Investment Currents: COVID’s Impact on the Cybersecurity Industry
The world has been through dramatic changes since March 11 when the World Health Organization (WHO) held a virtual press conference and WHO director-general, Dr. Tedros Adhanom Ghebreyesus, announced that the COVID-19 outbreak would now be classified as a pandemic. He remarked that, "This is not just a public health crisis. It's a crisis that will touch every sector, so every sector and every individual must be involved in the fight."
With the entire globe needing to work, play, and learn from home or remotely this has resulted in an abrupt change in network traffic supporting the director-general's comments. By the fourth week of March, 84 percent of education sector internet traffic shifted off corporate networks to remote office networks; the government/politics sector and finance sector traffic also followed with a 63 and 35 percent shift, respectively.2 However, this rapid response does not confirm whether planning and existing procedures appropriately prepared organizations to be forced into a remote work environment.
For better insights into whether organizations were adequately prepared, understanding how information technology teams have adapted is of more prominent importance. Many of the underlying responsibilities of these teams have historically been regarded as roles that could not be performed remotely. In a SANS Institute 'Remote Workers Poll', for technology-based professions, 46.7 percent of respondents reported that only 10 percent of their workforce operated remotely before the declaration of a pandemic. Moreover, 68 percent of respondents indicated less than 30 percent of their workforces worked from home – only 3.4 percent reported an entirely remote team. When questioned again during the pandemic, respondent results mimic what was inferred by the shift in network traffic earlier referenced; 82 percent of these technology professionals now detail that at least 80 percent of their workforce is working remotely, with 38.5 percent working 100 percent from home. Overall, SANS resolves that "…most companies reacted quickly and were able to implement traditional security measures in a remote work environment."3 The interpretation of success is reflective of implementation planning leading up to the pandemic and reveals the agility of numerous technical teams. Still, traditional security measures and subsisting philosophies may not be enough to guard against emerging threats in the new, more elaborate, working model where consumers and businesses alike reimagine where work and fun are conducted.
On April 1, the Federal Bureau of Investigation (FBI) released an alert (I-040120-PSA), which "…anticipates cyber actors will exploit increased use of virtual environments by agencies, the private sector, private organizations, and individuals as a result of the COVID-19 pandemic." In the same announcement, the FBI's Internet Crime Complaint Center reported that they had already collected more than 1,200 complaints linked to COVID-19 scams4. Microsoft published analysis seven days subsequent the FBI's public service announcement revealing that in just 29 days after the WHO's declaration, attackers were already sending out 60,000 COVID-19 themed malicious emails daily (i.e., phishing). However, Microsoft's threat intelligence team encounters millions of targeted messages per day, making pandemic-related content less than two percent of the total threat volume they track5.
While phishing is a common vector for attack, malicious cyber actors will exploit the pandemic through an array of methods. The FBI highlighted four means by which cyber actors could exploit applications used by a remote workforce. This includes malicious telework software received from an untrusted source or by the actor mimicking a trusted vendor, the targeting of internet-based communication tools to bug meetings or disrupt service, compromising remote desktop applications as a road to other targets, or even the supply chain of an organization which rents technology from a foreign entity.
The fast transformation to a remote workforce combined with lingering anxiety and uncertainty from a global pandemic joined with a prevailing lack of security hygiene awareness by employees creates critical operational risks. This blend presents a comprehensive opportunity for malicious actors to take advantage of vulnerabilities, but also provides companies a chance to reinvent their security posture and make cybersecurity an embedded necessity.
The market size of the cybersecurity industry is presently valued at USD 167.1 billion and is forecasted to grow to USD 326.4 billion by 2027, reflecting a compound annual growth rate of 10 percent6. The industry can be split into Hardware, Software, and Service components; Service is then further divided into Professional or Managed offerings. Commonly, Professional Services are used for project-based work where the provider will serve in a consulting capacity; alternatively, Managed Services are usually contract-based IT solutions that function as an augmentation of a company. In 2019, Service vendors accounted for 54.7 percent of the market; with the flexibility of these offerings and greater cost efficiency relative to in-house staffing, service vendors are anticipated to sustain their significant portion of the market. Hardware components are the physical devices applied as an extra layer of assurance to secure a network and its data against cyber-attacks and unauthorized access before a system is jeopardized. Out of the three components, the hardware segment is forecasted to have the highest compound annual growth rate through 20276. Software is consequently used adjacent to other present hardware and operates to guard the system internally. Software solutions are frequently more cost-effective than hardware-based security and allow an end-user the capacity to revise what is deployed as new threats emerge; however, in most cases, the software alone is not adequate as standalone protection.
Accenture estimates that an average of 10.9 percent of IT budgets is spent on cybersecurity programs and recognize advanced technologies as a growing venture to secure the cyber ecosystem7. Going onward, 70 percent of Chief Information Officers expect the apportionment to cybersecurity likely to increase8. Disruption was ever-present in the space well before the global pandemic. The disorder creates an opportunity for establishments to transform their practice and investors to identify what will benefit defenders the most.
The transformation from cloud computing (i.e., computer services delivered over the internet) will help the dispersion of employees, but, with it, the phones and computers that increasingly become owned by the individual, rather than the company, will present risks. Furthermore, the number of endpoints (remote network-connected devices) is increasing, which means that there is also growth in entry points for criminals to exploit. Still, cybersecurity teams can also use cloud computing as a solution to this disruption by addressing the challenges in securing these devices remotely. One resolution to manage internet-enabled devices is Unified Endpoint Management (UEM) software which affords flexibility for the modern workspace to use one platform to control and protect endpoints.
While conditions evolve cybersecurity operations, third-party partners (services) will proceed to be a valuable resource to evaluate cybersecurity risks, assist in the implementation of new solutions, or be an extension of an organization in monitoring for or responding to incidents. These two solutions solely can serve the 93 percent of security decision-makers surveyed by Symantec, who believe they must enhance their cloud security skills and the 84 percent of these individuals who feel that additional staff are required.
The pandemic has undoubtedly touched every sector and shaped how workforces conduct business. The WHO's director-general may not have been pointing to cybersecurity when he said, "…every sector and every individual must be involved in the fight," but it is rather fitting. Safeguarding the enterprise must be recognized as an indispensable business operation, making cybersecurity an interesting industry for investors to consider.
Given the ongoing changes due to the global pandemic and the significant investment implications, working with a financial advisor can help you navigate the markets and create an investment strategy that matches your time horizon and risk tolerance. To have a conversation about your financial goals and how we can help, please reach out to a Girard advisor.
- WHO Press Conference
- BitSight Remote Workforce
- SANS Remote Worker Poll
- IC3 FBI PSA
- Microsoft Threat Intelligence
- Grand View Research
- Accenture State of Cyber Resilience
- Adobe Survey
- Broadcom CSTR
This article is for general information purposes only and is not intended to provide legal, tax, accounting or financial advice. The information in this article, and any opinions expressed therein, do not constitute a recommendation or an offer to buy or sell any security or financial instrument. Viewers should consult with their financial and/or legal professionals before making any financial decisions.