- Home »
- Insights »
- DWS Research Institute »
- Cybersecurity: The virtual threat is real
- As global activity continues to shift online, vastly more human behavior is today being conducted in digital environments whose safety is in jeopardy - cyber criminals pose a sophisticated, and growing, danger to countless activities.
- Fortunately, policy makers, corporations, and individuals are taking these risks seriously, and, although new cyber threats from innovative and evolving forms of attack continue to proliferate, the resolve to fight cyber-crime clearly exists.
- For the investor, three things are critical considerations : understanding the scope of the problem, discerning the spending plans and strategies of those most impacted, and accessing ownership to companies that will provide solutions.
I’m From the Government, and I Need Help
The U.S. government is not generally given to exaggeration. And that sobering thought puts a lot of weight on the above quote which is taken from the President’s signed introduction to the White House’s National Cybersecurity Strategy[1].
The clear and critical role that cybersecurity will play in the U.S. (and therefore globally) is abundantly evident from the report, which, it must be said, evokes a degree of sympathy for the Luddite mentality. A brief mention of the purported benefits of technology, is followed by a damning list of its deficiencies, from theft of property and data, through the dissemination of misinformation, harassment, and exploitation, to violent extremism and threats to peace.
The point though is that these are the unfortunate, but inescapable, realities of a cyber world which is advancing at a breakneck pace. And idly wishing for a return to a simpler world (which, to be fair, also had criminality) is neither realistic, nor useful. A better approach is the one that the government is laying out – to be painfully aware of the problems, but to resolve to fight them.
"Cybersecurity is essential to the basic functioning of our economy, the operation of our critical infrastructure, the strength of our democracy and democratic institutions, the privacy of our data and communications, and our national defense.”
- White House National Cybersecurity Strategy, 2023
The final section of the report discusses this fight, and we believe it is arguably the most relevant for investors. It contains this quote:
“Building a more defensible and resilient digital ecosystem will require generational investments by the Federal Government, allies and partners, and by the private sector.”
This last point is important. What the government appears to be saying, and we would agree, is that the solution to cybercrime will need both a public, and a private market, solution.
The title of this section alludes to Ronald Reagan’s notorious assertion that the scariest words in the English language are spoken when governments show up to assist (“I’m from the government, and I’m here to help”). Our take, on reading the Cybersecurity Strategy document, is that, in the case of cybercrime, the government is at least as aware of the need to seek help too. For an investor hoping to identify areas of the broader economy that could grow at a faster rate than others, this should be interesting.
Lopping off the Hydra’s Head
Government officials are not the only ones who are worried. According to a recent report from McKinsey & Co[2], there are three key metrics to consider.
The first is the sheer scale of the problem. They forecast that the economic cost from cyber-crime will grow to US$10.5tn by 2025, representing around a 300 percent increase from 2015 levels. At the same time, as Figures One and Two demonstrate, the total number of incidents, and the average cost per incident have also increased, with what appears to be a lurch higher that coincided with the pandemic (perhaps cybercrime lends itself nicely to work from home?). Of course, part of these trends are explained by increases in inflation and economic activity over the same period, as well as the proliferation of digital activity in society, but the point remains – cybercrime is becoming more pervasive, and more expensive.
The second is the gulf that exists between this economic cost, and the amount that organizations globally are actually spending on cybersecurity solutions. McKinsey estimates that this spend was at around US$150bn in 2021. They rightly note that “such a massive delta requires providers and investors to “unlock” more impact with customers”, and that “the current buyer climate may pose a unique moment in time for innovation in the cybersecurity industry.”
