Experts believe the cybersecurity industry will continue to boom: new AI technologies enable stronger defence systems, but also increasingly sophisticated and efficient attacks by malicious actors. Companies, governments and private individuals need to protect themselves better and better against attacks. Like the arms industry, cybersecurity providers are also likely to benefit from the tense geopolitical situation and the related uncertainties.
Experts currently estimate the market size of the industry at just under USD 200bn, with forecasts predicting strong growth. Data from Statista Market Insights shows an expected growth to USD 248bn by 2029. And while security system providers must also invest heavily in research and development to keep up with attackers in the arms race, this should not stand in the way of strong earnings growth, as many businesses still have a lot of catching up to do in terms of cyber security.
However, this should not stand in the way of strong earnings growth, as some companies still have a lot of catching up to do in terms of cybersecurity. Financial services provider Bloomberg expects revenue growth of 14% for the current year. Bernhard Ruttenstorfer, fund manager of ERSTE STOCK TECHNO and expert in technology stocks, underscores the positive expectations for the industry: “There’s a good analogy here—spending on cybersecurity in the digital age is what electricity and gas bills are in the analog world. You can’t avoid these expenses—on the contrary, they are constantly rising.”
Surveys in Austria show: companies have better security, but there are also more attacks
A survey among Austrian companies presented this year by the consulting firm Deloitte shows that domestic companies have improved their security stance, but that attacks are also becoming increasingly aggressive. According to the survey, 100,000 AI-supported attacks per day on an organisation are no longer uncommon. “That means one attack per second,” explained Evrim Bakir, Managing Partner at Deloitte Austria. Of the companies surveyed, 22 per cent are affected by ransomware attacks on a daily basis, twice as many as in 2022.
A study presented on Tuesday by the consulting firm Ernst & Young painted a similar picture. According to the survey data, 32 per cent of companies in Austria have recorded concrete evidence of cyberattacks or data theft in the past five years. One-third of large companies with annual sales exceeding EUR 51m report repeated attacks. Nine out of 10 managers surveyed expect the threat situation to get worse.
According to Ruttenstorfer, AI is making security tools better and more automated. However, the potential risk is also increasing because, on the one hand, attackers are working more effectively and, on the other hand, the increasing complexity of IT systems due to the use of AI offers a larger target for cyberattacks. “The World Bank estimates that cybercrime could cause around $10.5 trillion in damage by 2025,” he summarizes.
Phishing attacks remain the most common type of attack
Phishing is the most frequently cited type of attack, at 73 per cent. This involves fraudsters using fake messages to try to obtain important information such as passwords. A survey by the consultancy firm KPMG shows that, in addition to phishing, disinformation campaigns are on the rise. Fifty-four per cent of the 1,158 Austrian companies surveyed by KMPG stated that they had been victims of disinformation campaigns in the past year.
Disinformation campaigns deliberately place companies in unusual situations that require the full attention of their employees so that a cyberattack can take place unnoticed in the background. According to KMPG, the frequency of so-called deepfakes has also increased significantly. These involve the creation of realistic-looking video, audio or image content using AI.
Large western enterprises are the best-equipped
According to a survey of international companies commissioned by the World Economic Forum (WEF), small and medium-sized enterprises in particular have some catching up to do regarding the defense against cyberattacks. While 71 per cent of the companies surveyed tend to be confident that they are well equipped, the figure for medium-sized companies is 61 per cent and for small companies only 35 per cent. The companies surveyed expect self-learning systems such as AI tools to have the greatest impact on the cybersecurity industry.

Source: APA/Nasdaq/WEG
There are also major differences from an industry perspective, the WEF study states: according to the WEF, companies in the financial sector have the best security stance, as they are already required to focus heavily on security due to the strong regulations in this sector, while companies in manufacturing-oriented industries first need to establish a culture of cyber security. From a geographical perspective, the WEF sees a gap between Western industrialised countries and emerging regions: while two-thirds of companies in the northern United States and half of companies in Europe are at least partially confident about their cybersecurity, there is still room for improvement in Latin America, Africa and Asia.
Tailwind for cybersecurity providers
This need for upgrades is also likely to continue to benefit providers of cybersecurity solutions. The market is currently shared by specialized IT security providers such as firewall specialist Palo Alto Networks and well-known tech giants with large cybersecurity divisions. IBM and Microsoft, for example, are major providers of security solutions. Network specialist Cisco generates 20 percent of its revenue from cybersecurity.
Note: The companies listed here have been selected as examples and do not constitute investment recommendations.
“On the one hand, there are numerous growth drivers in the industry, but on the other hand, the market remains fragmented,” comments tech expert Ruttenstorfer. He therefore sees a trend toward platform solutions. “Companies such as Crowdstrike and Palo Alto Networks are particularly well positioned in this case, as they have both the product range and the sales force to offer accordingly. Both companies remain our most significant positions in the cybersecurity sector,” says the fund manager of ERSTE STOCK TECHNO.
But other corporations also want to push harder into this market. According to a report in the Wall Street Journal, Google’s parent company Alphabet has recently made a second attempt to acquire cybersecurity startup Wiz in a deal worth billions. Alphabet is in advanced talks to acquire Wiz for around $30 billion, the newspaper reported, citing insiders. This would be Alphabet’s largest transaction to date.

