Cybercrime fears are on the rise but it’s not bad news for everyone: the IT security sector is booming.
With high-profile hacks against firms like JD Wetherspoons and TalkTalk exposing hundreds of thousands’ personal and financial data, and government and big business alike have been racing to tackle the growing threat, with the UK doubling its cybersecurity spend over the next five years.
And firms specialising in tackling digital crooks are rapidly emerging as the winners of this arms race:
“Cybersecurity and the associated arms race is now the issue of the digital age. Cybercrime is the single biggest threat to corporations,” Rob Cotton, chief exec of cybersecurity firm NCC Group, said to City A.M..
Britain is emerging as a leader in cybersecurity, with firms like NCC and Darktrace posting stellar growth, and Sophos’ July flotation London’s biggest tech IPO ever.
A total of 11 UK firms made the Cybersecurity 500 ranking, otherwise full of mostly US firms. It may sound like a relatively small number, but the sector is predicted for further expansion.
“The UK has a rich ecosystem of cybersecurity product vendors, service providers, event producers, and media firms - and we are expecting substantially further representation of UK cybersecurity companies”, said Cybersecurity Ventures founder and chief executive Steve Morgan to Techworld, calling the UK a “global leader” in cybersecurity innovation.
NCC, promoted to the FTSE 250 index in December, posted results today sure to put a smile on investors’ faces, with quarterly sales soaring by 50 per cent and profits up 26 per cent.
Rival Darktrace, founded just two years ago, has doubled its employees in the past year and was recently valued at £150m.
So what lies ahead for the cybersecurity sector as cyber threats are expected to continue to grow in 2016? FireEye nabbed threat intelligence firm iSight only yesterday, and at the end of last year, NCC went shopping for rival Fox-It.
Cotton expects more consolidation to come, “particularly as the recruitment for high quality security consultants becomes even more competitive”. Threat intelligence is also predicted to be a growing sector as firms become more proactive, as new strict EU legislation enforcing disclosure and imposing steep sanctions firms neglecting to protect themselves from attacks pushes the issue higher up on corporate agendas.
“Cultural change is needed. The majority of boards do not have executives with the necessary IT skills, let alone an understanding of cybersecurity,” warns Cotton.
Experts agree that early detection and a proactive stance are key for firms wishing to minimise the damage of a breach.
“The reality is that all organisations face both external and insider threats, so they need to continuously assume that some level of compromise is inevitable, and adopt ‘immune system’ methods of defence that can spot early indicators of subtle threats and enable a response before a business crisis occurs,” said Dave Palmer, director of technology at Darktrace.