The global cybersecurity market is expected to exceed US$177 billion by 2025 as companies struggle to stay one step ahead of the ever-evolving world of cybercrime. Translate that number to miles, and you’d be able to fly to the moon and back more than 370,000 times. Unless someone hacked your system, of course.
Where should companies invest their efforts in the cybersecurity race over the next five years? Experts at a recent cybersecurity executive forum identified four top imperatives:
- Planning and agility. “Security is a game of cat and mouse, so planning ahead is difficult at best,” said Chris Wallis, founder of security company Intruder. “In order to be prepared for the next five years, we have to learn to work in an agile way and respond as quickly as possible.”
Inga Schorno, head of information security for UK-based Tandem Bank, agrees that agility is key to cybersecurity. “In terms of developing cybersecurity strategies, it’s important to understand your threats and build scenarios of what could go wrong,” she said. “By using that information, organizations can preemptively prepare. This will also help to reassure customers that you are taking security seriously.”
- Moving beyond passwords. Are we en route to a passwordless environment? The sooner the better, according to some experts. A recent report predicts there will be more than 300 billion passwords worldwide in need of protection by 2020. “Over the next five years, I’ll be encouraging my company to move to a passwordless environment using the latest technologies available,” said Helen Rabe, CISO for commercial real estate services and investment firm for CBRE. “Another major area of concern will be around education and awareness training of end users. Security needs to become an everyday lifestyle choice in order for us to be more secure.”
- Education, training, and talent. At technology giant Cisco Systems, education related to cybersecurity is a prime focus, according to Lorena Marciano, EMEAR data protection and privacy officer for the company. “We have been running the Cisco Net Academy for the past 20 years,” she said. “This nonprofit helps educate the next generation of engineers. We’ve had more than 9 million students go through our training academy to date. In addition, we have invested in innovation centers around the world that are focused on cybersecurity.”
Some estimate that by 2022, 1.8 million additional cybersecurity professionals will be needed in the United States alone. For Michael Fieldhouse, social impact practice leader at DXC Technology, that makes attracting talent number one on his list of priorities in the years to come. “As more and more digital industries crop up,” he warned, “there will be a war for talent. We need to be thinking about building the skill base needed for the future.”
- Protecting supply chains. The supply chain is going to be a huge vulnerability in the future, according to John Childress, chairman at technology and consulting solutions company Cultursys. “There are many suppliers out there who may not be sufficiently sophisticated when it comes to cybersecurity,” he pointed out. “That is a huge risk. Also, we are facing risk from the growing number of Internet of Things devices in use across the supply chain. The question becomes, ‘How do we regulate and secure these emerging technologies?’”
The space race that began in the 1950s pitted one country against another to launch a satellite into space—and ultimately to land the first human on the moon. The world’s race to secure cyberspace—although perhaps not as visceral to the general population—has the potential to dramatically affect more humans than that first footprint in moon dust 50 years ago. But it’s another giant leap that demands our collective focus—financially and intellectually—in order to succeed.
David Pitlik is a long-time technology and business writer and frequent contributor to NETSCOUT’s blog.
Note: The information above is based on interviews conducted at the June 2019 WSJ Pro Cybersecurity Executive Forum by Wall Street Journal reporters on behalf of NETSCOUT
Watch interviews with WSJPro Cybersecurity Executive Summit attendees here.