Cybersecurity graphic

    Nasdaq Investment Intelligence

    Access the companies combating cybercrime

    The cybersecurity industry is projected to grow 11% per year. Is your portfolio positioned to benefit?

    Individuals and organizations across the globe are dedicating unprecedented resources to protecting their data with worldwide spending expected to reach $151 billion by 2023. Nasdaq’s cybersecurity indexes track the performance of cybersecurity companies related to hardware, software, and services.

    Whitepaper

    Cybersecurity: A Year in Review

    Over the last year, cybersecurity has become an even more crucial part of everyday life and a top priority for businesses and governments around the world, following several critical attacks on both the public and private sectors. In a new twist, the use of cyber warfare as a Russian tactic in its invasion of Ukraine has prompted a further ramping up of cybersecurity-related efforts and spending in the near term, including increased government regulation and legislation, especially within Europe and the US.

    The number of attacks (and, for organizations who are unprepared, the costs associated with them) is expected to grow exponentially as the methods and tactics used by sophisticated hackers continue to evolve, making cyber security a non-negotiable necessity in today’s highly digitized world.

    Over the last year, cybersecurity has become an even more crucial part of everyday life and a top priority for businesses and governments around the world, following several critical attacks on both the public and private sectors. In a new twist, the use of cyber warfare as a Russian tactic in its invasion of Ukraine has prompted a further ramping up of cybersecurity-related efforts and spending in the near term, including increased government regulation and legislation, especially within Europe and the US.

    The number of attacks (and, for organizations who are unprepared, the costs associated with them) is expected to grow exponentially as the methods and tactics used by sophisticated hackers continue to evolve, making cyber security a non-negotiable necessity in today’s highly digitized world.

    Read the Full Paper

    Cybersecurity: A Year in Review

    Download ->

    Related Resources

    Webinar

    Cybersecurity: A Critical Investment Theme for a Secure Future

    (For Financial Professionals Only)

    Register Now ->

    Article

    Cybersecurity Index Contributes to Threat Protection

    Attacks increasing dramatically

    Read the Article ->

    Cybersecurity Videos

    Innovation in Indexing and How Newer Technologies Address the Macro Challenges of the Economy
    Nasdaq Head of Index Research Efram Slen joins Jill Malandrino on TradeTalks from CES to discuss innovation in indexing and how newer technologies address the macro challenges of the economy. (CES2023)
    Jan 05, 2023

    Ways to Invest

    Nasdaq Cybersecurity Indexes

    HXR

    ISE Cybersecurity Index

    HUR

    ISE Cybersecurity UCITS Index

    NYCYBR

    Nasdaq CTA Cybersecurity Index

    Exchange-Traded Funds (ETFs) That Seek to Track Nasdaq Cybersecurity Indexes

    ISPY

    L&G Cybersecurity UCITS ETF

    London

    CIBR

    First Trust Nasdaq Cybersecurity ETF

    US & London

    HACK

    Betashares Global Cybersecurity

    Australia

    00875 TT

    Cathay Cybersecurity ETF

    Taiwan

    UCYB

    ProShares Ultra Nasdaq Cybersecurity ETF

    US

    Contact Us

    FAQ

    Cybersecurity focuses on protecting computers, networks, programs, and data from unauthorized and/or unintended access. Cybersecurity has become increasingly important recently as governments, corporations, and people collect, process, and store vast amounts of confidential information and transmit that data across networks. Data breaches have become almost commonplace in recent years. Over the last few years, high-profile cases of cyber hacks have increased the demand for sophisticated software and security products.

    Companies across the globe are growing more aware of the potential threat which is leading to a greater allocation of resources towards companies that help mitigate such risks. The growth in cybersecurity is primarily driven by the measures needed to counteract the increasing number of cybercrimes that people, businesses, and governments face on a daily basis.

    Cyber attackers can range from individuals to government-sponsored groups. Because of the diverse nature of the cybersecurity problem, not only do traditional software and computer technology companies provide cybersecurity services, but there are also more traditional defense companies that have experience with providing defense services against government sponsors groups as well. Below is a list of different cyber threats and their descriptions from the Government Accountability Office (GAO).

    GAO Threat List:

