11 December 2023

General Industry Update

In November, the U.S. arm of China’s Industrial and Commercial Bank of China (ICBC), the world’s largest bank, suffered a ransomware attack by the Russian-linked Lockbit ransomware group. Reports indicate that within days, ICBC paid a ransom.1

The attack resulted in ICBC temporarily owing $9 billion to BNY Mellon—an amount larger than the U.S. branch’s net capital—and crippled the corporate email system, prompting employees to rely on Google Mail for communications.2

Most significantly, however, the severity of the attack led to disruptions in the U.S. Treasury market after ICBC could not settle a number of transactions. The bank was forced to courier a USB thumb drive to the affected parties in order to provide the required settlement details. This has exposed the possibility of a worst-case scenario long feared by cybersecurity experts: a hack that incapacitates a vital part of the financial system, leading to a cascade of negative consequences for lenders and governments around the world. This breach will be carefully examined by regulators and put financial institutions on high alert.3

Meanwhile, at the national level, Australia is fortifying its cybersecurity measures in response to a series of significant breaches. The federal government unveiled a seven-year, A$587 million plan aimed at enhancing national cybersecurity. Initiatives include providing cyber security checks for small businesses, boosting funding for cyber law enforcement, and implementing mandatory reporting of ransomware attacks through a single government portal. Telecommunications firms will face stricter cyber reporting rules, and the government will limits inter-agency data sharing to encourage incident reporting.

The move follows a year marked by data breaches affecting nearly half of Australia’s 26 million people, a ~25% increase in cybercrime through the first six months of 2023, and a cyber attack that disrupted the nation’s largest port operator.4

Company Specific Updates

CrowdStrike Holdings Inc

CrowdStrike launched its AI-powered cybersecurity solution, Falcon Go, for small and medium businesses (SMBs) on Amazon Business in November. Falcon Go aims to provide robust protection against modern cybersecurity threats in a simplified package, catering to smaller IT teams and non-technical users. This move represents CrowdStrike’s first offering on Amazon’s B2B store, expanding its distribution channels for SMB solutions. To celebrate its debut on Amazon Business, CrowdStrike offered Falcon Go at a discounted rate during the Black Friday, Small Business Saturday, and Cyber Monday shopping weekend. This partnership with Amazon marks a strategic step for CrowdStrike in reaching a wider SMB audience through a prominent online platform.5

Source: https://bit.ly/48eT8W5

Also in November, CrowdStrike reported its Q3 financial results. The company’s Annual Recurring Revenue (ARR) crossed the $3 billion mark, marking 35% YoY growth. This growth, driven by a record net new ARR of $223 million, establishes CrowdStrike as the fastest and sole pure-play cybersecurity software vendor to reach this milestone. Total revenue for the quarter reached $786.0 million, up 35% from the same period in fiscal 2023, with subscription revenue at $733.5 million, reflecting a 34% YoY growth.6

Fortinet Inc

Fortinet’s Q3 revenue, announced in November, reached $1.33 billion, a 16% YoY increase, but fell short of the $1.35 billion analyst estimate. Product revenue dipped 0.6% to $465.9 million due to weaker-than-expected firewall sales and a slowdown in secure networking market growth. CEO Ken Xie anticipates limited near-term growth in secure networking.

Instead, Fortinet plans to focus on faster-growing areas, like SASE (secure access service edge) and SecOps, which now constitute 20% and 10% of its business, respectively. Executives aim to offset firewall sales decline with investments in SASE and SecOps, anticipating a 20% annual growth in the SASE market and 14% in SecOps over four years.


Despite challenges in the secure networking sector, Fortinet reported a nearly 28% YoY growth in service revenue to $868.7 million in Q3. The company aims to capitalize on market opportunities by shifting R&D and go-to-market investments toward SASE and SecOps, with a commitment to significant partnerships with channel partners.7

CYBR ETF: Diversified Investing in Cybersecurity

A cybersecurity ETF offers a great alternative to gaining exposure to this industry without being locked into any single security, and without the hassle of hand-picking individual stocks. ETFs allow you to diversify by investing in multiple companies in multiple markets, ensuring that a single market shock won’t tank your portfolio.

