The cyber security industry is hot; on the one hand, many startups are becoming successful cyber companies, and some have reached unicorn status. But, on the other hand, the field of cyber security appears to be very crowded.
Many investors ask me if it is worth investing in the cyber security field now. Isn’t the market overflowing with startups? What else can you invent, and where else can you develop?
A look at the cyber security space today does reveal an abundance of cyber defense products and solutions, and CISOs rely heavily on these products; however, two years of coronavirus and cyberspace attacks have changed the cyber landscape beyond recognition.
One of the changing space indicators is the explosion of global cyber incidents and the number of attacks that have succeeded in causing considerable losses to large organizations.
These incidents are global market failures, not just domestic ones; the multiplicity of cyber hacks worldwide requires reimagining cyberinfrastructure assessments and product management and resources for today’s environment.
The working assumption that no system is 100% effective becomes a big part of the headache of enterprise managers. No matter how good a defender you are, you must prepare for a doomsday scenario and know how to get out of it with minimal damage. “Trend recovery” will be, in my estimation, the leading response in the coming years.
The gaps in social engineering remain as they have been in the last 20 years, and the product market must be able to confront and reduce the human factor risk. Third-party/supply chain providers caused many of the incidents that occurred in the past year. Undoubtedly, an organization’s traditional defense boundaries have expanded from the known dimensions to a new and unfamiliar virtual space.
Alongside these areas of defense management, referred to as “soft” activity, organizations require new thinking in the face of the increasing threat.
Based on my analysis, I’ve selected five areas that require investment and technological development in 2022.
Recovery
The recovery products market is in its infancy, and I recognize it as a wide-open space. Defense officials would love to press a button and return to previous routines as much as possible. In this space, investment should be in good defense products, enabling fast-to-build networks after damage, preventing information theft, and deleting/encrypting it before reaching its target or “click and fix.
The Human Factor/ Impersonation / Social Engineering
Despite significant advances in AI-based products and data, most incidents still manage to overpower the human factor. Therefore, products and AI engines are required based on personalization and creative solutions in the field.
The Human Factor/ Impersonation / Social Engineering
Responsibility for cyber security must move from the domain of the CISO to the whole organization. The ability to protect an organization depends significantly on the resiliency of a third party. Therefore, products are needed to secure suppliers’ chains outside the enterprise courtyards to ensure “hygiene” within the supply chain.
Improving Defense Efficiency and Optimization Given the number of protection products available (30-40), determining ROI may not be feasible. Therefore, we will see a new world that allows defense executives to manage their budgets and resources better in the coming time.
Human Capacity
The training and training services market is hotter than ever, with many training solutions and simulators available. The machine replaced some of our cyber tasks “automatic PT, Virtual Ciso, and so on. However, recent shifts require new training programs:
• Risk managers with a specialization in cyber
• Operations and crisis managers
• IT and cyber network recovery managers
• Cyber and privacy regulatory expert.
Summary
Cyberspace is constantly moving; new threats lead to new solutions and space for development research and new investments.
Refael Franco is Israel’s Former Deputy Director-General, National Cyber Directorate. He is currently an entrepreneur, investor, startups advisory board member, and founder of Code-Blue.
The author is a former deputy director-general – INCD
All rights reserved – Rafael Franco 2021
E&OE
*The author expresses his viewpoints and perspectives. Therefore, this article should not be considered as an investment recommendation
