If we’ve learned anything from the cybersecurity market in 2017, it’s that cybercrimes aren’t going anywhere anytime soon and–more importantly–that it’s imperative to be as prepared as possible in preventing them from happening.
Case in point, a 2017 Cybersecurity Ventures report predicts that cybercrime damages will cost roughly $6 trillion by 2021, and will be “one of the biggest challenges that humanity will face” over the next two decades. According to some analysts, 2017 was a wake up call to the fact that no company was too big or too small in being affected by such attacks. Take the WannaCry attack in May, for example, that targeted 150 countries and over 300,000 computers; or NotPetya that swept across Ukraine and Russia a month later; Bad Rabbit in late October is another instance, which impacted organizations in Ukraine and Russia–again.
While it’s clear that cyberattacks and ransomware dominated cybersecurity headlines throughout the year, the Investing News Network (INN) had the opportunity to speak with industry analysts, experts, and companies to provide further insight as to the year’s biggest trends in the sector–and what the biggest takeaways were.
Cybersecurity trends 2017: cybercrime outbreak
As Steve Morgan, founder and editor-in-chief of Cybersecurity Ventures told INN via email, “we are in the midst of a cybercrime epidemic.” As mentioned above, cyberattacks will cost globally $6 trillion by 2021, which is double from where it was in 2015.
“The crime tide definitely lifted the market in 2017,” he added.
Itay Glick, CEO of Votiro–which is a company that specializes in protecting against target attacks–echoed similar sentiments as Morgan, stating that 2017 saw an “enormous increase” in widespread breaches and ransomware attacks, which he believes should decrease instead due to the “endless cybersecurity solutions on the market.”
“As security products continue to become more and more sophisticated, with concepts like app containers and sandboxes, operating systems, security mechanisms and secure programming, it is becoming more and more difficult for hackers to locate high-value bugs and exploit them,” Glick said.
Mike Myshrall, CFO of Cyren (NASDAQ:CYREN) said the company expected to see continued growth in ransomware and phishing attacks, on the heels of the Locky ransomware outbreaks in 2016 and “a doubling of the number of active phishing URLs our security cloud monitors during 2016.”
“Cybercriminals have proven they can repeatedly monetize their attacks, including ransomware-as-a-service and phishing-as-a-service offerings that lower barriers to entry for hackers,” said Myshrall.
That being said, however, in terms of cybercrimes Morgan said that one of the biggest takeaways in 2017 is the realization that “security is a people problem, not a technology problem.”
“While technology advancements are essential, investing into people is the big market shift we’ve seen,” Morgan added. “ In particular, training employees on security awareness in order to reduce spear phishing scams and ransomware attacks. Cross-training IT workers onto cybersecurity.”
Joe Stuntz, vice president of One World Identity (OWI) said that cyber and ransomware attacks such as WannaCry, NotPetya and Bad Rabbit “confirm” that some of the big issues as it relates to security is a “lack of attention” to some cybersecurity basics. With more devices, networks, connections, and so on, the impact of an attack “can be bigger than previously thought.”
“I hope that organizations start to understand that the security team cannot manage everything in a silo, but that the whole organization needs to develop a focus on operating safely in a way that builds trust with stakeholders,” he added.
Cybersecurity trends 2017: mergers and acquisitions
While cybercrimes and ransomware attacks were some of the biggest cybersecurity news stories of 2017, mergers and acquisitions also made the news.
Stuntz told INN that the performance of the cybersecurity market in 2017 was “overall positive” thanks in part to acquisitions and that “the growth of smaller firms as some of the larger publicly traded firms were slightly up to flat for the year.”
According to a CSO Online report, some of the biggest mergers and acquisitions of the year include:
- Palo Alto Networks (NYSE:PANW) acquiring LightCyber for $105 million on February 28;
- A $15.3 billion deal on March 13 by Intel (NASDAQ:INTC) to acquire MobileEye;
- Open Text (NASDAQ:OTEX) announcing its acquisition of Guidance Software (NASDAQ:GUID) for $222 million in July;
- HPE (NYSE:HPE) selling its IT management, big data and security lines to Micro Focus for $8.8 billion, completed on September 1; and
- SAP SE (NYSE:SAP) acquiring Gigya, a maker of a web-based platform for customer identity management and profiling, for $350 million in late September.
