- The global cybersecurity market is expected to reach just over $60 billion in 2021, a 10% year-over-year increase in "best case scenario" growth, according to a Canalys forecast report.
- Even in a "worst case scenario" market forecast, Canalys expects the cybersecurity market to grow 6.6% year over year, reaching nearly $58 billion.
- Web and email security are expected to have the most growth in 2021, 12.5% year over year, followed by vulnerability and security analytics' growth of 11%, and endpoint security's growth of 10%. Canalys expects data security to have the slowest growth rate at about 7% year over year.
In either the best- or worst-case scenario, the increase in the cybersecurity market is a reflection of the "deeper and protracted economic impact" initiated by COVID-19. But other threats are unknown, further shaping the future of the cybersecurity market.
Within the category of unknown is the continued fallout from the SolarWinds hack, according to Canalys.
The SolarWinds hack and the subsequent discovery of the Sunburst, Teardrop, Sunspot and Raindrop malware strains has contributed to sustained cybersecurity investments, said Matthew Ball, chief analyst at Canalys, in the report.
More non-SolarWinds customers, including Mimecast and Malwarebytes, are disclosing compromises related to the cyber espionage campaign. The ongoing compromises can catch organizations off guard as they don't always question the trustworthiness of solutions meant to keep them safe.
Using more expensive tools, by companies that can afford them, is the same issue organizations have faced for decades.
Only well-funded enterprises with comfortable security will be able to afford NMS, such as SolarWinds Orion, said Grady Summers, EVP of Solutions and Technology at SailPoint.
"But gosh, in five years it's going to be the norm, right? Everybody would be doing this," said Summers. In actuality, it's still only the well-funded, security-enabled enterprises that have the luxury of watching outbound traffic, Summers said.
And now those high-powered organizations are on the growing list of SolarWinds victims. While some of the affected organizations will have the means to unpack the "likely Russian" activity, it's unlikely each of the 18,000 Orion customers impacted by the hack have the resources needed to respond appropriately to the continued fallout.
Companies aiming to mitigate further risk may be hindered by a "security poverty line," said Summers. It just "seems like the security poverty line is going up and up … There are just not enough companies that can defend against this."