It's Time To Consider Cybersecurity ETFs

If you are like me, each and every time I hear about another major cyber-attack, I kick myself for not buying one of the many cybersecurity Exchange Traded Funds years ago. So now with the Colonial Pipeline ransomware cyberattack still fresh on investors' minds, now is the time to make a decision on how you plan to play the cybersecurity industry since cyber attacks are an ever-growing threat and something that doesn’t appear to be going away anytime soon.

Let’s take a look at a few different cybersecurity ETFs you can invest in today and I will point out a few of the pros and cons of each.

First, we have the largest of the cyber-security ETFs, the First Trust NASDAQ Cybersecurity ETF (CIBR). CIBR has over $4 billion in assets under management and has been around since July 2015. The fund has an expense ratio of 0.60%, which is a little high compared to other ETFs but right in line for the cybersecurity ETFs as a whole. CIBR tracks a liquidity-weighted index that focuses on companies engaged in the cybersecurity industry. The fund primarily holds software and networking companies but does have a few other holdings that operate outside those two sectors. Currently, the fund has 40 positions with a weighted average market cap of $42 billion. CIBR also pays a dividend of 0.19%. (See Below for fund performance.)

Secondly, we have the ETFMG Prime Cyber Security ETF (HACK). HACK is the second-largest cybersecurity ETF with $2.32 billion in assets under management and has 58 holdings. The fund has a distribution yield of 0.10% and has an expense ratio of 0.60%. The fund has two segments it focuses on, the developers of cybersecurity hardware or software and the providers of cybersecurity services. HACK has been around since November of 2014. HACK does have a lower weighted average market cap than CIBR at $17.36 billion, which is interesting. It also, likely due to a higher number of holdings has a lower percentage of the fund made up by the top ten holdings, 26% compared to 46% with CIBR. Although, CIBR has outperformed HACK in most timeframes. (See Below for fund performance.)

Next, we have the iShares Cybersecurity and Tech ETF (IHAK). IHAK was introduced on June 11th of 2019 and has since grown its assets to $564 million. The fund has 43 positions and an average weighted market cap of $14.51 billion. It charges an expense ratio of 0.47%, the second-lowest of the ETFs we will look at today, and offers a dividend of 0.14%. IHAK tracks a market-cap selected and weighted index of large and midcap companies involved in cyber hardware and software. However, the fund only picks stocks that derive 50% or more of their revenue from the cyber industry. Its top ten holdings makeup 42% of the fund. (See Below for fund performance.)

Then there is the Global X Cybersecurity ETF (BUG). BUG is very much like IHAK in that it only includes companies that generate at least 50% of their revenue from the cybersecurity industry. BUG specifically tracks a modified market-cap-weighted global index of companies selected on the basis of revenue related to cybersecurity activities. BUG’s inception date is October 25th of 2019 and has an expense ratio of 0.50%. The fund has a distribution yield of 0.44%, 27 positions, and a weighted average market cap of $15.64 billion. It's top ten holdings represent 55% of the fund which is a lot of exposure to the top ten, but the fund only has 27 positions, so that is about in line with funds of that size. BUG has the worst performance year-to-date of the funds I am highlighting, but the best 1-year performance. (See Below for fund performance.)

Also, the WisdomTree Cybersecurity Fund (WCBR), which is the most recent cybersecurity ETF to hit the markets, with an inception date of January 28th, 2021. The fund only has $24 million in assets, which could be largely due to it being late to the cybersecurity party and the newest fund available. The fund has an expense ratio of 0.45%, the lowest of the funds mentioned today, which is normal for a fund that is late arriving since they need to attract money in some way different than the others. WCBR tracks an index of stocks that are primarily focused on cybersecurity, and then the funds pick 25 companies that derive at least 50% of their revenue from the cybersecurity industry. The fund has a weighted average market cap of $14 billion and does not yet pay a dividend. Similar to BUG, WCBRs top ten holdings represent 54% of the fund. (See Below for fund performance.)

Finally, we have the Simplify Volt Cloud and Cybersecurity Disruption ETF (VCLO). VCLO actively selects a narrow portfolio of companies from the global realm that focus on cloud technology and cybersecurity. The fund is permitted to use options to help leverage performance. The fund was started on December 28th of 2020 and has $4.3 million in assets under management. It charges an expense ratio of 1.02% and does not offer a dividend yield. Currently, the fund has 11 holdings and the top ten make up 98% of the fund. It has a weighted average market cap of $234 billion, which means it is invested in just a few, large companies. VCLO is the best performer year-to-date, over the last 3 months and 1 month, but the fund is rather risky and time will tell if it is a good investment option for those looking for exposure to this industry.

Cybersecurity ETF Returns
All returns over 1 year are annualized. All returns are total returns unless otherwise stated

All of the ETFs mentioned above are good options for those looking at exposure to this industry, but they all have their own pros and cons, so do your own research before buying any of them.

Matt Thalman
INO.com Contributor - ETFs
Follow me on Twitter @mthalman5513

Disclosure: This contributor held long positions in Apple, Tesla, Intel, Google, Amazon.com, Facebook, Priceline and Microsoft at the time this blog post was published. This article is the opinion of the contributor themselves. The above is a matter of opinion provided for general information purposes only and is not intended as investment advice. This contributor is not receiving compensation (other than from INO.com) for their opinion.