BUG vs. HACK – What to Look for When Comparing Thematic ETFs

Paul Kenney
June 14, 2023

What to look for when Comparing Thematic ETFs

Introduction

Investments in cybersecurity have risen significantly over the last decade with the acceleration and advancement of the digital economy. The COVID-19 pandemic also fueled investments in companies that specialize in cybersecurity, as many businesses rushed to ensure systems were sufficiently protected from rising cyberattacks that were prompted by the widespread adoption of work-from-home policies. In 2021, organizations spent $150 billion on cybersecurity, a 12.4% growth rate from 2020.¹ Thematic ETFs focused on cybersecurity o er an easy way for investors to participate in this growth opportunity. However, not all thematic ETFs are created equal. The investment philosophy and objective of the ETF manager can lead to significant differences in how the theme is implemented in one ETF relative to another. This paper compares the ETFMG Prime Cybersecurity ETF (HACK) and the Global X Cybersecurity ETF (BUG), two of the largest cybersecurity ETFs (based on AUM) and highlights the key similarities and diferences that investors should be aware of between the two ETFs.

Exhibit 1: Overview of the BUG and HACK ETFs

Digging into the Differences

One of the first differences between the BUG and HACK ETFs that investors will notice is the number of constituents – HACK with 56 stocks and BUG with 24. As a result of having a smaller number of holdings, BUG is a more concentrated portfolio, as shown in Exhibit 2, which lists the top ten holdings for each ETF.

Exhibit 2: HACK and BUG ETFs - Top 10 Holdings

We then used the Cybersecurity Lens and the ETF Analyzer tool in our Affinity® Platform to assess how the ETFs were constructed. By applying the Cybersecurity Lens, we identified both ETFs’ product line exposure to different business lines, as shown in Exhibit 3.²

The results highlight fundamentally different approaches to gaining access to the cybersecurity theme. HACK takes a diversified approach to portfolio construction, holding companies primarily engaged in cybersecurity and others with secondary or tertiary involvement in the theme. After allocating constituent weight to each cybersecurity-related group at the product line level, 63.8% of HACK’s weight is engaged in cybersecurity. On the other hand, BUG focuses on providing dedicated cybersecurity exposure, with 98.3% of its weight classified as cybersecurity. Exhibit 4 shows the top ten holdings of both HACK and BUG and their respective exposure to cybersecurity business lines.

Exhibit 4: HACK and BUG ETFs Top 10 Holdings - Exposure to Cybersecurity

Six of HACK’s top ten holdings have cyber exposure of 93% or more, while the remaining four have exposures of 39% (Akamai), 7% (both BAE Systems and Cisco Systems), and 0% (Verisign). Exhibit 5 illustrates the product lines of Akamai Technologies, HACK’s ninth-largest holding, to provide some insights into what cyber-adjacent exposures may be found in HACK.

Akamai, an American content delivery network, cybersecurity, and cloud service company, is classified under the Information sector, with 38.6% of its revenue tied to Information Security Services for Businesses and Governments, which qualifies for the Cybersecurity Lens. In addition, 61.4% of its revenue is classified as Cloud Storage (its FIS® Level 4 classification in Exhibit 5 below).

Exhibit 5: Example Top 10 Holdings - Akamai Technologies Sector and Product Line Exposures from Affinity

Here are what the other companies noted above bring to the HACK portfolio:

• Verisign has 100% of its revenues attributable to Cloud Services

• Cisco Systems is 57% Hardware, 17% Software and 26% IT Services

• BAE Systems has 93% of its revenues in the Industrials Sector and 7% in Cybersecurity Services

While HACK can be described as cybersecurity-focused, BUG’s holdings make the ETF almost exclusively cybersecurity (98% of holdings) and specifically focused on cybersecurity software (85% of the portfolio).

