Marketplace Regolith
Your investment opportunities
CIBR ETF
Cybersecurity & Data Protection ETF
Updated on 9 Jul 2026
First Trust Advisors L.P.
Sponsor of the Trust
“Cybersecurity is no longer optional – the more data goes online, the more valuable the companies protecting it.”
Updated on 9 Jul 2026
About
CIBR (First Trust NASDAQ Cybersecurity ETF) is an exchange-traded fund that provides access to the world's leading cybersecurity companies, included in the Nasdaq CTA Cybersecurity Index, within a single investment.
The fund's objective is to reflect the performance of companies that develop and supply solutions for protecting data, networks, cloud services and devices: cloud security platforms, firewalls, access management systems, endpoint protection and threat-monitoring services. Cybersecurity is a mandatory expense for businesses, governments and financial institutions, as well as one of the foundational technologies of AI, cloud computing and data centers.
CIBR was launched in 2015 and is one of the largest and most liquid thematic ETFs in the cybersecurity segment.
Sponsor of the Trust: First Trust Advisors L.P. (the First Trust brand) – one of the leading independent ETF providers in the US, managing a broad lineup of thematic and sector funds.
The fund is designed for investors who view cybersecurity as a structural, long-term trend and prefer to access it in an exchange-traded, transparent and regulated format, without having to analyze and select individual companies themselves.
The fund trades on the NASDAQ exchange and is available to investors as a standard ETF instrument.
What are you actually investing in?
By investing in CIBR, you invest in the shares of leading public cybersecurity companies included in the Nasdaq CTA Cybersecurity Index. The fund replicates the structure of the index, following its composition and weights.
CIBR's return is generated by:
- the rise or fall in the market value of the shares of the index's companies;
- dividends paid by the companies (CIBR distributes them to investors quarterly).
The investment is directly tied to the business results of the leading developers of cybersecurity solutions – companies whose technologies protect data centers, cloud platforms, corporate networks and AI infrastructure.
Index composition
The Nasdaq CTA Cybersecurity Index includes 42 companies covering the key segments of the industry:
- Endpoint and cloud security – companies that develop cloud security platforms and protect devices from attacks.
CrowdStrike, Zscaler, Cloudflare - Network security and firewalls – makers of solutions for protecting corporate networks and traffic.
Palo Alto Networks, Fortinet, Cisco, F5 - Identity and access management – companies responsible for access control and account protection.
Okta, CyberArk - Security infrastructure and monitoring – providers of infrastructure solutions, analytics and threat monitoring.
Broadcom, Akamai, Datadog


The weights of the companies in the index are determined by market capitalization with a cap on the maximum share, which ensures balanced diversification and reduces the dependence of the result on individual companies.
How the structure works
CIBR uses a classic ETF structure:
- the companies' shares are recorded and held within the fund's custodial infrastructure through licensed custodians;
- the fund's structure is fully transparent and disclosed regularly;
- the fund is overseen by US regulators and auditors.
CIBR is one of the largest thematic ETFs in the cybersecurity segment, with over $10 billion in assets under management, which ensures high liquidity – investors can buy and sell the fund at prices close to market, without significant losses on the spread.
Fees and distributions
The investor's income is generated by changes in the fund's market value and small dividend payments. You purchase a share in CIBR at the current price and realize it upon exit – the return is determined by how the asset's value moves over the holding period.
The fund's cost model:
- Total Expense Ratio (TER): 0.58% per year – the fee covers fund management and administration;
- Dividends are small and distributed quarterly; the investor's main income is generated by the rise or fall in the value of the shares of the companies held in the fund.
When purchasing CIBR through the Regolith platform, an entry fee of 2% of the transaction amount is charged. Performance fee: 0%.
CIBR's role in an investment portfolio
CIBR is usually viewed as a thematic instrument for strengthening the technology component of a portfolio. The fund can be used for the following purposes:
- Participation in the growth of cybersecurity demand – the rise of AI, cloud services and the growing number of cyberattacks make data protection a mandatory expense, which supports demand for the products of the fund's companies.
