This report is part of the “New normal, new opportunities” series, in which we examine secular trends in a post-COVID-19 world. The series will cover a range of themes that are emerging as a result of social distancing, the work-from-home imperative, health care developments, corporate implications, and broader societal change. We believe identifying these trends and understanding their investment implications will be critical to navigating the road ahead. Additional reports will be released over the following weeks.
Cybersecurity spending has been a growing area of information technology spend for years, with breaches increasing in frequency, data size, and financial and reputational consequences. No industry is spared and no company isolated from cyberattack attempts, which can often result in successful attacks. The ramifications are wide and often all-encompassing, with loss of information, business disruption as well as likely customer distrust. These attacks and incidents can come from both outside hackers and corporate insiders.
Cybersecurity exists to combat cyberattacks, with the most common being: illegally obtaining corporate information via compromising business emails; identity theft; ransomware (malicious software that prevents access to files, systems, or networks, and typically demands a ransom for release); and phishing or spoofing, which tries to trick individuals into providing sensitive information.
Gartner currently sizes the information security and risk management market at $124 billion in 2020, which RBC Capital Markets believes could reach $176 billion in 2025, representing a compound annual growth rate of 7.3%. The majority of cybersecurity spending is for legacy security needs, but this approach could drastically change due to the work-from-home environment caused by COVID-19—a transformation that is likely here to stay.
The negative statistics were already accelerating at a frightening pace prior to COVID-19, with Accenture stating that security breaches have increased by 11 percent since 2018 and 67 percent since 2014. According to the University of Maryland, hackers attack computers with internet access every 39 seconds, on average 2,244 times a day. Even with an increasing amount of dollars being devoted to identifying these breaches and correcting them, an IBM study found the average time it took companies to recognize a breach in 2019 was 206 days, and the average cost to a company was $3.9 million.
Worms, viruses, and cyberthreats, oh my!
Cybersecurity has evolved over the years from fighting the first computer worm in 1988 to countering credit card breaches to protecting networks to safeguarding the cloud. An increase in devices per user and the billions of connected devices within the Internet of Things have made points of access explode. A suddenly remote and distributed workforce has amplified the need for different cybersecurity solutions.
It’s highly likely that the changes thrust upon corporations in light of COVID-19 will only escalate the need for continued spending on cybersecurity, and RBC Capital Markets believes COVID-19 has accelerated changes to security spend by five years. Key areas likely to be focused on are: cloud security; application access and security; identity; protecting workloads (an expansion of the idea of endpoint security or anti-virus); and monitoring and observability. New emerging trends include: Secure Access Service Edge (SASE), which supports the digital transformation of enterprises and the dissolution of the traditional network perimeter to enable security at the point of access, and Zero-Trust Network Access (ZTNA), which provides identity-aware access to eliminate the excessive “implicit trust” inherent in wide network access that malicious actors can exploit.
Branch offices as far as the eye can see
RBC Capital Markets refers to the paradigm shift toward location-agnostic work that has been triggered by COVID-19 as “Work 2.0.” Although time will tell how many workers shift from the office to working from home, an RBC Capital Markets’ survey suggested nearly 60 percent of employees had never worked from home prior to COVID-19, with an additional 15 percent working from home just a few days per month. Although it’s hard to know how many employees will eventually return to the office full-time, it’s highly likely that the majority of employees will want some increased flexibility going forward.
This could be a win-win situation, as corporations are interested in both the real estate savings and a reduced carbon footprint with fewer employees commuting. But increased corporate network access at home impacts the structure of cybersecurity spend. According to RBC Capital Markets, traditional infrastructure was designed to accommodate 15 percent to 20 percent of employees working remotely, which will likely be much higher going forward.
Digital documents the way of the future
With enhanced security software in place, old processes can safely evolve. Just as the world has embraced the transition from coins, cash, and checks to credit cards, mobile payments, and contactless payments, the corporate world is in the early stages of moving from legacy paper to digital contracts. Real estate has been an early adopter of the technology, but large swaths of the economy still haven’t had the same uptake, including most areas of the government.
RBC Capital Markets surveyed 1,000 “knowledge workers” (i.e., those who “think” for a living such as engineers, scientists, accountants, lawyers, and academics) regarding their usage and thoughts toward information technologies. The survey showed the growing importance of many new communications tools spurred by COVID-19, with e-signature solutions cited as the No. 4 rising new technology. An electronic signature, or e-signature, is a legal way to consent to electronic documents or forms and replaces a handwritten signature. Thirty-two percent of respondents said they are using e-signature tools more now that they are working from home due to COVID-19 than before. RBC Capital Markets believes the opportunity for this emerging trend was $51 billion pre-COVID-19, but expanded to $86 billion as workers and individuals are likely to find ways to engage in business, yet do it with less face-to-face interaction than six months ago.
Increasing usage of key technologies while working from home
% of survey respondents using various solutions more than before COVID-19
Source - RBC Capital Markets (Welcome to Work 2.0 - Imagine 2025, 6/11/20)
Perspective evolves from a crisis
A crisis can quickly evolve an individual’s and corporation’s perspective, and we are likely in the midst of such a paradigm shift. More employees are working from home, and the benefits that come with that—for both the employee and corporation—are being realized, with spending being reallocated to effect this transformation. Many old processes are being tossed out, in favor of new technology, both out of necessity as well as an understanding that the old way may not have been the best way.