Explore cybersecurity: Key insights for 2026

Jay Jacobs Jul 09, 2026 Industry

Key takaways

  • The frequency and severity of cyberattacks have been rising dramatically. The number of global incidents reported to the FBI’s Internet Crime Complaint Center (IC3) increased by 150% from 2018 to 20231 and reporting volume has continued to surge — growing from a few thousand complaints per month in IC3’s early years to nearly 3,000 per day today. By 2025, reported losses exceeded $20 billion, driven primarily by investment-related fraud, followed by business email compromise and tech support scams.2
  • With data volumes expected to grow exponentially in the coming years, fortifying cyber defenses is a key priority for businesses and governments alike.
  • The global average cost of a data breach declined for the first time in five years to $4.44 million, driven by faster AI-enabled breach detection and containment, but the threat landscape continues to intensify as attackers increasingly leverage AI, with 16% of breaches involving AI-powered techniques such as phishing and deepfakes. Importantly, trends have been diverging geographically: in the United States, average breach costs have surged past $10 million, driven by stricter regulatory penalties and higher detection and response costs.3 As a result, we think cybersecurity companies have the potential to experience consistent outsized revenue growth, even in an economic downturn. Thematic ETFs can help investors gain exposure to cybersecurity stocks across the theme’s value chain, including both hardware and software companies.

A quarter-century of cybercrime reporting

Complaints by year

Line charts showing the number of complaints reported to the FBI’s IC3 from 2001 to 2025.

Source: FBI Internet Crime Complaint Center (IC3), 2025 Internet Crime Report, April 2026.

Chart description: Line chart showing the number of complaints reported to the FBI’s IC3 from 2001 to 2025, illustrating a sharp rise in both reporting volume and economic impact, with complaints exceeding 1 million.


Losses by year

Line charts showing the number of financial losses reported to the FBI’s IC3 from 2001 to 2025, illustrating a sharp rise in both reporting volume and economic impact, with complaints exceeding 1 million and losses reaching approximately $20.9 billion in 2025.

Source: FBI Internet Crime Complaint Center (IC3), 2025 Internet Crime Report, April 2026.

Chart description: Line chart showing the number of financial losses reported to the FBI’s IC3 from 2001 to 2025, illustrating a sharp rise in both reporting volume and economic impact, with losses reaching approximately $20.9 billion in 2025.


Evolving cyber threats may reinforce cybersecurity investments

New digital infrastructure and emerging digital assets can bring data proliferation to new extremes. One notable example occurred last year when hackers stole approximately $1.5 billion in a security breach at cryptocurrency exchange Bybit — one of the largest cryptocurrency thefts to date — that brought crypto-related thefts to over $3.5 billion in 2025.4 This incident underscored how cybercriminals leverage an increasing number of infection vectors, and employ more sophisticated and diverse attack methods to infiltrate digital systems.

Four types of cyberattacks have comprised the bulk of malicious activity:

  • Ransomware attacks blocked access to data and/or threatened to publish it unless a ransom was paid. These attacks have become increasingly sophisticated, not only demanding ransom from organizations, but also from employees and customers, in what is called triple extortion. In 2024, Change Healthcare was victim to a ransomware attack in which hundreds of U.S. pharmacies & clinics were paralyzed and resulted in a $75 million ransom as the result of just one attack.5
  • Business email compromise (BEC) attacks entailed impersonating organization email addresses or gaining actual access to organizational email accounts. These attacks stole data directly, harvested credentials, and/or tricked email recipients into providing private network access via malware attachments or malicious links.
  • Distributed denial-of-service (DDoS) attacks overwhelmed servers with traffic. Generally, cybercriminals conducted these attacks to inhibit operations and inflict reputational damage, rather than for immediate monetary gain.
  • Intrusion and access attacks broadly included attacks where cybercriminals access networks, servers, and other IT systems without authorization.

