With the FBI reporting an over 400% increase in the level of cybercrime in 2020 and the year ending with a massive government data breach, 2020 has brought cybersecurity to the forefront of most people’s minds. However, while this year saw cybersecurity become a key operational priority for the majority of businesses, effective cybersecurity technologies and solutions will remain vital in the long-term, too.
Indeed, there appears to be increased organizational conciseness of the threat level cybercrime poses. With 96% of executives shifting their cybersecurity strategy throughout the year, maintaining cybersecurity has moved from an oft-neglected operational requirement to a critical business goal for decision-makers in every sector.
Looking forward, over 55% of enterprise executives plan on increasing their cybersecurity spending in 2021 despite an uncertain global economy. Meanwhile, the cybersecurity market overall is forecast to double between now and 2023. For investors such as venture capital firms, these forecasts make cybersecurity an attractive sector for targeted funding.
Just as this year has seen a rush of new companies raise millions in venture capital funding, future investments will follow defined trends, which this year’s digital transformation catalyzed. Here are five areas within cybersecurity that businesses and investors alike will continue to pay attention to.
According to research conducted by Google, more than 65% of people use the same password for multiple accounts. With over 80% of hacks involving lost or stolen credentials, the most obvious enterprise benefit from going passwordless is increased security. However, going passwordless also reduces the burden on IT teams by removing the need to reset passwords — research by Gartner shows that up to 50% of all help desk calls involve passwords.
As enterprises make remote work a permanent way of operating while using an increasing plethora of applications, password use is a growing security and operational weakness. For investors and companies, solutions such as passwordless multi-factor authentication (MFA) and single sign-on (SSO), which improve enterprise security posture alongside streamlining IT operations, are likely to become increasingly popular.
In their 2020 Insider Threat Report, Bitglass reported that over 60% of organizations experienced at least one insider attack in the past 12 months. One key takeaway from this finding, emphasized by the rapid malware proliferation experienced during breaches such as the recent FireEye attack, is that enterprises need to move beyond perimeter-based security.
Accordingly, zero-trust network technology, within which every network user is treated as a potential threat, is likely to become more popular at the enterprise level. A further benefit of zero-trust is that it improves enterprise security posture without decreasing network performance. With recent reports showing that the majority of organizations have increased the speed at which they are adopting zero trust, investor interest in companies that offer zero-trust solutions is likely to remain strong.
From their supply chain to the point of treatment, healthcare providers both save lives and host invaluable patient personal information. Combined with the increasing attack surface that providers present, this growing trove of patient information makes healthcare a prime target for amoral threat actors. Even though it now appears that a hospital patient in Germany was not killed by ransomware earlier this year, this attack, and others like it, highlight the critical importance of securing healthcare from cyber threats.
Healthcare is also becoming more and more digitized, a trend that venture capital firms think is likely to continue. Unfortunately, the continued leverage of remote medicine and IoT devices means that providers are also concurrently expanding their attack surfaces even further. To improve their security posture, healthcare providers will look for security solutions that make authentication safer and protect network security. As such, companies developing solutions that provide better protection for digitized healthcare providers will be knocking on an open door when looking for funding.
SDPs Will Supercede VPN
While virtual private networks (VPNs) have long been touted as a critical security solution for distributed workforces, they also have inherent cybersecurity weaknesses. These are primarily due to the “access before authentication” manner that VPNs use to interact with corporate networks. VPNs also give users access to an entire network, thus providing a route for lateral attacks, and are difficult to enforce within cloud environments. A better solution for connecting enterprise employees to their networks is using a software-defined perimeter (SDP).
The benefits of SDP use come from its security-first architecture. By creating zero trust network access, SDP gives authenticated users segmented access to authorized applications only — rather than an entire network. With SDP, access is also impossible without authentication. At the same time, a risk assessment of the user’s device occurs continuously, too. With Gartner predicting that by 2023, 60% of enterprises will use this technology instead of VPNs for network access, funders will be taking note.
5G Security Will Become Increasingly Important
According to a recent survey by Deloitte, over 80% of professionals plan to adopt 5G technology over the next year. The same study also highlighted that conducting compliance monitoring and policy configuration alongside threat detection will pose significant issues in 5G network environments. Moreover, 5G will also open up new avenues of attack for cybercriminals, while longer user sessions and more connected devices will create a deluge of data for enterprises to secure.
In response, enterprises will need to deploy security solutions that provide unified authentication across newly deployed networks. Cybersecurity solutions, such as passwordless authentication, which prepare enterprises for the new wave of 5G technology, will therefore become essential for connected enterprises.
Within cybersecurity, investor capital has always followed companies that provide effective solutions to difficult problems. Unfortunately, as the world becomes progressively more digitized, there is no shortage of issues for cybersecurity companies to solve. The fastest-growing investment trends will be seen in areas where operational improvement and increased protection are not mutually exclusive desires.
A Sobering Reminder: Passwords are a Threat to Public Infrastructure