cost of Cyber Security in 2021,” July 7, 2021.
14. IBM, “Cost of a Data Breach Report 2021,” July 2021.
15. PwC, “Global Digital Trust Insights 2022,” October 2021.
16. Gartner, “Gartner IT Symposium/Xpo Americas,” October 2021.
17. Infrastructure Investment and Jobs Act, H.R. 3684, 117th Cong. 2021.
18. Norton, “2021 Norton Cyber Safety Insights Report Global Results,” May 2021.
19. CNBC, “Covid-related scams have bilked Americans out of $586 million,” October 18, 2021.
20. Norton, “2021 Norton Cyber Safety Insights Report Global Results,” May 2021.
21. Metric derived from average CAGRs featured in the following sources: Technavio, “Privileged Access Management Solutions Market by Deployment and Geography – Forecast and Analysis 2022-2026,” January 2022., Mordor Intelligence, “Identity Governance And Administration Market – Growth, Trends, Covid-19 Impact, and Forecasts (2022 – 2027),” January 2022., Technavio, “Consumer Identity and Access Management (IAM) Market by Deployment and Geography – Forecast and Analysis 2022-2026,” December 2021.
22. Metric derived from average CAGRs featured in the following sources: Markets and Markets, “”Zero Trust Security Market by Solution Type (Data Security, Endpoint Security, API Security, Security Analytics, Security Policy Management), Deployment Type, Authentication Type, Organization Size, Vertical, and Region – Global Forecast to 2026,” Feburary 2021., Research and Markets, “SD-WAN – Global Market Trajectory & Analytics,” April 2021., Market Growth Reports, “Global Network Detection and Response (NDR) Market Growth (Status and Outlook) 2021-2026,” July 2021., Expert Market Research, “Global Unified Threat Management Market: By Component: Hardware, Software, Virtual; By Service: Consulting, Support & Maintenance, Managed UTM; By Deployment Mode; By Company Size; Regional Analysis; Historical Market and Forecast (2017-2027); Market Dynamics; Competitive Landscape; Industry Events and Developments,” 2021., Markets and Markets, “Secure Access Service Edge (SASE) Market with COVID-19 Impact Analysis, by Offering (Network as a Service and Security as a Service), Organization Size (SMEs and Large Enterprises), Vertical, and Region – Global Forecast to 2026,” August 2021., Global X Analysis.
23. Mordor Intelligence, “Endpoint Security Market – Growth, Trends, Covid-19 Impact, and Forecasts (2022 – 2027),” January 2022.
24. IBM, (n1)
25. Crowdstrike, “CrowdStrike Completes Acquisition of Humio,” March 5, 2021.
26. VentureBeat, “Rapid7 acquires threat intelligence platform IntSights for $335M,” July 19, 2021.
27. Norton, “NortonLifeLock and Avast to Merge to Lead the Transformation of Consumer Cyber Safety,” August 10, 2021.
Our ETFs
Insights
About
Contact
News
Privacy Policy
Subscribe to Updates
SEI Investments Distribution Co. (1 Freedom Valley Drive, Oaks, PA, 19456) is the distributor for the Global X Funds.
Check the background of SIDCO and Global X’s Registered Representatives on FINRA’s BrokerCheck
Investing involves risk, including the possible loss of principal. Cybersecurity Companies are subject to risks associated with additional regulatory oversight with regard to privacy/cybersecurity concerns. Declining or fluctuating subscription renewal rates for products/services or the loss or impairment of intellectual property rights could adversely affect profits. The investable universe of companies in which BUG may invest may be limited. The Fund invests in securities of companies engaged in Information Technology, which can be affected by rapid product obsolescence and intense industry competition. International investments may involve risk of capital loss from unfavorable fluctuation in currency values, from differences in generally accepted accounting principles or from social, economic or political instability in other nations. BUG is non-diversified.
Shares of ETFs are bought and sold at market price (not NAV) and are not individually redeemed from the Fund. Brokerage commissions will reduce returns.
Carefully consider the Fund’s investment objectives, risks, and charges and expenses before investing. This and other information can be found in the Fund’s summary or full prospectuses, which are available at globalxetfs.com. Please read the prospectus carefully before investing.
Global X Management Company LLC serves as an advisor to Global X Funds. The Funds are distributed by SEI Investments Distribution Co. (SIDCO), which is not affiliated with Global X Management Company LLC or Mirae Asset Global Investments. Global X Funds are not sponsored, endorsed, issued, sold or promoted by Indxx, nor does Indxx make any representations regarding the advisability of investing in the Global X Funds. Neither SIDCO, Global X nor Mirae Asset Global Investments are affiliated with Indxx.
Subscribe
By subscribing to email updates you can expect thoroughly researched perspectives and market commentary on the trends shaping global markets. Topics may span disruptive tech, income strategies, and emerging economies.
We adhere to a strict Privacy Policy governing the handling of your information. And you can, of course, opt-out any time.
You can also subscribe to our Friday research note on LinkedIn.
Contact Us
Explore research, content or product pages within our site
Look up individual securities found in Global X ETFs
Select Your Location
You Are Now Leaving the US Website of Global X ETFs
Clicking “Confirm” below will take you to a different website, intended for jurisdictions outside the US. Such links are provided as a convenience. Global X Management Company LLC disclaims responsibility for information, services or products found on the websites linked hereto.
The subsequent website(s) may be governed by different privacy policies, terms and conditions, or regulatory restrictions. Links to these websites are not intended for any person in any jurisdiction where – by reason of that person’s nationality, residence or otherwise – the publication or availability of the website is prohibited. Persons in respect of whom such prohibitions apply should not access these websites.