    • Bot-network Operators - Bot-network operators are hackers; however, instead of breaking into systems for the challenge or bragging rights, they take over multiple systems in order to coordinate attacks and to distribute phishing schemes, spam, and malware attacks. The services of these networks are sometimes made available in underground markets (e.g., purchasing a denial-of-service attack, servers to relay spam, or phishing attacks, etc.).
    • Criminal Groups - Criminal groups seek to attack systems for monetary gain. Specifically, organized crime groups are using spam, phishing, and spyware/malware to commit identity theft and online fraud. International corporate spies and organized crime organizations also pose a threat to the United States through their ability to conduct industrial espionage and large-scale monetary theft and to hire or develop hacker talent.
    • Foreign Intelligence Services - Foreign intelligence services use cyber tools as part of their information-gathering and espionage activities. In addition, several nations are aggressively working to develop information warfare doctrine, programs, and capabilities. Such capabilities enable a single entity to have a significant and serious impact by disrupting the supply, communications, and economic infrastructures that support military power - impacts that could affect the daily lives of U.S. citizens across the country.
    • Hackers - Hackers break into networks for the thrill of the challenge or for bragging rights in the hacker community. While remote cracking once required a fair amount of skill or computer knowledge, hackers can now download attack scripts and protocols from the Internet and launch them against victim sites. Thus, while attack tools have become more sophisticated, they have also become easier to use. According to the Central Intelligence Agency, the large majority of hackers do not have the requisite expertise to threaten difficult targets such as critical U.S. networks. Nevertheless, the worldwide population of hackers poses a relatively high threat of an isolated or brief disruption causing serious damage.
    • Insiders - The disgruntled organization insider is a principal source of computer crime. Insiders may not need a great deal of knowledge about computer intrusions because their knowledge of a target system often allows them to gain unrestricted access to cause damage to the system or to steal system data. The insider threat also includes outsourcing vendors as well as employees who accidentally introduce malware into systems.
    • Phishers - Individuals, or small groups, who execute phishing schemes in an attempt to steal identities or information for monetary gain. Phishers may also use spam and spyware/malware to accomplish their objectives.
    • Spammers - Individuals or organizations who distribute unsolicited e-mail with hidden or false information in order to sell products, conduct phishing schemes, distribute spyware/malware, or attack organizations (i.e., denial of service).
    • Spyware/Malware Authors - Individuals or organizations with malicious intent carry out attacks against users by producing and distributing spyware and malware. Several destructive computer viruses and worms have harmed files and hard drives, including the Melissa Macro Virus, the Explore.Zip worm, the CIH (Chernobyl) Virus, Nimda, Code Red, Slammer, and Blaster.
    • Terrorists - Terrorists seek to destroy, incapacitate, or exploit critical infrastructures in order to threaten national security, cause mass casualties, weaken a target economy, and damage public morale and confidence.
    1. https://www.forbes.com/sites/stevemorgan/2015/11/24/ibms-ceo-on-hackers-cyber-crime-is-the-greatest-threat-to-every-company-in-the-world/
    2. https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/
    3. https://us.norton.com/internetsecurity-emerging-threats-cyberattacks-on-the-rise-what-to-do.html
    4. https://us-cert.cisa.gov/ics/content/cyber-threat-source-descriptions

    Cybersecurity is a dynamic theme and sits at the cross-section of multiple industries, especially technology and industrials, as well as multiple sectors within technology, such as software and computer services. The diverse nature of this theme is a direct result of the diversity of challenges that businesses, governments, individuals, and organizations face, and the solutions that are available to address them. As well, some cybersecurity companies provide single or multiple solutions to the market, while other elements of cybersecurity are provided as offerings from diversified technology companies. Below is a list of various elements of cybersecurity sourced from the Digital Guardian.5

    Digital Guardian's Elements of Cybersecurity:

    • Network Security - The process of protecting the network from unwanted users, attacks and intrusions.
    • Application Security - Apps require constant updates and testing to ensure these programs are secure from attacks.
    • Endpoint Security - Remote access is a necessary part of business but can also be a weak point for data. Endpoint security is the process of protecting remote access to a company’s network.
    • Data Security - Inside of networks and applications is data. Protecting company and customer information is a separate layer of security.
    • Identity Management - Essentially, this is a process of understanding the access every individual has in an organization.
    • Database and Infrastructure Security - Everything in a network involves databases and physical equipment. 12 https://digitalguardian.com/blog/what-cyber-security NASDAQ.COM 4 GLOBAL INFORMATION SERVICES
    • Cloud Security - Many files are in digital environments or “the cloud”. Protecting data in a 100% online environment presents a large amount of challenges.
    • Mobile Security - Cell phones and tablets involve virtually every type of security challenge in and of themselves.
    • Disaster Recovery/Business Continuity Planning - In the event of a breach, natural disaster or other event data must be protected and business must go on.
    • https://digitalguardian.com/blog/what-cyber-security. (Source: Digital Guardian, “What is Cybersecurity? Definition, Best Practices & More, June 10, 2020, https://digitalguardian.com/blog/what-cyber-security)

    Disclaimer

    Nasdaq®️ is a registered trademark of Nasdaq, Inc. The information contained above is provided for informational and educational purposes only, and nothing contained herein should be construed as investment advice, either on behalf of a particular security or an overall investment strategy. Neither Nasdaq, Inc. nor any of its affiliates makes any recommendation to buy or sell any security or any representation about the financial condition of any company. Statements regarding Nasdaq listed companies or Nasdaq proprietary indexes are not guarantees of future performance. Actual results may differ materially from those expressed or implied. Past performance is not indicative of future results. Investors should undertake their own due diligence and carefully evaluate companies before investing. ADVICE FROM A SECURITIES PROFESSIONAL IS STRONGLY ADVISED. ©️ 2022. Nasdaq, Inc. All Rights Reserved.