Cybercrime: being bad is big business

10/12/2021
Cybercrime: being bad is big business

Summary

As hackers continue to grow in ambition and sophistication, the risks and costs of cybercrime are rising. Indiscriminately, governments, powerful institutions, big business and individuals have all proved vulnerable. Cybersecurity is multi-layered and multi-faceted but companies that provide solutions to tackle the ever evolving threats are in a position to provide a long-term growth opportunity for investors.


Download the article here
Download PDF




Cybercrime is vast and growing

As hackers continue to grow in ambition and sophistication, the risks and costs of cybercrime are rising. Indiscriminately, governments, powerful institutions, big business and individuals have all proved vulnerable, with US President Joe Biden identifying cybercrime as a "core national security challenge".

In May 2021, cybercriminals took a key US pipeline offline due to a lack of a multifactor authentication technology in place and demanded a multi-million US $ ransom. 1  The hack on US infrastructure also caused the closure of key conduits delivering fuel from Gulf Coast refineries to major East Coast markets. 2  Only 5 months later, in October 2021, Amazon.com’s live streaming e-sports and TV platform Twitch was attacked during a routine maintenance change of its IT infrastructure, resulting in the in the theft of highly sensitive personal and corporate data, including future product development plans. Unfortunately, it was not the first time the company had been attacked. 3

Governments, along with corporates, recognise their secrets and security are at stake, as well as their finances and the ability to compete on the global stage. Such is the severity of the risk that the Biden administration formed a taskforce of government and leading cyber security representatives to strengthen the nation’s cybersecurity.

For the criminals and rogue states that perpetuate cybercrime, the rewards are high. The cost of stealing a new design for a plane or drug is a small fraction of the cost and time to develop one. Take for example the global race to develop a COVID-19 vaccine. In December 2020, US biopharmaceutical company Pfizer, and its German partner BioNTech, revealed that documents relating to its COVID-19 vaccine had been unlawfully accessed in a hack on the European Medicines Agency (EMA). 4  And yet there is little to deter cybercriminals from such activities, at present penalties for cybertheft are still relatively low compared to other crimes. Consequently, the "supply" side remains high, while companies and governments fight to catch up. Cybersecurity, via its breadth of available and evolving solutions, is part of the solution to this enormous challenge.

Infographic: The financial impact of cybercrime

The financial impact of cybercrime

The value of cybercrime is currently USD 6 trillion and expanding at 15% a year, with predictions that it will rise to USD 10.5 trillion by 2025. 5  At current levels, that places it just behind the economies of the US and China in terms of size (based on annual GDP data for 2020), making cybercrime one of the largest and fastest-growing enterprises in the world.

Source: World Bank - OECD as of October 2021 https://data.worldbank.org/indicator/NY.GDP.MKTP.CD?locations=CN-US&most_recent_value_desc=true

The digitalisation challenge

Digitisation has become a megatrend, with 7.8 billion people around the world increasingly connected. It makes our lives easier, from our work to our leisure time; we are "always on".

For many businesses digital transformation is an operational necessity, ensuring connectivity between staff and consumers, improving productivity and helping them retain competitiveness. However, the move to cloud computing also has created new vulnerabilities. It means sensitive and personal data is everywhere. Businesses especially need to ensure that they have the cybersecurity infrastructure in place to protect themselves and their customers.

Where that protection fails, the impact is significant, and goes far beyond financial loss. The consolidated average cost of a data breach in 2020 was USD 3.86 million (which represents an increase of 11% in security breaches since 2018), and it takes 207 days on average to identify. 6 Cybercrime can result in substantial and long-term damage to companies and, at worst, in the loss of their customers, investors and reputations.

