Cybersecurity

Three Cybersecurity Sectors That Resist Economic Downturns

Person holding a phone in front of her laptop with a cybersecurity graphic displayed
Credit: terovesalainen / stock.adobe.com

By Bob Eckel, CEO, Aware

Venture funding for cybersecurity organizations dropped to just slightly more than $1.6 billion in the second quarter - a 63% decline from the same quarter last year when startups saw an influx of nearly $4.3 billion, according to Crunchbase data. However, companies still need cybersecurity - and it is definitely not a luxury item. Ransomware attacks and hacks are ever increasing, and companies will have to continue spending on cybersecurity even as IT budgets get tighter.

Therefore, while no sector is completely immune to downturns, we expect certain cybersecurity categories to demonstrate continued resilience and growth in spite of challenging economic headwinds. These categories include:

Identity and Access Management (IAM): Pioneering the Path Forward

The Identity and Access Management (IAM) sector has emerged as a beacon of growth within the cybersecurity domain. IAM refers to technologies that ensure the right users have the appropriate access to technology resources. With a market size exceeding $13 billion in 2021 and projected to experience a 14 percent compound annual growth rate (CAGR) until 2028, the IAM market demonstrates a profound upward trajectory, driven by the surging demand across diverse sectors including banking and financial services, retail, and healthcare.

The marriage of biometric solutions with IAM systems is bringing identity management into the modern era. Biometric authentication - leveraging attributes like fingerprints, face and voice recognition, and iris scans - allows users to access their devices and online services with unparalleled speed and convenience, and without compromising security. Biometric authentication now also may include liveness detection, meaning if a malicious user tries to subvert the system - for instance, holding up a picture of someone’s face to an app that relies on facial recognition - the system will be able to detect that the image provided is not live and will not permit access. As cyber threats escalate, these advanced measures will help fortify defenses against unauthorized access.

Risk and Compliance: A Constant Amidst Change

As the myriad of industry regulations and legislation focused on protecting sensitive information and systems increases in complexity (GDPR in the European Union and HIPAA in the United States, for example), investments in cybersecurity have become more crucial, even during periods of economic uncertainty.

Consider for example the financial services sector, which must comply with Know Your Customer (KYC) requirements to ensure customers are who they say they are in order to properly assess and monitor customer risk. Global banks also must meet anti-money-laundering (AML) requirements, designed to prevent the same individual from opening and operating multiple fraudulent accounts as commonly happens in money-laundering schemes. Meeting these requirements demands only the most exact, precise, reliable identification of individuals possible and techniques that go beyond traditional passwords and PINs.

Incident Response and Threat Intelligence: Rising in Tandem

Unfortunately recessions and economic downturns often trigger an upswing in cyber threats as malicious actors look to capitalize on vulnerabilities within organizations. Incident response and threat intelligence services ascend to paramount importance, and play a pivotal role in identifying, containing, and mitigating the repercussions of these incidents.

A 2022 McKinsey report found that, now more than ever, organizations require adept guidance in investigating breaches, accumulating evidence, and executing security enhancements to forestall future attacks. When an incident is detected, multi-factor authentication (MFA) is one security enhancement that provides an immediate, additional layer of defense and can make accounts much more secure. The three most common types of factors are typically something someone knows (a password, or a memorized PIN); something people have (like a smartphone, or a secure USB key) or something they are (a fingerprint, or facial image).

With cyber threats showing no sign of slowing down, incident response and threat intelligence tools - for example, network-based and host-based intrusion detection systems - are poised to maintain momentum, no matter what direction the economy takes. Along with this, we expect to see increased adoption of MFA as an incident response technique.

The cybersecurity sectors of Identity and Access Management, Risk and Compliance, and Incident Response and Threat Intelligence underscore the resilience and opportunities for investment in these areas. These sectors showcase not just survival, but growth in the face of challenging economic times, and investors would be wise to consider them as they look for downturn-resistant investments.

The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.

Other Topics

Venture Capital

Bob Eckel

Robert Eckel has been Aware’s Chief Executive Officer and President since September 2019. Mr. Eckel also serves on the board of directors for the International Biometrics + Identity Association (IBIA), and as a strategic advisory board member of Evolv Technology.

Read Bob's Bio