Sam Curry, Chief Security Officer, Cybereason, looks at the likely evolution for the short, medium and long term for the cybersecurity industry.
Given the market instability, risk is soaring and many companies are responding by shrinking from investments, preserving capital and hibernating. The big question before us all is what will be the ultimate fate of the economy? Examining that first then leads to a better understanding of the likely evolution short, medium and long term for the cybersecurity industry and helps us make the case for why collaboration and partnerships might be essential.
In the short term, while the novel Coronavirus is assured to be running amok, the companies that will do well are those that have solutions that minimise disruption and help to protect customers who now are radically expelled from the reassuring perimeters on networks tied very physically to their corporate offices. Keep in mind that many customers will be slapping controls in place to control the outflow of money but they will still spend for things that will help them stave off existential crisis and keep critical services running, especially around remote work.
If a cybersecurity vendor is asking companies to do significant heavy lifting – such as ripping-and-replacing things that don’t deal with the existential threats of suddenly being remote, is confusing users by requiring them to use tools they aren’t familiar with or that could significantly interrupt the organisations’ operations and SLAs – they should back off and hibernate too. If, however, they can help with things like awareness, strong authentication, protecting layer eight, detecting the start of those kill chains, stabilising remote access and so on, they can potentially do well but they still need to watch their own P&Ls since the free flow of cash is still going to be slow.
In the next phase, cyber companies will begin to wither just like any others if the macro crisis isn’t resolved. No one is immune, and the free flow of capital is essential to all members of the economic ecosystem. Like a land turned suddenly arid due to environmental change, when there’s no more water, there is a die-off that is merciless and relatively quick.
However, in this phase, a new economy will be emerging. Whether or not a recession is under way in the classic sense of a quarter of negative growth, some companies will be spending and those who reach equilibrium will start to consider more complex security solutions. If you’re one of those cyber companies that weathered the first phase and can reduce real risks and the emergent threats that will come from the adversary’s R&D and adaptation, you will find the start of new opportunities.
In the final phase, looking six months and beyond, we have two possible outcomes. We all hope for the first where we exit quarantine and beat COVID-19 and fight to rebuild the economy. In this world, we see hope for inoculation in the future against future coronaviruses and the cyber sector recovers quickly in a narrowed field having seen some companies fail. It will be a while until things boom but acquisitions and mergers become likely and a new crop of solutions will emerge even as many old names die because they have gone into bankruptcy or simple stagnation.
In the second scenario, we still fight the virus and as with any devastating economic “extinction event,” new life emerges and adapts in a less rich and booming world for a while. Here is where we learn to live with coronavirus and find a hoped-for stasis and a slow path to recovery, which is not a new spring for the cyber industry. No one wants to consider a third scenario where no one does well, and things become completely unpredictable.
In the end, there is no one outside the realities of the macro economic conditions and there is very little certainty in future performance of companies, cyber or otherwise. Our values are being tested and our species is at war with a tiny-in-some-ways but huge-in-other-ways threat. How you behave now will tell the world a lot about what your company stands for with employees, customers and the wider community.Click below to share this article