The cybersecurity market has gained even greater importance post-Covid and continues to grow and evolve. What factors are the trends in the marketplace and what should your organization consider when making cybersecurity investments?
Cybercriminals continue to develop new ways of exploiting vulnerabilities in IT. They are focused particularly on new and emerging technologies that organizations are adopting as they embrace digital transformation to cut costs, improve performance and support new business models and revenue sources to remain competitive.
Many businesses are moving to the cloud and adopting a cloud-first policy for all new projects. As a result, more IT environments are becoming hybrid in nature and there is a proliferation of services and data within organizations. These changes in IT environments, together with the fact that more people are working from home in the post-Covid era, are all contributing to expanding the enterprise attack surface, making them increasingly vulnerable to attack because there is more for defenders to protect.
Cybersecurity has never been more challenging or important to business survival in terms of ensuring continued business operations, protecting against intellectual property loss, ensuring regulatory compliance, and protecting against the cost and loss of damage associated with data breaches.
Drivers of change
In terms of market trends for major cybersecurity technologies, the biggest single driver of change will be the move to the cloud by organizations seeking to benefit from the flexibility, speed and potential cost savings of this IT deployment model.
Other key market drivers include automation, machine learning and other artificial intelligence (AI) technologies, DevOps and DevSecOps, the shift to modern architectures using microservices and containers, and an increasing focus by businesses on cybersecurity and cyber risk mitigation.
Central, established cybersecurity technologies that are core to modern, forward-looking cybersecurity programmes are expected to grow and evolve as they continue to fulfil leading roles in cyber defence.
These established technologies include identity-related solutions, data access governance, endpoint protection, detection and response (EPDR), unified endpoint management (UEM), fraud reduction intelligence platforms, application programming interface (API) management and security solutions, database and big data security, and data leakage prevention (DLP).
In addition to these established technologies, there are emerging technologies and trends that are seeing rapid development and adoption and are therefore well on their way to becoming central to cyber security. These are technologies and trends that forward-looking organizations should be adopting, planning to adopt or at least have on their radar to ensure that their cyber defence strategy and capabilities remain up to date.
These emerging technologies include network detection and response (NDR), extended detection and response (XDR), security orchestration, automation and response (SOAR), secure information-sharing, security for business applications, cloud-delivered security, security operations centre-as-a-service (SOCaaS) and DevOps security.
Organizational Trends
Many of the trends within the cyber security market are in response to trends that are affecting the market. These include the Covid-19 pandemic, the shift to the cloud, increased home working, the adoption of a zero-trust approach to security, the maturation of machine learning and other AI technologies, and increasing public demand for decentralized identity to give individuals more control over their personal data.
Other important areas of focus include cybersecurity competency building, supply chain cyber security, and identity-defined security.
The move to the cloud is the most significant. The adoption of cloud-based services has been accelerated by the pandemic and the increased need to support employees working from home.
The adoption of cloud computing has impacted just about every IT market segment, including security due to introduction of new challenges around protecting hybrid cloud and on-premise business IT environments.
Non-Technological Trends
Finally, there are several non-technological trends around cyber security. These include a growing focus on developing cyber security skills within organizations, on securing supply chains to ensure business continuity and blocking cyber-attacks through supply chain weaknesses, on expanding and raising the status of the role of the CISO, and on the benefits of restructuring operations to ensure greater alignment between the cyber security and business continuity teams to ensure continuity-focused technology investment, a shift to DevSecOps, and a greater focus on threat detection and response capabilities in the face of cyber-attacks directly or indirectly by nation-states or other adversaries with a similar level of technical capability.
All of these factors are driving the cybersecurity market, with cyber security offerings that support digital transformation, including cloud and mobile, detection and response capabilities, DevOps environments, and SOAR capabilities likely to see the greatest investment and growth.
What this means for business
Because business is not only dependent on IT to carry out day-to-day operations but is constantly adopting new technologies to cut costs and to improve productivity and efficiency to gain a competitive edge, cyber security and the use of IT are inextricably linked.
Therefore, both end-user organizations and the IT industry, including cyber security suppliers, once and for all need to shift their perspectives to consider cyber security first and foremost as a business enabler. Business needs IT, but IT without security is worthless because the risk to business is too great. The challenge is to implement the necessary controls and safeguards in the most frictionless way possible, so that security never impedes business processes and initiatives.
This means that end-user organizations need to consider cyber security as a key factor in their technology investment decisions and technology suppliers need to build their products in such a way that they can be used safely by businesses and other organizations.
This dependence on IT means that the cyber security industry, like the rest of the IT market, will be among the industry sectors to be least affected by the Covid-19 pandemic. In fact, the cyber security industry is likely to benefit from organizations’ increased need to secure remote and mobile workforces as well as secure cloud and hybrid IT environments due to the increased adoption of cloud-based services.