Cybersecurity combines defensive spending with tech-sector growth, and two ETFs dominate retail exposure: the First Trust NASDAQ Cybersecurity ETF (NASDAQ:CIBR) and the Amplify Cybersecurity ETF (NYSEARCA:HACK). They own many of the same names, charge similar fees, and both target a market projected to grow from $454 billion in 2025 to over $1 trillion by 2031. But they bet on different definitions of cybersecurity, producing meaningfully different return profiles.
What Each Fund Is Actually Betting On
CIBR tracks the Nasdaq CTA Cybersecurity Index, a market-cap-weighted index that lets the biggest pure-play vendors dominate. As of March 31, 2026, Palo Alto Networks (8.46%), CrowdStrike (8.25%), Cisco (7.67%), Broadcom (7.61%), and Fortinet (7.40%) together represent roughly 39% of net assets. This concentrates the bet on platform consolidation: the belief that a handful of large vendors will absorb security spend once spread across dozens of point solutions. CIBR also stretches the definition to include infrastructure heavyweights like Microsoft, Alphabet, IBM, and Accenture, pulling its behavior closer to broad enterprise software.
HACK tracks the Nasdaq ISE Cyber Security Select Index, using adjusted market-cap methodology that flattens position sizes. Top holding Palo Alto Networks sits at 6.61%, and the top 10 combine to 51.86% of the fund with 23 total holdings. Critically, HACK includes defense contractors like General Dynamics (5.11%) and Northrop Grumman (4.56%). That reflects a different thesis: cybersecurity as a national-security budget line, not just a software-buying decision.
Where the Difference Shows Up
The concentration gap explains divergent returns. Over the past decade, CIBR returned 446.18% against HACK’s 355.74%, a roughly 90-percentage-point gap driven by CIBR’s heavier weight in platform consolidation winners. Over five years, CIBR is up 93.68% versus 75.56% for HACK.
In 2026, the picture reverses. HACK is up 35.44% year-to-date against CIBR’s 28.62%, and its one-month gain of 12.47% nearly doubled CIBR’s 6.51%. Defense contractors have rerated on rising cyber-warfare budgets, and smaller pure-play names, which HACK holds at meaningful weight, have caught a bid after years of underperformance. When leadership broadens beyond the largest platforms, HACK’s flatter weighting wins. When the giants lead, CIBR wins.
Practical Comparison
| Factor | CIBR | HACK |
|---|---|---|
| Index | Nasdaq CTA Cybersecurity | Nasdaq ISE Cyber Security Select |
| Weighting | Market cap with caps | Adjusted market cap (flatter) |
| Holdings | 45 | 23 |
| Top 5 weight | ~39% | ~28% |
| Net assets | $9.49 billion | $2.71 billion |
| Expense ratio | 0.60% | 0.60% |
| YTD 2026 return | 28.62% | 35.44% |
| 10-year return | 446.18% | 355.74% |
CIBR’s large positions in Microsoft, Alphabet, Cisco, and Broadcom mean an investor who already owns a broad tech ETF double-counts megacap exposure. HACK’s tilt toward defense primes and smaller pure-plays offers meaningfully less overlap with an S&P 500 allocation, fitting the economic-security theme that Goldman Sachs highlighted in its 2026 outlook, which flagged supply chains, resources, and national defense as central portfolio priorities.
The Verdict
CIBR suits investors who want cybersecurity expressed as a bet on platform consolidation winners and accept meaningful megacap overlap. Its ten-year track record reflects a period when large pure-plays crushed the field. HACK fits investors who want broader, equal-weighted exposure including defense-adjacent names, with less overlap to existing tech ETFs. If national-security spending and mid-cap rallies drive the next leg, HACK’s structure works. If megacap software resumes dominance, CIBR reclaims the lead.
Contact [email protected] for any questions or corrections.