Investor Essentials Daily

The cybersecurity industry is as important as ever, but that doesn’t mean you need to own its best known ETF

September 17, 2021

As cyber warfare and industrial hacks become a bigger problem, the Biden administration has been taking steps to better protect the digital future of the country.

But how does that play out for cybersecurity firms? Let’s use Uniform Accounting to go through a cyber-themed ETF to best understand what may be in store for the industry as a whole.

Also, see below for a detailed Uniform accounting tearsheet of the fund’s top holding.

Investor Essentials Daily: 
Friday Uniform Portfolio Analytics
Powered by Valens Research

As computers began to appear in our lives decades ago, we were quick to adopt them for countless everyday tasks. Some of our younger readers may have even grown up with a phone in hand and an iPad by their side. Potentially to the disdain of their parents, they had no problem at all incorporating technology into every aspect of their lives.

As a collective society, we adopted computers and the internet much faster than we understood them. We were quick to move our personal information, communications, and businesses online. But we were slower to understand the vulnerabilities.

Just as not everyone ever has fully embraced saving our work before we finish it or backing up our hard drives over the years, we haven’t all learned to keep our passwords secret and invest in antivirus software.

Because of that, over the past several years, we’ve seen headline after headline reminding us how important these things we aren’t all doing are. For instance, ransomware attacks, which categorize malicious software that threatens the destruction of critical systems or leakage of data in return for a ransom, rose by 150% in 2020.

We also learned that large industrial systems that rely on data to operate also have structural weaknesses.

Curious malignant code has been found in power stations around the country, with many accusing Russia, whose hackers have already targeted power stations as a potential attack vector in the case of a war. The U.S. military uses these weaknesses as weapons too, as it and Israel are rumored to have done by knocking out Iranian nuclear centrifuges with the Stuxnet virus.

The Biden administration recently convened the heads of the most powerful technology and financial companies into one room. Without knowing otherwise, most would think this was to chastise them about anticompetitive practices, push them to make climate change commitments, or any other item from the laundry list of Biden objectives.

None of these issues were discussed. The meeting was focused exclusively on national cybersecurity. Although Biden has already taken important steps to modernize the Federal government’s cyber infrastructure, as he pointed out, the real weak spots lie within the private sector.

Without the support of the companies that developed the technology we all rely on, the federal government’s attempts to improve national cyber security would be like blowing into the wind.

Analysts agree the summit was a success. Google and Microsoft have both pledged to invest billions of dollars into cyber security initiatives, as well as use their recruiting resources to train a new generation of cybersecurity experts.

That last part is particularly important because cyber security work is in high demand. Within the space, the unemployment rate is virtually zero. Companies are finding it increasingly difficult to not only find qualified specialists, but also to afford paying them market rates.

That doesn’t just make for a great market for those with jobs in the space. When an industry has this much demand, it is a great market for investors as well.

With the support of the federal government, a widely understood need, and not enough supply to satisfy the demand, some cybersecurity companies have seen profitability soar in the past several years.

But many analysts say the best is still yet to come. After events like last year’s Microsoft hack, constant headlines of consumer data leaking from companies around the world, and the Colonial pipeline hack, cyber security is top of mind for companies and countries like never before.

As such, many investors might be rushing to the ETFMG Cyber Security ETF (ARCA:HACK) as a way to ride the coattails of the entire industry without facing the risks associated with any one company or management team. But to know for sure, you need to look at the ETF’s component companies, using the right data to understand how well positioned they are.

We’ve conducted a thorough audit of its top 15 holdings, comprising roughly 40% of its value, using Uniform Accounting data to see through the noise, to help you understand if HACK is set up for future returns, or if investors have already priced in all these tailwinds.

Many investors conduct portfolio audits. What separates the Valens portfolio reviews is that we don’t rely on as-reported accounting. HACK is a perfect example as to why.

Most investors would look at this portfolio and see an average return on assets (ROA) of 2%. That’s far below the cost of capital, and would imply that these companies are losing money on their initiatives. 

Given the pricing power held by cyber security companies amid the constrained supply, this makes no sense. The low ROA is entirely a symptom of bad GAAP (the Generally Accepted Accounting Principles) and IFRS (International Financial Reporting Standards) rules that distort performance figures like ROA to such a degree that they are meaningless.

We developed Uniform Accounting to present investors with real numbers they can trust. These are numbers they can use to compare companies on an apples-to-apples basis.

In reality, HACK doesn’t have an average ROA of 2%, but actually 49%. That’s far above the corporate average, and even above the average for technology companies.

