Cybersecurity Industry

of four

Cybersecurity - Trends

Six trends in cybersecurity include increased mobile attacks, increased cloud attacks, attacks utilizing AI, automated cybersecurity defense, IoT device risks, and a rise of insider attacks.

Mobile Attacks

  • 2020 will see an increase in mobile cybersecurity treats, including phishing attacks via SMS or phone call.
  • This trend is being driven by the increase in use of mobile for business activities, and an increase in the amount of data stored on mobile phones.

Cloud Attacks

  • One trend in cybersecurity for 2020 will be the increase in cyber attacks on data stored in the cloud.
  • This trend is being driven by the increased use of the cloud and the blurring of company infrastructure with the infrastructure of cloud providers.

Attacks Utilizing AI

  • Phishing attacks and other attacks will be strengthened by the use of AI in 2020, including using AI algorithms to increase attack conversion rates.
  • While AI has so far been used mostly to defend against attacks, attackers are now beginning to utilize the technology which will make attacks more widespread and hard to manage.

Automated Cyber Security Defense

  • Automation is being used to increase cybersecurity defenses.
  • This trend is being driven by the lack of cybersecurity professionals, and startups are starting to capitalize on this trend by offering cybersecurity automation products.

IoT Device Risks

  • With the widespread adaption of 5G infrastructure predicted for 2020, there will be an increase in the number of IoT devices and therefore an increase in the risk associated with these devices.
  • Adding to this threat is that most IoT devices are built on new technology, so the security of these devices is not fully developed and can provide hackers a way to reach other, more secure devices connected to the IoT devices.

Rise of Insider Attacks

  • This threat is being driven by the increase in security of most organizations, making outsider attacks more challenging and expensive and therefore driving insider attacks. As outsider attacks become more expensive, hackers will be willing to offer more to insiders to assist in the attacks.

Research Strategy

Trends were chosen based on their inclusion in multiple expert publications.
of four

Cybersecurity - Pain Points

Four pain points for the cybersecurity industry include that attacks are possible around the clock, the skills gap in cybersecurity professionals, the challenge of asset management and alert fatigue.

Attacks Possible 24/7

  • One pain point for the cybersecurity industry is that attacks are possible around the clock, meaning that companies need to have their cybersecurity defenses operating at all time, and cyber security professionals are on-call 24/7.
  • Some solutions to this problem include partnering with third-party security provides, having security alerts sent to cybersecurity professionals via mobile phone so they can be reached remotely, and using automated defense technology.

Skills Gap

  • There is a major shortage of skilled professionals in the cybersecurity field, including professionals for security analysis and investigation, application security, and cloud security.
  • One way to address this shortage is utilizing automated security defense programs and utilizing third-party security solutions.

Asset Management

  • With the increasing number of cyber assets being utilized by companies, one pain point for the cybersecurity industry is keeping up with the security maintenance of the numerous outdated assets.
  • This can be addressed by creating a company-wide policy of asset controls and a company-wide vulnerability management program. This includes having strong company leaders in charge of maintaining these systems and providing employees easy ways to ensure the devices they use for work are secure.

Alert Fatigue

  • Cybersecurity professionals are reacting to a multitude of false alerts, leading to alert fatigue and decreasing the amount of time these professionals can work to prevent and mitigate real threats.
  • However, AI and smart technology can be utilized to help sort through all the alerts and identify the real ones, so professionals can focus on those.
of four

Cybersecurity - New Technologies

Four new technologies being utilized in the field of cybersecurity include hardware authentication, deep learning, deepfake technology and user behavior analytics.

Hardware Authentication

  • As usernames and passwords become easier to hack, companies are moving to hardware authentication. Users will now need to have a certain device which acts as a token of authenticity, making it harder to log in on a device that is not the users.
  • One example of this is Intel's Authenticate solution for its sixth-generation Core vPro processor.

Deep Learning

  • Deep learning combines artificial intelligence and machine learning to monitor for malicious activity. Going beyond behavior analytics, deep learning looks at entities rather than single users, and can be used to mitigate advanced persistent threats.
  • Deep Instinct is one company offering deep learning solutions for cybersecurity applications. The focus of the company is preventing threats in "zero-time".

Deepfake Technology

  • Deepfake technology is an emerging technology that allows the manipulation of video and voice in ways that appear extremely real. Hackers may use this technology for sophisticated phishing scams.
  • Some startups are addressing this issue by creating software that detects these deepfakes. These startups include Truepic and Serelay.

User Behavior Analytics

  • User behavior analytics is being used to detect malicious and suspicious behavior, which can alert to cybersecurity threats. The technology uses big data analytics to identify attacks right after they happen based on the hackers abnormal behavior.
  • Some examples of companies offering user behavior analytic solutions for cybersecurity include Aruba, Dtex and Exabeam.
of four

Cybersecurity - Predictions

Six future predictions for the field of cybersecurity include market growth, regional growth, an increase in mergers and acquisitions, an increase in cybersecurity budgets for organizations, an increase in attacks targeted at governments and healthcare sectors and the development of a cyber insurance industry.

Market Growth

  • The global cybersecurity market is expected to reach $300 billion by 2024, an increase from the 2017 value of $120 billion.

Regional Growth

  • The Asia-Pacific region is expected to grow at a CAGR of 20% due to extensive digitization in the area and growing smartphone adoption.
  • Additionally, the cybersecurity industry in Europe is expected to continue to grow exponentially due to government-investments and increased public-private partnerships geared at improving cybersecurity.

Mergers & Acquisitions

  • The future of the cybersecurity industry will see more mergers and acquisitions for security firms, as smaller startups are acquired by larger traditional security vendors.

Increase in Cybersecurity Budgets

  • Experts predict that 2020 will see increases to company cybersecurity budgets. However, due to the large number of threats, the challenge of maintaining all cyber assets, and continued technological advances of hacking schemes, the increase in spending is not predicted to drastically decrease the number of successful attacks.

Focus on Government and Healthcare Sectors

Development of Cyber Insurance Industry

  • Increased legislation and the increasing cost and number of attacks is leading to the development of a cyber insurance industry. Governments and companies are considering purchasing cyber insurance, leading to predictions that the industry will grow from less than $1.5 billion in 2016 to more than $20 billion by 2025.