Tag: cybersecurity

Cybersecurity channel set for a solid 2021

The cybersecurity channel is set for a solid year ahead, according to the beancounters at analyst outfit Canalys.

The firm is forecasting a potential 10 per cent increase in worldwide spending on security in 2021 if everything goes as it is now.

In terms of product categories, Canalys is forecasting a 12.5 percent climb in web and email security, while vulnerability and security analytics will increase 11.0 percent. Growth in endpoint security will slow to 10.4 percent after a solid 2020.

Security professionals find their jobs have changed

Certified cybersecurity professionals association (ISC) has released a survey of 256 cybersecurity professionals which shows many of them have found their jobs have changed during the pandemic with 90 percent of them indicating they are now working remotely full-time.

Wesley Simpson, COO of (ISC), said: “While this was certainly not an in-depth study of the situation, it does provide a current snapshot of the issues and challenges our members may be facing during this unprecedented time. Sharing this information helps our members and other professionals in the field understand the challenges their peers are facing, and hopefully realise they are not alone, even if many of them are feeling isolated as they adjust to working from home.”

Cybersecurity protected from slowdown

Beancounters at the analyst firm Canalys claim that cybersecurity spending will be immune to a worsening economic and political in Blighty.

It has claimed its data showed the market expanding by double digits in the first quarter and global cybersecurity spending boomed 14.2 percent year on year in the first three months of 2019 to hit $9.7 billion, with the channel representing 92.3 percent of shipment value.

Canalys principal analyst Matthew Ball said that investment in cybersecurity shows no sign of slowing down as it remains a priority for all organisations.

“Recent high-profile ransomware attacks have resulted in large organisations paying large sums to regain access to critical IT systems and data. Strengthening security strategies across devices, infrastructure, perimeters and applications will continue to be critical. Increasing employee training and gaining more comprehensive cybersecurity insurance will also be important to counter these threats.”

UK government falling behind on Cyber Crime

Hacker typing on a laptop

Ministers are not acting with “a meaningful sense of purpose or urgency” in the face of a growing cyber threat to the UK’s critical national infrastructure (CNI), a parliamentary committee has warned.

The joint committee on national security strategy said at a time when states such as Russia were expanding their capability to mount disruptive cyber-attacks, the UK’s level of ministerial oversight was “wholly inadequate”.

It urged Theresa May to appoint a cybersecurity minister in cabinet to take charge of the efforts to build national resilience.

US Government forced to spend on of-the-shelf security

banner_220x220The US Government is being forced to spend more money on commercial off-the-shelf (COTS)-based cybersecurity tools and systems as they face intense attacks, according to a new report.

Analysts Frost & Sullivan’s recent report with the catchy title “US DoD Cybersecurity Market, Forecast to 2023”, reveals that intense attacks from adversaries and non-state actors are compelling Department of Defense (DoD) cybersecurity spend for commercial off-the-shelf (COTS)-based cybersecurity tools and systems and the development of quantum computing and artificial intelligence technologies.

Defense cybersecurity industry consolidation is expected to increase with firms emphasising the acquisition of dual-use commercial technologies.

Frost & Sullivan forecasts the market to reach $4.30 billion by 2023, growing at a compound annual growth rate (CAGR) of 2.3 percent.

“Persistent attacks on DoD networks make cybersecurity integration and new technology development necessary. There will be an increasing need for firms that can provide state-of-the-art cybersecurity services”, said Brad Curran, Industry Principal, Defense at Frost & Sullivan. “Maintaining network resiliency by assuring that people with the most advanced cybersecurity skills are available as well as ensuring robust cybersecurity and attack information coordination is a top priority for the DoD.”

Cybersecurity spend to increase

securityTarot readers working for analyst outfit Gartner claim that spending on cybersecurity will jump eight percent next year because of the spike in global breaches this year.

The analyst claims spending in 2018 will top $96 billion as end users protect themselves against threats, having seen the impact of WannaCry and NotPetya this year.

Gartner research director Ruggero Contu said a large portion of security spending is driven by an organisation’s reaction towards security breaches as more high-profile cyberattacks and data breaches affect organisations worldwide.

“Cyber attacks such as WannaCry and NotPetya, and most recently the Equifax breach, have a direct effect on security spend because these types of attacks last up to three years”, he said.

Gartner forecasts that services will make up over half of all security spending, at $57.7 billion. Services will also see greatest growth, at 8.8 percent.

The analyst claimed that regulatory compliance and data privacy have been “stimulating” security spending, citing GDPR and the US’ Health Insurance Portability and Accountability Act as key factors.

One of the key drivers driving services spending is a global skill shortage which has forced organisations to turn to cybersecurity consultancies.

“Skill sets are scarce and remain at a premium and top organisations to seek external help from security consultants, managed security service providers and outsourcers,” he added.

“In 2018, spending on security outsourcing services will total $18.5 billion which is an 11 percent increase from 2017.

“The IT outsourcing segment is the second-largest security spending segment after consulting.”

