Predictions for 2021, and for what remains of December
Essentially everyone sees ransomware and remote work as trending up during 2021. What about cybersecurity firms, considered as investments? Barron's says Cozy Bear's quiet, recently discovered but months-long romp through US Government and corporate networks has already led to a "market scramble" for cybersecurity plays. Markets Insider reports that Wedbush is very bullish about the sector's 2021 prospects, expecting a general 20% increase in security spending to drive a "perfect storm of demand" that will be reflected in significant increases in the sector's valuations. Crunchbase thinks so too: "the cybersecurity market retained investor interest in 2020 and many in the sector expect next year to be no different."
And how have past predictions fared? SecurityWeek looks back a decade at their "Optimist's Cybercrime Predictions for 2011." The author thinks they were, in general, pretty well borne out.
- "Awareness is rising." That's been true, and some of that awareness has prompted better security. "Cyber security budgets grow year-over-year and the conversation today is about the need of having CISOs and CIOs as board members, which would have seemed in 2010 as science fiction." And there's been a salutary rise in understanding of the attack surface the Internet-of-things presents. Greater awareness also seems responsible for the eclipse of hacktivism. It's been a long time since Anonymous, to take one prominent example, has been relevant.
- "Law Enforcement is Getting Better." "Better" of course doesn't mean "infallible," but it's difficult not to appreciate the growth in the attention, capabilities, and resources law enforcement agencies have devoted to investigating, stopping, and prosecuting cybercrime. They've also seen success in taking down online criminal markets, including Silk Road, Silk Road 2, AlphaBay, Hansa, and Wall Street Market.
- "It’s Getting Harder to Become a Fraudster." This is the one prediction that hasn't been borne out. The criminals react, and the increasing commodification of attack tools, the growth of affiliate schemes, more sophisticated and plausible social engineering, and the resilience of criminal-to-criminal markets (sometimes abetted by state actors) have combined to keep fraud thriving.
So, two out of three ain't bad.