Table 1

Major Security Breaches in the North American Region

Targeted Company Breach Details

Home Depot (American
retailer of home improvement
products)
eBay (Global online retailer)
Michaels Stores (U.S. based
leading arts and crafts retailer)
Community Health Systems
(CHS) (Franklin-based leading
operator of hospitals in the
U.S.)
JP Morgan Chase (U.S. based
leading global financial
services firm)
The company suffered a point-of-sale system data breach at approximately
2,200 of its U.S. and Canadian stores. The attack was initiated through a
malware that infected the company’s data systems.
The breach compromised $56 million payment card details and around 56
million email addresses of the retailer’s customers between April and
September 2014.
The company suffered one of the biggest security breaches in the history of
online retailing. The breach, which occurred in May 2014, affected over 145
million eBay customers. eBay took a $200 million hit to its annual revenues.
Hackers accessed the company’s network by hacking employees’ login data
and retrieved customers’ details such as name, address, email address and
phone number.
The company suffered a point-of-sale system data breach. The attack was
launched through the use of highly sophisticated malware between May 2013
and January 2014.
The breach is estimated to have compromised around 2.6 million payment
cards through Michaels stores and 400,000 credit cards at Aaron Brothers.
The company suffered a cyber-attack, resulting in a huge loss of patients’
sensitive information. The breach was caused by hackers in China who gained
access to the company’s computer network and stole non-medical data.
The breach resulted in the theft of the non-medical but sensitive data of 4.5
million patients.
The financial institution became the victim of a cyberattack wherein the
hackers successfully penetrated more than 90 of the bank’s servers.
The data breach affected 76 million households and 7 million small
businesses.

Source: BCC Research

Current Trends
One of the major trends that has influenced and is still predicted to influence the cyber security market
in North America is bring your own device (BYOD). BYOD is a phenomenon followed by many
organizations where employees use their personal device such as smartphones, tablets or personal
laptops to connect to a network. This upward trend is evident in numerous companies. Organizations
implement Network Access Control (NAC) solutions in order to apply BYOD policies, which prevent
infected devices from harming systems and networks. Numerous organizations around the world allow
personal devices to connect with the company’s network, among which small and medium group
enterprises lead the trend. However, the inability to secure these personal devices may result in an easy
access point for hackers and internet criminals to gain access to an organization’s systems.

© 2018 | BCC Research LLC IFT174A Cyber Security: North American Markets | 14
BYOD nevertheless has its own advantages, such as increased productivity, cost saving on hardware,
growing collaboration and higher employee satisfaction. Of course, the security concerns associated
with it cannot be ignored.

Below is an illustration of how a Bring Your Own Device can open new avenues for carrying out security
breaches in an organization. Let us consider a scenario wherein an employee installs an application onto
his BYOD device for personal use. This installed application may be a malware implanted by hackers
onto the internet to gain access to confidential corporate data on the BYOD system. With the help of
this application, a hacker can steal the desired data or even take control of the device without the
knowledge of the employee.

Although many organizations are adopting BYOD, a number of them lack the required resources for
implementing BYOD security policies. There are three different measures for preventing cyberattacks in
a BYOD environment: mobile device management, mobile application management and mobile security
management.

Preventive Measures for Organizations with BYOD

Mobile Device Management (MDM)
This solution offers the lowest level of security. MDM offers safety of information that is present on the
stolen device. MDM also offers remote locking, password protection, detection of rooted devices and
erasing of data from stolen devices. However, MDM is not effective enough to protect mobile devices,
the operating system and apps against complex internet attacks.

Mobile Application Management (MAM)

MAM offers low-level mobile application protection. This solution grants the provision of remotely
deleting or updating of an application. MAM helps business administrators to manage internally
purchased and public applications across all BYOD systems. Similar to MDM, MAM has its limitations
with respect to preventing complex and dynamic attacks on its network.

Mobile Security Management (MSM)

MSM offers the highest level of security relative to MDM and MAM. MSM provides protection against
spear phishing, compromised Wi-Fi networks, malwares, jailbreaks, malicious apps and infected DNS.
MSM enables an organization to secure devices and networks against dynamic and complex internet
attacks. Unlike MAM and MDM, MSM dynamically adapts to new threats.

Life Cycle Analysis

The life cycle analysis of the cyber security industry comprises of several stages such as: analysis,
security requirements, and security solutions such as hardware, software and services. In addition, the
design and implementation of the hardware and software is performed by companies that supply
internet security solutions such as Cisco, Symantec and Kaspersky, among others. After this come testing
and integration as well as operation and maintenance, which are the end stages of the value chain and
described in detail below.

© 2018 | BCC Research LLC IFT174A Cyber Security: North American Markets | 15
Analysis of Computing Environment
The initial analysis of computing environments such as grid, cloud and utility services helps cyber
security service providers to know the exact requirements of the end user (client organization).
Examining, refining and modeling are the major steps involved in defining a problem. Exact definition of
a problem helps in gaining a proper understanding of the problem, which in turn helps security service
providers to deliver products or services that can efficiently address the issue.

Security Requirement
Clear analysis of the problem helps in understanding the specific requirements of the end user in terms
of hardware, software or services. Companies such as Cisco and Symantec provide cyber security
hardware and software. Cyber security services include security consulting services, managed security
services, risk and threat assessments, etc. Companies such as IBM and Internet Security Consulting
Services offer these services. End users adopt managed security services and outsource cyber security
requirements in order to concentrate on their core business functions.

