June 24, 2021
At a recent get-together at my house (now that we can finally have those things again!), a friend who grew up in the former Soviet Union told me how fortunate she felt to be an American citizen.
“It’s the Americans,” she said proudly, “that made the right bet on the vaccines – not the Europeans, not the Russians, not the Chinese.”
“And,” she added with emphasis, “it’s all thanks to capitalism!”
You can say that again…
America is still the envy of the world, and understandably so. Remember, it was the U.S. that – in record time – invested in and created the COVID-19 vaccines that are helping people around the globe.
Nonetheless, America – for all its success – is still filled with vulnerabilities… one of our biggest being our naivete against the threat of cyberattacks.
In recent months, we’ve learned of not one, not two, but three significant attacks on our most basic infrastructure: energy and food.
From the SolarWinds attack to Colonial Pipeline to JBS… Russian “sanctioned” attacks have plagued our country. Interestingly (and perhaps conveniently), they occurred leading up to the big meeting between President Joe Biden and Russian President Vladimir Putin.
Indeed, Biden and Putin met face-to-face in Geneva last week for an hour-long sit-down. After, they both spewed talking points to the press… Biden told reporters he looked Putin in the eye and said, “How would you like it if one of your pipelines was shut down?” (Biden tells us Putin said he wouldn’t like it at all.)
So, was that a threat? Was that Biden telling Putin if he didn’t cool it, we’d soon be returning the favor?
The U.S., explains cyber expert Morgan Wright in my podcast this week, certainly has the capability to follow through on such a promise. However, whether we’d actually do it is unclear.
Threats aside, the handwriting is on the wall… We need to take cyber threats seriously.
I’m not sure if you remember books, America, but it’s what people used to sink their faces into to avoid dealing with family and strangers. Our editor-in-chief, P.J. O’Rourke, has written a few in his time, and he’s re-releasing his bestselling Eat the Rich, complete with a new chapter to take on the absurdity of 2021 economics. And as an American Consequences subscriber, you can have access to the newly released edition for free! Claim Your Copy Now.
Brave New World
The reality is we now live in a world where it doesn’t take a huge army or navy or air force to inflict significant damage. A terrorist group… a rogue state… or even just a talented hacker in their basement can cause real problems for major corporations, our government, and our country.
Everything we do and everything (in many cases) that we own is online.
Do you remember the early years of the Internet? Everyone was so worried about giving their credit card information out online? We were smart to be worried…
Well, how times have changed… Now, you just hit a button on Amazon, and a product shows up the next day!
With this total migration to an online world, all our private and financial information has found its way to the digital universe… This is true for individuals, companies, and our government.
It’s all out there… ripe for the picking.
The present threat of cyberattacks on our government and our country’s infrastructure is so massive that I understand why people want to close their eyes and look the other way. But executives and government leaders – and individuals for that matter – still need to determine how to protect against these threats.
It’s a lot to ask, right? And it can be overwhelming…
Do parents at home need to figure out how to keep their kids’ Roblox accounts safe from hackers? Yes.
Do entrepreneurs skilled at creating one product and selling it need to figure out how to keep themselves, their sales channels, and their customers safe from hackers? Yes.
Do CEOs need to pay attention to this space? Yes.
Does our government? Most definitely!
The problem is, like most security issues, you may not realize you need it until it’s too late. But this is the world we live in…
And increasingly, savvy entrepreneurs have learned that cybersecurity is a key component to success.
I spoke Friday with a friend of mine who is starting a bank. Guess what the biggest line-item expense on his balance sheet is? Cybersecurity. (Makes sense, right? I mean… It’s a bank!)
Interestingly, he told me that the Federal Deposit Insurance Corporation’s (“FDIC”) “requirements” were slim in comparison with what he and his partners were actually undertaking in terms of security procedures. “I can’t just rely on the FDIC’s requirements,” he explained. “They’re not enough. We need to stay many steps ahead of any potential trouble. And I need cybersecurity companies that are doing exactly that.”
He also noted that for him and his partners, it’s in many ways easier to start from scratch when it comes to cybersecurity. Huge banking institutions don’t have the nimbleness to go from one security system to another… So big companies face even bigger expenses on the security front.
The need for cybersecurity in this brave new world is massive… New companies know it, and established companies are figuring it out. And hopefully, someone in our government is paying attention. (Although, I’m not convinced.)
