Over the past year, we have repeatedly cited Warren Buffett and Charlie Munger as the spiritual fathers of the philosophy that guides us YAINers. One concept we’ve only touched on, yet one that is fundamental, is the so-called “circle of competence.” The idea is very simple, but equally difficult to put into practice: invest only in what you understand.

What is so difficult about this seemingly trivial concept? Human beings (and especially investors) tend to greatly overestimate their own cognitive abilities. You’ve probably thought of yourself as somehow above average: this happens to far more people than it should. A famous example was provided by Svenson in 1981, who asked American and Swedish college students to rate their driving skills compared to others. In the U.S., 93% of participants claimed to be better than average. In Sweden (perhaps a bit more humble, but not too much), the percentage was 69%.

In investing, therefore, it often happens that people consider themselves far more competent than they actually are and venture into analyzing companies completely outside their area of expertise, emboldened by this sense of superiority. In the best-case scenario, they study financial statements, analyze competitors, and delve into technologies; in the worst-case scenario, they read a few online posts and feel like experts. I am the first to fall into this trap: I’m a huge fan of ASML — $ASML ( ▼ 3.6% ), without having any idea what really goes on behind their machines.

This necessary introduction stems from the fact that I read this article earlier this week. The author has clearly done his homework thoroughly, but in my very humble opinion, he underestimates certain dynamics typical of those in the industry.

For example, AWS and Azure are described as “frenemies” in the context of Wiz’s multi-cloud approach, but clearly the author has never spoken with a Google Cloud sales representative to find out what they think about who their competitors are—beyond the considerations outlined below. Furthermore, the author makes some very insightful observations about a competitor like Palo Alto Networks, yet fails to mention a piece of news that may have gone largely unnoticed: a $10 billion deal between the two companies signed in late December 2025.

Spoiler: I’m the CEO of a cybersecurity company that, among other things, has a very strong partnership with Google Cloud Security. In the IT industry, the term “partner” is often misused by resellers and system integrators, but we’re quite proud to say that over the past few weeks we’ve been featured several times on the official Google Cloud Security and Mandiant LinkedIn pages (for example, here and here). This wasn’t exactly hidden advertising, but while you’re here, feel free to sign up for the webinar here.

Ready to trade crypto "crazy" for something bigger and better? The $4 trillion single-family rental market is 3x larger than Bitcoin. It’s less volatile than nearly any paper asset. Plus, you get monthly income from rent, and these investments have a near 0 correlation to stocks.  

That’s why you need mogul. They’re the platform that lets you invest in the same SFRs as institutions for a fraction of the cost. Their founders use the same process they did at Goldman Sachs to identify high-performing properties. 

Why Sophisticated Investors Choose mogul:

Don’t let Wall Street monopolize the best yields. Access the institutional-grade rental machine and compound your wealth today.

Secure Your Allocation.

Past performance isn't predictive; illustrative only. Investing risks principal; no securities offer. See important Disclaimers

The concept of the “circle of competence” faces its toughest test in the cybersecurity market of 2026. There is a widespread cognitive bias that leads many analysts and investors to underestimate the technological depth required to maintain a competitive advantage over time. This “illusion of simplicity” is fueled by the rapid pace at which cloud-native solutions and artificial intelligence agents are brought to market.

I often see various investors say, “I can’t afford not to have exposure to cybersecurity,” only to jump in blindly—without any real understanding—into companies that may or may not make sense, or into ETFs that charge exorbitant fees while generating little added value. The siren’s call is loud and clear: invest in cybersecurity; however, we must keep a cool head when listening to its song and invest according to our usual principles.

In fact, the operational reality of cybersecurity is, on the contrary, characterized by a technical complexity that involves managing complex data structures, analyzing script behavior, implementing role-based access control (RBAC), and integrating automated workflows that must respond in real time to non-deterministic threats. The learning curve for understanding platforms like Palo Alto — $PANW ( ▼ 4.0% ) or Google — $GOOGL ( ▼ 2.0% ) security ecosystems is often deceptive: while superficial use appears straightforward, the behind-the-scenes management of access control lists, instance hierarchies, and dictionary overrides requires specialized expertise that acts as a natural barrier to entry. We no longer live in a world where cybersecurity consists solely of antivirus software, VPNs, and firewalls.

