Cybersecurity – The rush to catch up with reality
Senior Quantitative Analyst, Saxo Bank
Summary: Cyberattacks continue to become even more hideous and sophisticated, and due to the closely connected global digital infrastructure, spillover effects may likely cause damage to places other than the intended target of a cyberattack. The invasion of Ukraine was a major wake-up call globally for both governments and private companies who are rushing to bolster their cyber defences.
In the weeks prior to the invasion of Ukraine, the country was hit by multiple cyberattacks. On February 15, major websites of the defence ministry, army and two of Ukraine’s largest banks were down. A more severe attack on February 23 also took down multiple government websites, as well as placing data-wiping malware on computers belonging to multiple Ukrainian organisations. And after the invasion began, the number of cyberattacks over the following 48 hours increased by more than 800 percent.
Following a request from Ukraine, EU sent its Cyber Rapid Response Team to assist. The intention is of course to assist Ukraine in securing critical infrastructure, but it’s likely also aimed at avoiding spillover effects to the global digital infrastructure. As we saw in June 2017 with one of the most severe global cyberattacks, NotPetya, a well-organised cyberattack can do extensive financial damage. The attack was primarily targeting Ukraine with around 80 percent of its hits targeting ministries, banks and transportation infrastructure. Large logistics companies such as Maersk and FedEx were also affected, and the estimated revenue loss was $200-$300m and $400m, respectively.
Governments call for cyber defense boost
The invasion of Ukraine was a wake-up call for nations to reinforce their cyber defences, especially within their critical infrastructure such as transportation networks, the health care system and important supply lines. In many countries the majority of the critical infrastructure is owned by private companies, which do not always meet the required standards for cyber defence. One notable infrastructure cyberattack was against the largest fuel pipeline in the US, the Colonial Pipeline; all pipeline operations had to be halted to contain the attack.
Because of the invasion, governments have called on organizations to bolster their cyber defenses against online attacks, with Britain’s National Cyber Security Center and the US Cybersecurity & Infrastructure Security Agency as examples. The latter is stating that “While there are not any specific, credible, cyber threats to the U.S., we encourage all organizations – regardless of size – to take steps now to improve their cybersecurity and safeguard their critical assets,”. The US Senate also followed this by passing a bill requiring critical infrastructure operators and federal agencies to report cyberattacks within 72 hours and ransomware payments within 24 hours.
Cybersecurity industry growing rapidly
The volume and complexity of global cyberattacks were already growing prior to the invasion. According to a report by Coro, the number of cyberattacks against small-to-medium businesses has increased by 150 percent over the past two years, and the companies’ defences have not grown accordingly. One issue is a shortage in workforce, which needs to grow by 65 percent for organisations to be able to sufficiently defend their critical assets, according to research among cybersecurity professionals by (ISC)2.
The cybersecurity industry is a rapidly growing industry and in Saxo Bank we monitor trends in the cybersecurity market through one of our thematic baskets. The theme basket contains 25 of the largest cybersecurity companies which are involved in creating, implementing and managing security protocols, in applications ranging from mobile phones to large-scale IT infrastructure; see table 1 below. Over the past couple of years, the companies have in general had large revenue growth rates, as shown in figure 1 below. However, more than half of the companies reported a negative operating margin every year, measured over 12-month trailing figures. The cybersecurity industry is clearly an industry where growth has been prioritised over profitability, and it is undergoing a rapid consolidation with many of major cybersecurity companies acquiring smaller players. This is expected to improve profitability over time.
The evolution in global digitalisation demands an equivalent increase in cyber protection, and with the growing volume and complexity of cyberattacks, we expect the cybersecurity industry to continue to show high growth numbers relative to the general equity market.
|Name||Market Cap |
|Palo Alto Networks Inc||53,775||28.4||-6.7|
|Crowdstrike Holdings Inc||43,698||66.0||-9.8|
|Check Point Software Technologies Ltd||17,816||4.9||41.9|
|Trend Micro Inc/Japan||8,129||9.4||22.9|
|CyberArk Software Ltd||6,019||8.3||-15.6|
|Tenable Holdings Inc||5,721||22.9||-7.7|
|Varonis Systems Inc||4,343||33.3||-25.3|
|Sailpoint Technologies Holdings Inc||4,108||20.2||-13.5|
|Venustech Group Inc||3,337||45.8||17.2|
|CommVault Systems Inc||2,692||8.3||5.4|
|Aggregate / median||359,491||20.2||-6.7|
Latest Market Insights
Quarterly Outlook Q3 2022: The Runaway Train
- Central banks' attempts to kill inflation is a paradigm shift, which could end in a deep recession.
Tangible assets and profitable growth are the winnersWith US equities officially in a bear market, the big question is where and when is the bottom in the current drawdown?
Understanding the lack of investment appetite among oil majorsThe everything rally seen in recent quarters has become more uneven, as its strength is driven by commodities in short supply.
The pressure is on as the wind leaves the sailsWith cryptocurrencies in sharp decline, are we entering a crypto winter or is the bear market a healthy clean-up of the crypto space?
Why the Fed can never catch up and what turns the US dollar lower?Many other central banks are set to eventually outpace the Fed in hiking rates, taking their real interest rates to levels higher than the Fed will achieve.
Bank of Japan: Swimming against the tideThe Japanese economy has gone from the age of deflation to rapidly rising prices in no time, leaving the Bank of Japan in a pickle.
Green transformation detour and bear market hibernationWith the impending risk of global econonomic derailment, we share the five things investors need to consider in this new half year.
Crisis redux for the eurozone?Whether there's going to be a recession in Europe or not, the path towards a stable economy will be agonizing.
Technical Outlook: Gold, Oil and a remarkable multi-decade perspective on EquitiesThe Nasdaq bubble pattern, USDJPY resistance, crude oil uptrend losing steam and the technical outlook for USD.
China: the train of new development paradigm left the station two years agoChina is transiting to a new development paradigm, as they are hit by deteriorating terms of trade, a slower global economy and an uncertain future while continuing attempts to contain the pandemic.