Australia / Press Releases
Cybersecurity services surge as attacks become more sophisticated

What information do you want to see from IBISWorld on COVID-19? We'd love to hear from you

by Arthur Kyriakopoulos
Dec 14 2020

Revenue for the Australian Cybersecurity Software Services industry is expected to surge by 12.0% in 2020-21, as the frequency and severity of cyberattacks continues to rise. Close to 60,000 cybersecurity incident reports were filed to the Australian Cyber Security Centre (ACSC) during 2019-20, and this number is likely to be understated as many firms are unwilling to report incidents. Cybersecurity incidents have the potential to cost the economy $29 billion per year, or 1.9% of Australia’s GDP.

‘Australian IT and telecommunications adoption has risen at an annualised 2.1% over the past five years, particularly in the last 12 months due to the COVID-19 pandemic. While this rise has improved business efficiency, it has also exposed businesses to severe cybersecurity risks. These risks include theft of intellectual property, and the encryption and ransom of vital business systems,’ said IBISWorld Senior Industry Analyst Arthur Kyriakopoulos.

Due to the costly nature of cybersecurity threats and attacks, government agencies, businesses and households have increasingly invested in cybersecurity products and services. The Cybersecurity Software Services industry has therefore rapidly expanded, growing at an average 10.7% per year over the five years through 2020-21.

‘Demand for cybersecurity services is anticipated to rise as Australians continue to adopt online platforms and become more aware of cybersecurity threats. Revenue for the Cybersecurity Software Services industry is forecast to grow at an annualised 15.2% over the next five years, to become a $3.6 billion industry,’ said Mr Kyriakopoulos.

Is Australia doing enough to defend against cyberattacks?

Australia has suffered cyberattacks on all levels of government, industry associations, education institutions, the health sector, essential service providers and operators of critical infrastructure. In February 2020, the Australian Wool Wholesaling industry was victim to a ransomware attack that forced the online buying and trading system for wool to collapse for up to a week, costing the sector up to an estimated $80 million. The Australian Federal Parliament has also been targeted, with two major attacks occurring in 2019.

‘The Federal Government has introduced the Australian Cyber Security Strategy, with funding of $1.67 billion over the next decade, to protect businesses and national interests. The Morrison Government will likely introduce a mandatory regime for Australian businesses to report cyberattacks, helping shape the Australian policy response,’ said Mr Kyriakopoulos.

While government support is required, businesses will also need to take responsibility for their own cybersecurity.

‘A small investment today can help prevent major cybersecurity failures in the future. For example, keeping software up-to-date, regularly backing up data, using strong passwords and implementing multi-factor authentication can go a long way towards keeping businesses safe,’ said Mr Kyriakopoulos.

Businesses benefiting from an expanding market

Cybersecurity firms have benefited from surging demand for their services. Larger and more reputable organisations are beginning to dominate the market, due to the highly sensitive nature and importance of cybersecurity products and services. These include larger organisations such as Data #3, IBM, Trend Micro, Accenture and Cisco, which control just under 50% of the Cybersecurity Software Services industry.

‘Having a strong reputation in IT security management is a key success factor, and the reputations of the large players have enabled them to control a significant and growing share of the market’, said Mr Kyriakopoulos.

However, several smaller, newer businesses will likely carve out market share in niche markets over the next five years, limiting the dominance of multi-national organisations. New players CyberCX and Tesserent have expanded aggressively, completing several acquisitions and establishing themselves as future major players in the cybersecurity sector. Both companies are projected to more than double their revenue in 2020-21, earning in excess of $100 million.

COVID-19 and cybercrime

The COVID-19 pandemic has accelerated growth in the cybersecurity market. The pandemic has intensified cyberattacks, as cyber criminals have adapted to target an increasing number of Australians working, studying and connecting online. Between 10 and 26 March 2020, the ACSC received over 45 pandemic-themed cybercrime reports. As a result of the increased threat, the Cybersecurity Software Services industry is projected to grow at an annualised 12.1% over the two years through 2020-21. However, the IT Security Consulting industry is anticipated to fall by 0.8% per year over the same period.

‘This minor anticipated decline in IT security consulting represents a strong performance relative to other consulting industries. For example, the Engineering Consulting industry and the Management Consulting industry are forecast to decline by 2.1% and 9.4%, respectively, over the two years through 2020-21,’ said Mr Kyriakopoulos.

IBISWorld reports used to develop this release:

For more information, to obtain industry reports, or arrange an interview with an analyst, please contact:
Jason Aravanis
Strategic Media Advisor – IBISWorld Pty Ltd
Tel: 03 9906 3647
Email: mediarelations@ibisworld.com