Friday Reflection | December 18, 2020
Cybersecurity: The Challenge of Digital Dependence
The coronavirus pandemic has forced widespread attention to safety and best practices for protecting ourselves from this invisible enemy. Hand washing became a national conversation in March, stay-at-home orders limited the number of physical interactions that boost contagion, and ultimately a vaccine will be the tool that inoculates us against this specific virus. Along with hygiene and distancing, we’ve massively accelerated the rate and extent of time spent in the virtual world. We rely on virtual networks not only to track the vaccine but also to conduct regular business, shop for daily and occasional purchases, and deliver an endless array of entertainment options.
The stock market has benefitted from this shift to remote work and digital dependence. Many companies and consumers were able to continue their normal operations and spending, in some cases seeing demand for their digital services expand significantly (see: Zoom, DocuSign, and Netflix). This is not meant to minimize the significant toll the virus has had on human life and health, but to explain how markets can be hitting all-time highs in the midst of a deadly pandemic that has disrupted and slowed our economy.
This technology trend in recent decades expanded a new frontier of risk for companies and individuals alike: cybersecurity. Similar to the coronavirus itself, we refer to this invasive computer code that can steal information, money, and personal data as a virus.
SolarWinds of Risk
This week revealed details of a widespread cyberattack that reached into US government agencies and private companies, including Microsoft and many others. The source was a little-known software company called SolarWinds that until this week was a recognizable name only to computer network administrators. Security investigators say the company which boasts more than 400 of the Fortune 500 corporations and many government agencies as clients provided the perfect delivery mechanism.1 This intrusion was quietly underway for months, while our US security agencies were heavily focused on election security.
You can read more about this specific attack here, but the point is that this risk is only growing in scope. In 2017, a breach at Equifax exposed the personal data of 145 million people, including Social Security numbers. By 2019, there were 1,473 reported breaches, up 17 percent from the prior year.2 Ransomware targets began to include hospitals and schools that were forced to pay in order to regain access to their networks. Large companies also face hefty price tags to clean up the damage from a security breach. In 2017, a Russian linked hack called NotPetya ended up costing FedEx $400m and Merck & Co more than $670m.3
Even though this risk is expanding, companies are still growing and participating in the marketplace. FedEx just reported record third-quarter earnings. Average daily package volume for FedEx Ground, which runs e-commerce deliveries, climbed 29% for the quarter as the company helped deliver millions of holiday gifts, e-commerce packages, and recently began to ship the Pfizer-BioNTech vaccine. These demand tailwinds should extend into 2021.
Be Careful; Keep Going
For individual investors, staying safe means understanding new risks as they develop, but it also means staying invested in the marketplace. FedEx modified their cyber protection as a result of the breach but did not shut down its operations after the cyberattack. Their stock price initially declined in response, but over time they were rewarded as consumer demand, shipments, and profits all increased. Historically, investors who are able to weather market downturns, like the one we saw this March, are also likely to be rewarded with higher portfolio values over time.
Similar to real viruses, invasive computer code is invisible and continually evolving, and what’s needed to protect against attacks also changes over time. Our world is more digitally connected than ever before and is likely to grow more and more complex. Happily, this will also provide better and easier ways to remain connected with our clients, accomplish our work, and connect us with our communities.
This is a good moment to remind ourselves to remain vigilant and stay attentive to the risks of identity theft and cybercrime. Two good resources with tips for staying safe can be found from Consumer Reports and CISA (the government agency in charge of cybersecurity).
1Suspected Russian Cyberattack Began With Ubiquitous Software Company. By Robert McMillan. Dec. 15, 2020. Wall Street Journal
2 Facts + Statistics: Identity theft and cybercrime. Insurance Information Institute
3 Hack Suggests New Scope, Sophistication for Cyberattacks. By Dustin Volz and Robert McMillan. Dec. 17, 2020. Wal Street Journal
 | About Brian Kozel, CFP®Brian is a partner, senior advisor, and Chief Investment Officer at North Berkeley Wealth Management. Brian helps clients feel confident as they navigate their financial journey. |
This commentary on this website reflects the personal opinions, viewpoints, and analyses of the North Berkeley Wealth Management (“North Berkeley”) employees providing such comments, and should not be regarded as a description of advisory services provided by North Berkeley or performance returns of any North Berkeley client. The views reflected in the commentary are subject to change at any time without notice. Nothing on this website constitutes investment advice, performance data, or any recommendation that any particular security, portfolio of securities, transaction, or investment strategy is suitable for any specific person. Any mention of a particular security and related performance data is not a recommendation to buy or sell that security. North Berkeley manages its clients’ accounts using a variety of investment techniques and strategies, which are not necessarily discussed in the commentary. Investments in securities involve the risk of loss. Past performance is no guarantee of future results.