Recent high profile incidents have placed data security breaches firmly on the front pages – Mossack Fonseca, Ashley Madison, Talk Talk, Vtech, Target, Home Depot and Sony to name a few. The vast majority of attacks - and those of the biggest concern - are initiated by criminal groups that recognise confidential information, financial data and personal identities are a tradable commodity, significantly increasing the threat posed to organisations.
To combat this growing threat, business and governments are treating security as a top priority, and as a result cyber hubs are developing across the globe, backed by state initiatives and public money. And, it’s no longer the same sectors that are being targeted. The Internet of Things is forcing ‘new’ sectors as diverse as rail and home appliances to adapt to security as a means of self-preservation. These industries are beginning to heavily invest in IT and security capabilities to tackle the threat of cyber-crime.
Over the past 12 months, our team has been tracking levels of government investment in cyber hubs, as well as the introduction of national cyber strategies, to identify which territories will become the next big cyber security ‘hotspots’ for businesses and contractors working to combat the rise and evolution of attacks. There are many to choose from, but those that stood out include France, Australia and the UAE. They are collectively investing US$3 billion in their cyber security industries over the next three to four years, cementing their governments’ commitment to tackling data breaches.
France – €1 billion has been put aside to implement the country’s new cyber security strategy over the next three years. The strategy is expected to create a ‘unified, cooperative approach to protecting government, commerce and individuals,’ helping the government to establish ways of protecting its fundamental interests on the internet, guard national information and defend critical infrastructure from cyber-attacks. The government recognises that this will depend on having sufficient scientific, technical and industrial capabilities. With one eye on the economy, the government strategy also seeks to set favourable policies for the development of digital technology businesses, exports and international cooperation.
Australia – This year, the country’s government announced its cyber strategy for 2016 and beyond, which aims to bring more Australian technologies to market by supporting and creating innovative domestic companies. It will also prepare the next generation for taking ‘jobs of the future’ by boosting science, technology, engineering and mathematics participation. The government will invest more than AUD$230 million over four years to enhance Australia’s cyber security capability and deliver new initiatives, complementing the AUD $400 million investment already committed in the 2016 Defence White Paper.
UAE – 45 per cent, of Middle East, Turkey and Africa (META) organisations reported cyber security incidents in the first quarter of 2016, according to Kaspersky Lab. As a result, the Middle East cyber security market is expected to reach around US$10 billion by 2019, double the US$5 billion it was worth in 2014 (Markets and Markets). In 2016, Dubai alone launched a US$270 million Future Accelerators programme designed to transform the city into an innovation hub, and the Gulf Cooperation Council (GCC) is predicted to spend up to US$1 billion on cyber security by 2018.
Companies like the NCC Group, which has its headquarters in Manchester, UK, has chosen to continue its international expansion in Dubai because of the prevalence and pace of its evolving IT sector, and we’re seeing other big companies investing in these emerging markets too. No doubt there are hundreds of other companies across the globe thinking about their next move, so it’s important for them to consider these key hotspots.
However, with increasing levels of investment and a higher number of companies starting or expanding in countries like France, Australia and Dubai, there may not be enough specialist consultants to meet demand, which is expected to outstrip supply by a third before the end of the decade. A recent report by Intel Security called ‘Hacking the Skills Shortage’ suggests that there will be 1 to 2 million unfilled cyber security jobs across the globe by 2019, which is a scary statistic. As an industry we need to make sure the skills shortage doesn’t reach this critical point, where heavy investment leads to an abundance of new roles but there’s a lack of knowledge or expertise to fill them. The investment must be used in part to train people or ‘upskill’ them so their abilities match modern day requirements.
We’re is now seeing particular demand for skills including secure software development, cloud security, network management, security analysis and data security, though some organisations are still wary of bringing people in on a permanent, full-time basis to fulfil these roles. In places like France, Australia and the UAE, this means demand for IT companies and cyber security providers will continue to rise in 2017 and beyond as attacks become more frequent and sophisticated.
We’re urging these businesses, however large or small, to consider these territories as key investment opportunities and help train the next generation of cyber security professionals to combat the increasingly growing threat of criminal activity on the web.
Wiktor Podgorski, Procorre
Image source: Shutterstock/deepadesigns