The strongest part of tech right now is not chips
The bull market still leans heavily on semiconductors, but in May the leadership baton has shifted.
This month, cybersecurity stocks have outperformed both the broader software group and the semiconductor trade, breaking out to fresh highs while many of the market’s usual tech leaders have either paused or tried to recover from recent pullbacks. That is a notable change in character for the sector.
The First Trust Nasdaq Cybersecurity ETF (CIBR) has surged roughly 25% this month and has now logged seven straight intraday record highs. That is not the kind of move you dismiss as a random bounce. It looks much more like leadership.
Why this breakout stands out
The reason the move matters is simple: cybersecurity is not just rising. It is rising faster than the parts of tech that usually dominate the tape.
That comparison is important.
The iShares Semiconductor ETF (SOXX) is still one of the market’s best-performing groups this year, and chip stocks have done enormous work in driving the AI trade. But after a sharp recent pullback, semis are now fighting to reassert momentum. Cybersecurity, by contrast, has been cleaner. The charts are stronger, the follow-through has been better, and the record highs are broader than many investors expected.
Compared with general software, the contrast is even clearer. The IGV software ETF has bounced, but it is still down sharply from old highs and remains well below where real leadership groups tend to trade. Cybersecurity is behaving differently.
This is not just a one-stock story
One of the best things about this move is that it is not narrow.
CrowdStrike has posted a string of fresh records. Palo Alto Networks, Fortinet, F5, Datadog, and Cisco are also breaking higher. That kind of participation matters because real sector leadership usually shows up across multiple names, not just one.
It also helps that the rally includes different types of companies:
- pure-play security platforms
- cloud and observability names
- network security leaders
- legacy infrastructure names with renewed relevance
That breadth makes the move more credible.
Cisco’s presence says a lot
Cisco may be one of the most important names in the group from a signaling perspective.
When a legacy networking heavyweight joins a cybersecurity breakout, it tells you this is not just a speculative SaaS squeeze. It means investors are putting money into security across the stack, including networking, cloud infrastructure, enterprise architecture, and AI-era system protection.
That is a stronger message than just “software is bouncing.”
It suggests cybersecurity is increasingly being viewed as a core spending category, not an optional one.
Why cyber is working now
There are a few reasons this trade is getting traction.
First, cybersecurity budgets tend to hold up better than many other parts of enterprise IT. Companies can delay some projects. They are much less willing to delay security.
Second, the cyber trade now sits at the intersection of several durable themes:
- enterprise software
- cloud migration
- network modernization
- AI infrastructure
- digital risk management
That makes it easier for investors to own in a market where they still want tech exposure, but are becoming more selective about where they take it.
Third, AI is helping the group indirectly. The more data, automation, cloud complexity, and machine-driven workflow the economy takes on, the more security becomes essential rather than discretionary.
The market is rewarding durability
That is probably the biggest read-through here.
Investors are not just chasing anything with a technology label. They are rewarding the parts of tech that still look durable even in a market dealing with inflation pressure, higher yields, and tighter financial conditions.
Cybersecurity fits that profile well.
It offers recurring revenue, mission-critical products, and a demand story that is less dependent on pure macro optimism than many other software categories. In a market that is getting more selective, that matters a lot.
Not every cyber name is confirming the move
This is still not a perfectly uniform breakout.
Some names, including Zscaler, Okta, and Dynatrace, remain well below older highs. Check Point is still fighting with long-term resistance. That is worth noting because it means the sector is strong, but not every chart is equally compelling.
Still, the leadership cluster is large enough that the group does not need every single stock to confirm at once.
The level that matters now
For the ETF, the key level to watch is the old breakout area around $78.
As long as CIBR holds above that prior zone, the move continues to look like a legitimate leadership breakout. If it loses that area decisively, the sector could start to look more like another short-lived tech surge.
For now, though, the evidence still favors strength.
WSA Take
Cybersecurity is starting to look like the cleanest pocket of leadership inside software.
The move is broad, the charts are strong, and the sector sits in the sweet spot between enterprise necessity and AI-era infrastructure demand. CrowdStrike, Palo Alto, Fortinet, Datadog, and Cisco are not just bouncing. They are helping define where institutional money still wants to be in tech.
When chips pause and broader software still looks messy, that kind of outperformance matters.
Disclaimer
WallStAccess is a financial media platform providing market commentary and analysis for informational and educational purposes only. This content does not constitute investment advice, a recommendation, or an offer to buy or sell any securities. Readers should conduct their own research or consult a licensed financial professional before making investment decisions.
