Rising Cybersecurity Spending in IT Budgets
By Prakash Vijayan
Rapid growth in data breaches
Sophisticated criminal hackers who know how to steal company information and monetize this valuable data are attempting to breach computer systems at an alarming, and growing, rate. And it is not just a business concern. Several countries sponsor hackers who target foreign government systems to access key state secrets. Exhibit 1 shows the dramatic increase in hacking or illegal accessing of systems over the last decade.
Exhibit 1: Number of system breaches per threat action category
Source: Verizon Breach Investigations Report
Hacking attacks are often highly evolved with most hackers successfully circumventing traditional signature-based security systems and launching zero-day attacks, taking advantage of security vulnerabilities that do not have a solution. To add to company woes, US courts have ruled that the US Federal Trade Commission (FTC) has the authority to investigate hacking attacks and charge the victimized enterprises with unfair trade practices for failure to protect consumer data.
Security becoming a top priority in IT budgets
To safeguard key information, enterprises and government entities are increasing their IT budgets to buy next generation security systems. While this has been an ongoing trend for the last few years, increased government agency scrutiny and several high profile security breaches in recent times are prompting chief information officers to re-evaluate their security architectures. Many CIOs are now realizing that current security infrastructure is insufficient to thwart evolving hacking attacks. As a result, security spending continues to grow at an accelerated pace and is expected to garner a bigger portion of IT budgets for the next few years.
Exhibit 2: 2015 and 2016 Security Spending Expectations by Category
Source: Morgan Stanley CIO Survey
Investment opportunities in cybersecurity vendors
Overall IT budgets tend to track closely to the global GDP growth ratio of 3-5% per year. However, with security garnering a bigger portion of IT budgets, spending is expected to grow at about 15% per year (Exhibit 2).
Additionally, several innovative companies have introduced disruptive solutions to provide next generation security solutions that are rapidly replacing legacy solutions or addressing greenfield opportunities. Companies that have developed specific solutions that defend against zero-day attacks, protect enterprises from privileged personnel with the company misusing data, or safeguard databases are finding tremendous traction and gaining market share.
These tailwinds for cybersecurity companies will likely persist for the next few years, if not longer. It is our view that select companies in this space that are providing advanced solutions have a long growth trajectory ahead.
This information is not intended to provide investment advice. Nothing herein should be construed as a solicitation, recommendation or an offer to buy, sell or hold any securities, market sectors, other investments or to adopt any investment strategy or strategies. You should assess your own investment needs based on your individual financial circumstances and investment objectives. This material is not intended to be relied upon as a forecast or research. The opinions expressed are those of Driehaus Capital Management LLC (“Driehaus”) as of September 2015 and are subject to change at any time due to changes in market or economic conditions. The information has not been updated since September 2015 and may not reflect recent market activity. The information and opinions contained in this material are derived from proprietary and non-proprietary sources deemed by Driehaus to be reliable and are not necessarily all inclusive. Driehaus does not guarantee the accuracy or completeness of this information. There is no guarantee that any forecasts made will come to pass. Reliance upon information in this material is at the sole discretion of the reader.