Cybersecurity Update: Q1 2018 in Review

Cyber Security Investing
Security Investing

The Investing News Network looks at the Q1 2018 cybersecurity trends that will set the tone for the industry moving forward.

With Q1 2018 behind us, what we’ve learned so far this year in the cybersecurity market is that hackers continue to find ways to increase sophistication of phishing, malware and cryptojacking, according to a 2018 Webroot Threat Report.

Some of the findings of the report reveal that cryptojacking is gaining traction as more than 5,000 websites have been compromised since September 2017 thanks to javascript cryptocurrency miner CoinHive threatening to mine Monero by way of hijacking site visitors’ CPU power.

The report also highlights that ransomware and all of its variants continue posing threats, which the Investing News Network (INN) reported on in December of last year, highlighting the WannaCry attack last May, NotPetya in June, and BadRabbit in October. Moving into 2018 and what to expect for this year, our 2018 outlook indicated that more of the same would happen this year.

On that note, as we move out of Q1 2018 and into Q2, here INN takes a look back at Q1 as to what the biggest trends in the sector have been so far this year and what to look forward to with insight from experts in the industry.

Cybersecurity Q1 2018: Trends and takeaways

Steve Morgan, founder and Editor-In-Chief at Cybersecurity Ventures said in a report that ransomware was projected to to cost the world $5 billion in 2017, up from $325 million in 2015.

In an email statement to INN, Morgan said that a “growing number” of new companies in the space are attempting to become ethical “white hat” hackers by signing up for programs that cost as low as $20.

“Although hardly everyone that tries actually becomes an ethical hacker, the white hats are definitely gaining ground on the black hats,” Morgan said.In terms of other highlights from Q1, Morgan said Apple’s (NASDAQ:AAPL)’s announcement of a cyber defense solution was particularly noteworthy, stating the company has partnered with Cisco (NASDAQ:CSCO) on a cyber resilience evaluation service offered by AON, and a cyber insurance product from Allianz.

“Cybersecurity has been a part of Apple’s DNA for a long time, and embedded into all of its products,” Morgan said. “I wasn’t expecting them to come forward with a cybersecurity offering that breaks out of its product line. It will be interesting to see if Apple will follow Google’s push into cyber with its new Chronicle business.”

Beyond Q1 2018: Pure-play cybersecurity companies to enter ransomware space, damages to increase

Looking ahead into Q2 2018 and the rest of the year, Morgan said he expects to see more of the larger pure-play cybersecurity companies, as well as major tech vendors, entering the ransomware defense space.

“[Ransomware is ] predicted to reach $11.5 billion in damages by 2019 –– with ransomware attacking a business every 14 seconds by that time,” Morgan said. “The market opportunity will be too big to resist.”

Webroot’s report also said that the spam emails were the long preferred method for distributing ransomware but that an easier method has emerged which is using unsecured remote desktop protocol (RDP) campaigns.

Big tech vendors will continue their push into cyber, shaking up the market and giving pure-play cybersecurity companies a run for their money,” said Morgan on the key factor that one should pay close attention to in the coming months and years.

“New attack tools and frameworks continue to lower the barriers to entry, making it easier for criminals to use fileless attack techniques even if they have little to no technical expertise,” said the report from Barkly. “Fileless attacks techniques are actively bypassing security solutions much more effectively than traditional, file-based attacks. In short, they’re working.”

The report further adds that 77 percent of attacks that successfully compromised organizations in 2017 utilised fileless techniques.

In addition to that, Morgan said that the tide is starting to turn on numerous factors in the industry with the explosion of cybercrime and cybersecurity spending in 2018.

Beyond Q1 2018: Companies will spend more on cybersecurity

Gartner said in its report that organizations will spend more security as a result of regulations, awareness of emerging threats and evolution to a digital business strategy.

“Overall, a large portion of security spending is driven by an organization’s reaction toward security breaches as more high profile cyberattacks and data breaches affect organizations worldwide,” Ruggero Contu, research director at Gartner said. “Cyberattacks such as WannaCry and NotPetya, and most recently the Equifax breach (NYSE:EFX), have a direct effect on security spend, because these types of attacks last up to three years.”

Morgan said that the 2018 list of top cybersecurity companies will be very interesting and that he’s looking forward to the first annual Cybersecurity 500 list that will be announced in May.

“With cybersecurity spending predicted to exceed $1 trillion cumulatively from 2017-2021, and  a continual stream of new VC investments into cybersecurity startups, the market has become increasingly competitive,” Morgan said.

Investor takeaway

Despite the fact that the hackers continue to find a way to harm the systems, companies are still finding ways to step in and prevent attacks.

Investors should note that companies will potentially be spending money to beef up their security systems–meaning that the cybersecurity sector will be an interesting industry to keep an eye for the next quarter and beyond.

Don’t forget to follow us @INN_Technology for real-time news updates!

Securities Disclosure: I, Bala Yogesh, hold no direct investment interest in any company mentioned in this article. 

Editorial Disclosure: The Investing News Network does not guarantee the accuracy or thoroughness of the information reported in the interviews it conducts. The opinions expressed in these interviews do not reflect the opinions of the Investing News Network and do not constitute investment advice. All readers are encouraged to perform their own due diligence.

The Conversation (0)
×