Discl: Held IRL 4.07%

Just had a quick look at the HACK chart.

• After the huge drop from the All-Time-High of $15.86 down to $11.29, the price recovery has almost been vertical, with nice gapping up throughout the way up
• It also smashed through the 200SMA line and the $14.28 to $14.5 resistance area

My last 2 top ups was at $12.50 and $12.54 as I was focused on the $12.37 support line and so, I missed out on the downward moves which stopped at $11.29. If only I had ....!

Fundamentally though, this upward price movement makes complete sense. In an AI-centric world:

(1) cybersecurity risks are massively heightened - the speed of how vulnerabilities can spread MUST be met by at least the same use of AI on the defence-end by cybersecurity companies, hardware and software

(2) whether it is a SAAS model or not is completely irrelevant - cybersecurity is a non-negotiable in any enterprise. It would be a complete dumb arse company who chooses to stinge on cybersecurity capability, more so as more AI is internally deployed.

(3) the release of recent cyber-security AI capabilities, think it was Claude/Anthropic, has not dented the HACK price at all. This makes sense. The detection of more vulnerabilities, the more the need to clean/fix/protect - this is a positive, not negative loop for cybersecurity companies.

Hopefully, the HACK price movement has signaled, and/or confirmed, that good sense has returned in the cybersecurity space following the mind-boggling negative fallout from SAASpocalypse.

Discl: Held 2.53% IRL

While there is insane excitement everywhere today, I decided to continue to focus on working through my portfolio to make sure I am clear and comfortable with my going forward tech exposure, before I revisit more SAAS companies. Quite hard to stay focused with this exercise with PME falling as it has, but I think this take-stock is vital before committing any more capital anywhere ...

I did a 0.39% nibble top up of HACK today at $12.54.

RATIONALE

• Market sentiment is badly hit by the “AI-eats-SAAS-software” narrative
• While not considered “functional enterprise SAAS software”, cyber security software IS SAAS software, and so, is caught up in the strong downward momentum of this narrative
• In an AI-driven world, cyber security (1) becomes MORE, not less critical and (2) companies must deploy more and more AI to keep up with the deployment of malicious AI bots - the applying of AI-eats-software narrative against cyber security companies makes zero sense, thus presenting the opportunity to to up
• Increasing exposure to HACK makes more sense now having exited NDQ which removes the holdings overlap between HACK and NDQ
• Price is approaching the $12.37 support, an attractive top up zone given that support goes all the way back to Oct 2024
• Nibbled 0.39% instead of a full-blown purchase as there is still significant tech volatility ahead and the probability of the $12.37 support being broken is high
• Will top up another tranche to get the full allocation to 3.0%, either at the next major support area of ~$10.94 to $11.15, or if it continues to hover between those levels and $12.37

CHART POSITION

Fallen 100% from the last upwswing which started in Oct 2024 at ~$12.37 and peaking at $15.36 in Oct 2025, as the market rotated out of software companies en-masse

Support at 12.37 held last week, there was a short rebound, but the price fell again today, making it attractive for a small nibble

Next major support area going back Dec 2023 is ~$10.94 to $11.15

HACK PORTFOLIO As at 11 Feb 2026

Portfolio makes good sense.

Lots of familiar cyber hardware and cyber software vendors - highlights in yellow that I have had used/had exposure to.

CSCO being the highest holding at 9.61% is comforting as that is pure hardware, as is Palo Alto at 7.52%.

Cyber software is critical infrastructure which must now stand up to AI-drive cyber vectors, which should have driven attack intensity by many notches given the sheer compute power and agents that can be maliciously deployed - the only way cyber securities can fight back is to deploy more and more AI to proactively identify and neutralise the attacks.

It is hard to find any angle which suggests that AI will eat cyber security software and make them irrelevant - that just does not make sense as it is counter-intuitive to the need for MORE AI.

There is now completely no overlap with the rest of my SMSF portfolio: 

• Have exited NDQ which would have duplicated the HACK portfolio to a large extent given most of the HACK holdings are listed on the Nasdaq, not NYSE
• LHGG does not have any cyber security holdings in its portfolio

HACK seems to be one thematic ETF worth the fees!

Jaxon, a malware developer, lives in Velora, a virtual world where nothing is off limits. He wants to make malicious software to steal passwords from Google Chrome, an internet browser. That is the basis of a story told to ChatGPT, an artificial-intelligence (AI) bot, by Vitaly Simonovich, who researches AI threats at Cato Networks, a cybersecurity firm. Eager to play along, Chatgpt spat out some imperfect code, which it then helped debug. Within six hours, Mr Simonovich had collaborated with Chatgpt to create working malware, showing the effectiveness of his “jailbreak” (a way to bypass AI safeguards).

