Cybersecurity Windfall

Makovsky

Jim Cramer is of course, never wrong.  His prediction on Thursday that cybersecurity stocks are poised to take off bodes well for investors in the sector.  

According to Cramer on Mad Money, “last year the global security technology and services market was worth $67 billion; by 2016 it should be worth $86 billion.”

Even without Cramer’s prediction, anyone reading the news should have been able to discern the increased prevalence of large data breaches.  

First, there was Target. With millions of customers and many online retail transactions, one could surmise that this was a significant…well, target. There was also the surreptitious efforts of some 20 hackers in Russia who managed to amass over a billion internet passwords earlier last month. 

After the Russian hackers, a number of United States banks, including JPMorgan Chase and at least four others, were struck by hackers in a series of coordinated attacks in late August 2014.

And most recently, Home Depot admitted this month (September) that they had suffered a breach, with signs that – according to noted cybersecurity reporter Brian Krebs – the perpetrators may have been the same group of Russian and Ukrainian hackers responsible for the data breaches at Target, Sally Beauty and P.F. Chang’s.

Security talent will benefit

Speaking with The Wall Street Journal, Matt Comyns, co-head of the Global Cyber Security Practice at executive recruiting firm Russell Reynolds Associates, explained that the crafty folks in charge of maintaining cybersecurity – chief information security officers (CISOs) – have seen salary increases due to an increasingly competitive market for the best security talent.  Top tier CISOs at large global companies could now be hauling in $500,000 or $600,000 annually, followed closely by an average minimum salary of about $300,000.  

Communicating cybersecurity concerns

When the New York Times broke the news that Milwaukee-based firm Hold Security discovered that a Russian crime ring had amassed the largest known collection of stolen Internet credentials to date, Forbes senior editor Kashmir Hill opined that it was the “freakiest security story since Heartbleed.” 

Shortly following the New York Times story, Hold Security offered that for “as low as $120” it would find out if your site had been affected by the breach. Not surprisingly, Hill and many others questioned this profiteering action.

What Hold Security failed to communicate, though, was that the $120 included assistance and recovery from Hold Security for any site that was hacked. In fact, according to the firm’s CTO, Hold Security is offering these services at a loss.

This firm, with under 50 employees, somehow managed to catch the largest security breach in history—even the United States government missed this one. Yet rather than sharing in some deserved accolades for its discovery, Hold Security suffered a slew of negative press for its poorly communicated $120 offering.  

Larger firms would also benefit from media savvy professionals on hand to help guide their well-paid CISOs, CTOs, and other cybersecurity experts through the media scrutiny following breaches and related events.  Given the current climate, shareholders, investors, and others are more likely to ask probing questions regarding security infrastructure and protections. It behooves firms to have executives equipped to communicate well with the public, and address cyber concerns and entrenched security plans in a thoughtful, clear, and proactive manner. Especially if your firm is charging $120 a pop to check consumers’ personal data security.

Bill C. Smith (@BillCSmith87) is a senior account executive at Makovsky Integrated Communications in New York.