Reputational damage: selected data losses greater than 30,000 records
Infographic: Reputational damage

Source: Momentum Cyber; Information is Beautiful: World's Biggest Data Breaches and Identity Theft Resource Center (ITRC): 2018 Annual Data Breach Year- End Review. Information as of April 2021.https://www.informationisbeautiful.net/visualizations/worldsbiggest- data-breaches-hacks/

If we consider what is at stake, the challenge laid down by cybercriminals is enormous; but it also brings with it opportunities for those equipped with the tools to keep people and data safe. Estimates suggest that the trillion-dollar cloud transformation alone could generate an incremental USD 100 billion opportunity for the cybersecurity industry. The cybersecurity market is expected to grow at a rate of 12.6% p.a. between 2020 and 2030. 7 Cybersecurity companies are growing rapidly because they help to solve this huge problem, evolving their security solutions at the same pace or even faster than the attacks evolve.

Top areas where security leaders are increasing their investment
Infographic: Top areas where security leaders are increasing their investment

Source: Team8: 2021 Cybersecurity Brief, as of 26 January 2021

Multiple means, multiple targets, multiple fronts

Cybercriminals have a variety of approaches, leaving multiple pressure points for individuals and organisations. At a headline level, identity theft is where criminals steal personal data such as your name, date of birth, telephone number and address; but they find different ways to do this. They may do this via an "account takeover", obtaining use of an eMail account to send "phishing" eMails – phising is the attempt to obtain data, such as bank or credit card details, by means of fake eMails or websites.

Approaches may also take the form of a "jailbreak", which removes usage restrictions on Apple devices without the user being authorised to do so. Likewise, a "keylogger" is hardware or software that records entries made on the keyboard, allowing cybercriminals to get hold of passwords."Trojans", one of the oldest and most common forms of malware, are often installed by opening unknown file attachments and unintentionally downloading software via manipulated websites.

Organisations need to fight additionally on multiple fronts. "Botnets", for example, are networks of computers controlled by a server. The computers can be infected with malware, and then will be controlled and misused for criminal purposes without the owners' knowledge. "Denial-of-service" (DoS) attacks, another common approach by cybercriminals, are directed against web servers to overload them, thereby disrupting website access. This is particularly devastating for digital retailers. And finally, "ransomware", a term that has been in the news quite frequently, is malware that encrypts data and systems so that they can no longer be accessed. These are then only released again upon payment of a ransom. This is a form of "digital blackmail".

While the sophistication of cyber threats is ever evolving, it is human behaviour that is often the weakest link for companies and something that cybercriminals often take advantage of. Among the vulnerabilities that contribute significantly are:

  • opening a phishing eMail or using infected USB sticks
  • the use of factory passwords on network routers
  • the reuse of private passwords for professional applications
  • writing down entire access data in text files or eMails.

These popular gateways are vivid and common examples of how easy it is for malware to get into the system.

Multiple layers of security
Infographic: Multiple layers of security

Source: AllianzGI 2021

Innovation in security

Companies, such as ZScaler Inc., are leading the charge on zero trust adoption, a concept that works on the premise that devices should not be trusted by default - neither inside nor outside a company’s security perimeter. ZScaler has been a first mover in cloud security and has created a new market with an innovative product umbrella and strategic focus. It is a good example of how a new player can emerge and disrupt the competitive landscape. Global research and advisory firm Gartner estimates that the identity and access management market focused on user access-related security was USD 9.8 billion in 2019 and could reach USD 14 billion in 2024. 8  This market is comprised of the three areas: access management software, identity governance and administration software, and privileged access management software.

There has been huge innovation in the use of artificial intelligence (AI) and data to monitor behaviour and prioritise work for cybersecurity customers. This is driving the success of companies such as CrowdStrike. FireEye took the recent decision to refocus on services and consulting to help customers prioritise alerts and define priorities. Companies that can do this can add services offerings to their customers and grow customer revenue per account successfully, and this is a key theme for many cyber security customers. They are not only trying to identify problems but to help customers fix them.

