Last year saw huge growth in the cybersecurity market, fueled by rising incidents of cyberattacks, particularly ransomware that disrupted services and took multiple businesses hostage.
The numbers are staggering: Investments more than doubled from the previous year to $29,3 billion, according to a report investment bank Momentum Cyber. Two recent funding rounds exceeded $286 billion. A record 77.500 M&A deals, worth $14 billion, were produced, with 1.000 of them exceeding $XNUMX billion each. This year is off to a promising start with the acquisition of Mandiant by Google in March for $5.400 billion.
The market is responding to the evolving threat landscape. As new types of attacks emerge, security vendors are responding with new tools in what has become a game of cat and mouse. This dynamic has driven the market for decades, but things are heating up now that the stakes are higher with impacts to critical infrastructure and US support for Ukraine in the Russian invasion.
One area of security that has recently attracted particular interest is operational technology.
Many attacks last year targeted businesses that provide basic necessities, hitting consumers especially hard. In February 2021, someone gained unauthorized access to the water treatment system in Oldsmar, Florida, and unsuccessfully attempted to add more bleach to the water supply.
And last May, drivers on the East Coast panicked when they couldn't get gas after a ransomware attack disrupted Colonial Pipeline's distribution network. That month, a ransomware attack on Brazilian meat supplier JBS resulted in meat shortages in South America, North America and Australia. JBS ended up paying $11 million in ransom.
The transport industry has also been hit hard in recent years, seeing a 186% increase in weekly attacks from 2020 to 2021, and a 900% increase in sea attacks since 2017. Recent incidents include attacks on the New York Metropolitan Transportation Authority and the CSX Class I freight railroad.
Attacks and regulation of critical infrastructures
All these attacks on critical sectors have given rise to a series of action plans and federal regulations that affect the water sector and pipeline operators, among others. critical industries.
As an example, the Department of Homeland Security in its Transport Systems Sector Plan cites a number of elevated risks, including cyber and aging equipment, in guiding industry efforts to strengthen infrastructure security and resiliency.
As Russian attacks on Ukraine have intensified, the US government is increasingly concerned about Russian cyberattacks launching against US companies, especially critical infrastructure ones. On March 15, President Joe Biden signed into law the Cyber Incident Reporting Act, which requires critical infrastructure providers to report cyber attacks to the Cybersecurity and Infrastructure Security Agency within 72 hours and ransomware payments within 24 hours. of the XNUMX hours.
Then on March 21, the president reiterated earlier warnings, citing "evolving intelligence that the Russian government is exploring options for potential cyberattacks."
En United States Department of Justice disclosures On March 24, four Russians working for their country's government were charged with hacking into the operational technology (OT) of companies in the energy sector around the world for six years.
Legacy equipment in a modern world
For decades, cybercriminals focused on stealing information they could monetize, but now that OT environments are increasingly connected to the Internet, criminals are trying to shut down infrastructure and conduct cyberattacks like in Oldsmar.
The advent of ransomware and targeted attacks on critical infrastructure have changed the game and are putting the security of operational technology in the spotlight. Ultimately, OT security is a national security issue.
Operational technology, OT, which enables critical infrastructure and systems to run continuously and reliably, used to be isolated from the IT network and the Internet, but that has changed. Now control networks and components are embedded in everything from airplanes and trains to military vehicles and power grids.
This technology was developed before modern cybersecurity standards, so the space to be attacked has grown, but often remains unprotected. Applying standard IT security solutions doesn't work, because OT systems must remain up and running and can't simply go offline to apply patches.
The OT security market is poised to grow after years of underinvestment. Gartner anticipates that by 2025, there will be damaging and potentially fatal attacks on OT environments and that the 30% of critical infrastructure organizations they will experience a security breach that will disrupt operations or a mission-critical cyber-physical system. Research and Markets estimates that the global OT cybersecurity market will be worth more than $18 billion by 2023.
Tips for access to capital
There are three key issues for investors around OT security:
Don't just detect attacks, stop them
It is not enough to be able to detect cyber attacks. Security that pinpoints truly malicious activity and stops it based on the signals being watched, before damage is done, works well in today's market.
become essential
Solutions that are indispensable to customer operations are more likely to see demand and will have higher retention rates. A security solution that can help mitigate or stop an attack on a critical infrastructure provider without disrupting operations is highly valued due to the financial costs and potential harm to people from critical service outages.
Frame the value offer
Each startup will have its own story and tell it in a unique way. Some questions we tend to focus on when evaluating the business include:
- What is the value proposition for the customer?
- Why is the founding team the only one capable of solving this problem?
- What is the magnitude of the problem (ie size of the market)?
- What are the sources of sustainable competitive advantage?
These are pretty straightforward and "simple" questions, yes, but the answers will form the basis of any investor's investment thesis.
It's a good time for OT security vendors to look for funding. The combination of the rise in OT cyberattacks and the emergence of government regulations is fueling a funding frenzy.
In security, the stakes are high and intellectual property is especially valued. Next-generation cybersecurity solutions are not easy to copy, giving innovators an edge in the marketplace and the potential for sustained competitive advantage. It's one of the many reasons so much has been invested in cybersecurity over the years.
