As the financial industry's threat landscape becomes more sophisticated, cybersecurity is shaping up to be an attractive growth sector. Fabiano Vallesi of Julius Baer explains why this sector calls for some investor attention.

As the wealth management industry becomes increasingly digitised, the volume and sophistication of cybercrime within it is growing. Cyber attacks around the world cost firms $315 billion in just one year and the financial sector is the most fearful of such threats, according to recent research by Grant Thornton. And now investors are being given the opportunity to capitalise on the battle against cybercriminals. For example, there is now a fund on the London Stock Exchange that tracks the performance of firms trying to defeat cyber criminals. So it is unsurprising that governments and corporations have data protection and privacy among their top priorities. The author of this article, Fabiano Vallesi, strategy research and next generation, Julius Baer, explores cybersecurity from an investor's point of view.

Cybersecurity, which involves protecting electronic data against criminal or unauthorised access, is facing multiple threats, notably cybercrime and online industrial espionage, both of which are growing rapidly. IT threats have been a feature of the internet almost since it has been in existence. Yet the inflection point for cyber “in-security” seems to have been 2014 when the number of security events and the average cost of a data breach rose to unprecedented highs and media reports of data breaches became as commonplace as the weather forecast.

A surge in cyber attacks with large cost implications for businesses
Last year, a total of 42.8 million detected attacks were reported, a 48 per cent increase from the previous year. Then worryingly, a simulation test suggests 70 per cent of breaches are going undetected and of those being found the average hacker spends 205 days in systems before being discovered, according to a report from Verizon. Furthermore, the price of cybercrime has reached a record of $12.7 million for the average US business, with companies in energy and utilities, financial services and technology experiencing the highest annualised cost in 2014.

A growing concern for governments
The World Economic Forum listed cyber attacks and critical infrastructure breakdowns among the top five global risks. McKinsey thinks that a relatively small number of destructive attacks could materially slow the pace of technology and business innovation. As a result, the world would capture less of the $10 trillion to $20 trillion opportunity available from big data, cloud computing, and other innovations by 2020. The aggregate impact in lost productivity and growth could be as much as $3 trillion.

Data = $$$
Data has long been a prime target for hackers, including financial information, intellectual property, and insider business information and authentication credentials. However, nearly 70 per cent of data breaches included information relating to real names or identities in 2014, according to Symantec. This highlights that attackers are increasingly targeting information that can be leveraged for monetary gain. Hence it should not be surprising that a black market has developed for stolen identity details, especially for those in the financials and healthcare domain.

Growing connectivity increases threat potential
Cybercriminals are becoming more sophisticated and well-resourced. Already we are seeing an alarming uptake of new cyber threats which did not happen in the past, such as what we have seen with hacks into car entertainment systems enabling to take control of the vehicle. A modern car is so much more than just engine and frame, with computers controlling an increasingly high number of traditionally analogue functions. The same accounts for airplanes that are coming under increased cyber risk. In addition, consumer behaviour also continues to undergo a fundamental change as connected devices are increasingly being used in every aspect of their lives, which will drive the necessity for new security measures. Furthermore, the growing adoption of cloud IT infrastructure is expanding the platform for breaches as is the use of personal devices in the workplace, such as through bring your own devices (BYOD) policies.

Cybersecurity: an attractive growth area
Cybersecurity is one of the top global risks today as our daily life is increasingly more connected and digitised. In the background, the entire cybersecurity space is in a constant arms race of defenders against attackers. Furthermore, security is increasingly lifted to board level, while regulatory requirements will likely become more stringent, making cybersecurity even more necessary, in turn benefiting vendors. We believe that a number of secular trends (rising connectivity, cloud computing, growing complexity and scale of cyber threats) are likely to push growth prospects for the security sector substantially above GDP and market growth expectations going forward. 

Gartner estimates global spending on IT security to increase to $109 billion by 2020 from $71 billion in 2014. In contrast, the global economic impact from cybercrime is estimated to cost up to $575 billion annually, which indicates ample room for spending on cybersecurity to increase to safeguard against mounting cyber threats. 

In our view, companies that should benefit from the constant evolution of the cyber threat landscape offer advanced threat protection, network security, threat intelligence, cloud and data security, hardware and software combined blades, identification and data analysis. However, the cybersecurity space is far away from maturity; it is highly fragmented and has plenty of consolidation potential. We therefore recommend investors not to focus on niche segments but to rather take a diversified approach on the sector due to their high volatility and considerable technology risks.