GAM Investments’ Pieran Maru looks at the increasing importance of cybersecurity as companies move to minimise risk from ransomware attacks.
Cybersecurity has been a growing theme driven by two key factors: government action due to recent high-profile incidents / ransomware attacks and the Covid-19 lockdown catalyst moving firms away from traditional on-premise locations to modern hybrid environments.
US President Joe Biden pledged to make cybersecurity a top priority of his administration in December 2020 after the SolarWinds hack impacted circa 18,000 customers, including many US government agencies. Following the high-profile Colonial Pipeline hack in May 2021, the White House promptly released an executive order on improving the nation’s cybersecurity which is expected to affect every industry. This was subsequently followed by Biden meeting with 30 industry leaders in August 2021 to discuss addressing threats and initiatives to bolster their cybersecurity. Outcomes included Google announcing it will invest USD 10 billion over five years and Microsoft stating USD 20 billion over the same period will be used to accelerate efforts to integrate cybersecurity.
Traditional legacy network security systems use the classic castle-and-moat approach; the assumption all activity from within is trusted with barriers / firewalls to prevent external bad actors. However, with more complex environments such as data stored on multiple clouds, users accessing from multiple devices beyond a firm’s perimeter and increasingly more sophisticated threats requires a modern framework – Zero Trust. Regardless of where the request originates from, Zero Trust takes the ‘never trust, always verify’ approach for every user and device. Another benefit of Zero Trust is the micro-segmentation principle. Micro segmentation creates smaller zones for different parts of the network and requires separate authorisation to assist in minimising lateral movement across the network should a bad actor breach it. Zero Trust provides a new layered approach and allows faster detection to expose vulnerabilities.
The circa USD 150 billion of annual cybersecurity spend is expected to grow in excess of 12% a year as firms move to minimise reputational risk from ransom attacks and reallocate a larger part of IT spend to this landscape. The fastest growing segment sits within cloud security at +41% year-on-year growth, followed by data security, infrastructure protection and identity access management at circa 16% year-on-year growth.
The information in this document is given for information purposes only and does not qualify as investment advice. Opinions and assessments contained in this document may change and reflect the point of view of GAM in the current economic environment. No liability shall be accepted for the accuracy and completeness of the information. Past performance is no indicator of current or future trends. The mentioned financial instruments are provided for illustrative purposes only. and shall not be considered as a direct offering, investment recommendation or investment advice. Reference to a security is not a recommendation to buy or sell that security. The securities listed were selected from the universe of securities covered by the portfolio managers to assist the reader in better understanding the themes presented. The securities included are not necessarily held by any portfolio or represent any recommendations by the portfolio managers.