In this article, Lindsay Strickland, senior portfolio advisor at RBC Wealth Management, explores the shifting cybersecurity investment landscape.
Cybersecurity was already in focus [pre-2020], but COVID-19 has front-loaded years of future spending into the near term, fostering new business processes.
Cybersecurity spending has been a growing area of information technology spend for years, with breaches increasing in frequency, data size, and financial and reputational consequences. No industry is spared and no company isolated from cyberattack attempts, which can often result in successful attacks.
The ramifications are wide and often all-encompassing, with loss of information, business disruption as well as likely customer distrust. These attacks and incidents can come from both outside hackers and corporate insiders.
Cybersecurity exists to combat cyberattacks, with the most common being: illegally obtaining corporate information via compromising business emails; identity theft; ransomware (malicious software that prevents access to files, systems, or networks, and typically demands a ransom for release); and phishing or spoofing, which tries to trick individuals into providing sensitive information.
Gartner currently sizes the information security and risk management market at $124bn in 2020, which RBC Capital Markets believes could reach $176bn in 2025, representing a compound annual growth rate of 7.3%. The majority of cybersecurity spending is for legacy security needs, but this approach could drastically change due to the work-from-home environment caused by COVID-19 — a transformation that is likely here to stay.
The negative statistics were already accelerating at a frightening pace prior to COVID-19, with Accenture [ACN] stating that security breaches have increased by 11% since 2018 and 67% since 2014.
“Gartner currently sizes the information security and risk management market at $124bn in 2020, which RBC Capital Markets believes could reach $176bn in 2025, representing a compound annual growth rate of 7.3%”
According to the University of Maryland, hackers attack computers with internet access every 39 seconds, on average 2,244 times a day. Even with an increasing amount of dollars being devoted to identifying these breaches and correcting them, an IBM [IBM] study found the average time it took companies to recognise a breach in 2019 was 206 days, and the average cost to a company was $3.9m.
Worms, viruses, and cyberthreats, oh my!
Cybersecurity has evolved over the years, from fighting the first computer worm in 1988 to countering credit card breaches, to protecting networks, to safeguarding the cloud. An increase in devices per user and the billions of connected devices within the Internet of Things have made points of access explode. A suddenly remote and distributed workforce has amplified the need for different cybersecurity solutions.
It’s highly likely that the changes thrust upon corporations in light of COVID-19 will only escalate the need for continued spending on cybersecurity. RBC Capital Markets believes COVID-19 has accelerated changes to security spend by five years.
Key areas likely to be focused on are: cloud security; application access and security; identity; protecting workloads (an expansion of the idea of endpoint security or anti-virus); and monitoring and observability.
“Key areas likely to be focused on are: cloud security; application access and security; identity; protecting workloads (an expansion of the idea of endpoint security or anti-virus); and monitoring and observability”
New emerging trends include: Secure Access Service Edge (SASE), which supports the digital transformation of enterprises and the dissolution of the traditional network perimeter to enable security at the point of access, and Zero-Trust Network Access (ZTNA), which provides identity-aware access to eliminate the excessive “implicit trust” inherent in wide network access that malicious actors can exploit.
Branch offices as far as the eye can see
RBC Capital Markets refers to the paradigm shift toward location-agnostic work that has been triggered by COVID-19 as “Work 2.0.” Although time will tell how many workers shift from the office to working from home, an RBC Capital Markets’ survey suggested nearly 60% of employees had never worked from home prior to COVID-19, with an additional 15% working from home just a few days per month.
Although it’s hard to know how many employees will eventually return to the office full time, it’s highly likely that the majority of employees will want some increased flexibility going forward.
This could be a win-win situation, as corporations are interested in both the real estate savings and a reduced carbon footprint with fewer employees commuting. But increased corporate network access at home impacts the structure of cybersecurity spend. According to RBC Capital Markets, traditional infrastructure was designed to accommodate 15%-20% of employees working remotely, which will likely be much higher going forward.
Digital documents the way of the future
With enhanced security software in place, old processes can safely evolve. Just as the world has embraced the transition from coins, cash, and cheques to credit cards, mobile payments, and contactless payments, the corporate world is in the early stages of moving from legacy paper to digital contracts.
Real estate has been an early adopter of the technology, but large swathes of the economy still haven’t had the same uptake, including most areas of the government.
RBC Capital Markets surveyed 1,000 so-called “knowledge workers” (i.e. those who think for a living, such as engineers, scientists, accountants, lawyers, and academics) regarding their usage and thoughts toward information technologies. The survey showed the growing importance of many new communications tools spurred by COVID-19, with esignature solutions cited as the number four rising new technology.
“RBC Capital Markets believes the opportunity for this emerging trend was $51bn pre-COVID-19, but expanded to $86bn as workers and individuals are likely to find ways to engage in business, yet do it with less face-to-face interaction than six months ago”
An electronic signature, or esignature, is a legal way to consent to electronic documents or forms and replaces a handwritten signature. The survey found that 32% of respondents said they are using esignature tools more now that they are working from home due to COVID-19 than before.
RBC Capital Markets believes the opportunity for this emerging trend was $51bn pre-COVID-19, but expanded to $86bn as workers and individuals are likely to find ways to engage in business, yet do it with less face-to-face interaction than six months ago.
Perspective evolves from a crisis
A crisis can quickly evolve an individual’s and corporation’s perspective, and we are likely in the midst of such a paradigm shift.
More employees are working from home, and the benefits that come with that — for both the employee and corporation — are being realised, with spending being reallocated to effect this transformation.
Many old processes are being tossed out, in favour of new technology, both out of necessity as well as an understanding that the old way may not have been the best way.
This report, originally published here by RBC Wealth Management, is part of the firm’s “New normal, new opportunities” series, which examines secular trends in a post-COVID-19 world. The series covers a range of themes that are emerging as a result of social distancing, the work-from-home imperative, healthcare developments, corporate implications, and broader societal change. RBC believes that identifying these trends and understanding their investment implications will be critical to navigating the road ahead.
Disclaimer Past performance is not a reliable indicator of future results.
CMC Markets is an execution-only service provider. The material (whether or not it states any opinions) is for general information purposes only, and does not take into account your personal circumstances or objectives. Nothing in this material is (or should be considered to be) financial, investment or other advice on which reliance should be placed. No opinion given in the material constitutes a recommendation by CMC Markets or the author that any particular investment, security, transaction or investment strategy is suitable for any specific person.
The material has not been prepared in accordance with legal requirements designed to promote the independence of investment research. Although we are not specifically prevented from dealing before providing this material, we do not seek to take advantage of the material prior to its dissemination.
CMC Markets does not endorse or offer opinion on the trading strategies used by the author. Their trading strategies do not guarantee any return and CMC Markets shall not be held responsible for any loss that you may incur, either directly or indirectly, arising from any investment based on any information contained herein.
*Tax treatment depends on individual circumstances and can change or may differ in a jurisdiction other than the UK.