A study that estimated the global cost of cybercrime at $400 billion also revealed information security market trend data from research firm IDC showing a burgeoning market for products associated with identifying threats, data protection and incident response activities.
The report, issued this week by the Center For Strategic International Studies, a Washington, D.C., think tank, estimates the global cost of cybercrime at $400 billion and projects the figure to climb substantially until public- and private-sector organizations implement stronger measures to address intellectual property theft. The study, commissioned by Intel Security (formerly McAfee), also highlighted data from Framingham, Mass.-based research giant IDC, projecting a steep rise in spending on digital forensics tools, next-generation firewalls, and identity and access management software. The increased spending on security products may be having a negative impact on the global economy, the report found.
The total addressable market for cybersecurity products and services has increased by 8.7 percent since 2011, from $53 billion to $58 billion in 2013, according to the report, which cited market statistics calculated by IDC. Business demand for cybersecurity products increased by 14.7 percent in the same period, and consumer demand increased by 10.7 percent.
The CSIS study estimates that spending could increase $10 billion annually in addition to the monetary losses from cybercrime. "As awareness of cyberisks grows, companies can better assess risk and spend more to manage, but if the problem were getting smaller, the market would be shrinking," the report found.
The figures were outlined in the report, "Net Losses – Estimating the Global Cost of Cybercrime,” released by CSIS on Tuesday. It projects the global market for digital forensics growing 67 percent from $221 million in 2011 to $369 million in 2013 as companies grapple with security incidents and data loss. Meanwhile, the market for next-generation firewalls designed to detect and block malware or exploits in network traffic is showing a rise of 43 percent from $2.2 billion to $3.2 billion over the three-year period followed by the market for security information event management systems, showing a 21.9 percent increase from $1.3 billion to $1.5 billion.
Charles Kolodgy, research vice president of security products at IDC, told CRN that the statistics in the report outline the research firm's 2013 projections. New vendor share and forecast reports will be published within the next month for most markets, he said.
The increase in forensics is surprising, but it may reflect a shift in businesses using the tools as part of incident response following to a more proactive stance against attacks, said Mike Cotton, vice president of research and development at San Antonio-based Digital Defense, a firm that specializes in conducting audits on risk assessments of corporate networks. Businesses are also more aware of the surge in attacks associated with cyberespionage and intellectual property theft, Cotton told CRN.
"There's been a mindset shift of using these sorts of technologies on an ongoing basis rather than doing a deep dive once there is knowledge of an issue," Cotton said. "There's an interest in gaining a better understanding of how attacks are taking place to ensure that the infected machine didn't have relationships or credentials to critical systems or other machines."
NEXT: Cybersecurity Spending Negatively Impacts R&D, Job Growth