Nonetheless, as more stories like Colonial Pipeline and JBS make the news, more companies will pay attention to the space. As investors, that’s relevant because the demand and need for cybersecurity will explode in the coming years. No company, and no CEO, wants to be like Colonial Pipeline – the world should have learned its lesson from the attack!
Morgan Wright says we really need a kind of Sarbanes-Oxley-style proposal that would require CEOs to “sign off” on their security plans, much like a CEO signs off on earnings reports. This could help the “passing of the buck” and put the onus of responsibility on CEOs.
Regardless of whether the government gets involved in any future mandate, I’m convinced that cybersecurity will grow immensely in the coming decade and prove itself to be a thriving, massive industry.
As investors, we need to recognize that opportunity…
The wealth gap in America has never been wider — we’ve still never fully recovered from the Great Recession of 2008, and it’s only going to get worse from here. But the effects of the Big Con are going to devastate those who don’t take action. So do something now while you still can.
How to Get Started Investing in Cybersecurity
You may be asking, “but Trish, how do I make sure I’m picking the winners – and not the losers – in the space?”
The reality is many cybersecurity companies run the same risks as any other company. Nothing is 100% foolproof… In this industry, all it takes is a 22-year-old Russian hacker with the time, motivation, and ability to outsmart the big guys.
While prepping this story, I asked a Russian-American friend why Russians just seem to be better at hacking, at least reputationally, than Americans.
“Trish, they have nothing else to do there,” he laughed… “They literally sit around all day and program, or they drink vodka, or both. There’s not much else to do.”
He was kidding, of course. But it does make you wonder… American kids seem like they need some serious catch-up on computers, math, and science.
American education levels aside, the risk to all of us right now – including the risk to a large security company – is that we can be outsmarted by any hacking group. For this reason, I’m reluctant in the early stages of this industry to make specific bets on specific technologies, but instead like the entire space.
Investors can gain exposure to the sector through several exchange-traded funds (“ETFs”) with low expense ratios. Two examples of diversified picks in the sector are the ETFMG Prime Cyber Security Fund (NYSE: HACK) and the First Trust Nasdaq Cybersecurity Fund (Nasdaq: CIBR). Both are well-regulated ETFs that invest in a basket of names, tracking the performance of the cybersecurity segment.
And there will be more opportunities as this industry explodes… It’s time every one of us gets serious about this issue. Whether they are trying to access our personal computers or a global energy supply, hackers are here to stay. We just need to act smarter.
Yesterday, it was reported that the godfather of this industry, John McAfee, founder of the original anti-virus software, was found dead in his prison cell in Spain while awaiting extradition today to the United States.McAfee was a colorful character who had multiple run-ins with the law… he was wanted in the U.S. for tax evasion after failing to file his taxes for eight straight years. In 2019, he tweeted that he felt he didn’t need to pay because “taxes are illegal.”Despite his run-ins with the law, McAfee will be always remembered for his recognition of the virus threats that exist in the world. He was a visionary in those early tech days, and this is an industry that will grow enormously in the years to come.
- American software companies now protect banks, energy supplies, and personal data with newer cybersecurity measures of AI and machine learning – akin to our firewalls fighting fire with digital napalm.
- Russia uses Ukraine as a hacking-testing ground, with one of its most devastating cyber-attacks wiping out 80% of Ukrainian computers and disabling all the country’s ATMs – chaos inevitably ensued. The same could happen stateside. =
- As Zoomer-approved as it may be, the Internet of Everything approach to life opens us up to even more hacking vulnerabilities, with every digital device connection offering up another opportunity for rogue blackhat cybercriminals. Do you need that Smart Fridge?=
- If Uber is more of a software than a car company, Colonial Pipeline’s no different. The DarkSide ransomware didn’t affect the energy company’s operational technology or actual machines – instead, the hackers seeped into their admin, shutting down their data collection. In short, it was more about information than oil.
- Somewhere in a dim DC office, there’s a government bureaucrat crouched over a clunky PC running Windows 2000. Sadly, public sector IT infrastructure is often obscenely antiquated (and a hacker’s paradise).
Love us? Hate us? Let us know at [email protected].
Publisher, American Consequences
With Editorial Staff
June 24, 2021