Cloud-computing is a significant growth segment within cybersecurity. Gartner’s forecast for the next-generation network and cloud security segment calls for 42% growth annually, from approximately USD 1.9 billion in 2019 to roughly USD 11 billion by 2024 8. The corporate perimeter has expanded beyond the internal network into hybrid infrastructures consisting of on-premises data centres, public/private cloud instances and SaaS applications.

Where next?

Decreasing global birth rates and pending labour shortages will force companies to invest in technology to boost productivity. The cyber security industry is not immune to the reducing labour pool with President Biden placing an emphasis on solving the cyber security skills shortage within his taskforce. However, to overcome future challenges, enhanced technological solutions will be required and this will provide a tail wind to solutions such as cloud, software-as-a-service, artificial intelligence and cyber security.

Cybercrime is a vast and rapidly growing problem, and it will continue to be one for the foreseeable future. However, those companies that can provide solutions to tackle the everevolving, 24 hours x 365 days a year, threat are in a powerful position to take advantage of the opportunity as governments, organisations, and individuals turn their attention to fixing it.

Allianz Cyber Security

A global equity strategy that invests in companies whose businesses benefit from, or are currently related to, the Cyber Security theme.

Three reasons to invest

The performance of the strategy is not guaranteed, and losses remain possible.

Securities mentioned in this document are for illustrative purposes only and do not constitute recommendation or solicitation to buy or sell any particular security. These securities will not necessarily be comprised in the portfolio by the time this document is disclosed or at any other subsequent date.

1  https://BBC.co.uk/news/business-57050690
2   https://Reuters.com/business/colonial-pipeline-ceo-tells-senate-cyber-defenses-were-compromised-ahead-hack-2021-06-08/
3  https://CNBC.com/2021/10/06/twitch-hack-amazons-video-site-breached-exposing-future-product-plans.html https://BusinessInsider.com/twitch-got-hacked-2015-3?r=US&IR=T
4  https://BBC.co.uk/news/technology-55249353
5  https://GlobeNewWire.com/news-release/2020/11/18/2129432/0/en/Cybercrime-To-Cost-The-World-10-5-Trillion-Annually-By-2025.html
6  Varonis: 134 Cybersecurity Statistics and Trends for 2021 (March 2021) https://Varonis.com/blog/cybersecurity-statistics/
IBM Security, "Cost of a Data Breach Report" (July 2020) https://Capita.com/sites/g/files/nginej291/files/2020-08/Ponemon-Global-Cost-of-Data-Breach-Study-2020.pdf
7  Businesswire: Global Cyber Security Market (2020 to 2030) - by Component, Security Type, Deployment, Enterprise, Use Case and Industry - ResearchAndMarkets.com, November 2020: https://BusinessWire.com/news/home/20201119005835/en/Global-Cyber-Security-Market-2020-to- 2030---by-Component-Security-Type-Deployment-Enterprise-Use-Case-and-Industry---ResearchAndMarkets.com
8  Canaccord Genuity, February 2021, Industry update: IoT, Security & Communications Software. Gartner Information Security Forecast 4Q20

Investing involves risk. The value of an investment and the income from it may fall as well as rise and investors might not get back the full amount invested. The views and opinions expressed herein, which are subject to change without notice, are those of the issuer companies at the time of publication. The data used is derived from various sources, and assumed to be correct and reliable at the time of publication. The conditions of any underlying offer or contract that may have been, or will be, made or concluded, shall prevail. The Management Company may decide to terminate the arrangements made for the marketing of its collective investment undertakings in accordance with applicable de-notification regulation. The duplication, publication, or transmission of the contents, irrespective of the form, is not permitted; except for the case of explicit permission by Allianz Global Investors GmbH.

For investors in Europe (excluding Switzerland)
This is a marketing communication issued by Allianz Global Investors GmbH, www.allianzgi.com, an investment company with limited liability, incorporated in Germany, with its registered office at Bockenheimer Landstrasse 42-44, 60323 Frankfurt/M, registered with the local court Frankfurt/M under HRB 9340, authorised by Bundesanstalt für Finanzdienstleistungsaufsicht (www.bafin.de).

