Cyber security now dominates the priorities of every organization as each adapts to a post-COVID-19 world. Remote workers identities’ and devices are the new security perimeter.
Cyber attackers are quick to attack new unprotected threat surfaces created when tens of millions of employees started working from home. In a post-COVID-19 world, cyber security is as critical as Internet access itself.
Key insights from cyber security market forecasts and market estimates include the following:
1) The global cyber security market is currently worth $173B in 2020, growing to $270B by 2026.
By 2026, 77% of cyber security spending will be for externally managed security services. While money spent on in-house or internal cyber security functions is expected to grow 7.2% each year to 2026, global spending on external cyber security products and services is projected to increase by 8.4% annually over the same period.
2) Network, data, and endpoint security are the three leading use cases of AI in cyber security today, according to I.T. executives.
Capgemini interviewed IT executives from ten nations to gain new insights into AI’s most popular use cases for cyber security. The COVID-19 pandemic has accelerated each of these use cases, with endpoint security becoming the most urgent priority, as nearly every organization has employees working from home.
3) The global cyber security market is predicted to grow from $167.1B in 2019 to $248.26B by 2023, attaining a 10.4% CAGR, according to Statista.
Worldwide security spending on Identity Access Management reached $10.58B in 2019. The study also found that spending on security services, the largest segment of the information security market, reached $64.24B in 2019 as well.
4) 87% of enterprises are seeing mobile threats growing the fastest this year, outpacing other threat types, based on Verizon’s Mobile Security Index 2019.
Mobile devices and the identities they represent are the new security perimeter for every organization today. By killing passwords and replacing them with a zero-trust framework, breach attempts launched from any mobile device using pirated privileged access credentials can be thwarted.
When every mobile device is secured through a zero-trust platform built on a foundation of unified endpoint management (UEM) capabilities, zero sign-on from managed and unmanaged services become achievable for the first time.
5) The global cyber insurance market, as measured by gross written premiums, is forecast to be $8B by 2020, compared to a $124B global cyber security market.
Organizations primarily focus their cyber risk management strategies on prevention by investing in technological frontline cyber defenses. Meanwhile, spending on other tools and resources for cyber risk management, such as cyber insurance or event response training, remains a fraction of the technology budget.
6) Over 42% of endpoints experience encryption failures, leaving entire networks at risk from a breach and 100% of all devices experiencing encryption failures within one year.
They’re most commonly disabled by users, malfunction, or have error conditions or have never been installed correctly in the first place. Absolute Software’s 2019 Endpoint Security Trends Report found that endpoints often failed due to the fragile nature of their encryption agents’ configurations.
2% of encryption agents fail every week, and over half of all encryption failures occurred within two weeks, fueling a constant 8% rate of decay every 30 days. Multiple endpoint security solutions conflict with each other and create more opportunities for breaches than avert them.
7) There has been a 667% increase in spear-fishing email attacks related to COVID-19 since the end of February alone.
Microsoft thwarts billions of phishing attempts a year on Office365 alone by relying on heuristics, detonation, and machine learning, strengthened by Microsoft Threat Protection Services. Email age is one of the most reliable identity trust signals there are for identifying and stopping automated, fraudulent activity.
8) Fraud detection, malware detection, intrusion detection, scoring risk in a network, and user/machine behavioral analysis are the five highest AI use cases for improving cyber security.
Capgemini analyzed 20 use cases across information technology (IT), operational technology (OT), and the Internet of Things (IoT) and ranked them according to their implementation complexity and resultant benefits (in terms of time reduction).
9) The average total cost of a data breach in the U.S. for the companies studied has grown from $3.54M in 2006 to $8.19M in 2019, a 130% increase over 14 years.
The average total cost of a data breach in the healthcare industry was $6.45M, or 65% higher than the average total cost of a data breach.
10) The global cyber security market will be worth $300B by 2024, according to Global Insights.
The research firm also predicts Asia/Pacific will see a 20% CAGR in cyber security spending between 2019 and 2025.
11) On average, an enterprise has six incidents of fraud in the last 24 months, with Financial Services firms being the primary target.
PwC also found that 47% of enterprises interviewed had experienced fraud in the past 24 months. The study found that fraud is outpacing cybercrime, asset misappropriation, bribery & corruption.
12) Enterprises who lead their industries in cyber resilience rely on AI to reduce the number of successful attacks and deliver a more consistent quality of response.
Accenture found that when it comes to cyber resilience, there is an elite group of leader companies that comprised 17% of their sample, with 74% being average performers. Leaders know which technologies help to achieve a broader level of cyber security success.
According to Accenture, non-leaders should consider refocusing their investment priorities toward the technologies which bring benefits that help to fill in some of the performance gaps and achieve a broader level of cyber security success.
13) 71% of UK-based business decision makers believe the shift to 100% remote working during the COVID-19 crisis has increased the likelihood of a cyber-breach.
53% believe that privileged IT admin remote access is at risk of security breach and 46% have already noted an increase in phishing attacks since implementing a policy of widespread remote working.
79% of business decision makers have increased their cyber security procedures to manage high volumes of remote access over the next three months. 73% of businesses have given staff extra training on how to remain cyber-safe when working remotely, with specific training around verifying passwords and log-in credentials.
“Cyber criminals will no doubt attempt to seize the opportunity presented by the all-out expansion of remote workers, many of whom have not been proficiently trained in even the most basic of cyber security measures. Therefore, it is essential that businesses and employees remain vigilant during these challenging times,” said Andy Heather, VP at Centrify.”