Successfully fending off and combatting cyberattacks generally requires a two-pronged approach: (1) limiting vulnerabilities to reduce infection vectors, and (2) strengthening responses to active threats. A range of cybersecurity software, hardware, and services are crucial to these efforts, and may experience heightened sales as cyberthreats materialize:6

  • Network security solutions protect network infrastructure from unauthorized access, wrongful use, and theft.
  • Endpoint and user security solutions defend devices like computers and phones from cyberattacks, limiting inherent vulnerabilities and ensuring secure usage by users.
  • Information security solutions protect data from modification, disruption, destruction, and inspection.

Often overlooked, hardware cybersecurity solutions can be essential to fending off attacks. While today’s digitalization means much of computing occurs in the cloud, most of our digital activity starts and ends with hardware, from data centers and servers to the computers we use to access them. Protecting these endpoints requires building security features into their design and complementing them with dedicated hardware security products. To this end, biometric scanners have become an important hardware tool used to improve access security. The global biometric system market, valued at $51.96 billion in 2025, is projected to grow at a compound annual growth rate (CAGR) of 15.3%, reaching an estimated $216.3 billion by 2035.7

Information security end-user spending by subsegment, worldwide

2024-2026 (millions of U.S. dollars)

Column chart showing global cybersecurity spending by major segment (Security Software, Security Services, and Network Security).

Source: Gartner, “Forecast: Information Security and Risk Management, Worldwide, 2024 – 2026”, July 2025.

Chart description: Column chart showing global cybersecurity spending by major segment (Security Software, Security Services, and Network Security) for 2024, 2025, and projected 2026. The chart illustrates how cybersecurity spending directs many millions of dollars across various segments annually, and that this total is continuing to grow. Forward-looking estimates may not come to pass.


With annual volumes of new data on pace to reach 2.6x their 2024 levels by 2028 and the annual cost of cyberattacks expected to surpass $15 trillion in the same year, cybersecurity spending must accelerate in lockstep, and then some.8,9

Companies have been ramping up cybersecurity spending as attacks mount

Seeking to avoid a lose-lose situation

Digital transformation has been, and, will likely continue to permeate all facets of business, making the private sector ever-more susceptible to cybercrime. In 2023, 3 in 4 U.S. companies were at risk of a material cyberattack.10

For the private sector, cyberattacks can result in catastrophic economic losses and irreparable damage to intangible assets like intellectual property and goodwill. While ransomware remains a leading threat, the risk landscape has broadened significantly with the rise of AI-enabled attacks, business email compromise, and investment-related fraud. Although ransomware incidents declined from their 2022 peak, they continue to rank among the most disruptive forms of cybercrime,11 consistently placing among the top threats reported by organizations.12 Companies facing such attacks typically must select from two losing options: paying out sizeable ransoms or forfeiting proprietary or customer data. In 2024, on average, organizations that paid a ransom reported an average payment of approximately $2 million, up from about $400,000 in 2023 while the average cost to recover from an attack — excluding the ransom itself — reached roughly $2.7 million, with total breach-related costs often rising even higher when factoring in downtime, legal exposure, and reputational damage.13

Business email compromise (BEC) attacks are potentially even more problematic. While chronically underreported, BEC attacks inflict the most financial damage and incidents now account for nearly one-third of all reported cyber events, which are up from just 9% the previous year.14 They are primarily conducted through phishing, an incredibly difficult tactic to defend against with every employee representing a vulnerability. BEC attacks can open doors for additional cybercrimes, including ransomware, server intrusion, and encrypted threats.

Increased cyberattacks likely will drive continued cybersecurity sales growth. We expect companies to focus on limiting infection vectors by spending more on network security software and hardware related to firewalls, VPNs, network segmentation, workload security, and anti-virus/malware software, as well as on endpoint and user security solutions like identity and access management, email gateways, encryption, and web security. Of note, network hardware that includes next generation firewall technology, network segmentation, intrusion prevention, and secure web gateways could generate meaningful net new revenues for cybersecurity companies. Information security software and hardware should also see significant business spending, including solutions for application and cloud security, cryptography, physical IT infrastructure, and incident response.

