Cybersecurity and enterprise software stocks have been market dogs in 2026, with fears that AI will wipe out a wide range of companies in the enterprise space dominating the narrative. But they snapped a brutal losing streak this past week, joining in the broader market rally that saw all losses from the U.S.-Iran war regained by the Dow Jones Industrial Average and S&P 500.

Cybersecurity has been “a victim of some of the AI-related headlines,” Christian Magoon, Amplify ETFs CEO, said on this week’s “ETF Edge.”

It wasn’t just niche cybersecurity names. Take Microsoft, for example, which was recently down close to 20% for the year. Its shares surged last week by 13%.

A big driver of the pummeling in software stocks was a rotation within tech by investors to AI infrastructure and semiconductors and some other names in large-cap tech, Magoon said, and since cybersecurity stocks and ETFs are heavily weighted towards software companies, they were left behind even as those businesses continue to grow on a fundamental basis.

But Wall Street now has become more bullish with the stocks at lower levels. Brent Thill, Jefferies tech analyst, said last week that the worst may be over for software stocks. “I think that this concept that software is dead, and then Anthropic and OpenAI are going to kill the entire industry, is just over-exaggerated,” he said on CNBC’s “Money Movers” on Wednesday.

“Big Short” investor Michael Burry wrote in a Substack post on Wednesday that he is becoming bullish about software stocks after the recent selloff. “Software stocks remain interesting because of accelerated extreme declines last week arising from a reflexive positive feedback loop between falling software stocks and changes in the market for their bank debt,” he wrote.

The Global X Cybersecurity ETF (BUG), is down about 12% since the beginning of the year, with top holdings including Palo Alto Networks, Fortinet, Akamai Technologies and CrowdStrike. But BUG was up 12% last week. The First Trust NASDAQ Cybersecurity ETF (CIBR) is down 6% for the year, but up 9% in the past week.

Piper Sandler analyst Rob Owens reiterated an “overweight” rating on Palo Alto Networks which helped the stock pop 7% — it is now down roughly 6% on the year. Its peers saw similar moves, including CrowdStrike.

Magoon said expectations may have become too high in cybersecurity, and with a crowding effect among investors, solid results were not enough to to push stocks higher. But the down-and-then-back-up 2026 for the sector is also a reminder that when stocks fall sharply in a short period of time, opportunity may knock.

“Once you’re down over 10% in some of these subsectors, you start to see the contrarians start to say, ‘well, maybe I’ll take a look at this,'” Magoon said.

He said AI does add both opportunity and uncertainty to the cybersecurity equation, increasing demand but also introducing new competition. But he added, “I think the dip is good to buy in an AI-driven world,” specifically because the risks to companies may lead to more M&A in cyber names that benefits the stocks.

For now, investors may look for opportunity on the margins rather than rush back into beaten-up tech names. “I think investors are still going to remain underweight software,” Thill said.

But Magoon advises investors to at least take the reminder to keep an eye on niches in the market during pronounced downturns. “The best-performing are often the least bought and do the best over the next 12 months versus late-in-the-game piling on,” he said.

While that may have been a mindset that worked against the last investors into cybersecurity and enterprise software in mid-2025 when the negative sentiment started building, at least for now, it’s started working for the stocks in the sector again.

Meanwhile, this year’s biggest winner is also a good example of what can be an extended trade in either a bullish or bearish direction. Last year, institutional ownership of energy was at multi-year lows, Magoon said, referencing Bank of America data. “Reverse sentiment can be a great indicator,” he said. 

But he cautioned that any selective buying of stocks that have dipped does have to contend with the risk that there is a potentially bigger drawdown in the market yet to come in 2026. That is because midterm election years historically have been marked by large drawdowns. “If you think it is bad right now, it could get a lot worse,” Magoon said. But he added that there’s a silver-lining in that data, too, for the patient investor. The market has posted very strong 12-month returns after midterm election drawdowns end. So, for investors with a longer-term time horizon and no need for short-term liquidity, Magoon said, “stick in there.” 

Disclaimer

New innovation in the exchange-traded fund industry could come at a cost to investors during extreme conditions.

According to MFS Investment Management’s Jamie Harrison, ETFs involved in increasingly complex derivatives and less transparent markets may be in uncharted territory when it comes to violent downturns.

“Those would be something that you’d want to keep an eye on as volatility ramps up,” the firm’s head of ETF capital markets told CNBC’s “ETF Edge” this week. “As innovation continues to increase at a rapid pace within the ETF wrapper, [it’s] definitely something that we advise our clients to be really front-footed about… Lack of transparency could absolutely be an issue if we’re going to start seeing some deep sell-offs.”

His firm has been around since 1924 and is known for inventing the open-end mutual fund. Last year, ETF.com named MFS Investment Management as the best new ETF issuer.

“It’s important to do due diligence on the portfolio,” he said. “Having a firm that has deep partnerships, deep bench of subject matter experts that plays with the A-team in terms of the Street and liquidity providers available [are] super important.”

Magoon also highlighted potential issues surrounding equity-linked notes. The notes provide fixed income security while offering potentially higher returns linked to stocks or equity indexes.

“Those could potentially be in stress due to redemptions and the underlying credit risk. That’s another kind of unique derivative,” Magoon said. “I would very closely look at any ETF that has equity-linked notes should we get into a major drawdown or there be a contagion in private credit or something related to the banking system.”

JPMorgan Chase CEO Jamie Dimon said Tuesday that while artificial intelligence tools could eventually help companies defend themselves from cyberattacks, they are first making them more vulnerable.

Dimon said that JPMorgan was testing Anthropic’s latest model — the Mythos preview announced by the AI firm last week — as part of its broader effort to reap the benefits of AI while protecting against bad actors wielding the same technology.

“AI’s made it worse, it’s made it harder,” Dimon told analysts on the bank’s earnings call Tuesday morning. “It does create additional vulnerabilities, and maybe down the road, better ways to strengthen yourself too.”

When asked by a reporter about Mythos, Dimon seemed to refer to Anthropic’s warning that the model had already found thousands of vulnerabilities in corporate software.

“I think you read exactly what is it,” Dimon said. “It shows a lot more vulnerabilities need to be fixed.”

The remarks reveal how artificial intelligence, a technology welcomed by corporations as a productivity boon, has also morphed into a serious threat by giving bad actors new ways to hack into technology systems. Last week, Treasury Secretary Scott Bessent summoned bank CEOs to a meeting to discuss the risks posed by Mythos.

JPMorgan, the world’s largest bank by market cap, has for years invested heavily to stay ahead of threats, with dedicated teams and constant coordination with government agencies, Dimon said.

“We spend a lot of money. We’ve got top experts. We’re in constant contact with the government,” he said. “It’s a full-time job, and we’re doing it all the time.”

Goldman Sachs CEO David Solomon said Monday during an earnings call that his bank was testing Mythos, though he declined to comment further.