We’re going to talk a lot about security today. Let’s start with a market recap.
According to a forecast from Gartner, worldwide spending on security and risk management is projected to increase by 14.3% in 2024, reaching a total of $215 billion. The continuous adoption of cloud, hybrid workforce, generative AI, and evolving regulatory environment are driving the need for enhanced security and risk management spending. Spending on data privacy and cloud security is expected to record the highest growth rates, and security services are forecasted to represent 42% of total expenditure in 2024.
Ransomware attacks decreased in August by 22% compared to July, with Lockbit 3.0 being the top attacker. Industrials remained the most targeted sector, while North America remained the most targeted region, although experiencing a relative drop. The rise in ransomware attacks in Asia is attributed to geopolitically motivated campaigns by Chinese threat actors.
Cyber insurance claims have surged in the first half of 2023 due to a significant increase in ransomware attacks. Ransomware was the main driver behind the rise in claims frequency, with victims reporting an average loss of over $365,000. Large companies with revenues over $100 million were particularly targeted, experiencing a 20% increase in cyber incidents. Fund transfer fraud also increased claims, while business email compromise claims decreased. The cyber insurance market is predicted to reach $50 billion by 2030.
A report by Keeper Security reveals that many organizations still engage in cover-ups and fail to report cyber incidents. The study found that 48% of organizations do not report critical cyber incidents to authorities, and 41% do not disclose attacks to their boards. Fear, misunderstanding, and poor corporate culture contribute to these failings.
According to a new study, remote workers are more aware of cybersecurity risks and take more precautionary measures than in-office employees. The study found that remote workers were more mindful of cybersecurity threats, recognized safe practices, and took steps to defend against them. In contrast, in-office workers may become complacent about cybersecurity awareness due to the expectation that their organization will provide security measures. The research suggests that the risk of cybersecurity threats may not be as significant for remote workers as initially feared.
Pinpoint Search Group has released its Q3 2023 cybersecurity funding report, revealing a 21% increase in funding compared to Q3 2022. The total funding reached $2.3 billion across 113 funding and M&A transactions. While the number of investment rounds in 2023 surpassed 2022, the dollar amount still lags. Early-stage rounds, such as Seed, Series-A, and Series-B, lead the charge, indicating a diversified approach by investors.
Why do we care?
As told in story form, the security market looks like it will continue to grow, with insurance and related coverups continuing to increase. Ransomware is up overall but down last month. (Maybe summer vacation?). Remote workers are more cyber-aware than their in-office counterparts. And investors keep putting money into security.
This is why there’s a focus on cloud security and data privacy solutions. Cyber insurance is necessary for cybersecurity packages, particularly for clients with significant revenues.
Leverage this data to adjust risk assessments and security protocols. There may be an under-investment in cyber security training for in-office employees. I think the investment is correct for remote users… we’re seeing results.