The global cybersecurity market is expected to reach just over $60 billion in 2021, a 10% YoY increase in “best case scenario” growth, according to a Canalys forecast report. Even in a “worst case scenario” market forecast, Canalys expects the cybersecurity market to grow 6.6% year over year, reaching nearly $58 billion.
That comes after the cost of cybercrime jumped to over $1 trillion in 2020, according to McAfee. Per CybersecurityDive, that number combines monetary losses (over $900 billion) with the cost of providing cybersecurity (about $145 billion).
Share prices in the cybersecurity industry boomed in the final quarter of 2020, when a widespread malware campaign compromised US government servers, as well as the data of many private businesses. The hack begun at software firm SolarWinds, a company that enables private and public sector organizations to track what’s happening on its computer networks. State-backed hackers (likely of Russian origin) inserted malicious code into an update of Orion, one of the company’s platforms. Cnet notes that around 18,000 SolarWinds customers installed the tainted update onto their systems, the company said, and hackers chose a select number of them to infiltrate further.
The malware was first recognized when cybersecurity firm FireEye, Inc. realized it had been breached, which immediately sent shares of the company tumbling. However, as MRP noted in the aftermath, the scale of attack on FireEye’s toolkit was limited, well-contained, and compromised none of the firm’s customer data or zero-day exploits (vulnerabilities that do not have a fix) were accessed. FireEye has recently been trading higher than it had been prior to the hack.
Many others were not so lucky.
It initially became clear that the Departments of Commerce, the Treasury, and State were breached at some level, but that was only the beginning. In all, nine federal agencies and 100 private companies, including Microsoft, have been confirmed compromised thus far.
However, in a Tuesday Senate hearing on the SolarWinds breach, the Wall Street Journal noted that testifying tech executives suggested further key victims have yet to be publicly identified. According to Brad Smith, the president of Microsoft, “There may be other brand-name players that may have been penetrated that have not been as forthcoming…leaving policy makers and potentially customers in the dark.”
The US House of Representatives’ Oversight and Homeland Security Committees will follow up on the Senate testimony, holding a joint hearing on Friday.
Compared with 2019, CrowdStrike’s experts tracking cyberattacks across the globe saw a 214% increase in cyberattacks and attempts to break into computer networks during the past year, Adam Meyers, senior vice president of intelligence, said in an interview.
Businesses are taking notice of the heightened need for cybersecurity resources. According to PwC’s 2021 Global Digital Trust Insights: Cybersecurity Comes of Age, 55% of 3,249 surveyed executives plan to increase their cybersecurity budgets in 2021 over 2020, with more automated, adaptive cybersecurity being the goal for this year.
Though cybersecurity stocks have been dented this month by a broader route in the tech sector, JP Morgan Securities recently reiterated an outperform rating on CrowdStrike. JPM Analyst Erik Suppiger boosted his price target from $180 to $295, representing approximately 23% upside from Friday’s closing price. The Motley Fool notes that CrowdStrike is scheduled to report Q4 results on March 16, and the company’s guidance calls for revenue of $245.5 million to $250.5 million, which would represent 63% growth at the midpoint.
Back in December, CrowdStrike surged after it reported “exceptional” Q3 results, adding 1,186 net new subscription customers in the quarter, as more people working from home boosted demand for cyber-security solutions. Revenue jumped 86% to $232.5 million, earning company $0.08 per share versus a loss of -$0.07 per share a year prior.
In their most recent earnings report, Palo Alto Networks Inc. reported its first $1 billion quarter of revenue as sales jumped 25%. The company said the SolarWinds attack remains in the minds of many consumers and has forced company boards to reconsider their cybersecurity posture.
Palo Alto Networks also lifted its guidance for the full fiscal year ending August 2021. It now sees revenue of $4.15 billion to $4.2 billion, up from a previous forecast from $4.09 billion to $4.14 billion. Non-GAAP profits are expected to range from $5.80 to $5.90 a share, from a previous forecast of $5.70 to $5.80.
A look at the risks faced by the Healthcare industry, one that is a prime target for cyberattacks, gives a cleat illustration of the growth in cybercrime over the last year.
CI Security analyzed breaches publicly reported to HHS, noting that breach reports were up 35.6% in the second half of 2020 compared to the first half, while the number of patient records that were breached increased more than 180%.
As MRP wrote back in April, cybercriminals capitalized on anxiety about the virus to spread infections of their own. By July, Palo Alto Networks found over 1,700 malicious coronavirus-themed domains were being created every day.
Even pharmaceutical companies developing vaccines for COVID-19 became heavily targeted by hackers. In late 2020, Microsoft disclosed that cyberattacks targeted seven pharma firms in the U.S., Canada, France, India and South Korea. While it blocked the “majority” of the attacks, Microsoft acknowledged that some were successful.
In a separate incident, Pfizer Inc. said some documents it had submitted to Europe’s top drug regulator regarding its vaccine had been accessed in a cyberattack on the agency.