Heading toward a USD 2 billion market in India

Every year technologists, security professionals, and risk managers comment extensively on the unprecedented level of change one has experienced, or will experience, as they move from year to year. In fact, change – and the proliferation of new threats – has become the only constant. The digital transformation of the global economy continues to be an ever-accelerating evolution of the ways organizations conduct business, work, and life.

This digital shift comes with a second-order effect that is far less recognized. As industry after industry embraces digital technology and data to change the nature of their business and their customer interactions, their enterprise cyber risk profiles change just as profoundly.

Security professionals believe the future of cyber risk management must be proactive, oriented around sharing threat intelligence, and collaborating within (and across) enterprises and industries, IT staff must constantly hunt for bad actors, and raise the bar on preparedness for the inevitable day when a strike does come.

Global scenario

With data breach numbers continuing to creep upward and digital transformation efforts exposing enterprises to new cyber security risks across numerous business dimensions, it is no surprise that analysts expect another big year for security spending worldwide.

In 2018, worldwide spending on information security products and services is estimated by Gartner at USD 114 billion, an increase of 12.4 percent from last year. In 2019, the market is forecast to grow 8.7 percent to USD 124 billion. This pace of growth will outstrip general IT spending increases; the overall IT spending will only see a 3.2 percent bump this year. The main driver of this spending is cyber security concerns as well as changes in regulations. Research support this: 56 percent of companies report that they have increased security concerns while 37 percent report they must focus on recent changes to regulations. All of this results in the need to invest more in detection and response capabilities, especially innovative solutions that overcome traditional challenges and address digital business risks.

The three key drivers for cyber-security spending may be listed as security risks, business needs, and industry changes. Data privacy concerns are also becoming a key factor, driving market demand for security services through 2019. Additionally, data privacy will impact a variety of segments, such as identity and access management (IAM), identity governance and administration (IGA), and data loss prevention (DLP).

Security leaders are striving to help their organizations securely use technology platforms to become more competitive, and drive growth for the business. Persisting skills shortages and regulatory changes like the EU’s Global Data Protection Regulation (GDPR) are driving continued growth in the security services market.

An increased focus on building detection and response capabilities, privacy regulations such as GDPR, and the need to address digital business risks are the main drivers for global security spending through 2019.

Network security spending continues to grow as organizations enter a multi-cloud reality. Customers continue to embrace vendors that offer a platform approach to manageability and simplification across environments in addition to addressing the latest threats. Vendors that can address security in a dynamic, multi-cloud manner will ultimately be successful.

Asia-Pacific scenario

The proportion of companies in Asia-Pacific, hit with a financial impact of more than USD 5 million from a cyber breach, is more than double that of the global average of 8 percent.

Every time the attackers succeed, there is a financial impact on the company targeted. This includes out-of-pocket expenses, legal fees, reputational damage, and loss of business. 17 percent of companies in Australia, China, India, and Japan saw the financial impact of more than USD 5 million from their most severe breach in the past year. Across the Asia-Pacific region as a whole, this figure is 16 percent of companies, which is still measurably greater than the 8 percent global figure. According to Cisco’s fifth annual survey, companies in Australia and Japan saw the highest increase year-on-year in this metric, with 47 percent of respondents in Australia and 12 percent in Japan reporting costs of greater than USD 5 million, compared to 17 percent and 3 percent, respectively, reported in both countries in 2018.

However, a greater number of companies are also experiencing lower breach costs, with 39 percent of companies in the region able to contain the cost of a cyber breach to below USD 500,000. This is 6 percentage points below the 33 percent recorded in 2018.

While cost to the business is clearly a focus, security professionals are changing the way they measure their success based on security outcomes, with many companies moving toward remediation as a key indicator of security effectiveness.

More security leaders are now focused on time to remediate than time to detect, and the metric has risen in popularity as a success metric globally – 48 percent of respondents in Asia-Pacific cited this, compared to 36 percent in 2018. This is in line with the worldwide results.

The fact that an increasing number of companies are being able to contain this cost is a sign that businesses are starting to gain more control and balance their risks when hit by a breach. While this is a move in the right direction, a lot more needs to be done.

In 2018, it is estimated that an almost instant detection of a cyber security breach within a large enterprise costs the business USD 433,000. If detection is delayed by more than a week, the figure triples to an average of USD 1,204,000.

Indian scenario

The Indian enterprise spending on cyber security products and services is estimated at Rs 11,500 crore in 2018, an increase of 12.5 percent from 2017. It is anticipated to reach Rs 12,730 crore in 2019. Introduction of supportive government regulations to mandate deployment of data security solutions is anticipated to boost the growth of cyber security market in India. Further, rise in need for effective investigation, prevention, and prosecution of cyber-crime to ensure secure cyberspace are projected to increase the demand for advanced cyber security solutions during the forecast period. In contrast, shortage of skilled professionals in cyber security space along with lack of digital transformation in organizations is anticipated to limit the market growth.

The Government of India is aimed at collaborating with private players to drive digital transformation among various verticals, which increases the need for deployment of enhanced cyber security measures to safeguard critical business information from unauthorized access. Moreover, increase in data center virtualization, strategic collaboration among key vendors in the ecosystem, enterprise mobility, and cloud deployments are some of the major trends observed in the country.

Key players in the India cyber security market are focused toward offering specialized solutions that can cater to individual information security needs perfectly. Some of the major players in the Indian cyber security market include Check Point, Cisco Systems Inc., Dell (Sonic Wall), Fortinet Inc., HP, IBM Corporation, Intel (McAfee), Juniper, Pulse Secure, Sangfor, Telesoft Technologies, and Sophos.