AI has “broadened the reach” of hackers, according to Gil Messing of Check Point, another cybersecurity firm, by letting them hit more targets with less effort. The release of Chatgpt in 2022 was a turning-point. Clever generative-ai models meant criminals no longer had to spend big sums on teams of hackers and equipment. This has been a terrible development for most firms, which are increasingly the victims of AI-assisted hackers—but has been rather better for those in the cybersecurity business.

The new technology has worsened cybersecurity threats in two main ways. First, hackers have turned to large language models (LLMs) to extend the scope of malware. Generating deepfakes, fraudulent emails and social-engineering assaults that manipulate human behaviour is now far easier and quicker. XanthoroxAI, an AI model designed by cybercriminals, can be used to create deepfakes, alongside other nefarious activities, for as little as $150 a month. Hackers can launch sweeping phishing attacks by asking an llm to gather huge quantities of information from the internet and social media to fake personalised emails. And for spearphishing—hitting a specific target with a highly personalised attack—they can even generate fake voice and video calls from colleagues to convince an employee to download and run dodgy software.

Second, AI is being used to make the malware itself more menacing. A piece of software disguised as a pdf document, for instance, could contain embedded code that works with ai to infiltrate a network. Attacks on Ukraine’s security and defence systems in July made use of such an approach. When the malware reached a dead end, it was able to request the help of an llm in the cloud to generate new code so as to break through the systems’ defences. It is unclear how much damage was done, but this was the first attack of its kind, notes Mr Simonovich.

For businesses, the growing threat is scary—and potentially costly. Last year AI was involved in one in six data breaches, according to ibm, a tech firm. It also drove two in five phishing scams targeting business emails. Deloitte, a consultancy, reckons that generative AI could enable fraud to the tune of $40bn by 2027, up from $12bn in 2023

As the costs of ai cyberattacks increase, the business of protecting against them is also on the up. Gartner, a research firm, predicts that corporate spending on cybersecurity will rise by a quarter from 2024 to 2026, hitting $240bn. That explains why the share prices of firms tracked by the Nasdaq cta Cybersecurity index have also risen by a quarter over the past year, outpacing the broader Nasdaq index. On August 18th Nikesh Arora, boss of Palo Alto Networks, one of the world’s largest cybersecurity firms, noted that generative-ai-related data-security incidents have “more than doubled since last year”, and reported a near-doubling of operating profits in the 12 months to July, compared with the year before.

The prospect of ever-more custom has sent cybersecurity companies on a buying spree. On July 30th Palo Alto Networks said it would purchase CyberArk, an identity-security firm, for $25bn. Earlier that month, the firm spent $700m on Protect AI, which helps businesses secure their ai systems. On August 5th SentinelOne, a competitor, announced that it was buying Prompt Security, a firm making software to protect firms adopting ai, for $250m.

Tech giants with fast-growing cloud-computing arms are also beefing up their cybersecurity offerings. Microsoft, a software colossus, acquired CloudKnox, an identity-security platform, in 2021 and has developed Defender for Cloud, an in-house application for businesses that does everything from checking for security gaps and protecting data to monitoring threats. Google has developed Big Sleep, which detects cyberattacks and security vulnerabilities for customers before they are exploited. In March it splurged $32bn to buy Wiz, a cybersecurity startup.

Competition and consolidation may build businesses that can fend off nimble ai-powered cybercriminals. But amid the race to develop the whizziest llms, security will take second place to pushing technological boundaries. Keeping up with Jaxon will be no easy task. ■

https://www.betashares.com.au/files/factsheets/HACK-Factsheet.pdf

HACK is one of my core holdings in super (~5%).

Most of you probably know it already, but it is an ASX listed ETF that invests in cybersecurity companies, predominantly listed in the USA (~85%)

Here is the link to the fact sheet

Like most "tech companies", things got a bit excited during last year and most of the multiples that these companies were trading on got quite stretched. As a result, the NAV is currently down about 16.5% this year. Over the longer term, it has been a consistent performer and there is little reason think things will change in the future - the problem these companies address only seems to be getting worse.

I seem to remember when I first looked into it that one of the interesting features is that it has a mandate not to hold > x% in any one holding, so re-balances a couple of times a year. For the life of me I cant find that information anywhere. The point here is that the dividend yield is actually quite high, as excess holdings are returned to the holder in cash rather than re-invested.

These yields can be quite lumpy as per below

At the current price, that is a yield of ~8.3%.

I subscribe to the DRP and view this as a long term holding that will hopefully continue the magic of compounding at >15%p.a. after management and administrative fees of 0.67%