Source: APA/Nasdaq/WEG
Invest in Cybersecurity
Cybersecurity is one of the focus areas of the ERSTE STOCK TECHNO technology equity fund. This fund invests in leading companies in the tech sector, including firewall specialist Palo Alto Networks. Cybersecurity is also an important theme in the ERSTE SECURITY INVEST equity fund. In addition to companies in the global security industry, the fund also invests in leading IT security providers, including Palo Alto Networks and Sentinel One.
Note: Please note that an investment in securities entails risks in addition to the opportunities described.
Risk notes ERSTE STOCK TECHNO
The fund employs an active investment policy and is not oriented towards a benchmark. The assets are selected on a discretionary basis and the scope of discretion of the management company is not limited.
For further information on the sustainable focus of ERSTE STOCK TECHNO as well as on the disclosures in accordance with the Disclosure Regulation (Regulation (EU) 2019/2088) and the Taxonomy Regulation (Regulation (EU) 2020/852), please refer to the current Prospectus, section 12 and the Annex “Sustainability Principles”. In deciding to invest in ERSTE STOCK TECHNO, consideration should be given to any characteristics or objectives of the ERSTE STOCK TECHNO as described in the Fund Documents.
Risk notes ERSTE SECURITY INVEST
Please note that investing in securities also involves risks besides the opportunities described.
The fund employs an active investment policy and is not oriented towards a benchmark. The assets are selected on a discretionary basis and the scope of discretion of the management company is not limited.
Legal disclaimer
This document is an advertisement. Unless indicated otherwise, source: Erste Asset Management GmbH. The language of communication of the sales offices is German and the languages of communication of the Management Company also include English.
The prospectus for UCITS funds (including any amendments) is prepared and published in accordance with the provisions of the InvFG 2011 as amended. Information for Investors pursuant to § 21 AIFMG is prepared for the alternative investment funds (AIF) administered by Erste Asset Management GmbH pursuant to the provisions of the AIFMG in conjunction with the InvFG 2011.
The currently valid versions of the prospectus, the Information for Investors pursuant to § 21 AIFMG, and the key information document can be found on the website www.erste-am.com under “Mandatory publications” and can be obtained free of charge by interested investors at the offices of the Management Company and at the offices of the depositary bank. The exact date of the most recent publication of the prospectus, the languages in which the key information document is available, and any other locations where the documents can be obtained are indicated on the website www.erste-am.com. A summary of the investor rights is available in German and English on the website www.erste-am.com/investor-rights and can also be obtained from the Management Company.
The Management Company can decide to suspend the provisions it has taken for the sale of unit certificates in other countries in accordance with the regulatory requirements.
Note: You are about to purchase a product that may be difficult to understand. We recommend that you read the indicated fund documents before making an investment decision. In addition to the locations listed above, you can obtain these documents free of charge at the offices of the referring Sparkassen bank and the offices of Erste Bank der oesterreichischen Sparkassen AG. You can also access these documents electronically at www.erste-am.com.
N.B.: The performance scenarios listed in the key information document are based on a calculation method that is specified in an EU regulation. The future market development cannot be accurately predicted. The depicted performance scenarios merely present potential earnings, but are based on the earnings in the recent past. The actual earnings may be lower than indicated. Our analyses and conclusions are general in nature and do not take into account the individual characteristics of our investors in terms of earnings, taxation, experience and knowledge, investment objective, financial position, capacity for loss, and risk tolerance.
Please note: Past performance is not a reliable indicator of the future performance of a fund. Investments in securities entail risks in addition to the opportunities presented here. The value of units and their earnings can rise and fall. Changes in exchange rates can also have a positive or negative effect on the value of an investment. For this reason, you may receive less than your originally invested amount when you redeem your units. Persons who are interested in purchasing units in investment funds are advised to read the current fund prospectus(es) and the Information for Investors pursuant to § 21 AIFMG, especially the risk notices they contain, before making an investment decision. If the fund currency is different than the investor’s home currency, changes in the relevant exchange rate can positively or negatively influence the value of the investment and the amount of the costs associated with the fund in the home currency.
We are not permitted to directly or indirectly offer, sell, transfer, or deliver this financial product to natural or legal persons whose place of residence or domicile is located in a country where this is legally prohibited. In this case, we may not provide any product information, either.
Please consult the corresponding information in the fund prospectus and the Information for Investors pursuant to § 21 AIFMG for restrictions on the sale of the fund to American or Russian citizens.
It is expressly noted that this communication does not provide any investment recommendations, but only expresses our current market assessment. Thus, this communication is not a substitute for investment advice, does not take into account the legal regulations aimed at promoting the independence of financial analyses, and is not subject to a prohibition on trading following the distribution of financial analyses.
This document does not represent a sales activity of the Management Company and therefore may not be construed as an offer for the purchase or sale of financial or investment instruments.
Erste Asset Management GmbH is affiliated with the referring Sparkassen banks and Erste Bank.
Please also read the “Information about us and our securities services” published by your bank.
Subject to misprints and errors.