Seeking to avoid a lose-lose situation
Digital transformation has been, and, will likely continue to permeate all facets of business, making the private sector ever-more susceptible to cybercrime. In 2023, 3 in 4 U.S. companies were at risk of a material cyberattack.10
For the private sector, cyberattacks can result in catastrophic economic losses and irreparable damage to intangible assets like intellectual property and goodwill. While ransomware remains a leading threat, the risk landscape has broadened significantly with the rise of AI-enabled attacks, business email compromise, and investment-related fraud. Although ransomware incidents declined from their 2022 peak, they continue to rank among the most disruptive forms of cybercrime,11 consistently placing among the top threats reported by organizations.12 Companies facing such attacks typically must select from two losing options: paying out sizeable ransoms or forfeiting proprietary or customer data. In 2024, on average, organizations that paid a ransom reported an average payment of approximately $2 million, up from about $400,000 in 2023 while the average cost to recover from an attack — excluding the ransom itself — reached roughly $2.7 million, with total breach-related costs often rising even higher when factoring in downtime, legal exposure, and reputational damage.13
Business email compromise (BEC) attacks are potentially even more problematic. While chronically underreported, BEC attacks inflict the most financial damage and incidents now account for nearly one-third of all reported cyber events, which are up from just 9% the previous year.14 They are primarily conducted through phishing, an incredibly difficult tactic to defend against with every employee representing a vulnerability. BEC attacks can open doors for additional cybercrimes, including ransomware, server intrusion, and encrypted threats.
Increased cyberattacks likely will drive continued cybersecurity sales growth. We expect companies to focus on limiting infection vectors by spending more on network security software and hardware related to firewalls, VPNs, network segmentation, workload security, and anti-virus/malware software, as well as on endpoint and user security solutions like identity and access management, email gateways, encryption, and web security. Of note, network hardware that includes next generation firewall technology, network segmentation, intrusion prevention, and secure web gateways could generate meaningful net new revenues for cybersecurity companies. Information security software and hardware should also see significant business spending, including solutions for application and cloud security, cryptography, physical IT infrastructure, and incident response.
But as prolific as digitization has been in the past five years, many major sectors of the global economy from manufacturing to health care to education have recently started embracing digital business15; as they do, they could significantly grow the pie for both existing and new cybersecurity solutions, becoming a significant new driver of cybersecurity sales.