CyberSecurity Industry - Analysis

Market Voice - Key Opinions

Analyst Perspective - “A significant rise in the cyber threats, spearfishing, malware, and
frauds is observed across all industry verticals, particularly in the BFSI, healthcare, IT &
Telecom, and travel & hospitality industry. The U.S., the U.K., and China have recorded the
highest number of cases. Furthermore, as mobile devices continue to increase, fraudulent
transactions have surged. To prevent such cyber crimes, governments across the globe are
actively involved in updating the regulations and standards.”

Leading Cyber Security Enterprise - “We look at every individual company and build a
security model accordingly by understanding their core business and bridge the gap that
exists in their environment. The growing cyber threats across organizations have helped us
to provide solutions to them”

Top 3 Trends : Key Takeaways

1. Cyber threat intelligence, which includes the implementation of machine learning and
artificial intelligence are the growing frontiers in the market growth. Organizations are
actively spending on security solutions to safeguard their business operations. The
adoption of cloud security is expected to grow over the years in Asia-Pacific region.

2. Companies are drafting training curriculums, certifications, and courses and

organizing webinars and other events as part of the efforts to ensure a strong and
skilled workforce capable of coping with the changing cybersecurity landscape.
Governments are also working with market incumbents to emphasize on training and
helping cybersecurity professionals in identifying potential threats, improving
awareness, and countering cyberattacks.

3. Impact of COVID-19 has triggered organizations to adopt endpoint security, mobile

security, and other security solutions to prevent cyber threats risks during remote
working environment. The BYOD and remote workforce trend is expected to surge
and bring companies focused towards adoption of cyber security solutions.

Key Startups with their Recent Fundings:

1. Axis Security - In September 2020, Axis Security raised $32 million in Series B
funding, for a total of $49 million over three rounds.
2. Bitglass - Bitglass secured Series D funding of $70 million in August 2019 bringing
its total venture capital funding to $150 million.
3. Cado Security - Cado Security is a young startup, founded in 2020, yet it’s already
received $1.5 million in seed funding.
4. Cato Networks - In November 2020, Cato closed on a $130 million round of funding.
This comes after raising $77 million in a previous funding round just six months prior.
This latest round brought its valuation up to $1 billion.
5. Confluera - Confluera raised $20 million in series B funding last year. They expect to
see growth in the company as they use the money to expand their team.
6. Cybereason - Its behavioral approach earned it another $200 million in funding from
Softbank, bringing its investment total to almost $400 million. This money has been
used to expand its core platform into a full endpoint protection portfolio.
7. Darktrace - It has raised $230 million through seven rounds of funding. Darktrace
also made eSecurity Planet‘s list of top IDPS solutions. Meanwhile, the company
continues to pick up industry awards and has launched in the AWS Marketplace.
8. Enso - enso is a young startup, founded in 2020, but its niche focus has garnered
plenty of attention. The company has already received $6 million in seed funding.
9. Ethyca - Investors understand the growing importance of maintaining compliance.
This knowledge helped Ethyca gain $13.5 million in funding in June 2020.
10. Illumio - It has raised $332.5 million in funding from an impressive roster of
investors: J.P. Morgan Asset Management, Andreessen Horowitz, General Catalyst,
Formation 8, BlackRock Funds, Accel Partners, and Data Collective, as well as
individual investors such as Microsoft Chairman John W. Thompson, Salesforce
CEO Marc Benioff, and Yahoo Co-founder Jerry Yang.
11. Immuta - The company raised $40 million in series C funding last year. Immuta was
also given the 2020 ISV Rising Star Award from Databricks and was named one of
Inc Magazine’s 2020 best places to work in 2020.
12. Isovalent - Isovalent is used by large organizations, including Adobe, Capital One
and Datadog. The company also has a number of impressive investors, such as
Google and Cisco, who led Isovalent to $29 million in Series A funding.
13. OneTrust - In December 2020, OneTrust secured $300 million in Series C funding.
That makes a whopping $710 million in total funding the company has secured in just
18 months. Their valuation now sits at $5.1 billion, making the company a unicorn
five times over.
14. Orca Security - Founded two years ago in 2019, Orca Security has already received
$82 million in funding. A series B funding round that gave the company $55 million
came only seven months after a Series A round.
15. Perimeter81 - The company received $40 million in Series B funding in 2020.
Gartner also named Perimeter 81 on their Cool Vendor list in 2019.
16. Privafy - Privafy received $22 million in funding in 2020.
17. Randori - Randori hired big names in security in 2020, including former Qualys VP of
Engineering Ken Shelton, hacker Aaron Portnoy and veteran CISO Aaron Fodisck. In
the same year, the company received $20 million in Series A funding.
18. SECURITI.ai - This startup has experienced sizable growth recently, expanding its
team from 160 employees up to 200 over the last year. SECURITI.ai secured $50
million in Series B funding last year after receiving $31 million in a Series A round in
2019.
19. SentinelOne - In 2020 it raised $267 million in Series F funding led by Tiger Global
Management, with participation from Sequoia Capital Global Equities and existing
 investors, including Insight Partners and Third Point Ventures. To date, it has raised
$430 million in funding, bringing its valuation to $3 billion.
20. SpiderSilk - This achievement helped SpiderSilk secure $2.25 million in a pre-series
A round of funding.
21. Ubiq Security - The company was founded in 2019 but has already amassed an
impressive catalog of big-name customers, including the United States Army, the
Department of Homeland Security, Verizon and Hitachi. In 2020, Ubiq Security
received $6.4 million in seed funding.
22. Vdoo - Vdoo secured $32 million in series B funding in 2019. This amounts to a total
of $55 million of funding for the startup.

