Frequency and Severity of Risks Increasing

LinkedIn data was compromised late in June 2021. The records of 700 million users are now for sale online to the highest bidder. It happens in an instant and the knock-on effects can be devastating for users who re-used an important password on LinkedIn.

If this hack sounds familiar it may be because 500 million LinkedIn records were compromised earlier in the year. LinkedIn was acquired by Microsoft in 2016 for over $26 billion. Surely, they had adequate capital to secure this data. If they cannot keep their data safe and secure, what does that say about the rest of the tech companies we trust to protect our data?

IT security risks are some of the largest risks facing businesses today. With large-scale attacks like the LinkedIn data breach causing more damage every year, it is becoming increasingly clear that IT security providers are positioned for a busy decade ahead. 

Rapidly Growing Market Size

According to Gartner the global IT security market is expected to reach $170 billion in 2022. Market research indicates a 12.5% CAGR until 2028, when the market size is expected to reach $418 billion.

With many industries that boomed during the pandemic experiencing slowing growth, now is a great time to consider where you want to shift your capital.   

Positive Security Trends Convening

The impact of COVID-19 during 2020 is hard to overstate. More people were working remotely on less secure networks, and without the guidance of their internal security team nearby. Not surprisingly, most of the non-work activities people got involved in during the pandemic were also online. More screen time on less secure devices all added up in the IT security risks they were exposed to. 

The time before a threat is detected (and resolved) was also prolonged by COVID-19. On top of that, more bad actors were created as jobs became scarce and the opportunity from perpetrating online scams grew. 

In addition to spending more of our time online, we have more devices that are passively connected. The internet of things (IoT) includes connected speakers, front door cameras, and even kitchen appliances. 

So, more time spent online on less secure devices, and with more connected devices. Younger people are also using devices earlier in their life. More devices are available to people at younger ages.

For the security industry, it was a gold rush. The average cost of a ransomware attack on a business is $133,000.      

While some workers will be forced back to the office, almost all white-collar jobs are adopting a flexible or remote work arrangement. That means most workers will be working from home at least some of the time. As far as screen time and the number of connected devices in the average home or office, the trend is clear. Cybersecurity is and will remain a key threat.   

Consumers know it, too. Hacking and identity theft were identified as the crimes Americans worry about most in a Gallup poll.

Attractive Industry Structure

An inherently subscription-based business model makes security attractive. New threats are being concocted every day and that means customers need to be vigilant. You cannot buy security products or services once and then stop. It must be an ongoing commitment. Both corporate and personal IT security customers, once sold, can be made into customers for life.   

68% of business leaders feel their IT security risks are increasing. They know they are exposed. More businesses today rely on their data as a competitive advantage. To protect their increasingly valuable data it makes sense to spend an increasingly large sum. 300 billion passwords are in use today for all the accounts we all use. Keeping track of and protecting 300 billion passwords is no easy task. 

More businesses need our data for their day-to-day operations to run smoothly. The cost of a hack is increasingly large. New security risks are identified every day. All these trends will keep security growing.

Supportive Government Regulation

We know the risks are increasing, and so people are looking to the government to create and enforce stricter regulation. That is fair enough. Consumers deserve to feel protected and safe online. The government has a role to play in creating that safety.

After 2008, capital requirements for banks and other financial institutions became stricter to minimize financial risks. As compliance mandates are put into place, businesses know they will need to increase their investment in security. 66% of companies see compliance mandates driving security spending higher in the coming years.  

The great thing about owning cybersecurity companies in the coming years is that these compliance mandates are required. What other product can claim that it is essential for a business to operate? It is a short list. 


Predicting the future is impossible, hard as we may try, but we know that cybersecurity risks will continue to pose a massive threat to every business that is online today. Again, as the pandemic begins to wane an intelligent investor will seek new places to shift their capital to. The cybersecurity space looks set to be a great long-term opportunity.  

Thank you for your loyal readership.

The Financial Star.