The market for cybercrime security systems grows every year: by 2025, companies around the world will have spent $300 bln on them. Unfortunately, money isn’t everything when it comes to fighting hackers. Yet, it is quite possible to make it more challenging to crack a corporate IT system or a private computer. CB Insights analytical company has released a forecast of the key trends in the cybersecurity market, which is expected to grow to $300 bln by 2025. Below are the most important and unexpected trends, which nevertheless should be given some thought by companies and individuals today, as they might help beat hackers of the future.
Auditing smart contracts
According to IDC forecasts, even this year, companies around the world will spend $2.9 bln on the blockchain technology (almost 90% more than they spent in 2018). Smart contracts are a critical part of corporate blockchain systems – these are self-executing computer programs responsible for a wide range of tasks, from paying interest on bonds and transferring property rights to authenticating pharmaceuticals.
However, the increasingly widespread use of smart contracts in business processes will confront companies with new cyber threats such as the 2016 attack on The DAO (decentralized autonomous organization) – a crowdfunding platform residing on the Ethereum blockchain. The attackers then stole cryptocurrency worth more than $60 mio taking advantage of a smart contract vulnerability.
According to a Hosho survey, vulnerabilities cost block chain companies over $2 bln in 2018. At least one in every four smart contracts had critical vulnerabilities and three in every five smart contracts had a security issue.
Smart contract audit is a service that helps to solve the problem. There is a new category of startups that implement technology to protect corporate block chain systems with a focus on auditing smart contracts. For example, an AI-based technology is used to monitor transactions and detect any suspicious activity as well as run over the code for any known vulnerabilities. This being said, smart contract audit remains a costly and time-consuming service.
Quantum cryptography
In the future cybersecurity systems may transform radically, which depends on the development and market launch of quantum computers. Of course, these prospects are already prompting experts to revisit approaches to cybersecurity. Ability to conduct superfast calculations will allow quantum computers to hack almost any crypto codes used for protecting classified data and electronic communications.
Quantum cryptography (or quantum encryption), in which data is transmitted using photons, promises a solution. The system will make interception basically impossible because hackers would have to measure photon characteristics – which will change their state and serve as a sign of tampering.
Companies all over the world are currently developing quantum cryptography solutions, including based on the lattice theory with hiding data inside complex algebraic structures. Lattice-based cryptography is considered to be resistant to attacks by quantum computers. The demand for quantum cryptographic systems is expected to be huge: first of all, in the Internet of Things and 5G. According to Market Research Media, global quantum cryptographic communications will grow into an industry with a turnover of $24.75 bln by 2025.
Purchasing cyber insurance policy
Every company has difficulties with the accurate prediction of cyber risks. As a result, investments in cyber protection are often perceived as unjustified spending with an unknown payback horizon. This often leads even to a decreased spending on hacker protection. A cyber insurance policy might be a solution here. By 2020, the volume of such insurance payouts will reach $20 bln (in 2016, it was a one third of this sum).
We are witnessing a growth of investments in startups that offer rankings of cyber risks for insurance, including for insurers. Guidewire acquired the Cyence startup to forecast cyber risks for $275 mio in 2017, which was one of the largest deals of the year, and also drew attention to this growing market.
Choosing OSS
Today, there is an increasing number of companies that are migrating to open-source software (OSS) and thus facing more cybersecurity challenges. The risks are substantial, particularly when an open-source code is found in critically important corporate software. Today, experts link the Equifax credit bureau’s massive data breach, which occurred in 2017 and affected some 143 mio consumers around the world, to the vulnerability in the Apache Struts open-source web application framework used by the company. Each year, the number of such vulnerabilities is growing.
One of these solutions’ major issue is publicity of vulnerability as soon as it is detected, with all users normally receiving access to such data to promptly make changes. However, not many companies respond to it swiftly, and hackers take advantage of it – as was the case with Equinox.
Yet, open-source software has its advantages as well. Thousands of people are involved in detecting vulnerabilities, which means there is a high chance of ethical hackers promptly detecting them. Also, such software allows programmers to instantly fix these vulnerabilities; as regards licensed software, much here depends on the promptness of a supplier’s response. So, not surprisingly, there is a growing number of startups that seek to protect the open-source software market, which, according to analysts, amounts to some $14 bln.
By Olga Blinova