Morgan said that he was a little surprised by the low number of initial public offerings (IPOs) in 2017, but said that likely came at the hands of a “brisk” mergers and acquisitions market.
“[M&As] offer attractive liquidity for companies who might have otherwise been contemplating an IPO,” Morgan added.
Cybersecurity trends 2017: challenges
Indeed, it goes without saying that the rise of cybercrimes and ransomware attacks posed a variety of challenges for cybersecurity companies–particularly since it’s difficult to anticipate when the next cyberattack will happen.
Nick Dinsmoor, vice president of VirtualArmour (CSE:VAI) expanded on that, telling INN that one of cybersecurity’s most challenging aspect is simply “to consistently stay ahead of the “bad actors” who are constantly looking for ways to breach the systems, processes and technologies designed to keep them out.”
“The key to success is partnering with the best manufacturers in the industry to ensure that you are able to provide a robust and holistic solution,” he added.
Similarly, Myshrall said one of the most challenging aspects for IT security was the real-time and dynamic nature of threats.
“There’s a very small window of opportunity to prevent infection, measured in seconds and minutes, not hours and days,” Myshrall said. “For most organizations, the most obvious challenge is reacting quickly.”
Cybersecurity trends 2017: company milestones
Despite difficulties faced when it come to cyberattacks, there are still positives and notable occurrences that companies are able to achieve.
Dinsmoor said that VirtualArmour’s sales and technical staff expanded, which gave VirtualArmour the opportunity to add new clients and grow its scope with existing clients.
“The expansion of our technical management platform and specifically our CloudCastr portal has allowed us to maintain our industry-leading retention rates,” he added.
For Cyren, Myshrall said the investment by Warburg Pincus was its most notable 2017 milestone, which occurred later in the year on November 6, 2017.
According to Myshrall, an affiliate of Warburg Pincus acquired roughly 10.6 million shares from Cyren for $1.85 per share, totaling roughly $19.6 million in gross proceeds to Cyren. As a result, Warburg Pincus owns approximately 21.3 percent of Cyren’s outstanding shares.
Cybersecurity trends 2017: government framework
After US president Donald Trump was inaugurated in January of this year, he signed an executive order in May to strengthen cybersecurity of federal networks and critical infrastructure.
That said, little has been done since then in following through on the government’s promised cyber policy in the 90 days following inauguration.
Elsewhere, China implemented new cybersecurity laws in June, which CNBC reported “focuses on protecting personal information and individual privacy, and standardizes the collection and usage of personal information.”
In August, the EU put forth its General Data Protection Regulations (GDPR), although those won’t go into effect until May 25, 2018. With the United Kingdom leaving the EU, it will update its UK’s 1998 Data Protection Act, CSO Online reported.
Cybersecurity trends 2017: investor takeaway
In short, while the rising threat of cybercrimes is hard to ignore, investors can take comfort in knowing there’s a wide range of companies equipped to face the challenges as best as possible.
“The reality is that no one manufacturer has the hardware/software solutions to cover every possible scenario,” Dinsmoor told INN. “Implementing multiple layers of hardware and software protection and combining that with management oversight is the best way to ensure that an enterprise is fully protected.”
As we dust 2017 and its influx of cybercrimes off our shoulders and move into 2018, investors can rest assured that the future of the cybersecurity market looks bright and that it isn’t going away anytime soon.
Don’t forget to follow us @INN_Technology for real-time news updates!
Securities Disclosure: I, Jocelyn Aspa, hold no direct investment interest in any company mentioned in this article.
Editorial Disclosure: VirtualArmour is a client of the Investing News Network. This article is not paid for content.
The Investing News Network does not guarantee the accuracy or thoroughness of the information reported in the interviews it conducts. The opinions expressed in these interviews do not reflect the opinions of the Investing News Network and do not constitute investment advice. All readers are encouraged to perform their own due diligence.