Cybersecurity: Investment Opportunities Amidst a Growing Threat
In an increasingly digital world, cybersecurity has never been more critical. Recent high-profile attacks on major retailers have highlighted the growing sophistication of threat actors and the devastating impact these incidents can have on businesses. This article examines the current cybersecurity landscape, with a focus on recent attacks affecting UK retailers, their impact on business operations and share prices, and how investors can navigate the cybersecurity sector for potential returns.
The Growing Cybersecurity Threat Landscape
The cost of cybercrime is projected to reach a staggering $10.5 trillion annually by 2025, making it one of the most significant threats facing organisations globally. With increasing digitalisation across all sectors, the theatre of operation has expanded dramatically, creating more entry points for malicious actors. Ransomware attacks, data breaches, and social engineering tactics have become increasingly sophisticated, with bad actors constantly evolving their methods to bypass traditional security measures.
This vulnerability and threat is likely to increase exponentially as the number of interconnected devices grow, the complexity of IT systems deepens, and we see the rapid growth and adoption of the Internet of Things (IOT), connected vehicles, robotics, and Agentic AI. The accepted use of cryptocurrencies also allows nefarious actors access to a financial system to finance and run their operations and receive ransom payments away from the prying eyes of a regulated payments system.
The retail sector has recently become a prime target due to the vast amounts of customer data it processes and its reliance on digital infrastructure for day-to-day operations. Payment systems, customer databases, supply chain management tools, and e-commerce platforms all represent potential vulnerabilities that cybercriminals can exploit. Due to the impact on business operations, there is also the theory that these businesses are more likely to pay a ransom. Recent attacks demonstrate that even well-established organisations with substantial resources remain vulnerable.
UK Retail Under Siege: The M&S, Co-op, and Harrods Attacks
The UK retail sector has recently been rocked by a series of devastating cyberattacks that have affected some of the country’s most iconic brands. Marks & Spencer (M&S), the Co-operative Group (Co-op), and luxury department store Harrods have all fallen victim to cybercriminals, causing significant operational disruption and financial impact.
Marks & Spencer: A Retail Giant Paralyzed
M&S’s troubles began over the Easter holiday weekend in April 2025, when customers reported problems with contactless payments and click-and-collect services. By 25th April, the situation had deteriorated to the point where the retailer was forced to suspend all online orders through its website and app. This digital shutdown has had far-reaching consequences for the company, which derives approximately one-third of its clothing and home sales from online channels.
The attack, widely attributed to a hacking collective known as “Scattered Spider,” reportedly involved ransomware that encrypted M&S’s servers. The impact has been severe and multifaceted:
- Online operations completely halted for multiple weeks
- Empty shelves in stores as ordering and inventory management systems have been offline
- Work-from-home staff locked out of IT systems
- Customer personal data compromised, including names, email addresses, postal addresses, and dates of birth
The cyberattack on M&S has had a substantial impact on the company’s share price performance and business operations. Since first disclosing the incident in late April, M&S shares had fallen by approximately 15% before a slight recovery. Although a one off hit to earnings, the decline represents a significant loss in market value and has raised concerns among investors about the company’s ability to recover from the attack.
The timing of the attack has been particularly unfortunate, coming during a bout of warm weather in Britain when retailers would normally see increased demand for summer clothing, fresh food, and drinks. Recent data indicated a recent pick up in consumer spending coinciding with a better-than-expected Easter trading period and warmer weather leading to greater retail activity. With its online operations paralysed and stock availability in stores affected, M&S has been unable to fully capitalise on this seasonal opportunity.
The company’s latest earnings report was released on the 21st of May, however, did not capture the cyber issues. Earnings and revenue came in better than anticipated, with positive sales momentum, structural cost reduction and an increased dividend demonstrating the company was doing well before the attack. Management believes the impact is currently sitting around £300m and Q1 impacts included additional costs associated with waste and manual processes associated with loss of systems alongside increased stock management costs to hit in Q2. They expect the disruption to continue through June and believe they will be able to restart and ramp up their operations in July. The company is reported to have a cybersecurity insurance policy in place to protect them against these risks, in the order of £100m.
Co-op & Harrods:
The Co-operative Group also confirmed it had been targeted in an attack, with hackers stealing customer data. The company shut down parts of its IT system, primarily affecting back-office and call centre functions, while stores remained operational. On 13th of May the Co-op confirmed that personal customer data had been stolen as part of the attack. The company has assured customers that the compromised data did not include payment details, card information, or account passwords.
Luxury department store Harrods revealed on 1st May that hackers had attempted to break into its systems. Unlike the other retailers, Harrods appeared to have successfully prevented the unauthorised access. The store reported that its “seasoned IT security team immediately took proactive steps to keep systems safe,” which included restricting internet access at its sites.
The cybersecurity crisis has extended beyond UK retailers to affect international luxury brands. French fashion house Dior recently disclosed a cybersecurity incident that exposed customer information. According to reports, the breach was discovered on the 7th May and impacted Dior Fashion and Accessories customers.
