Cybersecurity is a major issue in the crypto space. There are issues with exchanges, wallets, and even cryptojacking where computers are hacked to mine cryptocurrencies like Monero (XMR).
Cybersecurity issues are just as pervasive outside of the crypto space. In the 90s, we hacking was more of a hobby or a prank. It became big business as more companies digitize their assets - data, intellectual property, etc.
Let's briefly review the current landscape of Cybersecurity, and the main growth drivers at the moment.
1) Growth of Data
We are in the midst of a "Cambrian Explosion of Data":
To put the growth in perspective relative to ancient times:
"Between the dawn of civilization and 2003, we only created five exabytes; now we're creating that amount every two days. By 2020, that figure is predicted to sit at 53 zettabytes (53 trillion gigabytes) -- an increase of 50 times." -- Hal Varian, Chief Economist at Google. (eetimes.com)
While the mind-boggling explosion of data creates opportunities for data scientists, it also expands the landscape for cybercrime. As we will see next, the cyber crimes have indeed increased.
2) Rapid Growth of Cyber Crime (Frequency, Type, and Damage Cost)
Frequency: Let's take a look at some of the trends that are themselves drivers for more awareness in cybersecurity, which usually leads to more spending in the area.
This chart from statista.com shows that there is a general trend of increasing data breaches from 2014-2017. We can also see that businesses were the main target, but also saw increased incidents of data breaches within Financial and Educational areas.
Types of Attacks; Bounty Programs: Worms, Viruses, Trojans, Hybrids, Encrypted Ransomware, Crypto-Jacking (using your computer to mine crypto), DDoS, Malware, Side-Channel, Zero-day etc. The list of types and features of attacks continue to grow. A Zero-day exploit is not a specific attack, but any newly discovered vulnerability. Before anyone can patch it up, the hacker can take advantage of this hole in security. So the list is growing, and there can be unique attack vectors all the time.
Because cyber attacks are dynamic and always evolving, businesses employ "Bounty Programs". Basically, they pay someone to figure out zero-day exploits, and any security risks for that matter, for the purpose of patching them up before someone can exploit the vulnerability.
White-hacker services will continue to see growth because it has no boundary. Someone in Istanbul can participate in the bounty program for a business located in New York. Here's an article from Coindesk about a teen from central Africa who ended up with a career in the world of digital "bounty hunting".
Damage Cost: Cyber crimes are hitting the bottom lines of large multinationals. For example, this Financial Times article from Nov. 2017 noted some key names that had to deal with their bottomline exposure to cyber crime.
"Large multinationals from Mondelez to Moller-Maersk, Reckitt Benckiser to FedEx, were forced to warn shareholders that the ‘NotPetya’ cyber attack had hit their bottom line, costing each company hundreds of millions of dollars. They said that the extent of the damage to their finances was not yet known but projected that the year’s revenue would be hit." (FT.com)
According to cybersecurityventures.com, "Cyber crime damage costs to hit $6 trillion annually by 2021" (csoonline.com). It was $3 trillion in 2015. Yes we are talking TRILLIONS with a "T". In the 90s kids hacked for fun to pull pranks. But now, we are talking nation states stealing secrets or taking over another country's nuclear facilities. Businesses are taking notice.
The above chart shows some businesses that have had big data breaches. The Equifax one hack was extremely costly, surpassing what they paid in cyber insurance of USD 100mil-150mil to an eventual USD 3.5 billion loss in market value, though the final cost is still up in the air.
We have also been seeing ransomeware targeting hospitals. This is another strategic target for hackers because HIPAA compliance makes hospital records extremely valuable. A breach can cost hospitals a staggering amounts in law suits. Also, hospital staff is not known for their cyber savvy and have been sitting ducks.
3) Legal Environment
It is due to the increasingly costly nature of hacks that the government has stepped in to demand more effort in this matter. Financial fiduciaries have the responsibility to secure client's personal information. The US federal government felt the need to put out a mandate to businesses to secure client data. Obama enacted key legislation in 2015, and states have been following up with their own bills as well.
Cybersecurity services not only help prevent and mitigate attacks. They provide audit trails and compliance services. Even if companies want to take their chances, they are now required to take certain minimal actions, which means big business for the world of cybersecurity.
4) Cyber defense price/cost discovery
As noted above, the cost of the Equifax hack was grossly underestimated. The lack of understanding of cyber cost reflects a young market.
I believe as businesses continue to get a better sense of the cost of cyber security, there will be more consistent price signals for the market. It helps that we are seeing more and more studies on cyber cost.
The above IBM infographic displays both the variance in cost between industries as well as the variance between years.
From better matching of cost and price, we will have a more mature ecosystem. I wouldn't call this a "driver" of growth, but simply a marker of how nascent the cybersecurity market still is.