Key Highlights

• Cybersecurity stocks have underperformed the S&P 500 by more than 36% over the past year as capital rotated aggressively into perceived AI winners.¹

• Valuations across the sector now sit near five-year lows despite improved profitability and stronger balance sheets.²

• AI is expanding the threat surface, reinforcing — not weakening — long-term cybersecurity demand.³

• Enterprise security budgets remain resilient, with global spend projected at $212 billion in 2025.⁴

• Market leadership and platform consolidation favor high-quality operators within the HACK ETF.

• The current setup reflects sentiment dislocation more than structural deterioration.

Rotation, Not Ruin: Why Cyber Fell Behind

Cybersecurity entered 2026 as an unexpected laggard. The Amplify Cybersecurity ETF (HACK) trailed the S&P 500 significantly over the past year.¹ The underperformance was not triggered by collapsing demand or structural disruption. It was driven by capital rotation.

As enthusiasm around artificial intelligence intensified, investors crowded into mega-cap AI beneficiaries — semiconductors, hyperscale cloud providers, and infrastructure names — while rotating out of software. Analysts described the move as an “AI scare trade,” where anything perceived as vulnerable to AI disruption was sold first and evaluated later.³

The damage was broad. The Nasdaq Software Index shed roughly $2 trillion in market value from its October peak.³ Even industry leaders such as CrowdStrike declined meaningfully despite steady operational execution.³

This type of rotation is typically sentiment-driven rather than fundamentals-driven. Cybersecurity companies were swept into the broader software reset despite their mission-critical positioning. Breaches did not slow. Ransomware did not disappear. Regulatory scrutiny did not ease.

What changed was positioning.

The result is a sector trading at valuation levels last seen five years ago.² When sentiment overshoots reality, dislocations form. That appears to be the case today.

Leaner Balance Sheets, Expanding Threat Surfaces

The current backdrop is materially different from prior cybersecurity cycles. Companies are leaner. Margins are stronger. Capital discipline has improved.

Palo Alto Networks reported a non-GAAP operating margin above 30% in its latest quarter, reflecting both scale and efficiency improvements.⁵ Fortinet operates at mid-30% operating margins and continues generating substantial free cash flow.⁶ Many industry leaders now comfortably meet or exceed the Rule of 40 threshold.

This matters. During the 2020–2021 software expansion, growth was often prioritized over profitability. The 2022–2023 correction forced internal restructuring. The survivors are more durable businesses.

Meanwhile, AI has not reduced cybersecurity’s relevance. It has intensified it.

Generative AI is accelerating phishing sophistication, automating vulnerability discovery, and compressing attack cycles.⁷ Analysts increasingly argue that AI proliferation expands risk exposure and reinforces security budgets.⁸

Industry conferences in 2026 are expected to highlight AI-enabled defense tools — from real-time deepfake detection to automated threat containment.⁹ The narrative is shifting from AI as threat to AI as defense multiplier.

Enterprise budgets reflect this reality. Global cybersecurity spending is projected to reach nearly $240 billion in 2026.⁴ Even in tighter macro environments, security ranks among the least discretionary IT line items.⁴

There is also a structural labor shortage in cybersecurity talent, forcing enterprises to consolidate around trusted platform vendors.⁴ That dynamic benefits scaled operators embedded within HACK.

The sector is not contracting. It is consolidating.

Five Names Positioned for Recovery

Within HACK’s portfolio, several companies represent distinct expressions of cybersecurity’s structural tailwinds.