Cyber Security Market Statistics - 2027

The cyber security market size was valued at $149.67 billion in 2019 and is projected to
reach $304.91 billion by 2027, growing at a CAGR of 9.4% from 2020 to 2027. Cyber
security, also referred to as IT security, emphasizes on safeguarding computers, programs,
networks, and data from unlicensed or spontaneous access. It comprises network security,
application security, endpoint security, identity management, data security, cloud security,
and infrastructure security. As cyber threats have increased at an alarming rate, security
solutions have been gaining traction, globally. Solutions such as antivirus software and
firewalls have grown in complexity and proven to be effective at preventing threats and
attacks, such as malware, Trojans, and phishing. The success of these solutions has led to
rapid development of the cyber security industry, as implementing technical defenses has
become a standard best practice in every enterprise.

Post COVID-19 emergence, cyber security software segment led the global cyber security
market owing to the need for safeguarding business data and prevent loss from cyber-
attacks, demand for strong authentication methods specially after rapid adoption of remote
working technology, post COVID-19.

The solutions segment dominated the overall cyber security market share in 2019, and is
expected to remain dominant during the forecast period, due to increase in need to monitor
external and in-house threats for large as well as small & medium enterprises. However, the
services segment is expected to grow at a rapid pace throughout the forecast period.
 Cyber Security Market

By Industry Vertical

Vishwa Gaul (November 2020), Cyber Security Market By Component (Solutions and Services), Allied Market
Research.
https://www.alliedmarketresearch.com/cyber-security-market

Growth in demand for cloud-based cyber security solutions

Cloud computing model is widely adopted due to its powerful and flexible infrastructure.
Many organizations are shifting their preference toward cloud solutions to simplify the
storage of data, as it provides remote server access on the internet, which further allows
access to unlimited computing power. Moreover, the implementation of cloud-based
model empowers organizations to manage all the applications, as it provides
exceptionally challenging analytics that runs in the background.

In addition, the implementation of cloud can allow organizations to combine

supplementary infrastructure technologies such as software-defined perimeters to create
robust and highly secure platforms. Furthermore, government in many countries issue
special guidelines and regulations for cloud platform security, which drives the cyber
security market growth, globally.

Cybersecurity Product Market

On the basis of component, the Cybersecurity Market has been segmented as follows:

● Hardware
● Software
● Services

On the basis of Software, the Market has been segmented as follows:

● APT
● Threat Intelligence Platform
● SIEM
● Security and Vulnerability Management
● Network Access Control
● Antivirus/Antimalware
● Firewall
● Secure Web Gateway
● SOAR
● IAM
● Encryption
● Disaster Recovery
● IDS/IPS
● Risk and Compliance Management
● Others

On the basis of Security type, the Cybersecurity Market has been segmented as follows:

● Network security
● Endpoint security
● Application security
● Cloud security
● Others

On the basis of deployment type, the Market has been segmented as follows:

● Cloud
● On-Premises

On the basis of organization size, the Cybersecurity Market has been segmented as follows:

● Large Enterprise
● SMEs

On the basis of verticals, the Market has been segmented as follows:

● Aerospace and Defense

● Government
● BFSI
 ● IT
● Healthcare
● Retail
● Manufacturing
● Energy and Utilities
● Telecommunications
● Media and Entertainment
● Others

