Making cybercrime pay: the growth opportunity in cybersecurity | BetaShares

Making cybercrime pay: the growth opportunity in cybersecurity

BY James Rattue | 4 June 2021
Share
Making cybercrime pay: the growth opportunity in cybersecurity

Reading time: 4 minutes

Companies today rely increasingly on digital technologies to conduct their business and engage with customers, business partners and employees. In a digitally connected world, cybercrime presents ongoing risks and threats to companies operating in all industries.

As exposure to, and reliance on network systems, cloud-based technologies and the internet has increased, the risk and frequency of cybersecurity incidents is also on the rise.

The COVID-19 pandemic, which saw the world plunge into prolonged lockdown and remote working, has sped up the growth rate and complexity of cybercrime, at the same time accelerating the growth of the cybersecurity industry.

In this article, we look at five trends contributing to the growth of the cybersecurity industry, and how you can gain investment exposure.

1. Increased frequency and cost of cybercrime

The cost and frequency of cyber-attacks on businesses is only increasing. Companies that fall victim to cyber-attacks or experience other cybersecurity incidents frequently incur substantial costs and suffer other negative consequences including:

  • Remediation costs, due to liability for stolen assets or information
  • Costs of upgrading cybersecurity to prevent a repetition
  • Lost revenue from unauthorised use of information, or failure to retain or attract customers directly after an attack
  • Litigation and legal risks

During 2020, when many businesses were forced into remote working, the FBI’s Internet Crime Complaint Centre received 800,000 complaints of suspected cybercrime, a 69% increase from the previous year. The total reported losses in the U.S. through 2020 from cybercrime exceeded US$42 billion1.

Even before COVID, the estimated average annual cost of cybercrime for affected businesses in the U.S. was US$27.37 million2 – and the total cost of cybercrime is expected to grow by 15% per year to 20253.

2. Growing level of discomfort with current cybersecurity measures

The Chief Information Security Officer (CISO) is the executive responsible for data, information security and defending against cybercrime in most large organisations. It has been forecast that, by the end of this year, 100% of Fortune 500 companies will have a CISO position, up from 70% in 20184.

A recent white paper released by Proofpoint titled ‘2021 Voice of the CISO report’ found that most CISOs believe that, despite strengthening defences against cybercrime over 2020, they have actually gone backwards in terms of security and peace of mind.

In fact, two-thirds do not believe that their organisation is prepared to cope with another attack, and more than half are more concerned about the repercussions of a cyber-attack in 2021 than they were in 20205.

This lack of comfort with the level of preparedness against another cybersecurity attack is likely to lead to increased expenditure on cybersecurity.

3. Diversification across industries

No industry is immune to cyber-attacks.

Companies in the cybersecurity sector therefore derive their revenue from businesses across a broad range of industries, with the top three sectors in the U.S. affected by cybercrime in 2020 being financial services (23%), manufacturing (17.7%), and energy (11.1%)6.

Top industries targeted by cybercrime

Source: Visual Capitalist, 2020.

4. The cybersecurity technology cycle

Cybersecurity and cybercrime build off each other in a never-ending cycle. As new devices and software come online, old methods used by cybercriminals for infiltration or data gathering are replaced by new ones, prompting increased investment in cybersecurity measures in response, and attempts by cybercriminals to outwit those measures, and so on.

That’s why the cybersecurity market is expected to keep growing in importance and size over the coming decade. Investing in cybersecurity taps into an ongoing cycle of robust new technologies and new exploits.

The cybersecurity technology cycle

Source: Visual Capitalist.

5. Growing spend on cybersecurity

Rising cybercrime and its resulting financial cost for companies has meant that the amount spent on cybersecurity has increased over recent years and is expected to continue to do so. The cybersecurity market was estimated to be valued at $176.5 billion in 2020 and is forecast to be valued at $403 billion by 2027, a compound annual growth rate of 12.5% p.a.7

Investing in cybersecurity

Australian investors can access the potential for global growth in cybersecurity through the BetaShares Global Cybersecurity ETF (ASX: HACK), which provides diversified, cost-effective exposure to global cybersecurity companies. Many of the companies in HACK’s portfolio are at the forefront of providing cybersecurity services to both the public and private sectors and may be well-placed to benefit from the long-term growth potential in the sector.

HACK has returned 16.93% over the 12 months to 31 May 2021, and 19.34% p.a. from inception in August 2016 to 31 May 20218.

There are risks associated with an investment in HACK, including market risk, cybersecurity companies risk, concentration risk and currency risk. HACK’s returns can be expected to be more volatile (i.e. vary up and down) than a broad global shares exposure, given its concentrated sector exposure. HACK should only be considered as a component of a diversified portfolio. For more information on risks and other features of HACK, please see the Product Disclosure Statement, available at www.betashares.com.au.


1. Federal Bureau of Investigation Internet Crime Complaint Centre. “Internet Crime Report” 2020 https://www.ic3.gov/Media/PDF/AnnualReport/2020_IC3Report.pdf
2. Ponemon Institute. “The cost of Cybercrime” Accenture Security 2019 https://www.accenture.com/_acnmedia/PDF-96/Accenture-2019-Cost-of-Cybercrime-Study-Final.pdf
3. Steve Morgan. “Cybercrime To Cost The World $10.5 Trillion Annually By 2025” 2020 Cybersecurity Ventures, November 13th, 2020 https://cybersecurityventures.com/cybercrime-damage-costs-10-trillion-by-2025/
4. Steve Morgan. “Pink Slips To Million Dollar Salaries: Are CISOs Underappreciated Or Overpaid?” 2020, Cyber Security Ventures, August 10th, 2020 https://cybersecurityventures.com/pink-slips-to-million-dollar-salaries-are-cisos-underappreciated-or-overpaid/
5. Proofpoint. “2021 Voice of the CISO Report” 2021 https://www.proofpoint.com/sites/default/files/white-papers/pfpt-us-wp-voice-of-the-CISO-report.pdf
6. Content, S. (2021, May 20). Investing in Core Cybersecurity Technology. Visual Capitalist. https://www.visualcapitalist.com/investing-in-core-cybersecurity-technology/
7. Brandessence Market Research and Consulting “Global Cybersecurity Market 2021-2027” 2021
8. Past performance is not indicative of future performance.

1 Comment

  1. Oliver RAYMOND  |  June 11, 2021

    I worked that out some time ago and have been very happy with HACK!
    Keep up the good work.

Leave a Reply