Article Highlights:

  • Twenty-two towns in Texas were hit with cyberattacks in the last few weeks.
  • Capital One reported a massive data breach that affected 100 million customers.
  • One cybersecurity fund is beating the Nasdaq-100 Index since October 2017.

The city worker glanced at the email, then clicked the link included in the message.

His click introduced a ransomware virus into the municipal computer network.

Files were automatically locked.

Police records couldn’t be accessed.

Water bills couldn’t be sent out.

Ultimately, the city council of Riviera Beach, Florida, voted to cough up $600,000 — payable in bitcoin, as directed by the hackers — to receive a digital encryption key and relieve the city of its mess.

As this case demonstrates, cybersecurity threats are creeping ever closer to home.

In past years, big companies — including Target, Equifax and Home Depot — garnered the majority of headlines for data breaches. But as corporations respond by putting up an array of cybersecurity defenses, hackers are, in many cases, moving down the scale, attacking smaller organizations — municipalities and businesses — with far fewer resources.

According to one survey, 38 cities reported ransomware attacks in 2017. That number jumped to 53 last year.

With 21 reported attacks just in the first four months of 2019 (and 22 towns in Texas hit in the last few weeks), we’re on track for another record year for city governments suffering cybersecurity breaches.

It all points to cybersecurity stocks as a key focus for investors, especially as other tech plays have faltered.

A New Tool to Thwart Future Hack Attacks

I’ve been talking about this sector since October 2017. Since then, a purchase of a focused fund such as the ETFMG Prime Cyber Security ETF (NYSE: HACK) has netted a return of 26%, while the Nasdaq-100 Index rose only 18%:

Cybersecurity ETF 2018 - 2019


Nor are large corporations able to thwart every cybersecurity attack, despite massive spending of as much as $600 million per year for large financial institutions.

Early this month, Capital One reported a massive data breach that affected 100 million customer accounts.

According to published reports, hackers exploited a “misconfigured web application firewall” with Capital One’s cloud provider, Amazon Web Services.

Automation of cybersecurity tasks may provide a new tool to thwart future exploitation on these kinds of system errors.

In coming months, you’ll likely read a lot more about a recent innovation known by its abbreviation, SOAR — short for “security orchestration, automation and response.” An array of cybersecurity companies are now rushing out new products based on this innovation.

Basically, it puts cyberdefense tasks on autopilot. One part of SOAR incorporates “threat intelligence,” another part is “incidence response” and a third introduces a heavy element of automation to identify and fix vulnerabilities such as Capital One’s firewall application.

SOAR is where the growth will be in coming quarters.

According to the Gartner research organization, only 1% of companies with a cybersecurity team larger than five employees use a SOAR-based system now. But by the end of next year, Gartner expects 15% of such companies will have SOAR as a major part of their cyberdefenses.

All of which makes cybersecurity investing the place to be for the next few years.

Best of good buys,

Jeff Yastine

Editor, Total Wealth Insider