The Covid-19 outbreak has resulted in a surge of targeted cyberattacks. From a cybercrime perspective, Covid-19 revealed a new breed of bad actors, sources, methods, and attack vectors that would never be exposed without a crisis like this, asserts analyst Keith Snyder, in CFRA Research's flagship newsletter, The Outlook.
Many companies have been unable to keep up with the shift from a centralized management structure to a distributed environment, while also keeping attackers at bay. According to Barracuda Networks, between February and March, the number of phishing emails spiked 600%.
Meanwhile, the Federal Bureau of Investigation’s Internet Crime Complaint Center has experienced a four-fold increase in the number of reported online crimes. While nearly all businesses are reporting an increase in security incidents, attackers are focusing on a few industries.
According to a report by Beazley Breach Response Services, the number of ransomware attacks reported increased by 25% in the first quarter sequentially overall, but the manufacturing industry experienced a 156% increase.
Financial institutions and health care companies have been the hardest hit, together accounting for almost 50% of all ransomware attacks in the first quarter (see below). Companies discovered that legacy network security solutions were ill-equipped to handle the mass migration of workers to a home-based existence.
The work from home (WFH) shift has made it difficult, if not impossible, for IT staff to remotely enforce corporate-defined security policies due to a lack of logical and physical control of managed and unmanaged devices and their access networks (i.e., home Wi-Fi).
In addition, the absence of a virtual presence on end-users’ devices and their access networks is making it challenging for security teams to identify shadow IT and anomalous activity by end-users and attackers due to a lack of telemetry.
CFRA expects a spike in demand for virtual private network (VPN) services and software-defined access services in response to the rapid growth in the number of remote workers attempting to access resources that are sequestered behind corporate firewalls.
As the leaders in the network security market, CFRA expects Cisco (CSCO), Palo Alto Networks (PANW), Fortinet (FTNT), and Check Point (CHKP) will be the primary beneficiaries of this demand as it is far more likely that users will extend with existing vendors for another contract cycle than switch.
Adoption of security-as-a-service solutions is expected to accelerate during the Covid-19 outbreak. Security-as-a-service includes any security solution that is hosted and managed remotely in the cloud for on-premises or off-premises applications.
Large-scale security infrastructure is often costly and slow to deploy. Security-as-a-service has emerged as an efficient and cost-effective way of adding new features and capabilities while minimizing complexity.
With traditional security, adding new appliances typically requires a substantial up-front investment and additional service fees to keep the solution up to date. Security-as- a-service operates more like a utility that can be turned on or off and can scale quickly when the need arises.
According to IDC, the worldwide security-as-a-service market is expected to expand at an 11.9% CAGR between 2019 and 2024, growing from $10.9 billion to $19.2 billion.
Identity and digital trust software is projected to be the fastest-growing subsegment of the security-as-a-service market, expanding at a 14.7% CAGR from $2.04 billion in 2019 to $4.05 billion in 2024, according to IDC.
This software is comprised of a comprehensive set of solutions used to identify users in an IT environment and control their access to resources within that environment by setting user rights and restrictions.
The network security software submarket, which includes a variety of solutions, including enterprise firewall software, network intrusion detection and prevention software, unified threat management software, and network access control, is projected to expand at a 12.2% CAGR between 2019 and 2024, from $3.3 billion to $5.9 billion.
Check Point, Cisco, Fortinet, and Palo Alto all have a number of offerings in the network security software space to manage external threats. Many companies are leveraging the pandemic as a business development opportunity by offering complimentary licenses and free trials to attract new customers and expand relationships with existing customers.
Although security-as-a-service is growing quickly, on-premises solutions will remain necessary for large companies. Covid-19 has created some challenges for on-premises hardware deployments, as global lockdowns forced companies to delay projects. In addition, supply chain disruptions could cause component shortages, which may limit production.
At the onset of the outbreak, hardware companies benefited from a short-term surge in demand as customers scrambled to add capacity. Despite these challenges, demand is expected to recover once the outbreak is under control. According to IDC, the worldwide network security market is projected to expand at an 8.8% CAGR between 2018 and 2023, from $15.5 billion to $23.7 billion.
The firewall and unified threat management (UTM) submarket is projected to grow the fastest, expanding at a 9.2% CAGR. Check Point, Cisco, Fortinet, and Palo Alto controlled 60.9% of this market in 2019, according to IDC, and should benefit the most from long-term growth.
Risks to our thesis include a worse-than-expected economic contraction in response to Covid-19, lower-than-expected spending on security services, increased unemployment levels, and fewer network attacks.