Black Swan events are shaping current and future cybersecurity

First created by Lebanese-American opinion leader Nassim Nicholas Taleb, the term “black swan” refers to unexpected global events that have a profound effect on society. Some are useful, such as the invention of the printing press; and others are destructive, such as the subprime crisis in 2008. But they all changed the course of history.

In recent years, we’ve witnessed a spate of Black Swan events, and they keep popping up in real time. They have impacted every facet of our lives, and this is true in the world of cybersecurity as well. By analyzing these recent events, we can better map our industry’s evolutionary processes to predict where cybersecurity is headed.

The COVID-19 pandemic has paved the way for innovation

There is no doubt that one of the most significant black swans of recent memory was the onset of the COVID-19 pandemic in 2020. One of the immediate consequences of this global crisis was the transition to work-from-home practices, and with it came overwhelming impetus to migrate a significant portion of our digital business from physical data centers to the virtual cloud workspace.

This was a question of decentralization versus centralization. Prior to the pandemic, it was considered standard practice to centralize an organization’s digital assets in one physical location that could be protected with a traditional security perimeter. But during the pandemic, it became a risk and organizations quickly decentralized to move resources such as business-critical applications and databases to the cloud. But this change changed hackers’ attack vectors, requiring completely different defenses.

The decentralization of digital assets brought new security vulnerabilities, both in the workplace and in employees’ homes, creating a significant hurdle to protecting against cybercriminals, who have only become more sophisticated and better funded. These hackers developed new methods, known as Generation 5 (Gen V) attacks, that were multidimensional and allowed the attackers to strike from many different angles at once.

As these new cyberthreats emerged, the newly developed cloud environments also demanded security products that were easier and faster to install, activate and maintain. All these elements combined to create the perfect conditions for a new approach to cybersecurity, which would require record-breaking funding.

The rise and fall of capital investment in cybersecurity

The next black swan in cybersecurity came on the heels of the effective end of the pandemic (aka the COVID cyberboom). The combination of the need to protect decentralized digital assets against Gen V attacks with the need to develop new products for today’s modern environments was a powerful driver of innovation, stimulated by a macroeconomic environment where interest rates were low and liquidity high. It is not surprising that in 2021 more than $20 billion venture capital was invested in cybersecurity companies worldwide, a new record. Venture capital firms were eager to get involved in this growing industry.

As a result of this free flow of money, cybersecurity start-ups experienced rapid market valuations, resulting in the emergence of many unicorns. While these valuations certainly represented their potential, they were often an inaccurate representation of the companies’ true value. And with these investments, a flood of new cybersecurity products became available to CISOs, offering a level of variety previously unheard of. But when the market was flooded with companies with inaccurate valuations, a bubble emerged. And unfortunately we know how bubbles end.

The latest black swan actually involved three events in 2022: a rise in interest rates, a global supply chain crisis, and the war in Ukraine. This was a perfect storm for a global recession. Capital and market valuations, which seemed so bountiful a year earlier, seemed to be falling off a cliff, and as a result, the growth that was so easy to sustain in 2021 experienced a massive slowdown.

Where does this leave us?

Today we are in a difficult situation. Amid a decline in investment in innovation, resources remain decentralized, the Gen V attack surface still exists, and organizations need an end-to-end solution.

As such, I predict that the industry will experience extreme consolidation in the next 18 months to strengthen the line of defense of cybersecurity products and provide a comprehensive solution. This means consolidating similar products under one roof to create an end-to-end solution that enables CISOs to provide a layered protection model. Rather than relying on the formation of new companies, this will be achieved through mergers, acquisitions or partnerships.

The challenge here is one of execution, and the seriousness of these types of integrations for large organizations looms large. There are real and valid concerns about this kind of unification. What if large, deep-pocketed organizations absorb startups and rob them of their agency and agility, essentially wiping out any capacity for innovation before they can make a move? Any benefits to be gained from the acquisition will be lost if it effectively suppresses these competitive differentiators.

To avoid this, organizations must proceed with caution to give the acquired start-ups a high degree of autonomy without additional bureaucracy or friction. Only by guaranteeing these freedoms can large organizations harness the power of start-ups to develop, test and deploy solutions with advanced precision and speed. This likely requires a strategic restructuring of the organization, where a person who understands how to balance the needs of a start-up with the wealth, size, and goals of a large organization can act as a trusted intermediary between leadership and the startup team. . Thus, larger organizations can reinvent themselves to address the opportunity created by a series of black swans.

On the start-up side, these entrepreneurs must ensure that their new parent organization aligns with their growth vision. They should create a roadmap for the next two or three fiscal years to set expectations on both sides. With all parties united in their goals, cybersecurity organizations can provide a modern, end-to-end solution to decentralization without forcing the industry to rely on venture capital that simply no longer exists.

Black swans are driving positive changes in cybersecurity

The digital decentralization of 2020, the industry boom of 2021, and the inevitable bust of 2022 were a whirlwind of events in just three short years. But their challenges and opportunities will propel us forward to a more cyber-secure world. After a rapid succession of black swans that have irreversibly changed the course of our industry, the technological and economic evolution of cybersecurity is moving in a positive direction towards a brighter future.

Moshe Lipsker is SVP of product development at Imperva.