- Thematic diversification – access to 42 leading companies in the cybersecurity industry within a single instrument.
- An alternative to individual stocks – instead of buying shares of CrowdStrike, Palo Alto Networks or Fortinet separately, the investor gets a basket of the sector's leading players.
- Strengthening the technology share of a portfolio – combined with broad index ETFs (for example, SPY), it allows targeted exposure to the cybersecurity segment.
- A bet on a structural trend – the fund's historical average annual return (CAGR for 2021–2025) was about 10.4%; cybersecurity remains one of the resilient long-term directions of the technology market.
Cybersecurity: the current context
The cybersecurity sector remains one of the most resilient long-term directions of the technology market. In 2025, the CIBR ETF gained about +13% amid rising spending by companies and governments on data protection, and in 2026 the momentum strengthened. The fund's CAGR for 2021–2025 was about +10.4% per year.
The fundamental picture remains strong. The number and sophistication of cyberattacks grow alongside digitalization: the spread of cloud services, remote work and AI expands the attack surface. Data protection has become a mandatory expense for businesses, governments and financial institutions, which creates steady demand for the sector's products that depends little on economic cycles.
An additional driver is the rise of artificial intelligence. AI both makes attacks more sophisticated and strengthens defense: companies are embedding AI into threat-detection systems, while the growth of data centers and cloud platforms calls for new levels of security. This supports long-term demand for the solutions of the sector's leading players.
Cybersecurity looks like a resilient sector for long-term observation: demand here is supported by mandatory security spending, tightening regulation and the overall digitalization of the economy. At the same time, the sector remains sensitive to companies' IT budgets, the valuations of fast-growing players and overall market conditions.
Risks
Investing in CIBR involves a number of factors typical of the technology sector:
- Market volatility – the shares of cybersecurity companies, especially fast-growing SaaS players, are subject to strong swings both up and down compared to the broad market.
- Dependence on IT budgets – demand for the sector's products is tied to companies' and governments' spending on security; in times of cost-cutting, budgets may shrink.
- Valuation risks – amid the interest in AI and cybersecurity, some companies trade at elevated multiples, which increases the risk of a correction.
- Competition and rapid technological change – the sector develops fast, and companies' positions can shift as new threats and solutions appear.
- Single-sector concentration – CIBR invests only in cybersecurity, and the top holdings account for a significant share of assets, which rules out diversification across economic sectors.
As an equity instrument, the fund is subject to market fluctuations and does not guarantee a positive result. An investor may lose part or all of their investment.
Instrument parameters
- Ticker: CIBR
- Type: cybersecurity ETF
- Exchange: NASDAQ
- Index: Nasdaq CTA Cybersecurity Index
- Number of companies: 42
- AUM: ~$10.16 billion
- Expense Ratio: 0.58%
- Morningstar Rating: ★★★
CIBR distributes small dividends quarterly. The investor's main income is generated by changes in the fund's market value.
Deposit and withdrawal specifics via Regolith
CIBR is purchased in a working mode without being tied to a fixed date. Trades are formed 1–3 times a week depending on market conditions and the platform's operating schedule.
- Minimum investment period – 1 week
- Minimum amount – $50
- Entry fee – 2%
- Performance fee – 0%
Withdrawals are processed under the platform's standard procedure after the minimum investment period is completed.
Frequently Asked Questions about CIBR ETF (FAQ)
1. What is CIBR?
CIBR is an exchange-traded fund (ETF) that lets you invest in 42 leading cybersecurity companies included in the Nasdaq CTA Cybersecurity Index in a single purchase. The fund reflects the performance of a sector that protects data, networks and cloud services – the foundation of AI, cloud computing and the digital economy.
