Written By: Susan Smithfield – International Director
In the current business environment—characterized by high connectivity and excessive reliance on digital infrastructure, and in which economists believe informationto have become the new additional factor of production—we are deriving more and more value from our digital assets. But this high valuation has made data a tempting target for malicious attacks by hackers, aiming to use it for a wide variety of purposes. These can include identity theft, stealing funds from bank accounts, extracting funds in the form of ransoms—or even influencing election campaigns.
Atlanta under attack
Cyber-attacks cause great destruction with minimal efforts. Recently, Atlanta was subject to a large-scale hacking that targeted the city’s website and the entire computer system. The hackers used a ransomware to hijack the data, and then they requested a ransom of $51,000 to be paid in bitcoins to secure the return of the data. Citizens began to report their inability to access documents on government websites, among other main disruptions. Even days after the attack, the government was still struggling to collect fees and process bill payments from citizens due to this cyber-attack.
Such attacks are not unusual, although they vary in their scales and targets. In 2017, the targets for cyber-attacks were plenty. They included companies such as Uber, Deloitte and Equifax.
Data and information give tremendous power to those who acquire them. Such power enables hackers and attackers to cause sizeable damage. The costs of damage from cybercrimes are expected to amount to $6 trillion annually by the year 2021, which is bigger than the gross domestic product (GDP) of Germany and the United Kingdom combined. For this reason, the issue of cyber-security matters to business professionals as it involves almost every business function, and it matters also to political leaders as it can be an issue of military superiority and national security.
Low level of maturity in facing the risks
Cybercrimes are increasing in frequency, sophistication and severity of consequences. Organizations with particularly valuable digital assets should build stronger defenses. In general, organizations fall somewhere on a spectrum between highly passive and highly proactive in terms of their cyber-security. Yet more than 90 percent of companies fall at the reactive end of the spectrumand develop their cyber-security capabilities only ex-post.
Generally, the level of maturity in organizations in terms of their cyber-security risk-management remains alarmingly low for a risk of this magnitude. A survey revealed that only 10 percent of organizations have clear and mature processes for managing this type of risk. But despite this, companies that fall behind are becoming more and more aware of how crucial it is to reinforce their digital defenses, which can only mean more demand for relevant services.
Factors that can support the growth of the cyber-security sector
The information-technology (IT) industry is characterized by fast-paced change, and thus there is a constantneed for more advanced solutions. Artificial intelligence (AI) is one example of the areas in which there are constantraces between hackers and protection-solutions providers. The solutions can only be provided by professionals with specialized knowledge, who will likely place a premium on their skills and knowledge. Furthermore, the issue of cyber-security and protecting digital assets has become a strategic one for leaders, especially given the proliferation of cloud storage and computing, and the increasing importance of knowledge management.
Adding to that, there is a growing sense of concern among organizational leaders that their intangible assets are vulnerable to threats, and this fear is altering their priorities. Gradually, security is becoming more important than innovation, and thus it is receiving more attention. Security is, in fact, becoming a prerequisite to innovation. Such change in priorities is very positive for the growth of the sector.
Furthermore, those leaders feel that their capabilities are not enough to counter the increasing levels of risk. Thus, they are demanding more—from regulators, from solutions providers and even from the financial industry, as executives are requesting mechanisms for transferring cyber-security risk, such as cyber-security insurance services.
Based on the above factors, the sector is likely to continue moving forward on its growth trajectory. According to some estimates, the sector is projected to become US$202.36 billionin size in 2021. Another reportexpects the sector to achieve a compound annual growth rate (CAGR) of 4.51 percent on an annual basis until 2026. Some experts predict the CAGR to be even higher at 13.4 percent during the period from 2017 to 2021.
Other estimates see a cumulative expenditure on cyber-security globally reaching $1 trillion in total over the years from 2017 to 2021. This will be concurrent with an increase in demand for cyber-security professionals, and thus 1.5 million job openings are expected by 2019, which will keep the unemployment rate in this sector at an impressive rate of 0 percent.
In general, the estimates are many, and they point to different projected levels of growth. However, all agree that the sector is among the fastest growing in the world.
There isa plethora of factors that make cyber-security an issue of vital importance. Cyber-threats have maximum disruption potential,and with high costs. The vast majority of organizations today engage in damage control only when it comes to those threats—but do not implement preemptive measures to protect the assets of their stakeholders. But this is changing. Budgets for cyber-security are being augmented, and certainlythe demand for such services exceeds the supply. This can only bode well for the cyber-security sector.