australiaen
Cybercrime outbreak unleashes security spending tide

Cybercrime outbreak unleashes security spending tide

16-06-2021 | Stunning statistics
Approximately 30 billion data records were compromised last year. This is more than in the previous 15 years put together.
  • Patrick  Lemmens
    Patrick
    Lemmens
    Portfolio Manager Robeco FinTech
  • Koos  Burema
    Koos
    Burema
    Portfolio Manager
  • Michiel  van Voorst
    Michiel
    van Voorst
    Fund Manager Equities

Speed read

  • Covid-19 pandemic triggered a surge in global cybercrime
  • Ensuring cybersecurity is vital for the financial services industry
  • This offers attractive investment opportunities

What has happened?

The Covid-19 pandemic has been a boon for hackers. As broad swathes of the economy were suddenly forced to move online, cybercrime flourished. No less than 30 billion data records were stolen in 2020, according to a recent report1 by Canalys, a technology industry analysis company. This is more than in the previous 15 years put together.

Meanwhile, another report published late last year from the Center for Strategic and International Studies (CSIS), a US-based think tank, and McAfee, a computer security firm, estimated that worldwide monetary losses from cybercrime rose sharply last year, to approximately USD 945 billion (see Figure 1).2

Stay informed on our latest insights with monthly mail updates
Stay informed on our latest insights with monthly mail updates
Subscribe

Figure 1: Estimated worldwide monetary losses from cybercrime

Source: Lewis, J. A., Malekos Smith, Z. and Lostri, E., December 2020, “The Hidden Costs of Cybercrime”, CSIS-McAfee report.

On top of this, global spending on cybersecurity was estimated to have exceeded USD 145 billion, bringing the overall cost of cybercrime to almost USD 1.1 trillion globally, or 1.3% of the world’s gross domestic product (GDP). This new estimate implied a more than 50% increase relative to the previous one provided by the CSIS and McAfee for the year 2018.

Authors of the report acknowledged that better reporting explained some of this increase. However, they also indicated that, even with these qualifications, it is clear that cybercrime continues to grow rapidly. “Cybercrime is increasing because it pays, it can be easy, and the risk to cybercriminals can be low,” they argued.

Why is it important?

The Covid-19 crisis dramatically increased our reliance on the cyberspace. And this unlikely to revert, even as the pandemic recedes, and people go back to some of their old habits. This means companies will need to keep investing in cybersecurity infrastructure, in particular the financial services industry.

In a report published last August, Interpol warned about the alarming rate of cyberattacks seen during the first four months of 2020, as countries around the world imposed strict lockdowns. Most importantly, Interpol also predicted that a further increase in cybercrime is highly likely in the near future, as structural trends such as the rise of ecommerce and remote working continue to unfold.

In this context, cybersecurity budgets seem bound to remain on their upward trajectory. Although business continuity and workforce productivity took precedence over security during the pandemic, cybersecurity investments still outperformed other segments of the IT industry in 2020, growing 10% to USD 53 billion, according to Canalys.

The technology industry analysis company considers the current trend will continue in the near future. More specifically, cybersecurity investments are expected to grow by 6.6.% to 10% in 2021, with web and email security technologies as the most dynamic areas.

What does it mean for investors?

For investors, soaring cybercrime is obviously a threat to the businesses they own. But it is also an opportunity to invest in companies that provide solutions to address this growing challenge. This is especially relevant for the financial industry, as cybercriminals tend to be naturally attracted to this sector. Not getting cybersecurity right in the financial world simply means going out of business.

Growing interest for cybersecurity investments is already visible in equity venture capital funding flows. Cybersecurity funding hit an all-time high in 2020, garnering USD 11.4 billion – a near 50% increase from 2018, according to CB Insights, a research and analysis firm. Fast-developing cybercrime and accelerated adoption of cloud computing were key driving forces behind this rise.

Growing demand for cybersecurity solutions is one of the developments we closely follow as part of our FinTech and New World Financials equity strategies. Admittedly, finding cybersecurity companies that are both relevant for the financial sector and attractive from an investor’s standpoint is not easy. For one, the opportunity set remains relatively limited.

Moreover, business growth and stock price momentum do not always go hand in hand, therefore looking at (relative) valuations is extremely important. Yet we believe the potential rewards are worth the effort. As a result, listed companies offering services such as payment protection, for example, are now a firm part of our investable universe.

1 Canalys, March 2021, “now and next for the cybersecurity industry”, Special report.
2 Lewis, J. A., Malekos Smith, Z. and Lostri, E., December 2020, “The Hidden Costs of Cybercrime”, CSIS-McAfee report.

Logo

Disclaimer

BY CLICKING ON “I AGREE”, I DECLARE I AM A WHOLESALE CLIENT AS DEFINED IN THE CORPORATIONS ACT 2001.

What is a Wholesale Client?
A person or entity is a “wholesale client” if they satisfy the requirements of section 761G of the Corporations Act.
This commonly includes a person or entity:

  • who holds an Australian Financial Services License
  • who has or controls at least $10 million (and may include funds held by an associate or under a trust that the person manages)
  • that is a body regulated by APRA other than a trustee of:
    (i) a superannuation fund;
    (ii) an approved deposit fund;
    (iii) a pooled superannuation trust; or
    (iv) a public sector superannuation scheme.
    within the meaning of the Superannuation Industry (Supervision) Act 1993
  • that is a body registered under the Financial Corporations Act 1974.
  • that is a trustee of:
    (i) a superannuation fund; or
    (ii) an approved deposit fund; or
    (iii) a pooled superannuation trust; or
    (iv) a public sector superannuation scheme
    within the meaning of the Superannuation Industry (Supervision) Act 1993 and the fund, trust or scheme has net assets of at least $10 million.
  • that is a listed entity or a related body corporate of a listed entity
  • that is an exempt public authority
  • that is a body corporate, or an unincorporated body, that:
    (i) carries on a business of investment in financial products, interests in land or other investments; and
    (ii) for those purposes, invests funds received (directly or indirectly) following an offer or invitation to the public, within the meaning of section 82 of the Corporations Act 2001, the terms of which provided for the funds subscribed to be invested for those purposes.
  • that is a foreign entity which, if established or incorporated in Australia, would be covered by one of the preceding paragraphs.
I Disagree