May 12, 2026
Cybercrime is being transformed into a scalable, automated industry, where AI can identify and ex-ploit vulnerabilities in seconds, putting unprece-dented offensive power into the hands of even non-experts.
The stakes are no longer just digital: modern cy-berattacks can shut down factories, disrupt criti-cal infrastructure, and cause real-world damage with massive economic consequences.
As this threat landscape expands, cybersecurity is evolving into a full ecosystem, where software, hardware, and infrastructure providers all play critical roles in defending the digital economy.
For investors, this shift extends far beyond pure cy-bersecurity firms, opening opportunities across the entire value chain, from software and network hard-ware to data centers, telecom infrastructure, and even the energy systems required to power it all.
Ever had a random “prince” or mysteriously rich stranger slide into your inbox offering you a massive inheritance for almost nothing? Mankind’s develop-ment has generally followed a path from mythos to logos, from belief to reason. But in cybersecurity, that trajectory now appears to be reversing. In this context, Anthropic, the main competitor of OpenAI (creator of ChatGPT), has recently introduced Claude Mythos, a model that is forcing companies to rethink what they once considered “logical.” Widely regarded as An-thropic’s most powerful model to date, Mythos has demonstrated in testing the ability to identify and exploit thousands of cybersecurity vulnerabilities within seconds. While cyber damage has traditionally been associated with scams and other non-physical threats, as we will explore in this piece, tools like Mythos could mark a turning point for societies in general.
While AI is pushing us to confront scenarios that would have seemed dystopian only a few years ago, it is also creating meaningful opportunities for inves-tors. With that in mind, this piece is divided into two parts: the first outlines what is happening and why it matters, while the second examines the companies positioning themselves to benefit from this new land-scape of modern-day “mythos.”
What is cybersecurity? According to IBM, it is the practice of protecting people, systems, and data from cyberattacks through a combination of technologies, processes, and policies. Although the first computers appeared in the 1940s, cybersecurity as a concept is often traced back to researcher Bob Thomas in 1970. From those early beginnings, the industry has grown into a massive global market. By 2025, spending on professional security services reached approximately
USD 61.9 billion, while cybersecurity software reve-nues climbed to nearly USD 140 billion. Notably, even before the emergence of frontier AI, the industry was already expected to grow at a compound annual rate of 14.3% through 2030.
What has changed? With the arrival of advanced AI models, cyberattacks are no longer limited to small groups attempting to steal information; they are be-coming scalable, automated, and increasingly auton-omous operations. In practical terms, models like Claude’s Mythos can orchestrate global cyberattack campaigns. The US Federal Bureau of Investigation’s IC3 received more than 1 million complaints in 2025, with reported losses reaching USD 21 billion, a 26% year-over-year increase. In addition, according to SoSafe’s 2025 cybercrime trend report, 87% of global companies experienced an AI cyberattack in 2025. It’s not if, but when.
How does it work? AI is no longer just a coding assis-tant that helps write or debug scripts; it is a system capable of systematically scanning, understanding, and stress-testing entire codebases to uncover ex-ploitable weaknesses at scale. Modern models can identify known vulnerabilities (exploits) to take advan-tage of flaws or zero-day vulnerabilities, which are bugs that have not yet been patched or disclosed. By combining pattern recognition with reasoning, these systems can map surfaces, chain multiple weakness-es together, and simulate how an attacker might move through a network. The result is a shift from manual, time-intensive security research to large-scale auto-mated discovery. In the context of models like Mythos, this represents a fundamental change: what once re-quired highly specialized human expertise can now be accelerated, replicated, and potentially deployed across thousands of targets simultaneously, reshap-ing both the threat landscape and the defensive strat-egies needed to contain it.
