Cybersecurity space witnesses accelerated growth and heightened inorganic activity led by pandemic triggered flexible WFH policies

The novel coronavirus has truly tested humanity’s ability to adapt quickly. Over the past year, the business has been nothing but usual and as the world recovers from the initial impact of Covid-19, businesses are now looking to gain a larger online presence. We have seen large businesses such as Amazon.com and Alibaba, grow sales at higher rates than in the past and clearly, the in-person business has become not only unpopular but also unsafe. However, a simple website and a buy-now button do not cut it. A key reason behind the success of retail and cloud services giants such as Amazon.com is their ability to collect large amounts of data, analyze it using the power of artificial intelligence, and customize their services and products for various audiences.

From 2010 to 2020, the amount of data created, captured, copied, and consumed in the world increased from 1.2 zettabytes to 59 zettabytes, an almost 5,000% growth, and by 2025 data storage is projected to exceed 200 zettabytes growing at a CAGR of 28%. 50% of this data will be stored in the cloud such as AWS, Google Cloud, government-owned clouds accessible to citizens and businesses. More than 111 billion lines of new software code are written each year, introducing a huge number of vulnerabilities that can be exploited. With this exponential growth in data storage and increase in software usage, opportunities for innovation and for Cybersecurity are immense. Criminals are now using cloud services and technology to speed up attacks, limiting the amount of time businesses have to respond to the attack. Trend Micro Research found terabytes of internal business data and logins for websites like Amazon, Twitter, Facebook, and Google offered for sale on the dark web. As this data is sold via access to cloud logs, more stolen accounts are monetized and the time from theft to sale has been reduced from days to hours.

Prior to the pandemic, numbers regarding cyberattacks were already breaking records at an alarming pace. With the advent of Covid-19 and Work from Home (WFM) Policies, Cyber criminals are switching tactics to source new forms of data theft. Relatively poor technological infrastructure and inadequate cyber and data security are hampering the productivity of employees working from home – and represent a greater cyber risk to businesses. Researchers from Kaspersky have found out that the number of brute force attacks on Remote Desktop Protocols (RDP) increased by 242% in 2020, as compared to 2019. There were nearly a 3.30billion attacks made on Remote Desktop Protocols between January and November in 2020, as compared to 0.97billion such attacks recorded in 2019, all around the globe.According to a report published by Risk Based Security, Inc., in 2019 alone, 15.4 billion data records were compromised and in 2020, this number increased by a whopping 141% to 37.1 billion. A few of the major attacks included - a)in April 2019, WhatsApp experienced a cyberattack that kept 1.5 billion users at risk. The hackers used the communication system to send malware to mobile devices and b) in Jan 2021, Sociallarks, a rapidly growing Chinese social media agency suffered a monumental data leak through its unsecured Elastic Search database which stored the scraped data of over 200 million Facebook, Instagram, and Linkedin users.

As more people enter the digital world, the number of cybercrimes against citizens and businesses are undoubtedly going to increase exponentially. With that, the money invested into high-quality security software is going to increase as well. According to Gartner, even during the pandemic in 2021, IT spending is predicted to reach USD4.10trillion, an 8.4% increase from 2020. This was partly due to the pandemic as businesses shifted online and invested in new infrastructure. This increase in IT spending correlates with an increase in demand for cyber security technology, and consequently the need for security service providers. The Worldwide spending on information security and risk management technology and services is forecasted to grow at an even higher rate of 12.4% to reach USD 150.4 billion in 2021.The table below represents some of the fastest-growing security spending segments globally.

Source: Gartner

With an increase in demand for Cyber Security services, the sector is also witnessing a surge in M&A and financing activity. The graph below represents the most active sub-sectors within the cybersecurity industry by deal volume in 2020. Network & infrastructure security, fraud & transaction security, and I&AM form the top 3 most active sub-sectors. This can be anticipated as businesses helped employees set up their home offices and invested in software to keep their networks and databases secure.

In 2021, this trend will not change as the way businesses used to be managed has changed drastically. And that is expected to increase the investment in cybersecurity software which in turn will lead to an increased demand for cybersecurity professionals. The demand for cybersecurity experts was approximately 6 million workers globally in 2019, and by the end of 2021, the number of cybersecurity positions that are unfilled will reach 3.5 million.

By 2028, the cybersecurity market is estimated to be worth USD418.3 billion, growing at a CAGR of 12.5%. The market currently is highly fragmented with the biggest player, Cisco, only controlling approximately 9% of the market. The network security segment experiences the most investments in the space. While North America is the largest geographic market, Asia Pacific is expected to be the fastest-growing regional market, at a CAGR of 16.5%between now and 2028.

As a mark of consolidation in the fragmented market, there has been a continuous growth in the deal volumes and value in the cybersecurity industry since 2012.2020 was also a record year in terms of financing activity for cybersecurity companies. In 2019, a total of 702 deals were announced, for a total of USD9.8 billion. In 2020, the number of deals increased to 742, and the total investment increased to USD13.1 billion. In terms of M&A deals, Q1 CY 2021 has already broken many records. As shown in the graph below, Q1 2021 saw record volumes of transactions as well as the highest average deal value. In the first quarter of 2021, USD18.9 billion worth of M&A deals, and USD5.6 billion of financing deals were conducted, both numbers ensuring that 2021 will turn out to be a record year with all-time high M&A and financing transactions.

In conclusion, the pandemic has caused businesses to rethink how they connect with their clients and customers. As businesses digitize and automate their processes, the need for digital infrastructure and security services along with the demand for cybersecurity professionals will continue to grow. With this increase in demand for cyber security services and service providers, there is a natural increase in inorganic growth initiatives leading to a surge in mergers and acquisitions, as well as financing activities.

The article has been written by Sandeep Gogia, Director, Equirus