U.S. Retailers on High Alert
The wave of attacks on UK retailers has prompted U.S. retailers to heighten their cybersecurity defences. Mandiant, Google’s cybersecurity arm warned on 14th May that the hackers responsible for the UK retail attacks are now targeting American companies. John Hultquist, an analyst at Google’s cybersecurity division, cautioned that “US retailers should take note. These actors are aggressive, creative, and particularly effective at circumventing mature security programs.” U.S. retailers are implementing key defensive strategies given the threat. Many companies are beefing up their cybersecurity investment spend and putting up their shields.
Investing in Cybersecurity: Opportunities in a Growing Market
The escalating threat landscape presents significant investment opportunities in the cybersecurity sector. Global spending on cybersecurity is expected to exceed $200 billion per year by 2028, or a compounding growth rate of around 12% per year according to research from IDC, and the recent high-profile attacks are likely to accelerate this trend.
Key Cybersecurity Stocks
For investors looking at individual companies, our Prime Broker Saxo Markets, tracks a basket of stocks under the ‘Cyber Security’ theme:
| Market | Currency | Market Cap | 1 year performance | |
| Palo Alto Networks | NASDAQ | USD | $128b | 21.43% |
| CrowdStrike Holdings | NASDAQ | USD | $109b | 26.98% |
| Fortinet | NASDAQ | USD | $80.1b | 70.26% |
| Cloudflare | NYSE | USD | $54.5b | 108.95% |
| Zscaler | NASDAQ | USD | $38.9b | 40.61% |
| Verisign | NASDAQ | USD | $26.6b | 65.82% |
| Check Point Software | NASDAQ | USD | $23.7b | 44.70% |
| Okta | NASDAQ | USD | $22.3b | 23.64% |
Source Saxo Markets
Source Saxo Markets
Large technology companies with significant cybersecurity operations also offer exposure to the sector, including Alphabet (Google), Microsoft, Cisco Systems, SAP and IBM.
Cybersecurity ETFs: Diversified Exposure
Exchange-traded funds (ETFs) offer investors a way to gain diversified exposure to the cybersecurity sector without relying on individual company performance.
L&G Cyber Security UCITS ETF (ISPY) – This is one of the most popular UK-listed cybersecurity ETFs, tracking the ISE Cyber Security UCITS Index. Listed on the London Stock Exchange, it provides exposure to companies actively involved in providing cybersecurity technology and services. It has a TER (Total Expense Ratio) of 0.69%.
First Trust Cybersecurity UCITS ETF (CIBR) – The UK/European version of the First Trust NASDAQ Cybersecurity ETF. This fund is available on the London Stock Exchange and tracks the Nasdaq CTA Cybersecurity Index, offering exposure to companies engaged in the cybersecurity segment of the tech and industrial sectors.
iShares Digital Security USD (ACC) UCITS ETF (LOCK) – Irish domiciled and London listed LOCK offers investors access to a fund tracking the STOXX Global Digital Security Index. It currently has US$1.6 billion in assets under management and charges a 0.4% total expense ratio.
These ETFs have generally outperformed the broader market in recent years and have attracted significant fund inflows, reflecting the growing importance of cybersecurity in the digital economy.
The recent attacks on UK retailers, along with the targeting of U.S. companies and luxury brands, underscore the ever-present and evolving nature of cyber threats across all industries.
For investors, the cybersecurity sector continues to offer significant growth potential as organisations increase their security spending in response to these threats. These businesses operate in an industry experiencing secular growth trends, and as the world becomes more digitised, more data is generated, more devices connected, the risk increases. As a result, software and products in this field can be considered compulsory and a non-negotiable in many businesses’ IT spend. Whether through ETFs for diversified exposure or carefully selected individual stocks, cybersecurity investments are likely to remain relevant in an increasingly digital and vulnerable world.
Middleton Private Capital
With over 40 years’ experience in looking after investments for private and institutional clients, we offer a personalised and expert service that represents excellent value.
Our Investment Philosophy: Adaptable. Active. Transparent.
At Middleton Private Capital we believe in a dynamic and adaptable approach to investment management. We set out to achieve market-beating returns through an active approach that adapts to the ever-changing business, economic and sentiment conditions in a manner that is aligned to the needs and risk tolerance of our clients.
Who do we Help?
- Private Clients – Individual investors, business owners, retirees, and their families
- Professional Clients – Institutional Investors, Pension Schemes, Independent Financial Advisers, and Accounting & Legal Professionals
If you are seeking investment advice and or a review or of your current portfolio, please get in touch and we will meet with you to see how we can help you.
DISCLAIMER This article is for information purposes only and no part of it or its contents are deemed to be nor should be taken as advice. It does not constitute recommendations to buy or sell any securities mentioned. Past performance of investments is no guide to future returns and you may get back less than you invested. Capital at Risk.