Fear about the threat has been a factor in wealth management for some time. Over a year ago, this publication spoke to figures in the industry about the scale of the problem and what can be done about it. Banks have been hit: for example, JP Morgan stated last year that up to 76 million accounts had been affected by an attack although no evidence of loss was established. In Asia, the Hong Kong Monetary Authority regularly warns the public of fake emails and websites seeking to lure people into divulging private data. 

One survey that caught the eye recently is by US-based Tenable Network Security, a network monitoring business; it produced a “scorecard” based on how 504 information security practitioners in firms with 1,000 or more staff ranked how well prepared, or ill-prepared, firms in different sectors and regions are. 

Global cybersecurity earned an overall score of 76 per cent, which Tenable Network Security said equated to a “C” average, a result the firm says is “underwhelming”. Almost 40 per cent of respondents said they feel “about the same” or “more pessimistic” about their organisations’ ability to defend against cyber attacks compared to last year.

In particular, the report showed industry worries about cloud computing. Respondents consistently cited cloud applications and cloud infrastructure as two of the three most challenging IT components for assessing cybersecurity risks. And mobile devices got a lowly D rating.

In country terms, the US had the highest “overall cybersecurity report card” of B-, or 80 per cent, while Australia is at the bottom, at D+, or 69 per cent; Singapore rates a C-, at 72 per cent, and the UK rates at C, or 74 per cent. Also of interest to wealth managers is that financial services fares relatively highly for perceptions about preparedness against hackers, with a rating of B-, or 81 per cent, equalled only by telecoms and technology. Lowest is education, at D, or 64 per cent.

Tenable came up with its rankings by analysing answers to a 12-question web-based survey to provide a rating on a five-point scale. By adding together the two most-favourable responses for each question, and then averaging together associated responses, two summary indices were derived. The Risk Assessment Index measured an organisation’s ability to assess cybersecurity risks across 10 key components of enterprise IT infrastructure.

Analysts at Bank of America Merrill Lynch have produced some eye-popping data on the scale of the threat. There are 80-90 million cyber attacks per day and around 400 new threats every minute, and 70 per cent of those attacks go undetected. On the cost side, US corporates alone face an annual bill of $575 billion. On a global basis, that is around $3 trillion. 

Opportunities
However, touching on the point that one person’s misery can be another’s gain, the BoA Merrill study says there is now a $75 billion market – seen growing to up to $170 billion by 2020 – in anti-cybercrime firms.

Recently, Fabiano Vallesi, a “next generation” research analyst at Julius Baer, spoke of how expected surges in company cyber protection efforts will boost the security sector. 

“For the longer term, we believe that a number of secular trends are likely to keep growth trajectory for the security sector substantially above average. Median sales growth estimates for the sector points to a 13 per cent sales growth for the next three years, much higher than the past three-year median of 8 per cent. However, we recommend investors to take a diversified approach due to high volatility of software names and as the industry is in a constant arms race against attackers, leading to swift changes in technology leadership,” he said.

And perhaps one of the markers of an investment trend is when there is an exchange traded fund for it. In September, the ETF Securities Cyber Security ETF started trading on the London Stock Exchange. This ETF tracks businesses such as Japan’s FFRI INC, UK anti-virus firm Sophos and Cisco Systems, the US tech firm.

Cybercrime is a threat and a cost – but for some canny investors, also an opportunity.