On the basis of region, Cybersecurity Market has been segmented as follows:

● North America
○ US
○ Canada
● Europe
○ Germany
○ UK
○ France
○ Rest of Europe
● Asia Pacific
○ China
○ Japan
○ India
● Middle East and Africa
○ Kingdom of Saudi Arabia
● Latin America
○ Brazil

External factors that impact Cybersecurity Industry

Political factors:

Cybersecurity has become a critical topic for governments globally, with the rise of military
setups dedicated to cyber warfare. For instance, China emerges as a cyber superpower,
which augments its overall national power and incites its neighboring countries to increase
their cyber investments, such as increasing cyber experts' salaries as an incentive.
Additionally, APAC governments' substantial move for digitization is an external factor
driving the demand for cybersecurity services addressing this need in governmental
institutions. Furthermore, the ASEAN governmental support for e-technologies represents
new cybersecurity target segments in the remote-environment. Both the Indian and Chinese
governments enhance data protection in their countries, for instance, by facilitating the
implementation of manual penetration testing and intrusion detection systems.

Economic factors:
The rapid growth of APAC's developing markets corresponds to an increase in demand for
information technology and cybersecurity.
For instance, in China, the profit growth of listed cybersecurity firms slowed in 2018 but was
still much higher than the global progress, which showcases the market's attractiveness. The
ten major players registered an average profit of USD 38m in 2018, 7% higher than in 2017.
The slower growth reflected pressures from increased research and development costs,
employee salaries, and stiff competition.
According to PWC, the transaction value of digital payments in India is estimated to grow
annually at a rate of 20.2%, reaching $135.2 billion in 2023, which represents an increase in
businesses requiring securing their transactions.
According to AT Kearney, companies in APAC face a threat of $750 billion from
cyberattacks, and underinvestment in tackling the threat is aggravating risks across the
region. The region needs to increase cyber-spending by 0.09% of the GDP or $2.4 Billion
until 2025 to be in line with the best in class benchmark.
The SME sector will be particularly profitable for cybersecurity firms in India, as Indian
SMEs’ spending on IT hardware, software, and services, including business services, is
expected to reach USD 684 billion in 2021. India will be one of the fastest-growing markets
for IT spending in SMEs, growing at a 7% CAGR during 2016-2021.

Sociocultural factors:
In APAC, the increase in demand for location-based services from several industries drives
the cybersecurity market's growth and demand for cyber solutions in those industries. The
increasing use of online services in the region is marked as an opportunity to secure those
services.
Since India's population counts over 300M Internet users and is expected to grow
tremendously, well-founded security systems are crucial. India needs a vibrant security
outlook to safeguard its rising stature as an investment hub. Besides, the increasing FDIs
and government spending in various smart city projects in Asia will have to be backed by
cybersecurity solutions.
Another trend affecting society's interaction with information technology is the increasing
FDIs and government spending in various smart city projects, which will have to be backed
by cybersecurity solutions.

Technological factors:
The increase in cybercrime, the sophistication of cyber-attacks, and companies' dependency
on information structure services increase all businesses' cyber-vulnerability and demand for
cybersecurity services.

Environmental factors:
In some areas, climate change and cybersecurity intersect and overlap. Computing
comprises energy consumption and heat production, therefore impacting global warming.
Furthermore, Cybercriminals can take advantage of the disruption caused by climate change
through malware and scams campaigns. Scammers can try to benefit from the feeling of
urgency invoked by climate change. For instance, the IPCC issued a warning against scams
abusing their brand name.
Besides, the work from home conditions triggered by the COVID19 brings companies at
increasing risk by stretching out their internal networks' boundaries into their staff's homes.
This issue has to be addressed by testing employees' endpoints and VPN configurations.

Legal factors:
There are several certification bodies that provide specialized certifications to security
experts and penetration testers (also known as white-hat ethical hackers) that are
responsible for finding security loopholes to the clients' digital ecosystem before any
unethical hacker takes advantage of it. Furthermore, penetration testing offers security
compliance as well to companies. There are several established regulatory and compliance
standards related to network and application penetration testing.

