Listed below are the key macroeconomic trends impacting the cybersecurity theme, as identified by GlobalData.
Securing hybrid working, coping with ransomware, and continuing supply chain threats, and moving to a zero-trust security model as a long-term solution to data breaches will drive strong security growth over the next three years. Innovation will be needed to counter the continuously evolving cyberthreat landscape.
Cybersecurity and the Ukraine conflict
The Russia-Ukraine war is the first large-scale conflict in which cyber warfare was expected to play a significant role. However, so far, that has not happened. The war has not been fought in cyberspace after all, but on land, a move which may ultimately require a rethink of governments’ cyber warfare strategies.
Despite being one of the world’s foremost offensive cyber powers, the Russian invasion of Ukraine has, in the words of former UK National Cyber Security Center head Ciaran Martin, been “conventional in its brutality.” That has implications for investment in defence by Western governments. According to Martin, even those sceptical about the mischaracterisation of cyber operations and cyber risk as catastrophic weapons of destruction had been surprised by how few cyber operations featured in the early part of the invasion.
The Covid-19 pandemic caused an increase in cyberattacks, and organisations had to react rapidly to significant operational and financial challenges. Attackers were able to exploit the unprecedented nature of the situation to target cyber-naïve, remote-working employees.
A Kaspersky survey of full and part-time home workers in April 2020 found that nearly half of the 6,000 respondents had never worked from home before. In 73% of cases, employers did not conduct any special training on safe interaction with corporate resources over the internet. The sudden nature of the pandemic precluded the delivery of immediately worthwhile training plans.
Covid-19 has elevated cybersecurity risk and created new opportunities for hackers, but it has not changed what organisations need to do to stay safe. This includes identifying the most sensitive and valuable data and focusing controls on that, using encryption, and keeping patches up-to-date. It also means continually educating employees about phishing threats and the need to be alert.
Cybersecurity budgets are on the increase. A survey from Kaspersky found that 85% of IT decision-makers in North America believe cybersecurity budgets will increase anywhere up to 50% in 2022. CSO’s security priorities survey in December 2021 showed that spending in 2022 will be spread over several areas, with 20% allocated to on-premises infrastructure and hardware, 19% to skilled staff, and 16% to on-premises tools and software.
Other priorities are cloud-based security solutions (10%), consulting services (7%), cloud-based security monitory services (7%), security awareness training (7%), contracted evaluation services (6%), and external incident response services (5%).
The Ukraine-Russia conflict will prove to be a catalyst for increased state-sponsored attacks. Otherwise known as nation-state attacks, malicious state-sponsored attacks originate from a particular country and are an attempt to further that country’s interests by attacking another country or countries.
Typically, the threats will target the infrastructure, military, and businesses of those countries. The attacks are fuelled by geopolitical competition and a desire to gain an advantage over other nations, such as by stealing intellectual property for economic benefit or supporting traditional espionage. The countries usually associated with nation-state attacks are North Korea, Russia, and Iran.
The cyber skills shortage
There continues to be a global shortage of cybersecurity skills, although the deficit fell for a second successive year in 2021. The size of the workforce is still 65% below what is needed, according to the cybersecurity professionals group (ISC)2 . In October 2021, the non-profit organisation said the shortfall of skilled workers in the industry had fallen from 3.1 million in 2020 to 2.7 million in 2021. The improvement was partly down to 700,000 new entrants joining the sector since 2020 and lower demand for workers from Asia-Pacific, caused by a slower economic recovery.
Over eight years tracked by cybersecurity research organisation Cybersecurity Ventures, the number of unfilled cybersecurity jobs grew by 350%, from one million positions in 2013 to 3.5 million in 2021. Although the cybersecurity skills gap is levelling off, there will likely be the same number of openings in 2025 as there are now.
Cybersecurity and elections
The issue of cyber interference in elections continues to worry nation-states. In November 2021, the US indicted two Iranian nationals for cyber-enabled election interference. The pair were said to have pretended to be volunteers and sent in a fake video and emails to Republican lawmakers purporting to show Democratic Party attempts to subvert the 2020 presidential elections.
Russia has typically been the target of most accusations regarding cyber-enabled election interference. However, the Iranian indictments suggest that cyber missions to sow dissent and disinformation and influence election outcomes have radiated from beyond Russia.
Overworked chief information security officers (CISOs)
The use of CISOs by businesses is patchy, at a time when they are most needed. According to a November 2021 report from managed cloud service provider Navisite, nearly half (45%) of companies surveyed do not employ a CISO. And those CISOs that are in the post are under pressure to secure a growing number of remote workers while facing an increased volume and complexity of attacks.
Their workload is so heavy that they regularly skip vacations and medical appointments and risk their mental health. A November 2021 survey by Tessian found that a quarter of CISOs in the US and UK had not taken time off work in the past 12 months. About 40% had missed a family vacation due to work.
A pre-pandemic survey by Nominet in February 2020 found that 90% of CISOs were willing to take a pay cut—an average of nearly 8% of their annual wage—if it improved their work-life balance. CISO burnout can put organisations at increased risk because they lack time to hire talent, attend non-departmental meetings, communicate with customers, and keep up with industry trends.
Increase in financial sector cyberattacks
The global financial sector has experienced an exponential rise in cyberattacks, driven mainly by theft and, in 2022, by geopolitics. Russia’s invasion of Ukraine, for example, coincided with attacks on Ukrainian banks PrivatBank and Oschadbank.
There have been cyberattacks on financial organisations at a global level, with outages in New Zealand, for Australia and New Zealand Banking Group; attacks on Liquid, a Japanese cryptocurrency exchange; on Fiducia and GAD, a German technology operator serving the nation’s cooperative banks that was hit by a distributed denial-of-service (DDoS) attack; and on SWIFT, the global financial electronic payment messaging system, from which hackers attempted to steal more than $1bn.
The sector is prone to growing cyberattacks due to the uptake of modern technology and digital transformation, including the increasing the use of digital channels to compete with fintech companies as well as the growth in digital currencies. The other driver is regulatory changes.
This is an edited extract from the Cybersecurity – Thematic Research report produced by GlobalData Thematic Research.