The Summary of Investor Rights is available in English, French, German, Italian and Spanish at https://regulatory.allianzgi.com/en/investors-rights

Allianz Global Investors GmbH has established branches in the United Kingdom, France, Italy, Spain, Luxembourg, Sweden, Belgium and the Netherlands. Contact details and information on the local regulation are available here (www.allianzgi.com/Info).

For investors in Switzerland
This is a marketing communication issued by Allianz Global Investors (Schweiz) AG, a 100% subsidiary of Allianz Global Investors GmbH.

AdMaster: 1855413

How green bonds can bolster the transition towards a more sustainable future

04/03/2022
Wind farm on a green hill shrouded in mist - How green bonds can bolster the transition towards a more sustainable future

Summary

The channelling of capital flows towards projects with measurable environmental benefits and tangible positive impacts on the energy transition marks a fundamental milestone in the transformational process of a global economy still largely dependent on finite resources to a sustainable- and clean-energy society. In this context, green bonds are an important vehicle to mobilise capital markets towards this green transition, as their use of proceeds is explicitly dedicated to projects with environmental benefits focusing on climate change mitigation and/or adaptation.

Allianz Global Investors

You are now leaving the Allianz Global Investors’ website and being redirected to

Important Information for Clients

Select Role
  • Individual Investor
  • Professional Investor
  • Please read the following page carefully before proceeding as it contains important information concerning your use of the website and explains certain legal and regulatory restrictions applicable to any investment in Allianz Global Investors investment products. By pressing ‘Confirm’ you agree that you have read and understood the following information.

    The information contained herein is provided solely for use by professional / qualified clients and their advisers in Switzerland and should not be relied upon by retail clients. Any person unable to accept these terms should not proceed any further.
    This website contains information about Allianz Global Investors’ (AllianzGI’s) investment products and services available to qualified clients according to Swiss law.

    The information provided in this site is directed at clients from Switzerland only. It does not constitute an offer to sell or solicit an offer to purchase any investments by anyone in any jurisdiction in which such offer or solicitation is not authorized.

    AllianzGI makes no representation or warranty as to the accuracy or completeness of the information from other parts of the AllianzGI which is provided for information purposes only and is not intended as promotional material. AllianzGI has taken reasonable care to ensure the accuracy of information available through the site. However, the information may be amended at any time by AllianzGI without notice. As far as it is permitted under the Swiss Federal Act of 23 June 2006 on Collective Investment Schemes, AllianzGI does not accept liability for any loss, direct or indirect, owing to reliance on any information contained herein.

    Regulation and Status Disclosure
    Allianz Global Investors represents products and services of Allianz Global Investors (Schweiz) AG, www.allianzglobalinvestors.ch. Allianz Global Investors (Schweiz) AG, www.allianzgi.com, an investment company with limited liability, incorporated in Switzerland, with its registered office at Gottfried-Keller-Strasse 5, 8001 Zürich, registered with the local court Zurich CHE-142.648.785, authorised by the Swiss Financial Market Supervisory Authority (www.finma.ch). Details about the extent of our regulation by the Swiss Financial Market Supervisory Authority are available from us on request.

    Throughout the website Allianz Global Investors (Schweiz) AG may sometimes be referred to as Allianz Global Investors or AllianzGI.

    Copyright
    Copyright in this website is owned by Allianz Global Investors (Schweiz) AG. The copyrights of third parties are reserved. You may download or print a hard copy of individual pages and/or sections of the website, provided that you do not remove any copyright or other proprietary notices. Any downloading or other copying from the website will not transfer title to any software or material to you.

    You may not reproduce (in whole or part), transmit (by electronic means or otherwise), modify, link or use for any public or commercial purpose the website without the prior permission of Allianz Global Investors.

Please check the checkbox to accept the terms and conditions.