But as prolific as digitization has been in the past five years, many major sectors of the global economy from manufacturing to health care to education have recently started embracing digital business15; as they do, they could significantly grow the pie for both existing and new cybersecurity solutions, becoming a significant new driver of cybersecurity sales.

Government efforts to fight cybercrime could potentially benefit cybersecurity stocks

The (cyber)space race is on

A recent surge of cyberattacks on countries and governments is vaulting cybersecurity to the forefront of public sector priorities and spending. Governments rely on networks and other IT infrastructure to transmit sensitive information in the regular course of operations. Public infrastructure is also becoming more digital. Technology like data centers and cellular and broadband networks are now seen as key infrastructure components; meanwhile, traditional components like oil and gas pipelines, electric grids, and water utilities become vulnerable as they increasingly rely on software and networks. Cyberattacks can halt government operations, compromise sensitive data, and disrupt public services.

As a result, the U.S. Cybersecurity and Infrastructure Security Agency has introduced stricter remediation requirements for federal agencies, reducing patching timelines for the most critical vulnerabilities to as little as three days.16 The Trump Administration also expanded its focus on AI-enabled cyber defense and critical infrastructure protection, reflecting concerns that advances in AI could accelerate both cyberattacks and cyber defense capabilities. In Europe, the EU made progress toward setting up a cybersecurity emergency response fund to counter large-scale cyberattacks.17 And we expect public sector cybersecurity spending to direct funds to cybersecurity companies worldwide in the immediate- and long-term, potentially benefitting cybersecurity stocks.

Cybersecurity investments could offer resilience to economic challenges

A digital port in the storm

Cybersecurity investments could offer resilience in a difficult macro-environment, despite the weakness growth-tilting sectors have been experiencing.

Cybersecurity, for most, today is an essential operational expense rather than a discretionary line item that can be cut when times are tough. In fact, a Morgan Stanley survey found that security software is the least likely IT expense to be pared back by executives if the economy worsens.18 So, while economic challenges may result in decreased revenues for many technology companies, cybersecurity providers could likely continue to grow as businesses and governments seek to protect themselves.

Inflation introduces an additional dynamic that underscores cybersecurity companies’ resilience. Like most software today, cybersecurity applications are mostly cloud- and subscription-based, generating recurring revenues from online use rather than one-time unit sales. This model can make it easy for software companies to adjust pricing based on economic conditions like inflation. In some subscription-based businesses, price increases risk customer attrition; however, we do not see this as a concern for cybersecurity spending. Necessity can be a powerful force, which, in this case, could allow prices to rise in line with inflation.

How to invest in cybersecurity stocks

Spoiler alert: software alone likely isn’t enough

Investors looking for exposure to cybersecurity via public equities may want to consider looking at ETFs invested in companies that generate a majority of their revenues from cybersecurity hardware, software, and products across:

  • Cybersecurity software and services: Software related to network access and security, enterprise security management, home and office security, as well as services related to government and defense IT security and cybersecurity consulting.
  • Cybersecurity hardware: Equipment related to on-premises network security, network access and management, as well as wirelines. We note that many cybersecurity ETFs exclude this key area, because, even in the cloud computing era, digitalization is underpinned by hardware, which has its own vulnerabilities and is therefore an essential component of cybersecurity.

Conclusion

News of cyberattacks and their impact continue to dominate headlines and bring heightened focus to cybersecurity investments. As public and private sector digitalization continues — and the rise of AI introduces both new capabilities and new attack vectors — cyberattacks could become more frequent and detrimental to businesses, countries, and economies. As a result, we expect cybersecurity spending to continue increasing, regardless of economic conditions, offering possible growth potential for cybersecurity ETFs.

Featured funds

Photo of Jay Jacobs

Jay Jacobs

Head of U.S. Equity ETFs

Ashley Doll

Equity Strategist

Contributor

Komal Kunwar

Equity Strategist

Contributor