With cyber crime on the rise, it’s no surprise that cyber security is big business. As criminal activity evolves, the need for smarter ways to tackle security challenges is clear. And that means investing in cyber security – not just by organisations themselves but by investors willing to back those entrepreneurs who are leading the charge in innovative security solutions.
Cyber security experts recognise that no individual or company can ever be 100% secure. The risks that businesses face are many and varied – from security breaches, data leaks and malicious insiders to malware, malicious code and cyber attacks. And because the threats are constantly changing, security needs to be an ongoing priority.
From data to potential disaster
As organisations embrace the seemingly unlimited potential of digital capabilities and put more of their business information, customer data and office processes online, they are increasing their vulnerability to cyber attack.
The issue is not only the sheer amount of information that’s stored digitally, but the number of staff in many organisations and the increased sharing of information, all of which can compromise security.
Cyber attacks can come from both inside and outside a company. They can include stealing or misusing confidential information, disrupting business operations, financial theft, and even extortion demands. The effects can be devastating, and include business disruption, information loss, damage to equipment, and loss of productivity and revenue.
Another major factor is employee awareness and education – particularly around phishing and social media platforms. In 2019, 94% of all Malware was delivered by email.1 While Phishing attacks vary in complexity, attackers require little resources to create endless numbers of campaigns. So for attackers, Phishing is just a numbers game. Statistics like this highlight the need to educate employees about security, including not responding to phishing attempts and other messaging mediums including SMS and social media. In 2018, the Australian National University network breach was the result of a single malicious email. The compromise, which didn’t even require the user to click a link, resulted in attackers gaining access to sensitive personal information of ANU staff and students.
The truth is, however, that because it only takes one careless act to compromise an entire organisation’s security, employee training can only do so much. Cue the need for systems which actively warn employees about possible risks or limit how much information they can access and share online.
It’s an opportunity that wasn’t lost on UK cyber security start-up Garrison. It developed a secure browsing environment that lets employees access web content without exposing their organisation to cyber attack, raising a total of US $56 million of funding in the process.2
Statistics that speak for themselves
When it comes to cyber security, the numbers are big. And growing every year.
Globally, the US is the most affected by cyber crime, with the US government planning to spend US$15 billion on cyber security in 2019 – a 4% increase over last year.3 A 2018 study for IBM estimated the cost of the average data breach to companies worldwide to be US$3.86 million.4
In Australia, 33% of businesses have been victims of cyber crime – 60% of which were small and medium businesses. The average time to resolve an attack is 23 days, however this jumps to 51 days if the attack was caused by a malicious insider, employee or contractor.5
As accessing information from anywhere becomes more prevalent, mobile security will also become key. This need is reflected in the number of new types of mobile malware, which grew by 54% in 2017.6
The internet of things – boosted by 5G and artificial intelligence – will also increase our susceptibility to security risks as both individuals and as a community. A 2015 study by Symantec found numerous issues in widely available devices. One was an apparently “smart” door lock, which could be opened remotely online without needing to enter a password.3
A risk businesses can no longer afford to ignore
The media is full of stories of major breaches of company websites and customer databases.
In January 2020, Toll Group Logistics was victim to one of the most crippling cyber attacks in Australian history. The attack resulted in nationwide disruptions to Toll’s logistics systems used to track and distribute freight. The huge costs not only to Toll, but also to their customers, should be a wake-up call to all Australian business of the impacts of under investing in cyber security.
As the threat of attacks like these becomes more of a reality, employers – especially C-suite executives and company boards – have become acutely aware of the need to raise their cyber security budgets in order to invest in high-quality solutions.
“Employers – especially C-suite executives and company boards – have become acutely aware of the need to raise their cyber security budgets.”
While the headlines feature major players, small and medium businesses are just as vulnerable, although they can sometimes be less aware of the importance of effective security measures. However, the drive to invest in more robust security by larger companies will flow down the supply chain to provide protection and prevent loss at every stage of business operations.
An industry where demand is greater than supply
While the need for cyber security is growing, it would appear that there are not enough highly qualified cyber security professionals to meet demand, especially in relation to in-house roles. This means that businesses of all sizes often seek externally managed security services.
The shortage of cyber security specialists also highlights the need to automate threat monitoring and security protection where possible. After all, as criminals increasingly turn to automation as a way to carry out attacks, it makes sense to automate the response. Enabling repetitive tasks to be performed automatically allows qualified professionals to focus on more complex issues, and continue to develop smarter solutions.
One business making the most of the demand for innovative cyber security services is Pemba Capital portfolio company, Shelde. As an integrated digital, security and data analytics partner, the Shelde team has the expertise that businesses look for when seeking the best security technology for their needs.
Investing in cyber security as a growing opportunity
Many companies now realise that digital risk is the biggest threat to their businesses – and that it’s a risk they need to be ahead of.
With Forbes predicting the global cyber security market will grow to USD $281.74B by 2027, it’s little wonder then that investors are seeing the promising potential of investing in cyber security, where there’s a very real demand for innovative products and services.
“Investors are seeing the promising potential in the cyber security space, where there’s a very real and growing demand for innovative products and services.”
Those with funds to invest are keen to support providers – including start-ups – that can offer much-needed expertise and deliver services to protect organisations from increasingly sophisticated attacks.
The opportunities, it would seem, are every bit as big as the challenges.
The team at Pemba Capital have proven expertise in partnering with businesses across a range of sectors including technology, healthcare, business services, financial services and education. To discover how we can help you achieve your goals, talk to us today.
- Ponemon Institute 2018 Cost of a Data Breach 2018 study for IBM.
- Symantec Internet Security Threat Report 2018.