Attack of the cybermen highlights investor opportunity

Cyber-crime is rarely out of the headlines these days. The list of the household names which have had data stolen by hackers breaking into their supposedly secure IT systems is growing.

Electronics and entertainment giant Sony, dating website Ashley Madison, white goods and mobile phone retailer Dixons Carphone and telecom TalkTalk are among the recent victims.

‘Cyber-crime is the crime of our era, of our generation,’ TalkTalk boss Dido Harding said following the theft of the names, addresses and bank details of more than 150,000 of her customers in October. The company’s shareholders also felt the impact. Shares lost 22.1% of their value in the days following the attack on concerns at how the event would affect the £2.2 billion market cap’s profits.

TalkTalk following 21 October’s data breach

Harding’s appraisal of the issue reflects the digital age we are living in where data is everywhere and connectivity through the cloud is growing. It’s a rare company that doesn’t use some form of IT system in its day-to-day operations.

Cyber-crime costs the global economy $455 billion a year, a US think-tank claims. It is safe to assume that with increasing reports of online data breaches this figure has probably increased, and if not it soon will.

One of the latest updates from this market is Chancellor George Osborne highlighting concerns that terrorist group Islamic State could attack computers that manage air-traffic control and power station systems. He has pledge to double funding to £1.9 billion by 2020 to tighten the country’s defences.

Whether it’s terrorists or 15-year-olds in their bedrooms, the problem is expected to increase. Companies’ budgets to protect their systems from people using computers to steal their information with committing fraud in mind or disrupt their operations are growing. With cyber security featuring in risk meetings in offices across the land there are several ways advisers and their clients could get exposure to this growing trend.

Call for security

Cyber-crime is not just an issue for companies. The man in the street is also a target thanks to the rise of smart phone and tablet computer ownership. The cyber security market is estimated to be worth $170 billion by 2020, according to researcher Markets & Markets. This makes companies offering cyber security software, hardware and services the first place to look for an opportunity to gain exposure to increasing spend on people and companies beefing up their protection.

The US is a large market and there are many such players based across the Atlantic, but there are a few home-grown companies for advisers and their clients to research. Names such as verification and security testing software developer NCC Group, anti-virus provider Sophos and Corero Network Security should be on advisers’ and their clients’ research lists, as should identity software-maker Intercede, identity management specialist GB Group and software testing firm SQS.

UK cyber-crime fighters

Source: Shares magazine

To tap investor interest with the increased spending on the issue Europe’s first cyber security-specific ETF – ETFS ISE Cyber Security GO UCITS – was launched in September. It has some $12.3 million under management and provides UK investors with access to US companies. The ETF is eligible to sit in an Individual Savings Account (ISA) and Self-Invested Personal Pension (SIPP).

ETFS ISE Cyber Security owns shares in 33 companies, which include data and security specialist Barracuda Networks, management consultancy Booz Allen Hamilton, technology giant Cisco Systems and IT security company Check Point Software Technologies, among others.

Europe’s first cyber security ETF

Got it covered

There are other ways of gaining exposure to this market. While the reputational damaged caused by such attacks is difficult for a company to repair, the financial costs can be covered by an insurance policy.

Such costs can include notifying customers that their data has been stolen, the legal costs if irate customers decide to sue as well as forensic investigations to discover what has happen and what’s gone missing.

Instances of data breaches are expected to rise and so too will the premiums insurers charge to cover such occurrences.

Global cyber insurance premiums are forecast to reach $20 billion in 2025 up from $2 billion a year today, according to German insurer Allianz.

Today it is a small, niche market with no listed company specialising solely in cyber insurance, but there are general insurers who are growing their expertise in this area and the size of the premiums they collect from the market is increasing.

Insurers providing such cover include Hiscox, Beazley and Novae.

As always, you need to do your homework. Cyber insurance is a small, but growing part of its operations so you need to look at the performance, financial health and growth potential of the wider business.

Novae started writing cyber insurance at the start of 2014, collecting £10 million of premiums in its first 12 months. It provides cover to household names as well as ‘mom and pop’ stores. It is difficult to assess how profitable the operation is as the company will not disclose the claims it has paid because there is still risk attached to the 2014 account.

Novae is profitable with an 89.9% combined ratio, meaning that it makes around 10% profit on the premiums it collects once claims and expenses have been paid.

Cyber-crime is a growing trend and insurance against data breaches is set to become a mainstream market, just like insuring your house, car or dog. Those wishing to gain early exposure to the market by adding a provider to their portfolio need to research the stock available to look at its wider business and not buy an insurer simply because of its cyber offering.

AJ Bell Investment Director

Russ Mould’s long experience of the capital markets began in 1991 when he became a Fund Manager at a leading provider of life insurance, pensions and asset management services. In 1993 he joined a prestigious investment bank, working as an Equity Analyst covering the technology sector for 12 years. Russ eventually joined Shares magazine in November 2005 as Technology Correspondent and became Editor of the magazine in July 2008. Following the acquisition of Shares' parent company, MSM Media, by AJ Bell Group, he was appointed as AJ Bell’s Investment Director in summer 2013.