2. Who manages the fund?
The fund is issued and administered by First Trust Advisors L.P. (the First Trust brand) – one of the leading independent ETF providers in the US.
3. What exactly am I investing in when I buy CIBR?
By buying CIBR, you invest in the shares of 42 of the largest cybersecurity companies: developers of cloud security platforms, firewalls, access management systems and threat-monitoring services. This is not an investment in a single company, but participation in the combined performance of the entire cybersecurity sector.
4. Is this active management?
No. CIBR is a passive index fund. It does not try to beat the market or pick individual stocks; it replicates the structure of the Nasdaq CTA Cybersecurity Index.
5. Which companies are in the fund?
The fund includes companies from all the key segments of the industry:
- Endpoint and cloud security: CrowdStrike, Zscaler, Cloudflare
- Network security and firewalls: Palo Alto Networks, Fortinet, Cisco, F5
- Identity and access management: Okta, CyberArk
- Security infrastructure and monitoring: Broadcom, Akamai, Datadog
6. Does the fund's composition change?
Yes. The composition of the Nasdaq CTA Cybersecurity Index is reviewed regularly. Companies may be added or removed depending on their size, liquidity and compliance with the index criteria. CIBR automatically reflects these changes.
7. Does CIBR pay dividends?
Dividends are small and paid quarterly. Cybersecurity companies, especially fast-growing ones, channel profits into development and R&D, so the dividend yield is low. The investor's main income comes from the growth in the fund's value.
8. What are the fund's fees?
When buying CIBR through the Regolith platform:
entry fee – 2%
performance fee – 0%
9. What role does CIBR play in an investment portfolio?
CIBR is used as a thematic instrument for strengthening the technology component of a portfolio. The fund provides targeted exposure to the cybersecurity sector and lets you replace buying individual stocks (CrowdStrike, Palo Alto Networks, Fortinet) with a single trade.
10. Why is cybersecurity considered a long-term trend?
The number and sophistication of cyberattacks grow alongside digitalization: the rise of AI, cloud services and remote work expands the attack surface. Data protection has become a mandatory expense for businesses, governments and financial institutions, which makes the sector a structural beneficiary of digital transformation.
11. What are the risks of investing in CIBR?
CIBR's value depends on the state of the cybersecurity sector and the technology market as a whole. The fund is characterized by elevated volatility (many of its companies are fast-growing SaaS players), depends on the IT budgets of companies and governments, and some of its holdings may trade at elevated multiples. Significant fluctuations are possible in the short term.
12. How does CIBR differ from broad index ETFs?
Broad ETFs (for example, SPY) cover the entire market and include cybersecurity companies only partially. CIBR provides concentrated exposure to this specific sector, which amplifies both the growth potential and the level of risk.
13. Where is CIBR traded?
The fund trades on the US NASDAQ exchange and is one of the largest and most liquid thematic ETFs in the cybersecurity segment, with over $10 billion in assets.
14. How does buying CIBR through Regolith work?
Buying CIBR through the Regolith platform takes place in a working mode and is not tied to a fixed date. Trades are formed 1–3 times a week depending on market conditions and the platform's operating schedule. After an order is placed, the funds are reserved, and the purchase is made in the nearest available trading window at the actual transaction price.
15. What is the minimum investment period?
The minimum investment period is 1 week. After that, the investor can hold the position or exit the instrument with no fee from the platform.
16. What is the minimum entry threshold?
The minimum transaction amount when buying CIBR through Regolith is $50.
First Trust Advisors L.P.
Sponsor of the Trust
“Cybersecurity is no longer optional – the more data goes online, the more valuable the companies protecting it.”
Performance
Return for 2021
+19.67%Return for 2022
-26.45%Return for 2023
+39.71%Return for 2024
+18.20%Return for 2025
+13.07%Return for 2026 YTD (5.5 months)
+18.06%Terms
Deal Fee
2%Carried Interest
0%Minimum investment period
1 weekRisk potential
Low