How good is Mythos? As shown in Graph 1, the AI Security Institute (AISI) conducted a Capture the Flag (CTF) test designed to see how effectively models could identify and exploit vulnerabilities in a target system. In the study, Mythos was benchmarked against 16 other models, with tasks executed by both apprentices and technical non-experts to measure performance in realistic, low-specialized conditions. Apprentices achieved an average success rate of nearly 90%, while technical non-experts got close to 100% effectiveness. Taken together, these findings highlight the unusually high capability of Mythos to enable vulnerability discovery and exploitation even in the hands of non-professional users.
Are there different levels of risk? Modern systems are broadly divided into Information Technology (IT) and Operational Technology (OT). IT encompasses traditional digital infrastructure, including servers, cloud environments, databases, and corporate net-works; while OT refers to systems that control physi-cal processes through devices like Programmable
Logic Controllers (PLCs) and Supervisory Control and Data Acquisition (SCADA) platforms. For example, in an automotive assembly plant, IT systems handle in-ventory tracking, production planning, and resource management, whereas OT systems run the factory floor, controlling robotic arms, welding stations, and painting systems.
The risk profile differs sharply between the two. A cyberattack on IT systems, while disruptive, can of-ten be contained through shutdowns, patches, and system recovery with limited impact on physical out-put. An attack on OT systems, however, can halt entire production lines, leading to significant down-time costs and even posing safety risks to opera-tors. Siemens published a study called The True Cost of Downtime, where reported that unplanned downtime accounted for roughly 11% of Global For-tune 500’s revenues in 2024, approximately USD 1.4 trillion in losses. Continuing with the automotive sec-tor, a single hour of unplanned downtime can cost as much as USD 2.3M, equivalent to more than USD 600 per second.
Why is it so hard to patch OT systems? Many of these systems are decades old and were never de-signed to be updated frequently. In some cases, the
original vendors no longer exist or have stopped supporting these legacy platforms, leaving opera-tors with few viable upgrade options. At the same time, OT infrastructure underpins critical sectors across society, including power generation, oil and gas exploration, water treatment facilities, drug manufacturing, and traffic control systems. A clear example of a legacy OT is Windows XP: launched in 2001 and unsupported after 2014, it is still used in some industrial environments because many SCADA systems were built to run on it and replacing them often requires a full overhaul of operations rather than a simple patch.
How bad can a cyberattack be? Examples of both OT and IT cyberattacks can be found in recent his-tory. On the OT side, Stuxnet stands out as the first major cyberattack to cause physical damage: a highly sophisticated worm discovered in 2010 that targeted Iran’s Natanz nuclear facility in an effort to disrupt uranium enrichment. Stuxnet infiltrated in-dustrial control systems through multiple zero-day vulnerabilities, subtly altering the speed of uranium enrichment centrifuges by intermittently increasing and decreasing their rotation beyond safe operating thresholds. This caused excessive mechanical stress, ultimately leading to the failure of a signifi-cant number of centrifuges while simultaneously feeding false normal readings to operators to avoid detection. On the IT side, in 2017, NotPetya disrupt-ed core port infrastructure by disabling the digital systems needed to identify containers, coordinate cranes, and manage logistics flows, effectively forc-ing terminals to shut down despite the physical equipment remaining operational. The shipping gi-ant Maersk reported losses of approximately USD 250–300M after halting port operations worldwide, and the White House stated in 2018 that the attack caused more than USD 10 billion in global damages.
Which sectors face the greatest security risk? Typi-cally, those where high automation intensity inter-sects with low patchability, such as energy systems, industrial manufacturing, and transportation infra-structure. The core issue is precisely that: limited ability to patch. JPM estimates that while only about 20% of IT systems are effectively unpatchable, be-tween 40% and 55% of the installed OT base cannot be patched at all, regardless of operator efforts.
