May 18, 2017

U.S. Cybersecurity: Trends, Drivers and Disruptors Part 1

Lloyd McCoy HeadshotBy Lloyd McCoy Jr.
Manager of Market Intelligence
immixGroup, an Arrow company


This four-part series is a summary of a presentation from Lloyd McCoy Jr. as part of Arrow’s 2017 Security Symposium, held May 3-5 at the Omni Fort Worth Hotel in Fort Worth, Texas.

Part 1: The State of Cybersecurity

Many of us are old enough to have witnessed the encroachment of technology in our everyday lives over the last twenty to thirty years. Our economies, boundaries, militaries and identities are increasingly shaped and influenced by the internet, mobile devices, GPS… you name it. And, soon, it will be connected homes, same-day drone deliveries, driverless cars, etc.

Most of our society and government is pretty darn close to being reliant on technology, if not already completely reliant on it.

The Numbers

Many of us are probably aware of how much opportunity is in the security market, but let’s make sure everyone understands what the actual figures look like. Across the globe, at least $100 billion will be spent on security software, hardware and services by 2020. Fueling some of the growth is the fact that modernization—most notably cloud and IoT adoption—are changing not only the way things are being bought, but the way things are being applied. This introduces vulnerabilities, and thus opportunities, for you. In 2016, over $70 billion was spent on security related investments, with about half of that coming from North America.

Driving Growth

Growth within software spending is dominated by three areas:

These comprise the vast majority of software revenues. It’s worth nothing that within the software slice of the pie, I expect behavioral analytics to be one of the fastest growing segments over the next few years.

What sets security apart is that while spending on other technology segments is driven by cost savings and efficiency, cybersecurity spending is spurred on by the threats. The ever-increasing levels of attacks are making it hard for organizations to keep their information and customers’ information safe. Add to that the ransomware epidemic, IoT and mobile devices becoming threat vectors, not to mention hacking cookbooks frequently published online, and it’s no surprise that many surveys reveal data protection is the number one priority.

What’s Keeping Companies Up at Night?

The answer is phishing, ransomware and spyware – not entirely surprising. However, what I find interesting is that 99 percent of the threats out there hit known vulnerabilities, so there seems to be a disconnect between this universal understanding of the importance of security and customers’ actual readiness.

Lloyd McCoy quote

I mentioned that cloud and IoT are changing the way things are being applied. These concepts reflect a world where the lack of directly owned infrastructure will become more of a norm; there will be more services outside of IT’s control with more automation and at machine speeds. Security needs are changing, and that’s where customers need help from the vendors and partners.

Innovation is key to discovering and providing what security customers need. Given the dynamic and inventive nature of the threats out there (which are never going to stop – we’ll cover that in a later part of this series), customers will need to learn to live with acceptable levels of vulnerability, so risk management is also essential.

Show Me the Money

This brings up an aspect of security not frequently discussed. We’ve all seen estimates on the number of attacks and breaches, but the cost factor cannot be understated. There are a wide range of figures out there of how much impact a data breach costs a company; I’ve seen averages that range from $200,000 to over $4 million – it’s probably on the higher side of that scale.


That breach will ultimately cost the government up to $1 billion to repair. And it doesn’t end there.

Remediation costs are just one piece of the equation. Business disruption includes direct financial loss, IP theft… there could be fines, legal costs and, of course, the PR nightmare, which is hard to quantify. Therefore, it’s no surprise that some attempts to estimate the tangible losses with the intangible ones I just mentioned predict that the cost of cybercrimes could top $6 trillion by 2021.

A Clear and Present Danger

Cyber threats are disruptive and aren’t going away. That means continued strong demand for the security products sold today and, just as importantly, what you need to sell tomorrow as both the digital economy and threat evolve.

We’ve taken a big picture look at the cybersecurity market. In the next part of this series, we’ll look at what’s driving this demand: the threats that are out there.

The Arrow market intelligence team understands what drives the procurement of technology. It uses that knowledge to help suppliers and partners shorten their sales cycles. Please reach out to your Arrow representative and ask about how you can engage with the team. 

To listen to a recording of Lloyd’s presentation, click here.