It is estimated that the U.S. Federal Government alone will spend $28 Billion in 2018.
Industries such as Finance and Healthcare, who maintain highly sensitive data, will continue to see dramatic growth. In the finance industry—for example, J.P. Morgan doubled its spend on Cybersecurity from $250M to $500M between 2016 and 2017. However; Bank of America publicly stated that Cybersecurity is so critical to their business that they have not capped the budget and they will spend whatever is necessary to maintain their security.
The question for Cybersecurity entrepreneurs and companies is what are the trends that will drive growth for 2018.
Due to the mass growth of Cybersecurity regulations, public and private institutions are required to protect sensitive data or else significant financial and legal penalties will be implemented. Two recent examples of regulations to take effect are New York States NYCRR 500 and NIST 800-171.
Here’s why these regulations will make a big impact in the Cybersecurity community:
New York State’s Department of Financial Services recently imposed the most stringent civilian cybersecurity regulations in the U.S-NYCRR 500. (Are the periods in U.S necessary?)
This regulation impacts all financial services companies that work in New York—this includes a large percentage of all financial services companies in the U.S.—the regulation stringent requirements will drive demand in cybersecurity for the following:
- Enhanced Security Operations
- Multi-Factor Risk Based Authentication
- Greater Encryption for data at Rest and Data in Motion
As of December 2017, those who process, store, or transmit confidential unclassified information—this includes all governmental contractual relationships—must maintain specific cybersecurity practices.
There are many distinct areas covered within the regulation. Several areas of which will drive cybersecurity spending in 2018 and beyond including
- Access Control
- Audit and Accountability
- Awareness and Training
- Configuration Management
- Identification and Authentication
- Incident Response
- Media and Physical Protection
- Risk & Security Assessment
- Security Assessment
- System and Communications Protection
- System and Information Integrity
In addition to these two regulations, the European Union’s General Data Privacy Regulation (GDPR) goes into full affect starting in 2018. Any U.S. company that controls, processes or stores privacy data on European Union Citizens will be subject to this regulation as well.
Hacker Use of Artificial Intelligence
In 2018, it is expected that Hacker’s will continue to grow their use of Artificial Intelligence (AI). Use of AI include Cybersecurity attacks such as brute force, spam/phishing attacks utilizing chat bots, cryptographic, and obfuscation. These attacks will drive the need of cybersecurity tools which leverage AI, Big Data, machine learning, etc.
Continued growth of Ransomware
2017 brought mass amounts of media coverage for Ransomware attacks such as WannaCry and Petya. This proved profitable for hackers which will encourage the use of these methods to extort enterprises of all sizes. Demand for anti-malware/ransomware tools will continue to grow to defend against this trend for 2018.
Attack on Cryptocurrencies and Blockchain Systems
Willie Sutton, a famous bank robber, stated “That is where the money is” in response to why he committed bank robberies. He warns that Cryptocurrencies, such as Bitcoin, have grown dramatically in 2017 and it is expected to continue to grow both as legitimate institutions adopt the use of bitcoin. There will be an increased need for new tools to defend against attacks on block chain and cryptocurrencies.
To learn more about the cybersecurity market in the United States please join me as a participate in a panel “BUSINESS OPPORTUNITIES IN THE US 2018: Cybersecurity, HLS, and First Responders” on January 25th 2018.
Please register at https://www.fairfaxcountyeda.org/business-opportunities-2018-registration