Is it time to invest in cybersecurity?

With opportunities for cybercrime growing, is it time to invest in cybersecurity? Our investment management team consider the opportunities within this burgeoning sector.

People are increasingly using online services and apps to carry out day-to-day administration, while companies are becoming ever more dependent on digital infrastructure to manage their business processes, the explosion in data creation and the need to store and process it. All of this data, when it is collected and as it is sent across communication channels, needs to be protected from falling into the wrong hands.

As individuals, we have become familiar with setting passwords and looking out for fraudulent emails and texts to stop cybercriminals gaining our financial or personal data and making us victims. Cyber security measures continue to increase, and we are now getting used to banks and payment cards asking us to carry out two-factor authentication, where a second step is added to a login or approval process to provide a higher level of protection.

At a company level, cybercrime is aimed at gathering large tranches of data which can be exploited for gain or used to hold a company to ransom. Cybercrime can inflict high costs on companies due to operational disruption, although often the reputational damage and subsequent customer claims represent the biggest loss to the company.

Profit or politics

The usual motive for cybercrime is profit. However, it is also used as a geopolitical weapon, and this has been highlighted by the Russia-Ukraine conflict. The UK’s National Cyber Security Centre (NCSC) identified that attacks on Ukrainian government websites and the deployment of destructive malware in January this year were linked to Russian military intelligence. The NCSC also determined that Russia was almost certainly responsible for the subsequent cyberattack on 24 February 2022 affecting Viasat Inc., the global communications company that provides services to governments and the military.

The Ukrainian authorities have long been aware of their vulnerability to cyberattacks and have a team focused on analysing and tackling incursions, with a key focus on a group of Crimea-based hackers nicknamed Armageddon. As a result, Ukraine has put up as resilient a defence online as its troops have on the ground.

Going for a song

While the government, military and vital infrastructure are the normal targets of geopolitical attacks, vigilance is needed everywhere. A recent, and surprising, target was the Eurovision Song Contest, where cyberattacks were launched to interfere with the voting mechanism. The source was identified as pro-Russian, presumably intending to stop an inevitable win by the Ukrainian entry, but the attempt was blocked.

Governments and companies categorise cyber security defence as an essential expenditure. According to a recent report, in 2021 the global cyber security market was estimated as worth almost US$140bn and is expected to grow at between 12% and 15% per annum over the next three years. This level of spend is hardly surprising, when in the UK the ONS Cyber Security Breaches Survey for 2022 highlights that four in 10 businesses in the UK reported having a cyber security breach or attack in the last 12 months.

The increase in remote working due to the pandemic has added to the challenges, as monitoring and upgrading IT equipment used remotely by workers is difficult. Increasingly, cyber security is being identified in listed companies’ annual reports as one of their principal business risks.

Expanding cyber security industry

To meet all these challenges, the cyber security industry is rapidly expanding. At its core are companies providing the infrastructure, software and services to manage the security of an organisation’s systems and data. However, these services are expanding to include security audits and cyber risk assessments, which can include hiring ‘ethical hackers’ to identify weaknesses in systems. Providing training for staff, both IT and users, is also vital, as individuals’ behaviour can be a key trigger for security incidents.

Potential investment opportunities in cyber security

In addition, a growing number of companies are taking the precaution of buying specific cyber insurance. This is a burgeoning industry, and as organisations need to capitalise on rapidly developing technologies and operate in an increasingly interconnected and digital world, the growth potential for cyber security providers is enormous. This provides investors with significant opportunity to invest in cybersecurity companies or those that offer cyber security solutions as part of their business.

If you would like to learn more about investing in cybersecurity, please request a complimentary consultation with an investment manager, who will be happy to discuss this with you.

You may also be interested in:

• What’s driving the green energy transition?

Investment involves risk. The value of investments and the income from them can go down as well as up and you may not get back the amount originally invested. Past performance is not a reliable indicator of future performance.

The information provided is not to be treated as specific advice. It has no regard for the specific investment objectives, financial situation or needs of any specific person or entity.

This is not a recommendation to invest or disinvest in any of the companies, themes or sectors mentioned. They are included for illustrative purposes only.

The information contained herein is based on materials and sources deemed to be reliable; however, Adam & Company makes no representation or warranty, either express or implied, to the accuracy, completeness or reliability of this information. Adam & Company is not liable for the content and accuracy of the opinions and information provided by external contributors. All stated opinions and estimates in this article are subject to change without notice and Adam & Company is under no obligation to update the information.