Security Market Update: Q1 2019 in Review

Q1 2019 witnessed one of the largest data breaches in history, with over 770 million cumulative email addresses and passwords exposed in various hacks all put out together.

According to an EY Global Information Security Survey, the average cost of a data breach in the US last year was US$3.2 million. The survey further notes that 77 percent of 1,400 surveyed organizations were not adequately armored to counter cybersecurity attacks.

Cybersecurity threats are a crucial externality facing the industry, and CB Insights reports that there is a shortage of qualified security professionals, estimated at only 3 million individuals worldwide.

In line with this, as advances in e-commerce, big data and cloud computing continue to shape the business landscape, cyberattacks in turn have increased in volume. Here, the Investing News Network (INN) looks back at Q1 trends and the outlook for the upcoming quarter and year.

Security market update: Trends and takeaways

In February, Cisco (NASDAQ:CSCO) and Cybersecurity Ventures co-published the first annual Cybersecurity Almanac, a comprehensive overview of the cybersecurity industry. It cites FBI Internet Crime Complaint Center numbers showing that only 10 to 12 percent of cybersecurity attacks are reported yearly.

According to CB Insights, email threats are the largest security threat for individuals and organizations. To curtail these threats, tech companies are developing software that harnesses cryptography, machine learning and artificial intelligence (AI) to defend against these attacks.

For example, Inky, a cloud-based email software platform, uses machine learning to detect malware and suspicious emails, and Pixm, an AI-driven phishing protection software, safeguards users’ email inboxes and data on social media platforms such as LinkedIn, Slack and Facebook (NASDAQ:FB).

By 2022, Frost & Sullivan expects the email security market to be valued at US$3.58 billion.

With that being said, organizations are still ill equipped to defend from the spectrum of these attacks. According to EY’s report, only 6 percent of organizations surveyed are operating with cyber defense structures that meet the organization’s security needs.

When it comes to cryptocurrencies, Steve Morgan, editor in chief of Cybersecurity Ventures, told INN that he predicts that, by 2021, over 70 percent of transactions will be driven by criminal activity, a stark increase from the present, where the number is at 20 percent for the five primary cryptocurrencies.

Cryptocurrencies are popular among criminals because they can be used to evade sanctions and hide the origin of funds, making money laundering and other criminal activities easier and harder to trace, according to CB Insights.

In the venture capital space, a number of major deals took place over the first quarter. In January, Rubrik, a software company that provides data protection, governance and compliance services on the cloud, received US$261 million in Series E funding, with notable partners in the funding round including Bain Capital Ventures and Lightspeed Venture Partners.

Another company that did this is San Francisco-based OneLogin, which raised US$100 million in Q1. OneLogin is a secure access and identity management company with over 2,500 global customers.

Meanwhile, the security industry’s workforce is reporting strides in inclusion. A 2018 study by Cybersecurity Ventures predicts that the percentage of women in the cybersecurity workforce will rise to 20 percent worldwide in 2019, up from 11 percent in 2013. 

Additionally, Morgan said, there are a number of leading female entrepreneurs in the venture capital space. Quartz has developed an index of founders backed by venture capital funding based on data from Pitchbook, and it shows that female founders in the cybersecurity sector raised $459 million in 2018.

In a March press release, Equifax (NYSE:EFX) Chief Information Security Officer Jamil Farshchi said, “Change is coming for women in the cybersecurity industry, but not nearly fast enough.” Equifax’s security department is currently 28 percent female.

Security market update: Shifting focus, growth opportunities and education

With the cybersecurity market anticipated to grow 15 to 20 percent each year over the next three years, the FBI has shifted its focus.

“The cyber division is the crux of where the organization is going. The FBI has to be able to adjust and adapt to the environment in which [cyber criminals] operate,” Amy Hess, executive assistant director of the Criminal, Cyber, Response and Services branch of the FBI, told Cybersecurity Ventures.

As the potential for data breaches increases, companies are looking at prevention tactics. Frost & Sullivan notes that attention directed towards automation, data compliance, threat analytics, behavioral analysis and email security training could create opportunities for growth.

“Already, vendors like Mimecast (NASDAQ:MIME) offer a fully integrated suite of proprietary cloud services, while the Symantec (NASDAQ:SYMC) Email Security cloud solution tightly integrates with security environments via the Symantec Integrated Cyber Defense platform,” said Frost & Sullivan Senior Industry Analyst Tony Massimini.

Integrated solutions are also in demand, including the need for awareness and education. With over 17 acclaimed centers of excellence, Maryland is the top cyber education state in the US.

Meanwhile, Cylab, located in Pittsburgh, Pennsylvania, is a 25,000 square foot facility focused on security and data protection. As part of Carnegie Mellon University, it works in partnership with government agencies and companies including Facebook, Boeing (NYSE:BA) and Microsoft (NASDAQ:MSFT).

The center is working on facial recognition technology powered by AI to improve security threat detection. In addition, it applies iris detection technology that has the ability to identify an individual’s iris from 40 feet away. Each individual has a unique iris, similar to a fingerprint.

Security market update: Investor takeaway

The investment landscape for the security sector is marked with anticipated IPOs, major acquisitions and potential healthy share price increases. In addition, organizations across multiple sectors are continuing to secure contracts and invest in cyber defense technology.

The cybersecurity sector saw a record US$5.3 billion in venture capital funding in 2018. In a season marked with many IPOs — over 26 IPOs have raised US$6.6 billion year-to-date — two major security IPOs are expected to take place in 2019. The first is for Tanium, an endpoint security company, and the second is for CrowdStrike, a cloud-data security endpoint company.

In January, Mastercard (NYSE:MA) acquired Toronto-based Ethoca to strengthen its security platform. “Advancements in technology are enabling us to transform the experience for our customers,”  Mastercard President of Cyber and Intelligence Solutions Ajay Bhalla said to Betakit. The deal is expected to close in the second quarter of 2019.

Additionally, a number of security companies on the NASDAQ saw their share prices advance over the quarter, with Identiv (NASDAQ:INVE) gaining 33.33 percent, Napco Security Technologies (NASDAQ:NSSC) rising over 31 percent and Zix (NASDAQ:ZIXI) increasing over 26 percent as of April 10.

“We are witnessing a paradigm shift in enterprise cybersecurity. Organizations are shifting from passive defense to active defense, including embracing white-hats for simulating cyber attacks and more,” reports CB Insights.

In short, from federal agencies to venture capitalists to large companies, organizations are securing contracts and adopting security technology to minimize the cost of facing threats and attacks.

Don’t forget to follow us@INN_Technology for real-time news updates!

Securities Disclosure: I, Dorothy Neufeld, hold no direct investment interest in any company mentioned in this article.

Editorial Disclosure: The Investing News Network does not guarantee the accuracy or thoroughness of the information reported in the interviews it conducts. The opinions expressed in these interviews do not reflect the opinions of the Investing News Network and do not constitute investment advice. All readers are encouraged to perform their own due diligence.