Cybercrime Continues to Drive Security Spending

September 8, 2016

Cybercrime Continues to Drive Security Spending Photo

I met with a number of venture capital (VC) firms out in Silicon Valley last week, most of the VCs that I met with focus on early-stage information technology (IT) companies and entrepreneurs. While our discussions covered various start-ups vying to disrupt their respective Enterprise and/or Consumer sectors, all of our discussions came back to the subject of data security.

Given the continually declining costs of computing power and storage over the last half century, we've steadily migrated from a paper-based society, to one based on local computing and storage, on to one based on cloud applications and storage. While this migration has made information more portable and usable, it has also made it more susceptible to misuse or theft. This dynamic continues to drive innovation within the cybersecurity space. As it relates to the venture space, for example, $7.3 billion has been invested into 1,208 private cybersecurity startups over the five-year period between the first quarter of 2010 and the fourth quarter of 2014, according to CB Insights.

More broadly, worldwide IT security spending is projected to increase from an estimated $122 billion market in 2016 to a $202 billion market by 2021, according to a market research report published by Markets and Markets. Considering the proliferation of the Internet of Things (“IoT”)1 web-connected devices, which include lighting, HVAC, security systems, medical devices, wearables, smart appliances, etc., the IoT security market alone is expected to grow from nearly $7 billion in 2015 to $29 billion by 2020, according to a market research report published by Research and Markets.

The costs of cybercrime are very high – and a significant portion of cybercrime goes undetected, particularly industrial espionage, where access to confidential documents and data is difficult to spot. Excluding this undetected data theft, cybercrime is projected to quadruple from $500 billion in 2015 to $2.1 trillion by 2019, according to Juniper Research. The majority of data breaches will come from traditional computing devices on the existing IT and network infrastructure. The impact of threats targeting mobile devices and the IoT are much smaller in comparison to more traditional computing devices, as the rewards are not as great. However, the impact is not inconsequential. Deficient security capabilities and difficulties patching vulnerabilities in these devices, as well as a lack of consumer security awareness has provided opportunities for hackers to remotely facilitate attacks on other systems, send malicious emails, steal personal information, or interfere with physical safety.

Despite the tightening of Federal cyber defenses undertaken over the last decade, vulnerabilities do exist – especially related to legacy IT systems. The government will undoubtedly require additional funding authorization to effectively exercise damage control and mitigate further threats. On April 1, 2015, President Obama issued an executive order declaring “the increasing prevalence and severity of malicious cyber-enabled activities… constitute an unusual and extraordinary threat to the national security, foreign policy and economy of the United States.” President Obama included $14 billion for cyber security spending in his 2016 budget. Market Research Media estimates that the U.S. Federal cybersecurity market will grow from $18 Billion in 2017 to $22 Billion by 2022.

Key Takeaway:

At the beginning of 2016, many skeptics were questioning whether we were witnessing a cybersecurity bubble as a number of security-related stocks took a beating. Those concerns, in my opinion, were overblown. Steve Morgan, a contributor to, summed up the dynamic succinctly: “If there were no cybercrime, then there would be no cybersecurity market. If cybercrime rises, then so does cybersecurity spending.” Recent cases have shown just how pervasive cybercrime has become, spanning both the public and private sector -- think the current presidential campaign, Sony, Target and just to name a few. Given the pervasive march toward the digitization of nearly every aspect of our lives, and the desire of certain players to obtain that information, it’s difficult to imagine a scenario in the future where security spending would decline at any point in the future.

[1] The internetworking of physical devices, vehicles, buildings and other items—embedded with electronics, software, sensors, actuators, and network connectivity that enable these objects to collect and exchange data.

Tags: Chart of the Week | Venture capital | Cybercrime | Internet of Things (IoT)

< Go to Chart of the Week

The material provided here is for informational use only. The views expressed are those of the author, and do not necessarily reflect the views of Penn Mutual Asset Management.

This material is for informational use only. The views expressed are those of the author, and do not necessarily reflect the views of Penn Mutual Asset Management.  This material is not intended to be relied upon as a forecast, research or investment advice, and it is not a recommendation, offer or solicitation to buy or sell any securities or to adopt any investment strategy.

Opinions and statements of financial market trends that are based on current market conditions constitute judgment of the author and are subject to change without notice.  The information and opinions contained in this material are derived from sources deemed to be reliable but should not be assumed to be accurate or complete.  Statements that reflect projections or expectations of future financial or economic performance of the markets may be considered forward-looking statements.  Actual results may differ significantly.  Any forecasts contained in this material are based on various estimates and assumptions, and there can be no assurance that such estimates or assumptions will prove accurate.

Investing involves risk, including possible loss of principal.  Past performance is no guarantee of future results.  All information referenced in preparation of this material has been obtained from sources believed to be reliable, but accuracy and completeness are not guaranteed. There is no representation or warranty as to the accuracy of the information and Penn Mutual Asset Management shall have no liability for decisions based upon such information.

High-Yield bonds are subject to greater fluctuations in value and risk of loss of income and principal. Investing in higher yielding, lower rated corporate bonds have a greater risk of price fluctuations and loss of principal and income than U.S. Treasury bonds and bills. Government securities offer a higher degree of safety and are guaranteed as to the timely payment of principal and interest if held to maturity.

All trademarks are the property of their respective owners. This material may not be reproduced in whole or in part in any form, or referred to in any other publication, without express written permission.

Subscribe to Our Publications