The recent ransomware attack that struck the corporate network of Colonial Pipeline, a major US East Coast gasoline distributor, is the latest in a long line of high profile cyberattacks.
‘Critical infrastructure’ such as this has seen an increasing number of cyberattacks recently, with such threats having the potential for widespread disruption and national security implications. Given the stakes, we expect the frequency of high-profile cyberattacks to accelerate, forcing both the public and private sectors to re-evaluate the amounts they spend on cybersecurity.
Growth in complexity of digital networks requires a new approach
We believe events like this could push organisations and verticals like the energy sector to embrace cloud computing and security technology at a faster pace than previously anticipated; a secular trend we call ‘Digital Resilience’. Essentially as public and private sectors look to digitally transform, a corresponding security transformation must also occur.
The increasing proliferation of a large number of devices, combined with the increasing complexities of digital networks has substantially increased the vulnerability of our digital economy. Digital transformation is breaking the traditional “on premise” model of technology for businesses - users now commonly require access to applications and data from any location. Meanwhile, the types of users accessing company data continue to expand. Organisations need to be able to secure access not only to their employees but contractors, business partners and bots as well.
Concurrently, the cost of breaches has been consistently rising over the last few years, as an increasingly digitalised economy has expanded the opportunities for cyber-attackers to exploit vulnerabilities. Enterprises have to be ever vigilant to maintain their defences, with a lot of monitoring and implementing of new security approaches. Inevitably however, the majority of security actions are reactionary and involve patching holes and containing the damage of any breaches.
It is easy to hit the limits of this defensive strategy; in pursuit of growth, companies often need to expand their networks beyond a simple structure to one of greater complexity, bringing additional challenges from a security perspective as the network perimeter becomes much larger.
Demand for digital resilience rising exponentially
This demand for enhanced reliability and security within digital infrastructure has now reached astronomic heights. Cyber-crime is estimated to cost the global economy $6 trillion per annum ($11.4 million per minute)1 and in the World Economic Forum’s Global Risks Report of 20202 it ranked as the second risk of greatest concern for businesses.
The pandemic also served to heighten concerns around cyber-risk, as cyber-adversaries sought to profit from the unprecedented socioeconomic, business and political challenges – throughout last year, spending on I.T. security products and services proved to be one of the most resilient areas of enterprise IT spend, as many organisations invested in solutions to meet the needs of a much larger and location agnostic workforce.
According to the latest global market study by International Data Corporation (IDC), worldwide spending on security-related hardware, software, and services is estimated to have reached $125.2 billion in 2020, which is an increase of 6% over 20193. Furthermore, IDC expects worldwide security spending to reach $174.7 billion in 2024, implying a compound annual growth rate (CAGR) of 8.1% over the 2020-2024 forecast period4.
Expanding opportunity set for responsible and sustainable investors
We believe that the accelerated and broadening adoption of technology by consumers and organisations will require an acceleration of investment to ensure ubiquitous, scalable and reliable connectivity. The pace of this investment could be further boosted by fiscal stimulus to help a more productive and resilient digital economy. The technologies enabling digital resilience are therefore a key area of investment opportunity for the EdenTree Responsible & Sustainable Global Equity Fund, under our wider investment theme of ‘Disruptive Innovation’.
A number of our holdings provide exposure to this trend of digital resilience. For example, Palo Alto Networks is a leading cybersecurity vendor that is well-positioned to benefit from this increasingly complex security and threat landscape. They’ve pioneered the next generation of security and empowered enterprises, service providers, and government entities to secure their organisations and pursue transformative digital initiatives, like public cloud and mobility that grow their business, while maintaining the visibility and control needed to protect their valued data and critical control systems.
We also believe that Microsoft is rapidly becoming a strategic partner of choice for organisations in their digital transformation journey, and consequently, key parts of its portfolio are now serving as mission-critical tools for institutions of all sizes. During the company’s second quarter earnings call for the fiscal year of 2021, management noted that Microsoft’s operational security posture and threat intelligence analyses 8 trillion signals each day to help customers defend themselves. Microsoft defended approximately 6 billion threats in 2020, as the company experienced triple-digit growth in the number of devices managed by Microsoft, and in compliance the company have seen 90% increase in our customer base year-over-year.
Staying on the right side of disruptive forces
Overall, in our view, the confluence of secular trends, fiscal stimulus and mounting regulatory scrutiny provide a constructive demand backdrop for those technologies enabling digital resilience. Through holdings such as Palo Alto and Microsoft, we believe that the Global Equity Fund remains well positioned to benefit from the long-term secular trends catalysed by disruptive innovation, remaining on the right side of disruptive forces that impact business models, sectors and global economies more broadly.
1. Cybersecurity Ventures https://cybersecurityventures.com/annual-cybercrime-report-2017/
2. World Economic Forum http://www3.weforum.org/docs/WEF_Global_Risk_Report_2020.pdf
3. IDC https://www.idc.com/getdoc.jsp?containerId=prUS46773220#:~:text=According%20to%20a%20new%20forecast,increase%20of%206.0%25%20over%202019.
4. IDC https://www.idc.com/getdoc.jsp?containerId=prUS46773220