Cyber stocks surge as NATO commits to historic cybersec spend

Cybersecurity-focused ETFs have delivered exceptional outperformance over the past six months, as NATO members commit to substantial increases in their defence spending, including a significant allocation to cyber defence.

Global X reports that its Cybersecurity ETF (BUGG) has delivered 8.2% returns to investors over the past six months, notably outperforming the MSCI World Index (+3.8%) and Nasdaq Composite (+2.5%) in total AUD returns.

The fund has benefited considerably from its “targeted exposure to high-conviction names” in the cybersecurity sector, Global X said, including CrowdStrike, Zscaler, and Okta – firms that have posted double-digit gains in 2025.

The trans-Atlantic military defence bloc has moved to formalise a historic increase in defence spending, with a proposed target of 5% of GDP. This spending commitment, importantly, includes a 1.5% allocation to ‘non-traditional’ defence, including cybersecurity, space, and infrastructure protection.

This increase could unlock more than US$3 trillion in NATO-aligned defence investment by 2030. Last year, the 32-member bloc spent just over $1.3 trillion on defence priorities.

For Global X, this shift has “redefined how cybersecurity is classified and financed, unlocking new investment flows into the sector”.

“This is more than a budget change, it’s a strategic reclassification of cybersecurity as critical infrastructure,” said Billy Leung, senior investment strategist at Global X, putting it on par with communications, energy and space in national defence budgets.

“We’re witnessing a shift from fragmented, discretionary spending to predictable, multi-year procurement cycles aligned with national security goals.”

For Leung, the non-discretionary nature of cybersecurity is now “driving consistent investment, shielding the sector from volatility affecting other technology verticals”.

Global X notes several other long-term structural trends reinforcing the demand for cybersecurity:

• Procurement formalisation – governments adopting long-cycle contracts and coordinated cyber plans.
• Platform consolidation – enterprises reducing tool sprawl and standardising on full-stack security platforms.
• Regulatory pressure – SEC, EU NIS2, and APAC mandates increasing compliance burdens and investment requirements.

“With cyber threats increasing, regulatory pressure mounting, and state-level funding rising, the case for long-term, strategic investment in cybersecurity continues to strengthen,” Global X concludes.