 

Chess aims to take another acquisition piece

315801_a5e44c0e6f53654feec6d94e671b9cf8_largeVAR outfit Chess is take another cybersecurity piece after acquiring Foursys a few months ago.

Foursys, which will become Chess Cybersecurity, put Chess into the cybersecurity game – most of its acquisitions have been outside that area such as Lanway, Parachute IT and Compwise Systems.

Now the word on the street is that Chess is looking to make another acquisition in the security space. Most of this was due to the Foursys deal paying off so well.

It is not clear who Chess is looking at, or when the deal will be announced, but the plan seems to be to broaden Chess’ cybersecurity space offering.

Apparently there are plenty of companies for sale and because of the increased  interest in cybersecurity there have been a number coming to the market.

Chess, COO Steve Cox is leaving the VAR to take on the role of VP of customer success at insurance software firm Vertafore, a switch which will see him move to Denver. Cox joined Chess last year and was instrumental in setting up the firms ICT division.

 

Security skills shortage

securityIntelligence analyst Cybersecurity Ventures has warned that the cyber-security market is facing an “epidemic” skills shortage.

The California-based research firm has compiled a quarterly Cybersecurity 500 list since 2015, cataloguing what it sees as the hottest and most innovative industry leaders

Feedback from 2017’s top three – Herjavec Group, IBM Security and Raytheon Cyber has revealed growing concern over the widening gap between security threats, and the number of people qualified to tackle them.

The single biggest trend, globally, is that there are chronic work shortages of qualified cyber security staff. It’s an absolute epidemic, the survey found.

From the end of 2013 to 2015, Cisco published research on global cyber security that showed there were one million cyber security positions open globally and Cybersecurity Ventures’ own research suggests that this deficit become worse.

There is a predicted growth in cybercrime coming and by 2021, the company expects there to be 3.5 million vacant cybersecurity job openings.

“The pipeline of security talent isn’t where it needs to be to help curb the rise in more widespread, and more sophisticated, cybercrime.”

There are shortfalls in specialised education in information technology and computer science.

Out of the top ten ranked firms, seven are based out of the US; one in Canada; one in IT security hub Israel; and one UK outfit: Sophos.

Other UK high flyers include BAE Systems (14), BT (29), PwC (32), NNT (54) and KPMG (57). DFLabs in Lombardy, Italy was the highest-ranked continental European firm, at number 19.

Healthcare systems are subject to hacking

wargames-hackerHospitals, clinics, trusts and insurers are under a barrage of cyberattacks but the healthcare section does not seem to be spending enough money to protect itself.

According to ABI Research, cybersecurity for healthcare protection will only be worth $10 billion by 2020, while other sectors such as financial and defence are coping.

ABI said “the healthcare industry is drowning” because of attacks from malicious online agents and a lot of companies and organisations in the sector are failing to modernise to take account of current threats.

Michelle Menting, a practice director at ABI, said: “Cybersecurity for healthcare is still a small fragmented market but the potential opportunities for expansion are large and will continue to grow as healthcare organisations increasingly come under cyberfire.”

She said a few startups such as TrueVault and FireHost are targeting the healthcare sector and building a niche for themselves. There are also managed services and cloud apps from companies like NetFortris and ID Experts.

Enterprises fail to act on cybersecurity

William Blake: War - WIkimedia CommonsIt won’t be until 2018 that large enterprises will have proper plans to protect themselves from cyber attacks causing business disruption.

And, even then, only 40 percent of these organisations will have such plans.

That’s what a report from Gartner says, which warns that chief information security officers need to set their priorities/

Gartner thinks the frequency of a cyber attack on a large scale is low, but if it does happen, the implications are sever.

Paul Proctor, a VP at Gartner warns that servers can be downed, data wiped, and digital intellectual property published to the internet – as happened with Sony late last year.

“Employees may not be able to fully function normally in the workplace for months. These attacks may expose embarrassing internal data via social media channels and could have a longer media cycle than a breach of credit card or personal data,” he said.

He also pointed out that avoiding a compromise in a large computer enterprise “is just not possible”. Instead, those responsible should concentrate on firewalls, antivirus and vulnerability management, as well as increasing detection and response capabilities.

The Internet of Things (IoT) will expand the attack surface so enterprises need to pay better attention, and spend more money on preventing attacks.

Internet of things means $100 billion spend

Nuclear power plant - Wikimedia CommonsGovernments around the world are waking up to the security implications as the internet of things is set to pervade the world and will spend an immense amount of money to improve cyber security.

The internet of things is a catch all term for a time when just about anything you care to imagine has semiconductors inside, able to communicate with just about everything else.

ABI Research said that it estimates that cybersecurity spending will hit $109 billion by the end of this decade, with governments in North America and Europe spending and spending again on security for network, for systems and for data.

The governments, said ABI, will concentrate on security for the financial, energy and defence sectors as they are the ones most targeted.

The energy sector is under particular threat, with attacks on industrial control systems.

However, there are sectors which are particularly vulnerable, including utility companies, said Michela Menting, practice director at ABI Research.

She said: “IT spending will dominate cyber security investment for critical infrastructure protection to the detriment of securing operational technologies in industrial settings.”