Exhibit 6 below highlights the two ETFs' trailing and calendar year performance. Recent performance has favored HACK, which outperformed by 580 basis points over the past year, as the more diversified approach provided some downside protection when both ETFs posted recent losses.

Exhibit 6: BUG and HACK ETFs Historical Performance and Volatility

In 2021 and 2020, the more cybersecurity-focused BUG outperformed HACK by 6.2% and 29.5%, respectively, which supports its higher 3-year annual return (17.6% vs. 10.5%). Both ETFs experienced relatively high levels of volatility over the past three years, with volatility being measured as the annualized standard deviation of return. However, not surprisingly, the more diversified HACK (34.7%) was less volatile than the concentrated BUG (52.3%).

A Tale of Two Approaches

Our analysis of HACK and BUG highlights that these two thematic ETFs, which have cybersecurity in their names and similar investment objectives, can materially differ in terms of their approach for portfolio construction, performance, and portfolio characteristics. Depending upon an investor's preferences, the more diversified HACK or the more concentrated BUG could be the right choice for a portfolio. The key takeaway is that to avoid unintended consequences and risks, investors should be aware of the differences between ETFs before making their investment decisions. While there are many tools available for comparing the performance, expense ratio, and other market characteristics of ETFs, there are relatively few that enable investors to know what business lines the companies in the portfolio are actually engaged in. The Affinity Platform captures business exposures at the product line level for over 7,000 publicly listed companies, providing investors enhanced transparency into ETFs and their underlying holdings and helping them analyze portfolios to better understand what they own.

1. https://www.mckinsey.com/capabilities/risk-and-resilience/our-insights/cybersecurity/new-survey-reveals-2-trillion-dollar-market-opportunity-for-cybersecurity-technology-and-service-providers
2. Cybersecurity business lines are identified using Syntax’s proprietary FIS industry classification system which may differ from other industry classification systems. Portfolio weight to Cybersecurity and subcategories is calculated at the product line level; the weight of each security is divided between all product lines of the company pro rata to the company’s revenues from each product line, and product lines may be categorized in different groups.
About Syntax

Syntax LLC is a financial data and technology company that codifies business models into a relational system we call Affinity Data™. Syntax operates through three segments: Affinity Data™, Syntax Direct™, and Syntax Indices™. Using its patented FIS® technology inspired by systems sciences, the Affinity Data™ segment offers the most comprehensive, granular, and accurate product line revenue data available on the market. The Syntax Direct™ segment then uses this abundance of data to facilitate the near instantaneous creation and ongoing management of boundless direct indexing solutions and rules-based equity portfolios through a fully automated platform. The Syntax Indices™ segment offers customized and proprietary indices, including core global benchmarks and micro- and macro-thematic, smart beta, defined outcome, and target volatility indices. These indices are foundational for a range of financial products, such as ETFs, UITs, and structured products.

Important Information
This document is for informational purposes only and is not intended to be, nor should it be construed or used as an offer to sell, or a solicitation of any offer to buy, any security. Additionally, the information herein is not intended to provide, and should not be relied upon for, legal advice or investment recommendations. You should make an independent investigation of the matters described herein, including consulting your own advisors on the matters discussed herein. In addition, certain information contained in this informational piece has been obtained from published and non-published sources prepared by other parties, which in certain cases have not been updated through the date hereof. While such information is believed to be reliable for the purpose used in this informational piece, such information has not been independently veri ed by Syntax and Syntax does not assume any responsibility for the accuracy or completeness of such informa- tion. Syntax LLC, its a liates and their independent providers are not liable for any informational errors, incompleteness, or delays, or for any actions taken in reliance on information contained herein. Charts and graphs are provided for illustrative purposes only. Syntax®, Stratified®, Stratified Indices®, Stratified-Weight™, Stratified Benchmark Indices™, Stratified Sector Indices™, Stratified Thematic Indices™, Affinity™, and Locus® are trademarks or registered trademarks of Syntax, LLC and its affiliate Locus LP.