Top of main content
Hacker in front of his computer

Scanning the cyber protectors

Cybersecurity
Cybersecurity
Investing

Scanning the cyber protectors

Oct 12, 2018

Evolving digital threats, tightening regulations and a looming shortage of experts would seem to make cybersecurity a sound bet for investors. But which areas of this increasingly diverse industry offer the best growth prospects?

Facebook is the latest big name to suffer the reputational and financial costs of a cyber attack. In late September, a hacker was able to take control of around 50 million accounts, leaving users compromised and open to the risk of ID fraud. The attack, which is now under review by the security arm of GCHQ, caused shares of the company to plummet 3 per cent.1

Executives across the world will have shuddered at the news of this experience. Once a niche concern, cyber threats are now high on the business and consumer agenda. The capacity to stay ahead of the fraudsters is universally valued – making the cybersecurity market a highly investable opportunity.

Record funding

 

Unsurprisingly, the market is growing strongly. Valued at USD138 billion in 2017, it is forecast to soar to USD232 billion by 2022.2 While the US has the biggest share of the market, Europe's contribution is rising and Israel has a notably dynamic cybersecurity scene.

Start-ups in the cybersecurity space have secured more than US$21 billion of equity funding since 2013.1
Demand for cybersecurity products and services is led by the aerospace and defence industries, closely followed by government and finance. But no business can ignore this.

Last year's injection of funds hit record levels, while the value of early stage deals dipped – a sign that many players are entering phases of accelerated growth.3

Demand for cybersecurity products and services is led by the aerospace and defence industries, closely followed by government and finance. But no business can ignore this. In fact, cybersecurity risk is a useful way of distinguishing between companies when valuing equities.

From payments to personal data, every technology niche now has to be watertight. That makes cybersecurity a revenue stream for a host of tech companies – some of them specialists in this field, and others part of broader groups.

System protection

 

Familiar antivirus providers such as Symantec, McAfee and Malwarebytes face constant challenges in the increasing sophistication of malware attacks. Fewer than half of cyberattacks are now foiled by antivirus systems.4 This protection remains critical, but only as part of a suite of defences.

Similarly, providers of security architecture, designed to protect entire systems and networks, are in a perpetual race to counter evolving threats.

The next-generation firewall market is forecast to grow at around 12 per cent annually over the next five years, as players develop their offering.5 Most recently Palo Alto Networks purchased Evident.io, a leader in cloud-based protection, for USD300 million.6

Providers of cloud-based encryption and data protection are forecast to be worth US$2.4 billion by 2022.2

User identity and access

 

Fintech has the potential to disrupt every element of the financial sector. But because it depends on gathering a huge amount of digital data, fintech providers need to make security an integral part of their solutions.

Companies in the field of authentication are increasingly focusing on solutions for mobile devices. While fingerprint authentication technology continues to evolve, biometric companies are also vying to market solutions that operate by facial or iris recognition technology, or by reading the veins of the palm. This year Fujitsu announced that sales of its palm vein scanner – used in ATMs, PC log-ins, and room entry management – had passed the million unit mark.7

Biometric systems that combine more than one of these technologies, could become widely used in everything from national citizen ID systems to access for connected devices such as home security systems.

Advanced technology

 

Artificial intelligence and machine learning are being harnessed by many start-ups to help their clients respond to risks amid the huge volume of data they handle.

Companies such as Agari and Valimail, for instance, use AI to deflect malicious emails. Email use continues to grow despite the increasing use of messaging apps, but potential investors will want to make a judgment on the long-term viability of email-specific software.

Faced with the challenges of combating threats in the system, some players set out to offer early warning of attacks before they appear.

Behavioural analytics firm Fortscale, for instance, uses machine learning to pinpoint unusual user behaviour that might indicate a security risk. The firm was recently acquired by cybersecurity giant RSA Security.8

Staying compliant

 

With the EU's General Data Protection Regulation (GDPR) now in force, businesses are aware that failing to protect users' identity won't just dent their reputations: it will also incur heavy fines.

In this environment, providers of cloud-based encryption and data protection are coming into their own. This is one of the fastest-growing cybersecurity segments, forecast to be worth USD2.4 billion by 2022.9

The regulations are also generating whole new categories of business. BitSight, for example, sets out to rank businesses by their security risk, in the manner of credit ratings agencies. The company has raised USD155 million to date.10

The human factor

 

Some threats can't be neutralised by software alone. That's particularly true of the trend for fraudsters to target specific businesses using social engineering. Arming themselves with data harvested from social media and other sources, they make themselves sound plausible in direct contact with employees.

Many companies in the cybersecurity market now offer training for staff and senior management in spotting these techniques. Often this is part of a suite of services that covers threat management, data sharing, incident response and investigation.

This kind of support is going to become increasingly vital to organisations in all sectors. Over the next few years, even the largest will be hard pressed to find in-house expertise. According to research by Frost and Sullivan, the global cybersecurity workforce will be short of 1.8 million personnel by 2022.11

The global cybersecurity workforce is predicted to be short of 1.8 million personnel by 2022.3

In that context, companies that prove they can successfully protect systems – through software, human expertise, or a combination – represent a sound investment bet for the foreseeable future.

For more information about investing in cybersecurity, speak to your Relationship Manager or Investment Counsellor.

1Facebook just announced it was hacked, and almost 50 million users have been affected, Business Insider UK, September 2018
2Cybersecurity Market Growing at a CAGR of 11.0 per cent During 2017 to 2022, PRNewswire, July 2017
3Cybersecurity Trends to Watch in 2018, CB Insights, 2018
4SANS Institute – Less Than 50 per cent of Cyberattacks Detected by Antivirus Software, Secure Ops, August 2018
5The Global Next-Generation Firewall Market 2018-2023, Business Wire, August 2018 
6Palo Alto Networks Announces Intent to Acquire Evident.io, Palo Alto Networks, March 2018
7Fujitsu Sales of PalmSecure Sensors Hit One Million Mark, Fujitsu, May 2018
8RSA® Announces Intent to Acquire Fortscale, Expanding RSA Netwitness® Evolved SIEM Platform With UEBA Capabilities, RSA, April 2018
9Cloud Encryption Market, MarketsandMarkets, August 2017
10BitSight, a provider of security ratings, raises $60M at a valuation of around USD600 million, Tech Crunch, July 2018
11Global Cybersecurity Workforce to be short 1.8 million by 2022, Venture Beat, June 2017

This material is issued by HSBC UK Bank plc which is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority in the UK. It has been issued for your information purposes only.

Please note that HSBC does not provide tax or legal advice and clients should seek professional advice from their tax advisor. Any reference to tax is based on our knowledge of the current and proposed tax regime and is subject to change.

In the United Kingdom, this document has been approved for distribution by HSBC UK Bank plc whose Private Banking office is located at 8 Cork Street, London, W1S 3LJ.

No part of this publication may be reproduced, stored in a retrieval system, or transmitted, on any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of HSBC UK Bank plc. Copyright© HSBC Private Banking 2024. 

ALL RIGHTS RESERVED
Listening to what you have to say about services matters to us. It's easy to share your ideas, stay informed and join the conversation.