You would be an atypical person if you did not know anything about cybersecurity in 2017. It was a year that really highlighted the level and extent of cyberattacks against some well-established or new players in the industry, including Equifax and Uber. At the beginning of the year the massive and ruthless ransomware attack, WannaCry, hit the whole world. Symantec recorded 80,000 exploits per hour at the height of the attack.
The cybersecurity landscape has both evolved and grown in recent years. During this period, cybercriminals have refined their techniques and tested new scenarios to develop more sophisticated attacks and increase their efficiency.
Methods such as phishing and spear phishing have become the weapons of choice for the best cybercriminals. Between 2016 and 2017, it was identified that more than half of the emails received were spam. We has seen a “steady stream” of phishing attacks in 2017, whether through social networks or email.
According to Gemalto’s Breach Level Index results, in the first half of 2017 alone, piracy amounts to 1.9 billion pieces of data. The cost of these attacks for the industry is alarming. According to the Ponemon Institute’s report, Cost of Data Breach Study 2017, the average cost of a breach for an organization was $3.62 million and for every piece of pirated data, average cost is $141, or even more for sectors like health. The cost of a breach also has an impact on an organization, affecting its image, the trust of its customers and consequently the amount of its action.
When Equifax announced a cyberattack on September 7, 2017, the price of their stock dropped by about 38% and still has not returned to its pre-attack value. Cyber-attacks also have an impact on the management of companies that have been attacked.
The size and scale of cyber-attacks, affecting businesses of all sectors and sizes, is having a positive effect: raising awareness. The scale of these attacks requires the interest of the media. Some like WannaCry and Petya have even made the front page of mainstream newspapers around the world.
The new regulations and major laws are also a reflection of this awareness, for example, the GDPR (General Data Protection Regulation) of EU to be implemented on May 25th 2018.
This upheaval takes place in a context of change for companies, driven by the challenges of digital transformation such as cloud computing, server-less architecture and the widespread use of digital identity. All these changes take place under the watchful eye of the aforementioned regulatory frameworks but also cybercriminals. However, this combination of circumstances is creating a buoyant market for cybersecurity companies that are battling these threats.
Counter-attack on cybersecurity
Studies show that the market for cybersecurity solutions is growing, with a compound annual growth rate of more than 10% and a market expected to reach $173.57 billion by 2022. This is due to the cyber-attacks across all industries, moving operations to the cloud and integrating IoT into our infrastructure.
To combat ever-evolving cyberattacks and a changing attack surface, cybersecurity companies are using the weapon of innovation. Cybersecurity companies are growing, and more established companies are innovating to combat modern, more complex attacks.
The use of technologies like Artificial Intelligence (AI) and Machine Learning make it possible to create a bridge between attack and defense. Innovation in security methods is also a good way to find a balance.
Just as cybercrime makes good use of “Malware as a Service” to make it a more accessible activity, companies specializing in cybercrime also offer services to ensure that any business, regardless of its size , can benefit from the best security services.
This exhilarating combination of rapid market growth and technology and service solutions has created a real upheaval in the investment community. Investors poured a record $3.1 billion into 279 security start-ups in 2016. In 2017, investments in cybersecurity continued to grow, especially with companies like Bastille that received 27 million, Quadium which benefited from 40 million, and finally Threatstack with 45 million among a large number of investments in the sector.
In addition to private investment, governments around the world are also investing in the “workforce” of cybersecurity and the technologies of the future. For example, in the next five years, the United Kingdom has planned to invest $1.9 billion, and the EU is in the process of publishing a report that requires an injection of funds to boost cyber security efforts.
Investments in cybersecurity enable companies, both start-ups and established companies, to innovate not only on the types of techniques and technologies available to counter attacks, but also on how these technologies can be used in a democratized way.
Cybersecurity is an issue related to sectors of all sizes that affect us all, including individuals. The cybersecurity investments we have been witnessing over the last two years will be of paramount importance in order to ensure the level of innovation in solutions, the training of the workforce and also to stem the wave of cyberattacks.