Last year had a great growth in the cybersecurity market, fueled by rising incidents of cyberattacks, particularly ransomware that disrupted services and took multiple businesses hostage.
The numbers are staggering: Investments more than doubled from the previous year to $29,3 billion, according to a report investment bank Momentum Cyber. Two recent funding rounds exceeded $286 billion. A record 77.500 M&A deals, worth $14 billion, were produced, with 1.000 of them exceeding $XNUMX billion each. This year is off to a promising start with the acquisition of Mandiant by Google in March for $5.400 billion.
The market is responding to the evolving threat landscape. As new types of attacks emerge, security vendors are responding with new tools in what has become a game of cat and mouse. This dynamic has driven the market for decades, but things are heating up now that the stakes are higher with impacts to critical infrastructure and US support for Ukraine in the Russian invasion.
One area of security that has recently attracted particular interest is operational technology.
Many attacks last year targeted businesses that provide basic necessities, hitting consumers especially hard. In February 2021, someone gained unauthorized access to the water treatment system in Oldsmar, Florida, and unsuccessfully attempted to add more bleach to the water supply.
And last May, drivers on the East Coast panicked when they couldn't get gas after a ransomware attack disrupted Colonial Pipeline's distribution network. That month, a ransomware attack on Brazilian meat supplier JBS resulted in meat shortages in South America, North America and Australia. JBS ended up paying $11 million in ransom.
The transport industry has also been hit hard in recent years, seeing a 186% increase in weekly attacks from 2020 to 2021, and a 900% increase in sea attacks since 2017. Recent incidents include attacks on the New York Metropolitan Transportation Authority and the CSX Class I freight railroad.
Attacks and regulation of critical infrastructures
All these attacks on critical sectors have given rise to a series of action plans and federal regulations that affect the water sector and pipeline operators, among others. critical industries.
As an example, the Department of Homeland Security in its Transport Systems Sector Plan cites a number of elevated risks, including cyber and aging equipment, in guiding industry efforts to strengthen infrastructure security and resiliency.
As Russian attacks on Ukraine have intensified, the US government is increasingly concerned about Russian cyberattacks launching against US companies, especially critical infrastructure ones. On March 15, President Joe Biden signed into law the Cyber Incident Reporting Act, which requires critical infrastructure providers to report cyber attacks to the Cybersecurity and Infrastructure Security Agency within 72 hours and ransomware payments within 24 hours. of the XNUMX hours.
Then on March 21, the president reiterated earlier warnings, citing "evolving intelligence that the Russian government is exploring options for potential cyberattacks."
En United States Department of Justice disclosures On March 24, four Russians working for their country's government were charged with hacking into the operational technology (OT) of companies in the energy sector around the world for six years.
Legacy equipment in a modern world
For decades, cybercriminals focused on stealing information they could monetize, but now that OT environments are increasingly connected to the Internet, criminals are trying to shut down infrastructure and conduct cyberattacks like in Oldsmar.
The advent of ransomware and targeted attacks on critical infrastructure have changed the game and are putting the security of operational technology in the spotlight. Ultimately, OT security is a national security issue.
Operational technology, OT, which enables critical infrastructure and systems to run continuously and reliably, used to be isolated from the IT network and the Internet, but that has changed. Now control networks and components are embedded in everything from airplanes and trains to military vehicles and power grids.
This technology was developed before modern cybersecurity standards, so the space to be attacked has grown, but often remains unprotected. Applying standard IT security solutions doesn't work, because OT systems must remain up and running and can't simply go offline to apply patches.
The OT security market is poised to grow after years of underinvestment. Gartner anticipates that by 2025, there will be damaging and potentially fatal attacks on OT environments and that the 30% of critical infrastructure organizations they will experience a security breach that will disrupt operations or a mission-critical cyber-physical system. Research and Markets estimates that the global OT cybersecurity market will be worth more than $18 billion by 2023.
Tips for access to capital
There are three key issues for investors around OT security:
Don't just detect attacks, stop them
It is not enough to be able to detect cyber attacks. Security that pinpoints truly malicious activity and stops it based on the signals being watched, before damage is done, works well in today's market.
become essential
Solutions that are indispensable to customer operations are more likely to see demand and will have higher retention rates. A security solution that can help mitigate or stop an attack on a critical infrastructure provider without disrupting operations is highly valued due to the financial costs and potential harm to people from critical service outages.
Frame the value offer
Each startup will have its own story and tell it in a unique way. Some questions we tend to focus on when evaluating the business include:
- What is the value proposition for the customer?
- Why is the founding team the only one capable of solving this problem?
- What is the magnitude of the problem (ie size of the market)?
- What are the sources of sustainable competitive advantage?
These are pretty straightforward and "simple" questions, yes, but the answers will form the basis of any investor's investment thesis.
It's a good time for OT security vendors to look for funding. The combination of the rise in OT cyberattacks and the emergence of government regulations is fueling a funding frenzy.
In security, the stakes are high and intellectual property is especially valued. Next-generation cybersecurity solutions are not easy to copy, giving innovators an edge in the marketplace and the potential for sustained competitive advantage. It's one of the many reasons so much has been invested in cybersecurity over the years.