So, what is the solution? Fighting AI with AI. In an ef-fort to prepare organizations for the capabilities of Mythos, Anthropic paused its release and launched Project Glasswing, a controlled-access program in-volving more than 50 organizations, including major tech and financial companies, allowing them to use the model to stress-test systems and train defensive cybersecurity models. Against this backdrop, some analysts estimate that by mid-2027, around 85% of detection and response playbooks could be dynam-ically generated, continuously adapting to evolving threats in real time. This process will require compa-nies to automate security operations, adopt identi-ty-centric zero trust architectures, improve detection reliability, and strengthen resilience through faster
risks proliferate and a complex, multifaceted ecosystem emerges.”
recovery and cryptographic readiness. In practice, however, companies are still far from this. Accord-ing to Bain & Company, its 2025 cybersecurity sur-vey shows that firms plan to increase cybersecurity capex by around 10% annually, well below the pace at which frontier AI models are pushing cybersecu-rity. This gap between reality and bureaucracy is where investment opportunities emerge.
Much like in the medical field, where the prolifera-tion of diseases eventually created a complex ecosystem of practitioners, machinery, and infra-structure, so is the case in the cybersecurity in-dustry, where the proliferation of risks, especially those exposed by AI, will create a complex, multi-faceted industry. Think of the current state of the cybersecurity industry as being in a similar situation as the onset of the structured medical field in the 18th and 19th century. In those days, the medical professionals operating in the field were mostly lo-cal doctors practicing mostly general medicine that treated everything from the common cold to re-moving a limb. Slowly but surely, other companies emerged, which created tools and machinery to improve the efficacy and efficiency of healthcare. As medical care improved and grew, so did the in-frastructure needed to support this industry. We believe that the cybersecurity industry will evolve in a similar manner, and it will require large amounts of investment and spending. So, which companies will benefit as the cybersecurity sector in its cur-rent form transitions? We believe that three indus-try groups stand to benefit the most: software, hardware, and infrastructure.
In 2025, annual enterprise spending on cybersecurity was approximately USD $200 billion. The analytics firm Statista estimates that by 2030, this number could reach USD $265 billion annually. However, this number could prove conservative. Other providers such as Ze-ro-Threat estimate that this number could reach as high as USD 500 billion. Graph 2 shows the compounded annual growth rate of IT spending by global enterprises.
It shows that although general IT spending will continue to grow at 6.5%, albeit from a very large base of USD 7 trillion, a meaningful portion of spending growth will come from AI and the cybersecurity needed to se-cure this technology.
Increased spending on cybersecurity directly bene-fits pure play security software vendors that focus on protecting networks, data, and identities. Companies such as Palo Alto Networks, Fortinet, CrowdStrike, and Zscaler could potentially stand to gain as organiza-tions allocate more budget toward preventing breach-es and responding to growing threats like ransomware and nation state attacks. These firms offer mission critical solutions—firewalls, endpoint protection, cloud security, and zero trust architectures—that are often considered nondiscretionary once adopted. As cyber
risks rise, customers tend to expand existing contracts and add more modules rather than switch vendors, supporting recurring revenue growth and pricing power.
Large platform software companies with integrated security offerings could also benefit meaningfully from higher cybersecurity investment. Firms like Microsoft, Google (Alphabet), Amazon, and Oracle embed secu-rity tools across their cloud, productivity, and enter-prise infrastructure platforms. As enterprises migrate workloads to the cloud, security spending increasing-ly follows the same providers, favoring vendors that can bundle cybersecurity into broader software suites. This integration lowers customer complexity and makes security a strategic differentiator, helping these companies grow average revenue per customer while reinforcing their competitive moats.
Finally, enterprise IT and identity management soft-ware companies may see indirect but significant gains as cybersecurity spending expands. Companies such as Okta, ServiceNow, Splunk, and Datadog could po-tentially benefit from demand for identity governance, security monitoring, compliance automation, and inci-dent response. Cybersecurity is no longer isolated to the IT department; it now touches workflows, analyt-ics, and risk management across the enterprise. As a result, firms that provide software enabling visibility, automation, and secure access become essential partners, positioning them to capture sustained growth as cybersecurity budgets continue to rise.