2020 Roundup Of Cybersecurity Forecasts And Market Estimates

● Enterprises are predicted to spend $12.6B on cloud security tools by 2023,

up from $5.6B in 2018, according to Forrester.
● Enterprise spending on cloud security solutions is predicted to increase from
$636M in 2020 to $1.63B in 2023, attaining a 26.5% CAGR.
● Spending on Infrastructure Protection is predicted to increase from $18.3B
in 2020 to $24.6B in 2023, attaining a 7.68% CAGR.
 ● Endpoint security tools are 24% of all I.T. security spending, and by 2020
global I.T. security spending will reach $128B according to Morgan Stanley
Research.
● 71% of UK-based business decision makers believe the shift to 100% remote
working during the COVID-19 crisis has increased the likelihood of a cyber-
breach according to research by Centrify.
● 70% of all breaches still originate at endpoints, despite the increased I.T.
spending on this threat surface, according to IDC.

Louis Columbus (April 5, 2020), 2020 Roundup Of Cybersecurity Forecasts And Market Estimates, Forbes.com
https://www.forbes.com/sites/louiscolumbus/2020/04/05/2020-roundup-of-cybersecurity-forecasts-and-market-estimates/?
sh=51a3bf5381d7

Synopsis
What is cyber security?

Cyber security can be described as the collective methods, technologies, and processes to help
protect the confidentiality, integrity, and availability of computer systems, networks and data, against
cyber-attacks or unauthorized access. The main purpose of cyber security is to protect all
organizational assets from both external and internal threats as well as disruptions caused due to
natural disasters.
As organizational assets are made up of multiple disparate systems, an effective and efficient cyber
security posture requires coordinated efforts across all its information systems. Therefore, cyber
security is made up of the following sub-domains:

Application Security

Application security involves implementing various defenses within all software and services used
within an organization against a wide range of threats. It requires designing secure application
architectures, writing secure code, implementing strong data input validation, threat modeling, etc. to
minimize the likelihood of any unauthorized access or modification of application resources.

Identity Management and Data Security

Identity management includes frameworks, processes, and activities that enables authentication and
authorization of legitimate individuals to information systems within an organization. Data security
involves implementing strong information storage mechanisms that ensure security of data at rest and
in transit.

Network Security

Network security involves implementing both hardware and software mechanisms to protect the
network and infrastructure from unauthorized access, disruptions, and misuse. Effective network
security helps protect organizational assets against multiple external and internal threats.

Mobile Security

Mobile security refers to protecting both organizational and personal information stored on mobile
devices like cell phones, laptops, tablets, etc. from various threats such as unauthorized access,
device loss or theft, malware, etc.

Cloud Security
Cloud security relates to designing secure cloud architectures and applications for organization using
various cloud service providers such as AWS, Google, Azure, Rackspace, etc. Effective architecture
and environment configuration ensures protection against various threats.

Disaster recovery and business continuity planning (DR&BC)

DR&BC deals with processes, monitoring, alerts and plans that help organizations prepare for
keeping business critical systems online during and after any kind of a disaster as well as resuming
lost operations and systems after an incident.

User education

Formally training individuals regarding topics on computer security is essential in raising awareness
about industry best practices, organizational procedures and policies as well as monitoring and
reporting malicious activities.

The importance and challenges of cyber security

Given the rapidly evolving technological landscape and the fact that adoption of software is ever
increasing across various sectors including finance, government, military, retail, hospitals, education,
energy to name a few, more and more information is becoming digital and accessible through wireless
and wired digital communication networks and across the omnipresent internet. All this highly
sensitive information is of a great value to criminals and evil doers which is why it is important to
protect it using a strong cyber security measures and processes.

The importance of good cyber security strategies is evident in the recent high-profile security
breaches of organizations such as Equifax, Yahoo, and the U.S. Securities and Exchange
Commission (SEC), who lost extremely sensitive user information that caused irreparable damage to
both their finances and reputation. And as the trend suggests, the rate of cyber-attacks show no sign
of slowing down. Companies, both large and small, are targeted everyday by attackers to obtain
sensitive information or cause disruption of services.

The same evolving technological landscape also poses challenges in implementing effective cyber
security strategies. Software constantly changes when its updated and modified which introduces new
issues and vulnerabilities and opens it up for various cyber-attacks. Furthermore, IT infrastructure
evolves as well with many of the companies already migrating their on-premise systems to the cloud
which introduces a whole new set of design and implementation issues resulting in a new category of
vulnerabilities. Companies are unaware of the various risks within their IT infrastructure and hence fail
to have any cyber security countermeasures in place until it’s far too late.

What is a cyber-attack?

A cyber-attack is a deliberate attempt by external or internal threats or attackers to exploit and

compromise the confidentiality, integrity and availability of information systems of a target organization
or individual(s). Cyber-attackers use illegal methods, tools and approaches to cause damages and
disruptions or gain unauthorized access to computers, devices, networks, applications and databases.