The cybersecurity industry faces a challenge that is anything but business as usual. The prospect of offensive attacks using artificial intelligence (AI) is prompting increases in cybersecurity budgets as organizations try to understand the impact of generative AI on their security. AI is already used for threat detection, and its greater adoption will undoubtedly help offset attacks. However, learning how to counter AI-led attacks will take time, and cybersecurity vendors and users will face a bumpy ride for the next two to three years, says GlobalData.
GlobalData’s latest report, “Cybersecurity – Thematic Intelligence”, reveals cybersecurity budgets will grow in line with IT budgets in 2024 as organizations come to terms with AI’s impact on their operations.
GlobalData forecasts that the global cybersecurity market will be worth $290 billion by 2027, growing at a compound annual growth rate (CAGR) of 13% between 2022 and 2027. Managed security services, application security, and identity and access management will be high-growth areas.
David Bicknell, Principal Analyst, Thematic Intelligence at GlobalData, comments: “Organizations have learned how to cope with cyberattacks that deliberately target enterprise technology, such as networks, cloud storage, and endpoint devices. But AI is a game-changer. Now, organizations must respond to AI attacks that can adapt to a specific environment, seek out weaknesses, and exploit them. This is uncharted territory.
“It is still too early to know where the balance lies in how AI impacts organizations’ cybersecurity positioning. AI can help organizations improve their efficiency in threat detection, hunting, and incident response, but at the same time, adversaries will use AI in cyberattacks. A simple example is cybercriminals using generative AI to strengthen phishing attacks by eliminating the telltale signs of fake messages, such as poor grammar and spelling mistakes.”
The expected significant change in the cybersecurity market will drive a strong focus on cybersecurity mergers and acquisitions (M&A) deal activity throughout 2024. Cisco’s $28 billion acquisition of Splunk will be the catalyst for AI-led cybersecurity M&A deals in 2024.
Bicknell concludes: “Both startups and maturing cybersecurity companies are expected to be on the radar of larger vendors looking for products and talent. In addition, cybersecurity M&A is anticipated to attract regulators’ interest, particularly as a small group of private equity (PE) players are snapping up numerous cybersecurity companies.
“In October 2022, US PE firm Thoma Bravo acquired identity and access management provider ForgeRock in a $2.3 billion deal that was eventually cleared by US regulators. Recently, Thoma Bravo announced plans to acquire Darktrace, the UK’s best-known cybersecurity firm, so regulators should be on alert for anti-competitive practices.”