Für den Zugriff auf die beiden Plattformen können Sie jeweils dasselbe Saxo-Konto verwenden.
Smart tech, smarter security: a cybersecurity guide for investors
Ruben Dalfovo
Investment Strategist
Key points:
- Long runway: AI, cloud, and new rules keep cybersecurity a durable theme
- Watch: recurring revenue growth, customer retention, and add-on adoption
- Main risks: execution missteps, hyperscaler bundles squeezing pricing, and rich valuations
Introduction to cybersecurity
Cybersecurity protects a company’s data, systems, and people from break-ins, leaks, and shutdowns. Think locks, cameras, and guards for the digital office. The goal is simple: keep the right people in, keep the wrong people out, and keep the business running.
Most attacks start simple. Phishing emails trick staff into sharing passwords. Ransomware locks files and demands payment. Stolen credentials let attackers “walk in” as real users. Software bugs and bad vendor updates can also break things at scale.
Defence is layered. Identify what matters, limit access, verify every request, watch activity, and recover fast if something fails. Backups, updates, monitoring, and staff training sit alongside smarter tools that assume “trust no one” by default.
Why AI makes security spend jump
Generative AI tools create and move a lot of sensitive information across more apps and clouds. That forces companies to lock down identities, data, and workloads—and it raises leak and break-in risk. Budgets are shifting into three clear areas:
Identity and Access Management (IAM): ID checks and door keys. It confirms who you are and what you can open. Think logins, multi-factor, and “least privilege” so people only see what they need.
Secure Access Service Edge (SASE): safe roads to apps. It routes connections through cloud security checks instead of old VPNs and office firewalls. It assumes “trust no one” by default.
Workload protection: locks on the servers that run your software in the cloud. It scans code, watches activity, and stops attacks while apps are running.
Key drivers
Cybersecurity is the safety layer for AI and cloud. As sensitive data spreads, the cost of failure rises and rules tighten. Boards now treat resilience as core operations, not IT hygiene. Below are three key drivers shaping budgets and vendor choices over the upcoming years:
Non-discretionary budget. Security is a “must-have” budget, not a “nice-to-have.” Vendors sell subscriptions, measured by seats and features attached. Switching is painful, so revenue can be sticky—until a major outage or new rule reshapes buyer choices.
Rules force action. The EU AI Act makes breaking the rules expensive: fines can reach EUR 35 million or 7% of global revenue for serious violations. Firms must:
record who opened what and when (logs),
control where data can go (blocks and limits),
produce proof for auditors (reports).
Resilience moved to the boardroom. In July 2024, a bad software update from a major security vendor crashed many Windows PCs worldwide. That outage showed how one supplier can take down operations. Boards now ask: Do we have backups? Can we roll back updates? Are we too dependent on one vendor? This pushes spending on resilience and vendor risk checks.
The runway is long. Bloomberg Intelligence expects cybersecurity and adjacent annual recurring revenue (ARR) to reach about USD 233 billion by 2033—roughly 14% CAGR. Demand looks structural and sticky as AI spreads, rules tighten, and cloud expands. The catch: expectations are high. Outages, hyperscaler bundling, and tougher audits can sting.
Saxo Cybersecurity theme basket: performance and composition as of September 15 2025
Four cybersecurity leaders
Many vendors fall into two groups: platforms that bundle several tools, and specialists that focus on one area. Below we cover a broad platform (Palo Alto Networks), one platform-leaning specialist—CrowdStrike (endpoint + cloud workload), and two specialists—Okta (identity), and Zscaler (secure access).
Palo Alto Networks (PANW) — platform + secure access
Palo Alto sells a broad platform that covers networks, internet access, endpoints, and cloud security. Most sales are subscriptions, with “land and expand” across many products. Strengths: breadth and cross-selling into a large customer base. Risks: tough competition in secure access, migration complexity, and price pressure from bundled cloud deals.
CrowdStrike (CRWD) — endpoint + cloud workload
CrowdStrike protects laptops, servers, and cloud apps with a single lightweight agent on each system that monitors activity in real time and reports to Falcon—its cloud platform—where threats are detected and blocked. Revenue is subscription-based and grows as customers add more modules. Strengths: strong detection, fast updates, and rising use in cloud workloads. Risks: premium pricing and the 2024 outage reminder that one bad update can hurt trust.
Okta (OKTA) — identity at the center
Okta verifies who you are and what you can open across your work apps. It earns recurring revenue per user and by adding security features like multi-factor checks and governance. Strengths: neutral identity layer that works across clouds and vendors. Risks: stiff Microsoft competition and past security incidents that raise scrutiny.
Zscaler (ZS) — zero-trust network edge
Zscaler replaces old virtual private networks with a cloud service that connects users to apps only after checks—“trust no one” by default. Subscriptions drive revenue, with add-ons for data protection and operations. Strengths: built-for-cloud design and a large global network. Risks: long enterprise sales cycles and rising competition from bigger platform vendors.
These cybersecurity leaders have performed well and often trade at premium valuations, reflecting strong growth prospects and sticky subscriptions. Platforms give simpler, steadier exposure—one bill, integrated tools, and bundle pricing that cuts overlap. Specialists fit only when their product is clearly best-in-class or needed across multiple clouds (‘depth advantage’). Depth can win deals, but platform bundling and buyer consolidation can cap seat growth and make returns more volatile.
Challenges and risks
AI adds more apps, more data copies, and more places to break. Remote work multiplies devices and home networks. Net result: more doors to guard and more chances to slip. People remain the weak link. Stolen passwords and phishing do most of the damage, and small access mistakes—no multi-factor authentication (MFA), old admin accounts, broken single sign-on (SSO)—turn small slips into big breaches.
Rules raise the bar and lift costs. The EU AI Act pushes firms to log access, control data flows, and prove compliance. Cloud giants bundle security inside AWS, Azure, and Google deals. That can cut overlapping tools, but it increases lock-in—eroding pure-play pricing power—while leaving multicloud blind spots. Independent vendors still win when they go deeper or work cleanly across platforms.
Valuation is a risk: many cyber stocks trade at high multiples, leaving little room for error—small misses, softer guidance, or outages can compress multiples fast.
Investor playbook
- Follow recurring revenue, net retention, and add-on adoption; prefer durable growth to billings swings.
- Check platform coverage: favour platforms that cover identity, secure access, and workload protection; add specialists where depth matters.
- Watch pricing power versus hyperscaler bundles; track discounting and gross margins.
- Mind valuation: phase entries and size positions so a miss or outage won’t derail the portfolio.
Conclusion
Cybersecurity is where AI meets day-to-day operations. As data spreads, firms must control identity, access, and cloud workloads—or pay the price. That keeps spend durable and steers budgets toward platforms. Specialists fit only when their product is clearly best-in-class. The main drivers are AI adoption and regulation; the main risks are hyperscaler bundling that undermines pricing power, rich valuations, and execution hits from outages or breaches. For more inspiration, take a look at our Cybersecurity investment theme.This material is marketing content and should not be regarded as investment advice. Trading financial instruments carries risks and historic performance is not a guarantee of future results.
The instrument(s) referenced in this content may be issued by a partner, from whom Saxo receives promotional fees, payment or retrocessions. While Saxo may receive compensation from these partnerships, all content is created with the aim of providing clients with valuable information and options.