As artificial intelligence (AI) continues to reshape industries and redefine efficiency, it’s also redefining the dark side of technology, hacking. The very tools designed to drive innovation and productivity are being weaponised by cybercriminals at an alarming rate as we have seen play out recently through data leaks and threats. With AI’s ability to learn, replicate, and adapt at scale, the sophistication of cyberattacks has surged, forcing enterprises and governments alike to rapidly increase their cybersecurity spend in parallel with AI spend commitments.

The rise of AI-driven data breaches has become a defining risk of the decade. Hackers are now using large language models to identify vulnerabilities and loopholes faster than humans can patch them, while phishing scams, deepfakes, and automated ransomware are increasing in both frequency and complexity. Global data shows that cyberattacks leveraging AI tools have risen by more than 400% in the past 12 months, with breaches affecting major corporations, from Salesforce to Optus and Qantas, exposing millions of customer records and triggering class actions in their stride.

This new wave of AI-enabled cybercrime is driving what could be one of the most sustained investment tailwinds of the coming years. As organisations allocate more of their IT budgets toward defence and data protection, cybersecurity has emerged as a non-discretionary spend category, much like electricity or insurance as the strict nature of data protection and rising risk of hacking pressures business stability. For investors, this creates a compelling structural growth theme, especially as governments and enterprises double down on protecting their digital infrastructure.

A Spotlight on Spirit Technology Solutions (ASX:ST1)

Among ASX-listed names, Spirit Technology Solutions stands out as one of the few pure-play cybersecurity exposures in Australia. Bell Potter’s Research team recently initiated with a BUY rating and a 60c price target. Spirit provides integrated “secure-by-design” IT and cybersecurity solutions to more than 1,000 clients across critical sectors including healthcare, education, government and utilities.

Spirit’s strength lies in its diversified service model spanning Cyber Security, Secure Managed Technology, and Cloud & Communications, all of which are profitable and positioned for growth heading into FY26. The company’s turnaround story has added confidence to its investment case, with its Secure Managed Technology division returning to profitability and demonstrating the benefits of improved operational execution.

The company is also strategically positioned within a rapidly consolidating market. Recent acquisitions by global heavyweights such as Thales, Infosys, and Accenture highlight the value of scalable, integrated cybersecurity providers, and Spirit’s size, sector exposure, and profitability make it a potential acquisition target in the medium term. For investors, its valuation remains attractive, supported by a DCF and EV/EBITDA framework that still implies meaningful upside from current levels.

With several near-term catalysts on the horizon, including a potential update at the upcoming AGM and continued contract wins, Spirit offers investors a credible, locally listed entry point into a globally accelerating theme.

What metrics to consider when researching cybersecurity investments

While the sector’s growth prospects are clear, not all cybersecurity companies are created equal. For investors seeking exposure, several key factors can help separate quality from hype:

Contract backlog and value – Strong pipelines and long-term customer contracts provide visibility over future earnings.
Specialisation – Companies with niche expertise (e.g. government, healthcare or critical infrastructure) tend to enjoy stronger pricing power and market share.
Credibility of clients – Blue-chip or government contracts enhance reliability and reputation.
Profitability – Consistent earnings and cash flow generation indicate scalability.
Uniqueness of technology – Proprietary software, IP, or patented security systems can drive long-term differentiation.

How to Gain Exposure

For direct equity exposure, the ASX offers a handful of cybersecurity opportunities, including Spirit Technology Solutions (ASX:ST1) and archTIS (ASX:AR9). For those preferring diversified exposure, global ETFs such as the BetaShares Global Cybersecurity ETF (ASX:HACK) and the Global X Cybersecurity ETF (ASX:BUGG) provide access to international leaders in the field, including CrowdStrike, Palo Alto Networks and Fortinet.

The broader theme is clear: cybersecurity is no longer a niche segment of the technology market; it’s an essential layer of the global economy. As AI adoption accelerates, so too does the need to protect the systems that enable it. The companies positioned at the intersection of AI and cybersecurity could well be the next major winners of the digital revolution.

In 2026 and beyond, as data becomes both the world’s most valuable asset and its greatest vulnerability, cybersecurity may prove to be one of the most resilient and rewarding sectors for investors seeking both growth and protection.

This information is general in nature only and you should consider whether it is appropriate for you. Desktop Broker does not provide tax, legal or accounting advice. This material has been prepared for informational purposes only. For more information, visit desktopbroker.com.au or call 1300 786 199. Desktop Broker is the trading name of Third Party Platform Pty Ltd ABN 74 121 227 905, AFSL 314341.