Remember when cybercriminals were mostly bored teenagers and independent hackers?
Those days are behind us. Today’s threat actors are smarter, more organised and more sophisticated than ever.
In a digital economy defined by trends like distributed work and technologies like artificial intelligence, we’re bringing entire industries online, from retail to healthcare and financial services.
There’s a lot to love about that. Digitisation has made both our personal and professional lives more convenient and productive. It’s unlocked new opportunities, new revenue streams and new industries.
But it’s also opened the door for malicious threat actors such as hackers and, in recent history, organised crime and state-sponsored cyber criminals.
According to Cybersecurity Ventures, the global cost of cybercrime could reach US$8 billion in 2023 and US$10.5 trillion in 2025. That’s higher than the GDP of most countries. And the problem is only going to get worse.
As technology advances, so do the tools and tactics used in cybercrime. Organisations across the globe will continue to face mounting cybersecurity challenges in an ever-evolving landscape of risks and threats. But where there are challenges, there are always opportunities.
The total addressable market for cybersecurity, according to McKinsey & Company, is roughly US$2 trillion — more than 10 times the vended market. Cybersecurity vendors, digital solutions providers and investors alike would do well to pay attention.
The current and future shape of cybersecurity
The earliest cybercrimes seem quite simple by today’s standards. The first ever virus was a self-replicating program in 1971 that displayed an ominous message on the screen. While that wasn’t malicious, over the next few decades, some of the methods employed by cybercriminals included viruses spread over floppy discs and emails and distributed denial of service attacks against individual systems on small networks.
Even ones that had larger consequences had comparatively simple methods — for example, a pair of young hackers in 1994 nearly started a global conflict after they used a series of password-sniffing and Internet scanning attacks to infiltrate and steal data from both a US Air Force base’s research lab and the Korean Atomic Research Institute.
While cybersecurity risks and threats have not really changed much over the years, the manner in which these offenses are now conducted has evolved. They are faster and more sophisticated as cyber-criminals have leveraged modern technologies to carry out their attacks. Hence, the solutions and risk mitigation approaches need to be as, if not more, sophisticated and innovative.
In addition to accounting for user error and malicious insiders, organisations must contend with a host of other external cyber threats that carry not just financial but reputational costs to an organisation.
A growing ransomware epidemic
Ransom attacks has exploded into a global epidemic in recent years, and organisations that hold huge amounts of sensitive customer data are primary targets for cybercrimes.
For example, Australian telecom provider Optus became the victim of a data breach last year when a hacker exploited a vulnerability in Optus’ system to acquire the data of up to 9.7 million customers. A forum user named Optusdata subsequently made a post threatening to sell the data unless Optus paid them AU$1.5 million in cryptocurrency. While Optusdata apologized and rescinded the demand a few days later — a very rare ending in the world of cybercrime — the news of the vulnerability and breach damaged Optus’ reputation.
Data breaches like these aren’t the only way cybercriminals are demanding ransoms. In addition to stealing and selling important data, hackers are using increasingly sophisticated methods to infiltrate and encrypt organisations’ systems and data, and either demanding a ransom in exchange for regaining access or blackmailing the victim organisation. These attacks aren’t only hitting major corporations — they’re also targeting everyone from small businesses to governments and critical infrastructure providers.
Supply chain attacks
Collaboration is one of the keystones of the digital economy. Unfortunately, it’s also a golden opportunity for criminals. Instead of trying to break through the ironclad security practises of a larger company, they can instead attack one of its comparatively less secure vendors or partners.
One particularly infamous example saw hackers target the website for a Chinese restaurant that they knew their target company’s employees frequently ordered from, replacing the PDF file for the restaurant’s menu with an EXE file containing malware.
The (woefully insecure) Internet of Things
The Internet of Things (IoT) is truly the height of convenience. We can now control our entire home, from lights and thermostats to kitchen appliances, with just our phones. But that convenience does not come free, as many IoT vendors have limited cybersecurity expertise.
Unfortunately, the end result of that is billions of IoT devices with poor or nonexistent security measures. At best, each one is a potential node in a botnet. At worst, they’re a potential entry point for a cybercriminal.
Sophisticated social engineering
It would be easy to focus solely on the sophisticated game of cat and mouse between security practitioners and criminals. The reality, however, is that this conflict is only one part of the story. Humans remain the weakest link in any system.
Phishing tactics, consequently, have gotten more convincing and far better at fooling their victims. At the same time, attacks targeting weak passwords have changed little. They haven’t really needed to.