Much like hardware companies are needed to create the picks and shovels that give life to AI, hardware companies are also needed to create the tools that enable the cybersecurity needed to protect AI and its users. Largely, increased spending on cybersecurity benefits network hardware companies that provide the physical infrastructure required to secure data flows. Firms such as Cisco, Juniper Networks, and Arista Networks gain as enterprises upgrade routers, switches, and next generation firewalls to handle encrypted traffic, segmentation, and advanced threat inspection. As cyber threats grow more sophisticated, organizations often need higher performance hard-ware capable of deep packet inspection and real-time analytics, driving refresh cycles and higher average selling prices for networking equipment vendors.
Dedicated security appliance manufacturers also benefit directly from rising cybersecurity budgets. Companies like Palo Alto Networks, Fortinet, Check Point, and Sophos sell purpose built appliances that sit at the periphery of networks, data centers, and branch offices. Even as security software shifts to the cloud, many regulated industries—such as finance, healthcare, and government—still require on premise or mixed hardware solutions for compliance and latency reasons. Increased spending allows customers to deploy more hardware across locations and up-grade to higher capacity models, supporting steady demand for these vendors’ hardware portfolios.
Lastly, semiconductors and specialized hardware companies benefit indirectly as cybersecurity work-
loads become more compute intensive. Firms such as Intel, AMD, NVIDIA, and Marvell supply processors, accelerators, and networking chips optimized for encryption, AI driven threat detection, and secure net-working. As security appliances and data centers require faster processing for tasks like zero trust authentication and real time monitoring, demand rises for chips with built in security features and acceleration capabilities. This makes cybersecurity growth a tailwind not only for system manufacturers but also for the underlying hardware ecosystem that powers secure IT infrastructure. Some of these technologies are already in service; others will need to evolve as the industry evolves.
Increased spending on cybersecurity does not stop with the software and hardware companies. Medical practitioners need hospitals, clinics, and systems to practice medicine. So does cybersecurity. Increased spending on this industry could also potentially benefit digital infrastructure providers, particularly data center operators, cloud infrastructure special-ists, and telecom network owners. Companies such as Equinix, Digital Realty, American Tower, Crown Castle, and major telecom carriers benefit as enter-prises invest in secure, resilient connectivity and geographically distributed infrastructure. Stronger cybersecurity requirements drive demand for private interconnections, redundancy, encrypted traffic handling, and secure colocation facilities where sensitive workloads can be isolated. As customers prioritize uptime and compliance, they are more likely to choose premium, security certified infrastructure, supporting higher utilization rates and long term con-tracts for these providers.
Much like managed healthcare, managed services and IT outsourcing firms are also key beneficiaries as cybersecurity becomes more complex and resource intensive. Companies like Accenture, IBM, Capgemini, DXC Technology, and Cognizant provide managed security services, monitoring, incident response, and compliance support. Many organizations lack the in house expertise to operate 24/7 security operations centers or manage evolving threat landscapes, leading them to outsource these functions. Rising cyber-security budgets translate into larger recurring con-tracts, deeper client integration, and expanded advisory roles for these firms, which often act as strategic partners during major security transformations.
Lastly, the producers and distributors of the vast amount of energy needed to power this industry will be important beneficiaries of increased spending on and demand for cybersecurity. One thing that the AI boom has taught us is that the amount of energy needed to power this technology is massive, and the appetite for increased power is insatiable. Regardless of which companies provide the software and hardware needed in cybersecurity, the undeniable fact is that this technology cannot operate optimally without adequate power.
In the end, the strange “prince” in our inbox was never the real threat—it was merely the low budget preview. The true risk now comes from machines that don’t beg, bluff, or misspell, but calmly and systematically test the limits of the systems operating in modern so-ciety. As AI pushes cybersecurity from a reactive craft into an industrial scale arms race, spending is no lon-ger a choice but a form of insurance against digital chaos. For investors, this transition looks less like speculative hype and more like infrastructure build-out. Much like the medical field evolved in stages for the betterment of humanity, so should cybersecurity, with software as the physicians, hardware as the instruments, infrastructure as the hospitals, and energy as the lifeblood that powers everything.
