Since 2004, the global cybersecurity market has grown 35x from $3.5 billion to roughly $120 billion in 2017 according to research conducted by Cybersecurity Ventures. Ubiquitous cyber threats, stringent government regulation and high-profile hacks to enterprises like Yahoo and Equifax continue to catapult cybersecurity to the forefront of IT conversations. The continuous growth of cybercrime indicates that spending on cybersecurity across various verticals for a multitude of solutions will substantially increase. Most market analysts, such as Zion Market Research, predict that the overall cyber security market will grow at around a 10% CAGR to reach $181 billion in 2021. While the trends are positive, we here at Bowery Capital have been bearish on opportunities in this space given the cybersecurity ecosystem has received immense funding within the past few years and competition abounds. Cybersecurity startups received a record $7.6 billion in financing during 2017 alone according to Business Insider. That said, the healthy growth of the cybersecurity market is laying the groundwork for new opportunities for entrepreneurs and investors alike which have helped us to change our tune in the past twelve months. Here are 3 cybersecurity vectors we believe will have significant IT spend over the next 10 years.
1. Solutions Targeting The Small Business Are Becoming More Interesting. Essentially, there is a massive disparity between cyberattacks targeting SMBs and cybersecurity spend to protect against the rampant cybercrime. As more SMBs realize their vulnerability, SMB cyber spend will increase. According to a 2016 State of Cybersecurity Report, hackers have infiltrated half of the 28 million small business in the United States. Malware injections are particularly detrimental to SMB’s as 60% of small companies go out of business within 6 months after a cyberattack. Despite the overwhelming SMB-focused cybercrime, Small Business Trends states that more than half of SMBs don’t utilize any cybersecurity software and only 14% rate their ability to mitigate cyber attacks as highly effective. This disconnect provides a grand opportunity. PwC predicts the SMB cybersecurity market to reach $7.5 billion by 2020. Cybersecurity experts should be focusing on creating an intuitive, easy to adopt solution designed for SMBs. The challenge here is that SMB owners have historically been reticent to purchase cyber security or insurance. Only 3% of SMBs pay for cyber insurance while 100% of Fortune 500 companies have protection. This indicates a sales challenge.
2. AI-Based Predictive Cyber Protection Is Emerging Quickly. New cyber threats are evolving rapidly as a new malware program is created every 4.2 seconds according to G Data. Many cybersecurity platforms cannot recognize the onslaught of previously unseen malware. Additionally, malware injection speed is increasing exponentially and cyber protection software meant to scan for malware is often slower than the infiltration itself. Because of the lag-time, most cybersecurity solutions are in a reactionary state, caught in a pattern of detect and protect. One way for cybersecurity apparatus to keep up with the increasing speed of the attacks? Preventative protection. Machine learning algorithms can utilize droves of data to accurately predict in real-time when and where an attack will occur in order to preventively secure valuable data. AI-based tools will also be able to use data to recognize malware that it has never seen before. The challenge remains that it is a daunting task to formulate an accurate predictive model. Those that can adequately prepare the data, design the model, then train and validate it have the opportunity to prevent countless attacks and save businesses invaluable time and resources.
3. The IoT Security Surface Is Expanding Rapidly. By 2020, Gartner predicts that there will be 20 billion IoT devices online. However, IoT devices often lack fundamental security features and are far too vulnerable to hackers. Just a few months ago, the FDA recalled 500,000 pacemakers due to security gaps that caused concern over hackers manipulating the device to reduce battery power or adjust a patient’s heartbeat. Underscoring the severity of the issue, the senate introduced the ‘Internet of Things Cybersecurity Improvement Act of 2017’ to provide a set of security standards for devices procured by the government. In parallel, the private sector must not hesitate to meet those guidelines. The primary IoT vulnerability is faulty identity-authorization mechanisms. Effective solutions ought to be focused on identity-security and defense against distributed denial of service attacks. The challenge remains that IoT devices are vulnerable to botnets which can be used to unleash volumetric distributed denial of service (DDoS) attacks which would disrupt bandwidth on vital devices such as cars, lighting grids or pacemakers. It’s a new cyber frontier and winning companies will need to be very lean and adaptable to new forms of attacks.
If you liked “Three Cybersecurity Trends Ripe For Growth In 2018” and want to read more content from the Bowery Capital Team, check out other relevant posts from the Bowery Capital Blog. Special thanks to Ben Marans for the research and support on this article.