Many of you reading this will have either personally experienced it, or have a friend or family member that has experienced it. The direct and indirect impacts of cybercrime are surging at exponential rates, and it’s most likely this trend will continue over the short term before it gets any better.
Hacking has evolved from irritating viruses and malicious Trojans designed to slow down or cripple your home computer to modern day cybercrime that is focused on criminal activity. Impacts range from fraud and identity theft to ransomware (whereby attackers encrypt files to make them inaccessible to the owner/user and then demand a ransom to unlock the files). It is also alleged that cyber-attacks interrupted the last Australian census, may have also been used to impact election results, and are being used in modern warfare and terrorism.
The cost of cybercrime is staggering. UK based Hiscox Insurance (who specialise in niche insurance) estimated only two months ago that in 2016 it cost the global economy USD450 billion, while the Australian Attorney-General’s Department 2013 report ‘National Plan to Combat Cybercrime’ estimates that it costs Australia over AUD2 billion a year and this amount is expected to grow. However, other estimates are even more disturbing. US based specialist cybercrime research firm, Cybersecurity Ventures, estimates that cybercrime actually costs the global economy more like USD3 trillion a year – a figure that Microsoft CEO Satya Nadella agrees with (funnily enough) – and that this will rise to USD6 trillion a year by 2021 taking into consideration IP theft, theft of personal and financial data, stolen money, damage and destruction of data, lost productivity, reputational harm and disruption to business over the period, and the restoration costs of the infected systems.
Whilst the cybercrime cost numbers being estimated are extreme, the increasing threat to our everyday lives at home, in the office and now even when driving or flying is an inconvenient truth that we face.
So what are the public and private sectors doing about it?
Our federal government stated in the most recent Defence White Paper that the Budget will allocate $230 million over the next four years and then a further $400 million for the period 2020 to 2030 towards cybersecurity initiatives. This is a fraction of total government expenditure, which is forecast to be in excess of over $450 billion for just the 2016 – 2017 fiscal year. However, of significance, the federal government has now passed the Privacy Amendment (Notifiable Data Breaches) Bill that basically means that all entities regulated under the Privacy Act will now be compelled by law to report any serious data breaches that occur. This amendment should prompt companies to review their cybersecurity arrangements to see if they remain appropriate.
Back on federal government spending to combat cybercrime. This is a fraction of what the US had been intending to spend prior to the November election last year. The Obama administration had allocated USD19 billion to spend in 2017 on cybersecurity, which was to be an increase of over USD5 billion from the previous year. Meanwhile, in the UK, the May government has upped its spending to around USD2.5 billion for this year.
Some examples from the private sector – JP Morgan is now doubling its cybersecurity budget to USD500 million, Citibank is increasing its to USD300 million and Wells Fargo is up to USD250 million. So what are they spending the money on and where is this being directed to? Largely, to global firms specialising in developing systems and application software, communications equipment, to specialist cybersecurity consulting firms, and to aerospace and defence. Some examples include:
- Ahnlab Inc – a South Korean firm that services retail clients and businesses of all sizes who access the internet, by protecting them against viruses, worms, spyware, online fraud, data leakage and unauthorised access. Their malware recognition system is a world leader in applying malware recognition and remediation with the ability to block malicious network traffic and actively block any security breaches. They also develop ‘anti-keylogger’ security for use for user ID and password protection.
- Trend Micro is a Japanese firm that produces application software for home PCs and business that focuses on antivirus, anti-spyware, anti-key logging and firewalls. Their products are better known here in Australia as ‘PC-cillin’.
- Gemalto is a Dutch company that focuses on cyber-telecommunications. Their main revenue stream is derived from SIM card production and software applications for telecommunication companies and networks to offer advanced back up data services so that if your phone is lost or stolen you can retrieve the data. Further, next time you are at Coles or Woolworths buying groceries or paying for your lunch in a food court and use pay-wave, think Gemalto – the pioneers of EMV chip technology. You can also think of Gemalto next time you are heading overseas and coming back into Australia when you’re scanning your passport at the self-service immigration gates.
- KeyW is a US firm that specialises in servicing governments and military agencies in fighting cyber-terrorism and organised crime. KeyW offer an advanced, integrated approach to cybersecurity that includes offensive cyberspace operations (OCO) and defensive cyberspace operations (DCO) as well as cyber mission training and exercises. Unsurprisingly, they have won numerous and very lucrative contracts from the US government.
- Vasco Data Security International is a US firm that services the financial and healthcare sectors in addition to governments, and focuses on developing advanced authentication software. Next time you are using a banking App on your phone – think Vasco.
These are just a handful of some leading innovative companies that specialise in cybersecurity. As the threats in the cyberworld continue to evolve and increase, the need for these types of companies and their services will obviously increase, from everyday PC users and businesses to governments handing out lucrative contracts.
How to invest in this fast growing sector?
An easy way to invest in these types of firms is through the BetaShares Global Cybersecurity ETF – ASX: HACK, that invests in a diversified portfolio of over 30 of the world’s leading cybersecurity companies specialising across sub-sectors of systems and applications software, communications equipment, internet services, aerospace, research and consulting services. HACK may also provide an added diversification benefit to portfolios, with HACK’s underlying index historically having a relatively low correlation to the S&P/ASX 200 Index.
Don’t get Hacked, get even…