For a YAINer, understanding whether a company possesses a technological moat means analyzing not only the growth of Annual Recurring Revenue (ARR) but also the robustness of the underlying architecture. An architecture that cannot handle the increasing latency resulting from the addition of multiple AI agents or that has gaps in data compliance can quickly become a financial liability. The complexity is further exacerbated by the shift from traditional “IT Security”—focused on servers and PCs—to global “Cybersecurity,” which includes EDR, SIEM, SOAR, CNAPP, SASE, CSPM, SAST, DAST, and a host of other acronyms that might as well be made-up letter sequences.

However, by 2026, the global cybersecurity market had grown to such a size that it directly influenced macroeconomic indicators. Projections indicate that global spending on security products and services will exceed $520 billion annually, effectively doubling the volumes recorded in 2021. This growth is supported by a compound annual growth rate (CAGR) estimated between 11.8% and 13.8%, depending on the technology segments considered.

A key driver of this expansion is the rise in costs associated with cybercrime, which is projected to reach $10.5 trillion by 2025–2026. This figure represents not only economic damage but also acts as a catalyst for mandatory investments by businesses, which can no longer treat security as a discretionary expense. In this scenario, “pure-play” companies generating over $1 billion in revenue are still a minority (approximately 15 in 2025), indicating a market still prone to significant consolidation.

Google’s $32 billion acquisition of Wiz, set to close in early 2026, sets the definitive benchmark for M&A valuations in the sector. The deal is significant for several reasons that investors need to understand. First, Google agreed to pay a significant premium (approximately 40% more than the rejected $23 billion offer in 2024), valuing the company at about 64 times its estimated $500 million ARR.

This “extreme” valuation is justified by the strategic value of multi-cloud neutrality. Wiz has built its fortune on a CNAPP (Cloud-Native Application Protection Platform) capable of operating seamlessly across AWS, Azure, Google Cloud, and Oracle. For Google, owning this layer of visibility means being able to influence the security strategy of customers using competing infrastructures, making security not just a protection tool, but an asset for infrastructure control.

The Wiz deal sent a powerful signal to the venture capital community: the most profitable path to liquidity in 2026 does not necessarily lie in an IPO, but rather in strategic integration with cloud giants. This has led to a reassessment of valuations for late-stage startups, where the “premium for independence” must now be weighed against the ability of large incumbents to offer integrated security packages (platformization) that reduce customers’ bargaining power.

The year 2026 marks the transition from assistive chatbots to autonomous AI agents, defined as “digital workers” capable of executing complex, multi-step processes with minimal human supervision. These agents are able to orchestrate workflows, invoke tools, and collaborate with other agents. For businesses, this means greater scalability and operational consistency, but for cybersecurity, it necessitates new governance architectures

Artificial intelligence has rewritten the playbook for cyberattacks. By 2025, cybercriminals have fully weaponized Large Language Models (LLMs) to accelerate and automate their operations. For example, the use of polymorphic malware—code that constantly rewrites itself to evade detection—has become commonplace, with tools like BlackMamba leveraging AI to regenerate malicious signatures with every execution.

However, most Security Operations Centers (SOCs)—the teams responsible for managing threats within organizations—often find themselves ill-equipped, forced to defend against these attacks using outdated technologies. The situation is even more insidious than that: many providers have jumped on the AI bandwagon, boasting about using these technologies and developing a true “Agentic-SOC”; as I will explain in the webinar with Google, this is often only partially true, since today many companies use agents solely to streamline routine tasks, while Agentic SOCs are still—even for us—minimum viable products (MVPs) that we need to continue developing over the next 12 months so they can respond to complex threats.

For investors looking to Europe, 2026 is the year of reckoning when it comes to the implementation of new digital resilience directives. NIS2, DORA, and the AI Act are no longer just regulatory acronyms, but factors that directly impact companies’ bottom lines.

The NIS2 directive has transformed cybersecurity from a technical issue into a strategic management responsibility. Senior executives can now be held personally liable for serious failures in risk management.