Canada’s first cybersecurity ETF, Evolve Cyber Security Index Fund (TSX Ticker: CYBR), invests in global companies involved in the cyber security industry. For more information, visit the fund page here: https://evolveetfs.com/product/cybr/.

Portfolio Strategy and Activity

For the month, CrowdStrike Holdings Inc made the largest contribution to the Fund, followed by Zscaler Inc and Palo Alto Networks Inc. The largest detractors to performance for the month were Fortinet Inc, followed by Chindata Group Holdings Ltd and CACI International Inc.



  1. Pearson, J., “Chinese lender ICBC paid ransom over hack that disrupted U.S. Treasury market, gang says,” The Globe and Mail, November 13, 2023; https://www.theglobeandmail.com/business/international-business/asia-pacific-business/article-chinese-lender-icbc-paid-ransom-after-hack-that-disrupted-markets/
  2. Araullo, K., “ICBC hacker says ransom was paid following major breach,” Insurance Business Magazine, November 16, 2023; https://www.insurancebusinessmag.com/us/news/cyber/icbc-hacker-says-ransom-was-paid-following-major-breach-466924.aspx
  3. Doherty, K., Capo McCormick, L. & Harris, A., “World’s Biggest Bank Has to Trade Via USB Stick After Hack,” Bloomberg, November 9, 2023; https://www.bloomberg.com/news/articles/2023-11-10/world-s-biggest-bank-forced-to-trade-via-usb-stick-after-hack
  4. Kaye, B., “Australia beefs up cyber defences after major breaches,” Reuters, November 22, 2023; https://www.reuters.com/technology/cybersecurity/australia-goes-cyber-offensive-with-sweeping-resilience-plan-2023-11-22/
  5. “CrowdStrike Launches on Amazon Business, Bringing AI-Native Cybersecurity to Small & Medium Businesses,” CrowdStrike, November 22, 2023; https://ir.crowdstrike.com/news-releases/news-release-details/crowdstrike-launches-amazon-business-bringing-ai-native
  6. “CrowdStrike Reports Third Quarter Fiscal Year 2024 Financial Results,” CrowdStrike, November 28, 2023; https://ir.crowdstrike.com/news-releases/news-release-details/crowdstrike-reports-third-quarter-fiscal-year-2024-financial
  7. Alspach, K., “Fortinet Stock Price Plunges Amid ‘Slowdown’ In Firewall Sales,” CRN, November 02, 2023; https://www.crn.com/news/security/fortinet-stock-price-plunges-amid-slowdown-in-firewall-sales
The contents of this blog are not to be used or construed as investment advice or as an endorsement or recommendation of any entity or security discussed. These contents are not an offer or solicitation of an offer or a recommendation to buy or sell any securities or financial instrument, nor shall it be deemed to provide investment, tax or accounting advice. The information contained herein is intended for informational purposes only.
Commissions, management fees and expenses all may be associated with exchange traded funds (ETFs) and mutual funds (funds). Please read the prospectus before investing. ETFs and mutual funds are not guaranteed, their values change frequently, and past performance may not be repeated. There are risks involved with investing in ETFs and mutual funds. Please read the prospectus for a complete description of risks relevant to ETFs and mutual funds. Investors may incur customary brokerage commissions in buying or selling ETF and mutual fund units.
Certain statements contained in this blog may constitute forward-looking information within the meaning of Canadian securities laws. Forward-looking information may relate to a future outlook and anticipated distributions, events or results and may include statements regarding future financial performance. In some cases, forward-looking information can be identified by terms such as “may”, “will”, “should”, “expect”, “anticipate”, “believe”, “intend” or other similar expressions concerning matters that are not historical facts. Actual results may vary from such forward-looking information. Evolve Funds undertakes no obligation to update publicly or otherwise revise any forward-looking statement whether as a result of new information, future events or other such factors which affect this information, except as required by law.

Tags ChatGPT  Crowdstrike  cyberattack  cybercrime in australia  cybersecurity  CYBR etf  data centers  falcon go for smb  financial system cybersecurity  Fortinet  Hackers  icbc ransomware attack  lockbit  Palo Alto Networks  ransomware  tech