Organizations continue to feel the pressure to find the right people with the right skills to grow their security teams, particularly given the 24/7 nature of security operations functions. These ongoing skills shortages are driving demand for security services, particularly security outsourcing, managed security services, and security consulting. The security services market in India will grow from Rs 5930 crore in 2018 to Rs 6700 crore in 2019, an increase of 13 percent year-on-year.

Key enterprise security product segments include integrated risk management software (26.6 percent growth); data security (12.4 percent growth); infrastructure protection (11.7 percent growth); identity and access management (10.9 percent growth); and network security equipment (10.3 percent growth).

These established security products segments benefit from strong growth rates, thanks to net new adopters who are looking to rapidly increase their investments in security technology. Additionally, existing buyers of these technologies are looking to acquire more-advanced capabilities in these areas.

Cybersecurity trends

It would be difficult to pin 2018 to a specific threat or trend, as so many reared their ugly heads. With that noted, it is pretty simple to define the year that was with some broad strokes.

Cryptocurrency. This topic can be broken down into miners – with 2018 seeing the level of cryptocurrency mining reach new heights, and other malicious actors instead simply breaking into digital wallets to steal the money. Those looking to place illegal miners on systems used a variety of methods and tricks to do so, including phishing, update scams, leveraging vulnerabilities, fake apps, exploit kits, and even mobile devices. It was also proven this year that the direct approach was also quite profitable, with millions in digital currency being stolen from exchanges and wallets.

Data breaches. While breaches are not new, 2018 saw some very high-profile victims – Facebook, with 50 million records compromised, to dozens of retailers and other organizations that were hit by the Magecart cybergang that specializes in placing malware on point-of-sale systems, and then systematically stealing transaction data. Misconfigured servers also played a huge role in helping expose corporate and personal information in the last 12 months. Whether it was an Amazon Web Service S3 bucket or a MongoDB, millions of records were left open to the public because IT admins were not doing their due diligence and changing log in credentials, or if they did, making them something easy to find or figure out.

Election hacking. Did it happen? Maybe yes, maybe no, but what did take place were endless discussions over whether or not the US electoral system was safe from outside influence. Department of Homeland Security Secretary Kirstjen Nielsen called the elections the most secure elections the country had ever experienced just prior to November 6. Then there were the 81.5 million voter records from 20 states that were found for sale on the dark web. Although much of this was discovered to have been publicly available data, the fact that it was available as a potential tool for malicious actors was, and remains, concerning.

Ransomware. A perennial favorite did not disappoint in 2018, with a SamSam ransomware variant pulling off some very high-profile attacks. SamSam ransomware cut a relatively wide swath across the world with at least 67 different targets – 54 in the U.S. – targets being struck in 2018, according to a Symantec report. While some municipalities decided to pay the ransom, possibly garnering USD 6 million for the attackers, the real cost came from recovering from the attack. Atlanta found itself with a USD 10 million-plus bill to recover from SamSam, but the city can comfort itself knowing it is the same company as the Colorado Department of Transportation, Port of San Diego, and shipping giant COSCO.

Cloud storage. In one of the largest breaches of the year, 445 million records were exposed when the Swiss-based data company Veeam used a misconfigured MongoDB hosted on Amazon Web Services that did not require any password to access. The culprit in this situation, and dozens of other cases this year, is human error in the form of poor identity access management (IAM) practices. AWS and other cloud-storage providers usually turn over a bucket to a customer in a locked down condition, but changes made by the end-user often result in the data going from safe to exposed with a single keystroke. The sheer number of these incidents is helping shed light on the problem and, as a result, more effort is being placed on using proper IAM practices and simply keeping track on a regular basis of what is taking place in a database.

Cyber threats to increase in coming years. Despite 95 percent of CIOs expecting cyber threats to increase over the next 3 years, only 65 percent of their organizations currently have a cyber security expert, according to a survey from Gartner, Inc. Skills challenges continue to plague organizations that undergo digitization, with digital security staffing shortages considered a top inhibitor to innovation. 35 percent of survey respondents indicate that their organization has already invested in and deployed some aspects of digital security, while an additional 36 percent are actively experimenting or planning to implement in the short term. It is expected that 60 percent of security budgets will be in support of detection and response capabilities by 2020.

The bad news is that cyber security threats will affect more enterprises in more diverse ways that are difficult to anticipate. While the expectation of a more dangerous environment is hardly news to the informed CIO, these growth factors will introduce new attack vectors and new risks that they are not accustomed to addressing.

93 percent of CIOs at top-performing organizations say that digital business has enabled them to lead IT organizations that are adaptable and open to change. To the benefit of many security practices, this cultural openness broadens the organization’s attitude toward new recruitment and training avenues. Cyber security is faced with a well-documented skills shortage, which is considered a top inhibitor to innovation. Finding talented, driven people to handle the organization’s cyber security responsibilities is an endless function.

While most organizations have a role dedicated to cyber security expertise, and therefore appreciate its needs, the cyber security skills shortage continues. Chief information security officers (CISOs) will continue to build bench strength through innovative approaches to developing the security team’s capabilities.

Way forward

It is a modern digital twist on a story as old as time: with great opportunity comes great risk. To mitigate that risk, corporations must exercise constant vigilance over their fast-changing enterprise cyber risk profiles – from the boardroom to the supply chain, and from IT infrastructure to every other facet of business operations. That means organizations must stay informed, understand their risk profile, and be proactive in their defense, share threat intelligence to help keep the entire business community safe, hunt to detect bad actors before they cause damage and, perhaps above all else, be prepared for a cyber-attack.