Insigneo Financial Group, LLC comprises a number of operating businesses engaged in the offering of brokerage and advisory products and services in various jurisdictions. Brokerage products and services are offered through Insigneo Securities, LLC, a broker-dealer registered with the U.S. Securities and Exchange Commission (“SEC”) and member of FINRA and SIPC. Investment advisory products and services are offered through Insigneo Advisory Services, LLC, an investment adviser registered with the SEC. Insigneo has affiliated companies in different locations, so it is important to understand which entity you are conducting business with. Please visit https://insigneo.com/legalentities/ for more information about the differences between these companies, their locations, and what that means for you.
This material should not be construed as an offer to sell or the solicitation of an offer to buy any security. It is for general information purposes only. To the extent that this material discusses general market activity, industry or sector trends or other broad-based economic or political conditions, it should not be construed as research or investment advice. To the extent that it includes references to securities, those references do not constitute a recommendation to buy, sell or hold such security. It does not constitute a recommendation or a statement of opinion, or a report of either of those things and does not, and is not intended, to consider the particular investment objectives, financial conditions, or needs of individual investors. Any target prices provide reflect our current expectations, are subject to change and may not be achieved due to a variety of risks, including changes in economic conditions, interest rates, geopolitical developments, and issuer-specific factors. The target price does not guarantee future results and should not be relied upon as a sole basis for investment decisions.
Not All Risks Are Disclosed – Past performance is not indicative of futures results. Investments involve significant risks, and it is possible to lose some or all of your principal investments and therefore may not be suitable for everyone. Always consider whether any investment is suitable for your particular circumstances and, if necessary, seek professional advice from your Investment Professional.
This material may contain opinions, expressions, and estimates that represent the analysis and perspective of Insigneo Securities, LLC’s Investment Strategy department or its providers at the time of publication. These are subject to change at any time, without notice.
FOR AFFILIATES LOCATED IN CHILE
Insigneo Asesorías Financieras SPA se encuentra inscrito en Chile, en el Registro de Prestadores de Servicios Financieros de la Comisión para el Mercado Financiero. Este informe fue efectuado por área de Research & Strategy de Insigneo Securities LLC. o sus proveedores, en base a la información disponible a la fecha de emisión de este. Para evitar cualquier conflicto de interés, Insigneo Securities LLC dispone que ningún integrante del equipo de Research & Strategy tenga su remuneración asociada directa o indirectamente con una recomendación o reporte específico o con el resultado de una cartera.
Aunque los antecedentes sobre los cuales ha sido elaborado este informe fueron obtenidos de fuentes consideradas confiables, no podemos garantizar la completa exactitud e integridad de estos, no asumiendo responsabilidad alguna al respecto Insigneo Securities LLC, Insigneo Asesorías Financieras SPA ni ninguna de sus empresas relacionadas.
Este material está destinado únicamente a facilitar el debate general y no pretende ser fuente de ninguna recomendación específica para una persona concreta. Por favor, consulte con su ejecutivo de cuentas o con su asesor financiero si alguna de las recomendaciones específicas que se hacen en este documento es adecuada para usted. Este documento no constituye una oferta o solicitud de compra o venta de ningún valor en ninguna jurisdicción en la que dicha oferta o solicitud no esté autorizada o a ninguna persona a la que sea ilegal hacer dicha oferta o solicitud. Las inversiones en cuentas de corretaje y de asesoramiento de inversiones están sujetas al riesgo de mercado, incluida la pérdida de capital.
