Cybersecurity is the practice of safeguarding the Confidentiality, Integrity, and Availability (CIA) of data and information owned by organizations within cyberspace through the use of technologies, tools, and training. Not only does cybersecurity include the protection of physical assets such as computers and hardwares in terms of hard drive failures or power outages, but it also encompasses the prevention of attack, damage or unauthorized access into intangible resources such as networks, software, and electronic data.
Why is it important?
Following the age of digitalization in the 21st century, technological advancement of smart digital devices constituting the Internet of Things (IoT) has led us to develop an over reliance on computer systems, the Internet, and wireless network systems — which consequently puts us and our data in danger of cyberthreats. This can be classified into the CIA triad.
Types of Cyberthreats
Referring mainly to criminal theft of personal information, confidentiality attacks range from the commonplace credit card fraud, identity theft, phishing, or stealing cryptocurrency wallets to cross-border spying on confidential economic, military or political information leading up to cyber-espionage and cyber-warfare.
Similarly referred to as “sabotage”, integrity attacks are launched with the purpose to corrupt, damage, or destroy information or systems, thereby affecting people related to them. Such attacks can be as subtle as a typo, as simple as malware installation, or as serious as a targeted sabotage campaign.
Cutting off data access lies at the center of ransomware and denial-of-service attacks: a ransom is demanded to decrypt a target’s hacked data in the former, and a network resource is flooded with requests to eventually crash in the latter. In recent years, cyberterrorism has embarked on such attacks to spread ideological and political agendas across the World Wide Web.
Types of Cybersecurity
Critical infrastructure consists of the cyber-physical systems within a country, such as power and water supplies, traffic lights and telecommunications. As nations begin to implement IoT into their public and private infrastructures, they become increasingly vulnerable to cyber-attacks.
Working on the frontline against availability attacks, network security detects unauthorized intrusion and identifies malicious insiders. In recent times, machine learning has been utilized in network security to flag and alert abnormal traffic in real-time.
With the corporate world making a digital shift onto cloud systems, new security challenges have arisen due to weak configurations. New security tools to combat such downfalls are expected to surface as more and more enterprises adopt cloud services in their operations.
The most vulnerable type of cybersecurity is said to be application security (AppSec), which encompasses secure coding practices and security improvement measures such as fuzzing and penetration testing.
Internet of Things (IoT) Security
IoT security safeguards devices and networks connected within the IoT network, namely cyber-physical systems ranging from home appliances to security cameras. With almost no security patching, the connectivity of IoT devices to botnets pose threats to device users and other connected individuals.
As technology shapes the risk landscape, cyberattacks have been ranked as the 5th largest risk by likelihood and 7th by impact by the Global Risks Report published by the World Economic Forum. Consequently, Gartner has identified the upcoming trend of corporate investment moving towards post-compromise in terms of threat detection, response, and recovery, and away from pre-compromise in identification and protection, which can be attributed to the growing complexity of attacks and security tools. Forbes has also drawn out 5 key IT security trends for the year — forecasting the phishing attacks to be the most pervasive, the EU’s General Data Protection Regulation (GDPR) to serve as a benchmark for businesses, highlighting the importance of IoT device management and user awareness training, as well as recommending the tracking of shadow IT inventories.
Markets and Markets has valued the global cybersecurity market at USD 152.71 billion in 2018 and subsequently projects it to grow to USD 248.26 billion by 2023 at a Compound Annual Growth Rate (CAGR) of 10.2% within the forecast period. Within market segments, Statista predicts global security spending on security services and identity access management to reach USD 64.24 billion and USD 10.58 billion respectively in 2019.
Investments in Cybersecurity
Having observed secular growth trends within the cybersecurity market, private capital has stepped up to clock record investments in 2018. Pitchbook reports that over USD 5 billion was invested over 400 deals, registering a 27% y-o-y increase in value. The market has also seen heightened investor interest in the growth stage rounds, leading to lesser but larger financing rounds at more matured stages of the company life cycles — 9 mega-rounds boasting of deals over USD 100 million each garnered a total of USD 1.7 billion, constituting to 28% of total funding.
Download KOSHO and start investing in Cybersecurity stocks!