Cloud security pitfalls
Although the cloud is nowhere near as insecure as early detractors would have you believe, it’s also not immune to cybercrime. Misconfigurations or inadequate access controls could make it easier for a threat actor to slip into a network unnoticed. Moreover, because cloud environments are typically so complex, they represent a perfect target for an attacker seeking to obfuscate their actions.
Zero-day vulnerabilities
Zero-day exploits are the holes in a newly launched product or update that have yet to be patched. Oftentimes, the vendor does not even realise there’s a zero-day vulnerability in their software until a criminal exploits it for their own gain.
Compliance and privacy concerns
As we continue to move towards a global economy, the challenges of regulatory compliance in the digital landscape remain. Compliance is complicated enough when one only has their own country to consider. Introduce a global market into the mix, and it becomes utterly overwhelming.
AI-driven cybercrime
Artificial intelligence and machine learning have become useful to bolster cybersecurity, but these technologies are also now part of a cybercriminal’s toolbox. Can we develop an effective counter for criminal AI before the problem becomes too widespread to address? Only time will tell.
5 pillars of a comprehensive cybersecurity strategy
Every good cybersecurity strategy can be divided into a few distinct steps.
1. Risk identification
An organisation or a third-party security company conducts a full assessment of the cybersecurity systems and practises the organisation already has in place, including a risk assessment to identify possible vulnerabilities and threats.
2. Preparation and processes
Using the assessment results from the previous step, practitioners then develop a plan for incident response, containment, remediation and evaluation.
3. Training
Organisations then provide ongoing and targeted education to keep employees invested in the organisations’ success and security, as well as informed of what to watch for when it comes to cybercrime attempts.
4. Choosing the right technology
Once everything else is in place, implementation comes next. An organisation must decide the partners and vendors with which they will work. At a minimum, it should then implement fixes for the areas that have been identified as deficient from the threat and risk assessment. It is also best practise to have a more comprehensive suite of solutions that include endpoint security, network access and data protection solutions.
5. Iteration
Cybersecurity is an ongoing, improvement process. It always will be. For that reason, it’s imperative that businesses continuously collect data about their security efforts.
Moreover, they need to consistently monitor every system for signs of intrusions or attack through a combination of threat intelligence system scans and system monitoring.
Adding value beyond technology
Every technology vendor, no matter their focus and specialisation, must prioritise the secure delivery of its products and services. Otherwise, it risks becoming another link in the long line of supply chain attacks. Moreover, every vendor, cybersecurity or otherwise, must be willing to actively assist in design, configuration, deployment and management.
There is, after all, still an ongoing skills shortage in the IT sector. A business that can provide clients with the expertise to bridge its knowledge and talent gaps is one with a great deal of potential for investment — especially if that vendor maintains a product portfolio that serves multiple markets and industries beyond cybersecurity.
DC Two (ASX: DC2) is one such vendor. Specialising in secure, vertically integrated microservices, professional IT services and cyber security consulting and advisory, the Australian company holds an ISO-27001 certification. What this means is that the company not only delivers tailored and practical outcomes based on each client’s needs but that it also protects those services with industry-leading, proprietary and highly sophisticated cybersecurity practises.
ActivePort Group (ASX:ATV) takes a similar approach, but is more focused on network automation and orchestration than the broad delivery of microservices. Its powerful network orchestration software helps companies reduce network complexity and operational costs while also improving overall cloud connectivity.
There’s also Nexion Group (ASX:NNG), which delivers platform-agnostic cutting-edge hybrid, public and private cloud solutions. Through multiple global subsidiaries, the company also offers data centre services, security fabric solutions and network orchestration.
The takeaway
Cybersecurity has never been more important, nor has it ever been more challenging. As cybercrime grows out of control, the market for cybersecurity is booming. This is especially true of the massive potential market, with scores of businesses too large for one vendor but too small for another.
Companies looking to protect themselves would do well to follow the steps above and research the various forms of attacks and vulnerabilities out there today.
As for investors looking for cybersecurity companies in which to invest, specialised cybersecurity vendors that understand both their technology and their client’s industry could have an advantage over ones that do not. Additionally there is great potential in cybersecurity companies that stay informed about emerging trends and threats, share thought leadership content around their industry or offer a solution that responds to an incredibly niche market.
The information contained here is for information purposes only and is not to be construed as an offer or solicitation for the sale or purchase of securities. Readers should conduct their own research for all information publicly available concerning the company. Prior to making any investment decision, it is recommended that readers consult directly with DC Twoand seek advice from a qualified investment advisor.