How Cyber Security Threats are Growing

Viruses, worms, firewalls, trojans, ransomware: the vocabulary of cybercrime has evolved as much as the threat itself. From software security to infrastructure, these days no sector - nor indeed the myriad devices we rely on - is completely shielded from hackers.

But there is also a greater desire to tackle this threat and with it a chance for investors to capitalise on the growth of the cybersecurity sector.

'One of the Greatest Threats Facing Mankind'

Global research firm Cybersecurity Ventures calls cybercrime one of the greatest threats facing mankind, and cites the five most attacked industries as healthcare, manufacturing, financial services, government, and transportation. Nor is social media immune: earlier this month, Facebook revealed a security breach in which hackers gained access to almost 50 million accounts.

A breach of privacy is one thing, but cybercrime is being treated first and foremost as an economic threat. Whereas global military spending is about $1.7 trillion, according to Cybersecurity Ventures, cybercrime will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015.

"This represents the greatest transfer of economic wealth in history, risks the incentives for innovation and investment, and will be more profitable than the global trade of all major illegal drugs combined," says Cybersecurity Ventures editor-in-chief Steven Morgan.

Indeed, as the US congressional elections approach, the threat of cybercrime has sharpened the minds of the hawks in the White House who late last month launched a new national cybersecurity strategy in a bid to tackle what is sees as inevitable threats to disrupt the midterms set down for 6 November.

For cyber experts, the Trump administration’s overhaul of America's cybersecurity strategy is long overdue and much tougher than the previous administration's plan. America is still smarting from an attack on Sony Pictures in November 2014, allegedly sponsored by North Korea, in which hackers first leaked personal data on staff and their families before erasing Sony's computer infrastructure.

Another data breach followed the year after, in which China was accused of hacking the US Office of Personnel Management and gaining access to the personal records of up to four million people.

Tackling Cybercrime

There are now close to four billion people with access to the internet globally, while the number of devices connected to the internet is more than double that, notes Tamas Calderwood of BetaShares.

By 2020, there will be 30 billion devices connected to the internet. The more devices we accumulate, the more this global connection grows.

"You already buy a fridge that will send you a photo of its inventory and a doorbell that will alert your phone and stream video allowing you to talk to your visitor while on the other side of the planet," Calderwood says.

"What's coming next, though, are billions of sensors that will measure temperatures, moisture, movement, traffic, crowds, travel times, speeds, positions, chemical concentrations, everything."

The sensors in these devices will use little power, have long-life batteries and monitor everything from agriculture and traffic movements to public transport, offices and homes.

"They will be used to help run factories, optimise logistics, manage inventories, avoid traffic jams, schedule timetables and prevent machines breaking down," Calderwood says. "We already produce over 2.5 quintillion bytes of data every day and 90 per cent of all the data that exists in the world today - text, photos, measurements, everything - was created in the last two years."

The two big themes in cybersecurity are complexity and consolidation, says Morningstar equity analyst William Fitzsimmons. "In terms of complexity, today, the vectors of attack for enterprises are becoming much more complex. You have firewall, you have software-as-a-service, you have endpoint security, cloud security. They are making the enterprise security efforts much more byzantine.

"In terms of consolidation, it used to be that a point vendor would sell you the services for endpoint which would be separate from firewall. Now we're seeing consolidation where one vendor like Palo Alto can do all those things together. For a lot of businesses in our coverage, cyber security vendors have moved from deriving their revenue from one-time product and hardware sales to software, which has led to subscription-service sales.

Security investments across major enterprises remain robust, Fitzsimmons says, adding that major businesses are incentivised to spend more on cybersecurity infrastructure to avoid headline scandals that could damage consumer trust.

"Given that backdrop, the cybersecurity industry has increasingly gained attention as a potentially lucrative place to invest. Tailwinds remain strong and the shift to subscription software has created more predictable revenue streams."