Cyberattacks and cybersecurity-related incidents are becoming the norm as more and more businesses report cyberattacks.
In December, FuboTV, a live-TV bundle streaming service, reported a cyberattack that affected customers that were trying to access the World Cup semifinals between France and Morocco. The company said that it took immediate action to contain the cybersecurity incident and was able to restore service for its customers.
FuboTV reported the cyberattack to law enforcement and hired Mandiant—a cybersecurity firm, to help with the investigation and response.1
In addition, The Guardian, a British daily newspaper, recently revealed that it was hit with a suspected ransomware hack that impacted parts of its digital infrastructure in December as well. The news outlet deemed the attack a serious IT incident.
Ransomware hacks essentially make networks/applications unworkable. The hackers then demand payment to let go of the system. Over the years, ransomware attacks have gotten faster and more sophisticated. Even the Biden Administration warned about these attacks a few months ago.2
Looking ahead to 2023, analysts at Gartner recently shared their top cybersecurity predictions for the year, which included:
- Supply chain and geopolitical risk will dominate cybersecurity
- Emerging architectural patterns will streamline security
- Zero trust will play a key role in risk management
- DevSecOps will become business-critical
- Security operations with automation will enhance proactive and detective capabilities
- Data-centric cybersecurity will be key to a “data everywhere” world
- Endpoints and workloads will need adaptable protection against emerging and established threats
- Human-operated ransomware will become a bigger threat.
According to analysts, with the Russia-Ukraine war still raging and possible economic uncertainty ahead, organizations need to be prepared for an increase in cyberthreats.3
UPDATES ON TWO CYBERSECURITY COMPANIES
Okta’s security incident
Okta, an identity solutions provider, revealed recently that the code for Okta Workforce Identity Cloud service was copied after cybercriminals had gained access to the company’s private repository on GitHub.
According to the statement from the company, there was no unauthorized access to the Okta service, or to customer data. It also reiterated that the service remains fully operational and secure.4
Varonis Systems’s recent launch
Varonis Systems provides data security and analytics solutions. The company announced that it recently launched the Varonis Vulnerability Disclosure Program (VDP) through HackerOne. This will allow the HackerOne community to alert Varonis about potential cybersecurity issues around the company’s cloud environment and SaaS products.
HackerOne is a vulnerability coordination and bug bounty platform. Its main focus is to connect businesses with penetration testers and cybersecurity researchers.
Regarding the launch of VDP through HackerOne, Varonis Systems revealed that the company has had great success with its private bug disclosure program, and this was the next logical step for the company.5
Investing in the Cybersecurity Industry with CYBR ETF
A cybersecurity ETF offers a great alternative to gaining exposure to this industry without being locked into any single security, and without the hassle of hand-picking individual stocks. ETFs allow you to diversify by investing in multiple companies in multiple markets, ensuring that a single market shock won’t tank your portfolio.
If you’re interested in investing in a cybersecurity ETF, consider Canada’s first cybersecurity ETF, Evolve Cyber Security Index Fund (TSX Ticker: CYBR). CYBR ETF invests in global companies involved in the cyber security industry. For more information, visit the fund page here: https://evolveetfs.com/cybr/.
CYBR ETF PORTFOLIO STRATEGY AND ACTIVITY
For the month, Okta Inc. made the largest contribution to the Fund, followed by GDS Holdings Ltd. and Varonis Systems Inc. The largest detractors to performance for the month were Palo Alto Networks Inc., followed by Zscaler Inc. and Blackberry Ltd.
For the latest information on cybersecurity investing and industry updates on related investment products, sign up for our weekly newsletter here
- Rizzo, L. “FuboTV hit with cyberattack during World Cup semifinal match,” CNBC, December 15, 2022; https://www.cnbc.com/2022/12/15/fubotv-hit-with-cyber-attack-during-world-cup-semifinal-match.html.
- Stone, J., “Guardian Newspaper Is Hit With Suspected Ransomware Attack,” BNN Bloomberg, December 21, 2022; https://www.bnnbloomberg.ca/guardian-newspaper-is-hit-with-suspected-ransomware-attack-1.1862192.
- Keary, T., “Gartner analysts reveal 8 cybersecurity predictions for 2023,” VentureBeat, December 2, 2022; https://venturebeat.com/security/cybersecurity-predictions-gartner/amp/.
- Goodin, D., “Okta says source code for Workforce Identity Cloud service was copied,” arsTechnica, December 21, 2022; https://arstechnica.com/information-technology/2022/12/okta-says-source-code-for-workforce-identity-cloud-service-was-copied/.
- “Varonis Launches HackerOne Vulnerability Disclosure Program,” Yahoo! Finance, November 29, 2022; https://finance.yahoo.com/news/varonis-launches-hackerone-vulnerability-disclosure-140500859.html.