David DeWalt
Simply put, 2022 was a wild ride for those of us following cybersecurity headlines and takeaways. Attack after attack continued to hit organizations around the world, ransomware crippled digital and physical systems, utilities ground to a halt and cyber took its place on the battlefield as geopolitical tensions rose. In my 20-plus years in this cyber industry, I’ve never seen anything like it.
This was the culmination of multiple years of crisis after crisis across every aspect of our lives and global ecosystems: Covid, civil rights issues, the 2020 election, the Russia-Ukraine war, supply chain issues and a floundering economy. Through all of it, cyberattacks have continued to rise and—in many cases—have collided with these social, economic, international and other threats to create new levels of risk never seen before.
This wave of threats thrust us into the next “cyber super cycle,” where new risks spawn a fast following of increased innovation. With this unprecedented level of risk came new heights of innovation and ingenuity on the part of the technology sector to respond and defend against these new risks. Here are some of the dynamics that are happening as a result:
Cyber Budgets Are Resilient
According to our firm’s recent poll of roughly 60 industry experts and advisors, two-thirds of respondents indicated that budgets rose in 2022 and that budgets would continue to rise going into this year—even amid our current economic climate. These budgets are expected to continue to increase, with Gartner predicting that global information security and risk management spending will grow more than 11% in 2023 to $188 billion. This makes sense because of our current threat landscape and shows that cyber, while not entirely immune, is still essential and resilient against many of the current economic downturn trends.
There were 1,037 cyber deals financed and 263 mergers and acquisitions in the space, according to Momentum Cyber’s 2023 Cybersecurity Almanac. (Full disclosure: I serve as chairman for Momentum Cyber.) No surprise that risk and compliance was the most active sector in financing with 188 raises, and MSSP (managed security service provider) was the most active sector in M&A with 46 deals.
Cyber Is Becoming A Boardroom Issue
Boards of directors around the world are talking about the threats that are happening in cyber and the regulation that’s occurring from governments, and all of us—businesses and individuals—must pay attention to it. Directors understand the immediate risk these threats and compliance changes pose to their organizations and, given their fiduciary responsibility to the company, are obliged to take action.
Having sat on dozens of boards, I’ve seen the evolution firsthand. Where I used to be the only cyber expert in the room, I now see boards elevating the CISO to join the conversation and having cyber become a regular part of discussions. This is especially true around ransomware, with Q1 2023 data showing that 850 organizations were “named on ransomware and data-extortion websites on the dark web,” up 22.4% from the previous quarter. These threats can create a professional storm, so boards are paying attention.
Changes To The Digital Landscape Are Driving Innovation And Investment
Threats are not only rising, but also evolving as they increase in sophistication, volume and in the groups they are coming from. At the same time, our digital landscapes have changed, altering the very nature of what governments, organizations and people have to protect and what tactics must be taken to do so.
Remote work is no longer an optional offering for many companies as workers want to work from anywhere in the world. To say cloud and connected devices have gone mainstream is also an understatement. The result is increased connectivity, collaboration and efficiencies, but also exponentially more risk than ever before.
The result was an increase in innovation across many sectors—particularly cloud, crowd and AI—including about $18.5 billion being poured into cyber investment and $119.8 billion in cyber M&A in 2022.
Government Takes On Increased Position In Cyber
In 2022, the current administration took an increased role in public-private partnership, threat response (such as Shields Up), support to high-target industries and necessary regulation. They’ve come in and created a village of public-private partnerships never before seen—and it’s really welcomed by the industry. That collaboration has extended internationally, with our Five Eyes partners, NATO partners and countries around the world that realize they must invest in the cyber domain at a faster pace to protect citizens and infrastructure.
While innovation is greater than ever before, the risk of cyberattacks remains. The opportunity is bright for those who join in this important mission to protect our nation’s infrastructure, as well as take a share of the market opportunity at hand.
No comments:
Post a Comment