La información base del presente informe puede sufrir cambios, no teniendo Insigneo Securities LLC ni Insigneo Asesorías Financieras SPA la obligación de actualizar el presente informe ni de comunicar a sus destinatarios sobre la ocurrencia de tales cambios. Cualquier opinión, expresión, estimación y/o recomendación contenida en este informe constituyen el juicio o visión de área de Research & Strategy de Insigneo Securities LLC. o sus proveedores, a la fecha de su publicación y pueden ser modificadas sin previo aviso.
FOR AFFILIATES LOCATED IN URUGUAY
Insigneo Asesor Uruguay S.A. está inscripto en el Registro de Mercado de Valores del Banco Central del Uruguay como Asesor de Inversiones. En Uruguay, los valores están siendo ofrecidos en forma privada de acuerdo al artículo 2 de la ley 18.627 y sus modificaciones. Los valores no han sido ni serán registrados ante el Banco Central del Uruguay para oferta pública. Este material está destinado únicamente a facilitar el debate general y no pretende ser fuente de ninguna recomendación específica para una persona concreta. Por favor, consulte con su ejecutivo de cuentas o con su asesor financiero si alguna de las recomendaciones específicas que se hacen en este documento es adecuada para usted según su perfil y estrategia de inversión. Este documento no constituye un asesoramiento ni una recomendación u oferta o solicitud de compra o. Las inversiones en valores negociables están sujetas al riesgo de mercado, incluida la pérdida parcial o total del capital invertido. Cualquier opinión, expresión, estimación y/o recomendación contenida en este informe constituyen el juicio o visión de área de Research & Strategy de Insigneo Securities LLC. o sus proveedores, a la fecha de su publicación y pueden ser modificadas sin previo aviso. Rentabilidades históricas de los productos anunciados no aseguran rentabilidades futuras.
FOR AFFILIATES LOCATED IN ARGENTINA
Insigneo Argentina S.A.U. Agente Asesor Global de Inversión se encuentra registrado bajo el N° 1053 de la Comisión Nacional de Valores (CNV) e inscripto ante la Inspección General de Justicia (IGJ) bajo el N° 12.278 del Libro 90, Tomo –, de Sociedades por Acciones. Este informe fue efectuado por área de Research & Strategy de Insigneo Securities LLC. o sus proveedores, en base a la información disponible a la fecha de su emisión. Para evitar cualquier conflicto de interés, Insigneo Securities LLC dispone que ningún integrante del equipo de Research & Strategy tenga su remuneración asociada directa o indirectamente con una recomendación o reporte específico o con el resultado de una cartera. Aunque los antecedentes sobre los cuales ha sido elaborado este informe fueron obtenidos de fuentes consideradas confiables, no podemos garantizar la completa exactitud e integridad de estos, no asumiendo responsabilidad alguna al respecto Insigneo Securities LLC, Insigneo Argentina S.A.U. ni ninguna de sus empresas relacionadas. La información base del presente informe puede sufrir cambios, no teniendo Insigneo Argentina S.A.U. la obligación de actualizar el presente informe ni de comunicar a sus destinatarios sobre la ocurrencia de tales cambios.
Este material está destinado únicamente a facilitar el debate general y no pretende ser fuente de ninguna recomendación específica para una persona concreta. Por favor, consulte con su ejecutivo de cuentas o con su asesor financiero si alguna de las recomendaciones específicas que se hacen en este documento es adecuada para usted. Este documento no constituye una oferta, recomendación o solicitud de compra o venta de ningún valor negociable en ninguna jurisdicción en la que dicha oferta o solicitud no esté autorizada o a ninguna persona a la que sea ilegal hacer dicha oferta o solicitud. Las inversiones en valores negociables están sujetas al riesgo de mercado, incluida la pérdida parcial o total del capital invertido. Cualquier opinión, expresión, estimación y/o recomendación contenida en este informe constituyen el juicio o visión de área de Research & Strategy de Insigneo Securities LLC. o sus proveedores, a la fecha de su publicación y pueden ser modificadas sin previo aviso.