The Digital Operational Resilience Act (DORA) imposes strict requirements on European financial institutions to ensure functionality during severe IT disruptions. An unprecedented aspect is the direct supervision of major cloud providers (AWS, Google, Azure) by the European Supervisory Authorities (ESAs) when classified as critical. Banks must now conduct “threat-led” penetration tests based on real attack scenarios, going beyond simple vulnerability scans.

Unfortunately, while imposing cybersecurity through regulations may be well-intentioned, it is often counterproductive because it ends up burdening smaller companies—which are often the most innovative in other contexts: for example, the aforementioned Wiz was founded in 2020 and reached a valuation of 6 billion after just one year; in Italy in 2021, it would have been lucky to even get an appointment with a notary, consult with all the accountants and labor consultants, and open a bank account.

For this reason, more and more companies are emerging that aim to automate compliance, led by Vanta, which tops the G2 rankings in the Security Compliance category. Another spoiler: after viewing it as the gold standard and testing its effectiveness through its valuable integrations, AmagisTech has become a partner of Vanta, and I personally serve on their Partner Advisory Council. Beyond the obvious conflict of interest, when selecting platforms of this kind (whether as a client or an investor), it is essential to understand them thoroughly; otherwise, you risk trusting exceptional narratives that have little or nothing behind them—or are outright frauds.

By 2026, the cybersecurity market had entered a phase of irreversible transformation in which defensive effectiveness is inextricably linked to the speed of automation. For investors, the challenge is no longer simply to identify the best technology, but to understand which platform will be able to orchestrate infrastructure, identity, and data within a multi-cloud, agent-based ecosystem.

The acquisition of Wiz has established that cross-platform visibility is the most valuable asset, while European regulations have ensured that security becomes a board-level priority, stabilizing long-term demand. However, investors must remain vigilant against the “illusion of simplicity”: behind every “magical” AI demo lies complex configuration management and governance that will determine the winners and losers of the next decade.

Ultimately, while cybersecurity is a siren song hard to ignore, it remains extremely complex to predict the long-term winners. Solutions like Wiz are being acquired by giants like Google—which, until recently, didn’t even do cybersecurity—without even going public.

If I had to put a few cents on it, I believe that, ultimately, cybersecurity is increasingly a data business, and it’s no secret by now that you can’t talk about data without talking about AI. And at this point, if we strip away the marketing hype surrounding AI, two things remain: data itself and computing power—that is, the data centers capable of handling increasingly complex models for analyzing that data. And who is better positioned when it comes to access to data and infrastructure than the hyperscalers—namely Google, Amazon, and Microsoft?

I wouldn’t be surprised, then, if the coming years were marked by the emergence of new Wiz-like companies that are just as quickly acquired by one of these three players. Similarly, I wouldn’t find it surprising at all if, following Google’s recent acquisitions in the cybersecurity space (Wiz is just the latest; before that, there were Mandiant, Siemplify, and VirusTotal), Amazon — $AMZN ( ▼ 1.62% ) and Microsoft — $MSFT ( ▼ 1.84% ) were to step up their efforts to acquire other niche players—or, why not, large, established companies like SentinelOne — $S ( ▼ 2.68% ) or even CrowdStrike — $CRWD ( ▼ 4.48% ).

In an increasingly cyber-aware world, would it really be so surprising if end customers (especially enterprise customers) no longer trusted platforms running on some unknown cloud, but instead wanted to have everything on their own (often cloud-based) virtual machines? And so, adding the clear trend of hyperscalers wanting to become cyber companies to this need for cloud solutions within the hyperscalers themselves, would it be so surprising to see cybersecurity dinosaurs (RIP Cisco) fade away to make room for the already massive ICT giants? History (and antitrust regulators) will be the judge of that.

What’s important for YAINers to take away is that in-depth knowledge of a subject isn’t gained by reading 10-Ks or blogs, but after years and years in the industry at the highest levels. So, it’s fine to listen to the siren calls of trending topics, but invest your money only in indices or in those sectors where you truly have the expertise to fully understand most of the implications of what’s happening: that is your real competitive advantage.