Finance and Cyber: How Spending and Growth Work in Cybersecurity

Cybersecurity solutions are an alluring product for many organizations with important digital assets and controls to protect. For many organizations both public and private, cybersecurity spending is required by standards laws. This drives the demand for cybersecurity systems, and as a result, the industry has grown over the years. The recent development of the industry is owed to several factors. A major force is increasing reliance on digital networks for essential systems. We will look at the dramatic increase in cybersecurity spending by governments and private organizations, government regulations that drive growth in the industry, and predicted losses from cybersecurity incidents in the near future.Cybersecurity spending has grown dramatically in the last 10-20 years. While the government drives demand for cybersecurity services, private organizations spend on cybersecurity solutions and compliance standards. In 2010, $27.4 billion total was spent on cybersecurity products and services in the United States. By 2018, $66 billion had been spent on cybersecurity. Industries new and old require computer technology to function, and these systems require cybersecurity products and services to remain secure. There are many estimates for future spending on cybersecurity, but most of it is speculation. In general, steady growth in cybersecurity spending is to be expected. Government regulations for cybersecurity are often regulated through what is called compliance standards. These standards ensure that essential services, such as public hospitals, have up-to-date cybersecurity measures. This often entails a periodic penetration test or vulnerability assessment, and these are carried out by certified professionals from private cybersecurity companies. Aside from essential public organizations, many organizations in the financial sector supply a high demand for cybersecurity. It’s predicted that banks will be the highest spenders in cybersecurity, followed by manufacturing and government organizations. Federally mandated cybersecurity regulations ensure a consistent, growing market for cybersecurity professionals.Predicted spending in the cybersecurity industry is often accompanied by predicted losses. These losses are incurred by data breaches, ransomware, malicious software, data loss, and other cybersecurity incidents that damage or disrupt an organization’s function. Ransomware alone incurred $325 million in costs during 2015, and it’s predicted to grow towards $20 billion by 2021. Likewise, global damage costs from cybersecurity in 2015 totaled at $3 trillion. This figure is expected to grow to $6 trillion by the year 2021. Much like the spending predictions, future estimations at incurred losses are speculative. However, there is already a great amount of evidence past and present to back up these predictions. Costs incurred by digital theft and data breaches are massive, and a large amount of this revenue is lost through illicit activities. Organizations spend to secure their assets from other organizations, competing interests, and criminal activity. Cybersecurity insurance policies provide protection from losses incurred by data breaches and cybersecurity attacks. However, these policies are only designed to cover specific areas of cybersecurity incidents.

As Sean Pike, IDC’s vice president of security products, said in a statement, “today’s security climate is such that enterprises fear becoming victims of the next major cyber attack or cyber extortion. As a result, security has become heavily scrutinized by boards of directors demanding that security budgets are used wisely and solutions operate at peak efficiency.” - Fortune.com

Hacking tools, penetration testing services, cybersecurity hardware, and many other products and services are included in annual cybersecurity spending. Modern organizations store large amounts of data on customers and employees, so it’s important to secure this data from malicious hackers. Aside from sensitive data, online systems provide controlled access to crucial services such as healthcare providers and power grids. Having up-to-date cybersecurity measures in place can be a matter of business sense or public safety. Speculations on the future growth of the industry are placed within a reasonable margin of error, but steady growth in cybersecurity spending is to be expected.TL;DRThe cybersecurity industry provides many products and services to organizations across the world. The industry has grown considerably in the last few decades, and there are many factors that can explain this. This section explores the growth of the cybersecurity industry through spending totals, government compliance, and increasing damage costs incurred by cybersecurity incidents.