The cybersecurity industry is on a roll, according to research firm Gartner Inc. The company says that global information security spending will reach $96 billion in 2018, up 8 percent from 2017. Fast and furious changes in device technology—and in cyberthieves’ strategies—have fueled this rapid expansion. Here are four reasons that cybersecurity is now a very big business.
1) Cyberthreats are an industry of their own
In the early days of cybersecurity, lone hackers attacked systems and consumer devices for street cred and bragging rights. Breaking into a server or taking down a site gave them cachet in the online world. Today, however, hackers are all about the money, and they aren’t working alone anymore, driving security professionals to find better and more efficient ways to protect company assets from bad actors and individuals scrambling for answers on how to protect themselves and their families.
“Cybersecurity threats are as big a problem as ever and are a constantly moving target, with smart hackers continually trying to outsmart the security industry,” says Vince Steckler, CEO of Avast.
“Hacking today is an industrialized operation, and—for some nation states—a big part of the espionage and cyberwarfare work they are doing,” adds Rajarshi Gupta, the VP of Data Science at Avast.
2) It's not just about PCs anymore
The number of and types of attacks are constantly changing, further driving the cybersecurity economy. At one time, hackers exploited vulnerabilities in operating systems, creating new viruses and worms to infect a single device. Now, however, hackers are interested in more than just the individual PC. With the explosion of the Internet of Things (IoT) and mobile devices, as well as cloud-based resources, cybercriminals can penetrate a network using any number of entry points and infect and access every piece of data that is shared. This means there are more opportunities for criminals, and the stakes are much higher.
This increase in number and scope of attacks has also increased interest from the financial sector. Cybersecurity “is a good investment opportunity, because what investors may not realize, is that cybersecurity is something that constantly changes,” Steckler says. “The threats change so rapidly and the attack surfaces change so rapidly you do not have large companies that dominate the industry, so it is a very active space for start-ups and new IPOs.”
Avast estimates the market cap for the public cybersecurity industry to be at $158 billion, with about a 10 percent CAGR.
3) Automation brings better protection
“Cybersecurity is pretty much entirely automated today,” explains Gupta. “Cybersecurity has gone from being 100 percent human—then 50 percent, 20 percent, two percent and now barely .2 percent of the work is being done by humans—and everything [else] is done by machines.” Security companies must employ a variety of these hardware, software, and service offerings to make sure all their bases are covered.
Automation also fuels industry growth. “Our growth has been driven by our unique way of protecting consumers,” Steckler says. “It is in the cloud, using machine learning that allows us to scale to an incredible user base of hundreds of millions of users.”
4) The Internet of Things creates new benefits and challenges for businesses and consumers
Devices such as refrigerators, TV set-top boxes and doorbells are now connected to the internet, and cybercriminals are already exploiting them on a regular basis. The problem with most is that they are built by consumer companies where security is not the main focus, according to Gupta. They are online and may have few if any security protections. That’s not to say that they can’t be protected.
“The next big frontier in cybersecurity will be to protect the Internet of Things. With millions of connected devices on the internet, protecting them from hackers anywhere in the world is our challenge as an industry,” Gupta says.
And those constant challenges continue to spur innovation and investment.
“The bad guys are very smart,” Steckler says. “And networks today are very, very complex. And the reason you have to invest so much in security is that the ones that are attacking you are investing a lot, also.”