Take a look at Palo Alto Networks (PANW), for instance. The Silicon Valley cybersecurity giant isn’t failing to run an economical business model, as its -1% as-reported ROA suggests. It actually has a robust ROA of 22%.

Similarly, Avast (LSE:AVST), which provides security services and antivirus to large enterprises and consumers, reports a below-average 8% ROA, which couldn’t be further from the truth. In reality, the company has an ROA of almost 400%, proving the robust profitability in the space.

The story is the same for many of the firms held by HACK. But to really unlock alpha, there is more that investors need to know.

They need to understand whether or not the market is already expecting these companies to outperform. To quantitatively answer this question, we can use our Embedded Expectations framework to quickly compare market expectations to the most likely growth scenarios.

Take a look:

This chart shows three interesting data points:

– The first datapoint is what Uniform earnings growth is forecast to be over the next two years, when we take consensus Wall Street estimates and we convert them to the Uniform Accounting framework. This represents the Uniform earnings growth the company is likely to have, the next two years.

– The second datapoint is what the market thinks Uniform earnings growth is going to be for the next two years. Here, we are showing how much the company needs to grow Uniform earnings in the next 2 years to justify the current stock price of the company. If you’ve been reading our daily and our reports for a while, you’ll be familiar with the term embedded expectations. This is the market’s embedded expectations for Uniform earnings growth.

– The final datapoint is the spread between how much the company’s Uniform earnings could grow if the Uniform Accounting adjusted earnings estimates are right, and what the market expects Uniform earnings growth to be.

The story about this fund becomes less rosy once we look at what’s priced in. While the market expects EPS growth of around 50%, analysts are only projecting one-tenth of that, in line with the average expected EPS growth.

Some might find this low-growth curious, but the economics make sense. Given that headcount is the primary limiting factor, many of these companies are limited in their ability to grow quickly. Even if they do grow, they’re paying a lot of that extra income right back to these employees.

But one other issue may be weighing on the industry as a whole. Despite the best efforts of cybersecurity companies, hackers are still one step ahead. When Microsoft got hacked, for instance, the doors to its data rooms were not open to the world. They were locked shut.

Just as they were able to then, hackers are still able to get around even the best world-class security systems, making investors unsure of how to differentiate between good and bad cybersecurity companies.

In our own stock picking conversations, we often discuss “black box” industries. By this, we mean that certain companies do work so complicated that investors are unable to get a real sense of whether or not the products are of real value.

Cybersecurity, unfortunately, may be one such industry, even despite the monumental tailwinds.

Analysts are expecting a slow year ahead for these cyber firms even as there are countless technology and software companies where analysts are expecting returns to exceed market expectations.

With such a dislocation between market expectations and analyst forecasts, HACK may be an ETF to watch from the sidelines, as the cyber security industry continues to evolve and serve the society of the 21st century.

SUMMARY and Darktrace plc Tearsheet

As ETFMG Prime Cyber Security ETF’s largest individual stock holdings, we’re highlighting Darktrace plc’s tearsheet today.

As the Uniform Accounting tearsheet for Darktrace plc (DARK:GBR) highlights, its Uniform P/E trades at a negative Uniform P/E, which is below the global corporate average of 21.9x.

Low P/Es require low EPS growth to sustain them. In the case of Darktrace, the company has recently shown a 46% Uniform EPS decline.

Sell-side analysts provide stock and valuation recommendations that in general provide very poor guidance or insight. However, sell-side analysts’ near-term earnings forecasts tend to have relevant information.

We take sell-side forecasts for International Financial Reporting Standards (IFRS) earnings and convert them to Uniform earnings forecasts. When we do this, Darktrace’s sell-side analyst-driven forecast is for EPS to grow by 817% and shrink by 66% in 2021 and 2022, respectively.

Meanwhile, the company’s earnings power is below corporate averages. Additionally, cash flows are below their total obligations—including debt maturities, capex maintenance, and dividends. However, Darktrace does not give out dividends and garnered a low credit risk.

To conclude, Darktrace’s Uniform earnings growth is in line with its peer averages, but the company is trading above its average peer valuations.  

Best regards,

Joel Litman & Rob Spivey

Chief Investment Strategist &
Director of Research 
at Valens Research

View All

You don’t have access to the Valens Research Premium Application.

To get access to our best content including the highly regarded Conviction Long List and Market Phase Cycle macro newsletter, please contact our Client Relations Team at 630-841-0683 or email

Please fill out the fields below so that our client relations team can contact you

Or contact our Client Relationship Team at 630-841-0683