Designing of Hardware and Software

The designing of hardware and software is initiated in accordance to the requirements of the end user.
The designing stage involves development of a solution to meet the client’s requirements. In addition to
this, the design stage also includes development of standard techniques and the introduction of
additional features that would mitigate ambiguity in the designing of a solution for the problem.

Implementation of Design
The stage is comprised of implementation of hardware as well as software and services according to the
results of the analysis. Cyber security hardware and software requirements are implemented on the
premises of the end user. According to services offered by different companies and consulting firms, end
users implement the same design integration. Further, all the implemented hardware devices and
software are tested and integrated according to the requirement of the problem.

Testing and Integration

The testing and integration stage ensures that the implementation matches the design and meets the
requirements of the end user. In this stage, individual modules of the hardware and software are tested.
Operation and maintenance are the last stage of the cyber security value chain. Because end users’
requirements could change over time, options to upgrade the device or software are essential.
Maintenance provides changes or extra implementations in the existing design or when a need might
arise for a fresh analysis of the situation.

Market Drivers
This section describes the factors driving and restraining the cyber security market in North America.

Surge in Demand for Cloud-based Enterprise Applications

Currently, different sized organizations are adopting cloud-based solutions for their regular business
applications and needs. As cloud-based solutions depend on internet connectivity and function in hosted
environments, there is always a chance of cyberattacks and other threats from cybercriminals that can
enable attackers to hack and manipulate the important data of the organizations. All this malfunctioning
and hacking can happen through various mediums such as cloud networks, hosted storage systems and

© 2018 | BCC Research LLC IFT174A Cyber Security: North American Markets | 16
endpoint systems. Vendors in the market have come up with various cloud-based security solutions to
strengthen various security check points such as network security, endpoint security, application
security, and cloud accessor management for end user enterprises. Recently, in April 2018, Tripwire Inc.,
a key security and compliance solutions provider in the U.S., expanded its cloud security capability by
leveraging security solutions through Cloud Management Assessor (CMA). The solution is expected to
analyze the publicly available data of a given enterprise by file integrity monitoring (FIM) capabilities.

Increasing Digitalization and IT Security Spending

Emerging technologies such as virtual payments, crypto currency, online banking, artificial intelligence,
Internet of Things (IoT) and process automation have become mainstream in the North American region.
Countries including the U.S. and Canada have favorable government policies to implement ICT
(Information and communications technology) security solutions in various industries. As these
technologies are being implemented for the public as well as customer uses, there is a need for efficient
security solutions to protect IT gateways and infrastructures. According to the Federal Bureau of
Investigation (FBI), in the U.S., the cost of internet-based crime crossed around $1.4 billion in the
country in 2017. With surges in all these kind of malware attacks and cyber threats in the U.S. and
Canada, government officials have strengthened their security measures in the region. For example, in
October 2017, the Mississippi Secretary of State selected Check Point Software Technologies Ltd to
implement end-to-end security solutions to protect official documents from cyber threats. This
partnership can be considered as a major step taken by government agencies to implement security
solutions in the region. In addition, the Canadian Cyber Incident Response Centre (CCIRC) has expanded
its partnership network with 1,300 organizations in providing alerts and the necessary steps to take to
prevent cyber threats from unknown sources. All these investments and development factors are
expected to drive market growth in coming years.

Increased Demand for Disaster Recovery Service

In recent years, enterprises are increasingly focused on saving and keeping backups of their business
operations data through the disaster recovery services offered by vendors in the market. Disaster
recovery-as-a-Service (DRaaS) has significantly gained traction in the IT security market due to its data
recovery capability. Key players such as IBM Corp., Scalar Decisions Inc., Symantec Corp., and many
others are offering DRaaS in the North American market to secure and prevent the loss of an
enterprise’s data during a cyberattack. For instance, in May 2017, Scalar Decisions Inc., a leading
Canadian IT solutions provider, launched a cloud-based disaster recovery service for enterprises to back
up their lost data after any cyber or malware attack. With a cloud-based deployment option, the
adoption of disaster recovery solution is expected to grow at a significant rate during the forecast
period. This in turn is expected to drive the revenue in the North American cyber security market.
Additionally, disaster recovery services have gained traction among different sized user groups,
including SMBs and large enterprises. As a secure business solution, process and optimization, DRaaS is
being implemented by various industries, such as manufacturing, healthcare, retail and e-commerce,
telecom and IT, finance and government, among others. End users are expected to invest more in
recovery services as they become more concerned about preserving ongoing business operations and
confidential customer information from cyber threats and malware attacks, which in turn is expected to
fuel growth in the cyber security market in coming years.

© 2018 | BCC Research LLC IFT174A Cyber Security: North American Markets | 17
Market Restraints
Use of Pirated Products
The use of pirated products is a major hindrance to the adoption of internet security solutions in the
countries like the U.S. and Mexico. The large segment of individual users assumes full protection out of
pirated or free versions of security solutions, which in turn hampers the market growth for North
American cyber security market. However, these solutions are not capable of protecting the user’s
system. The limitations arising from this factor could decrease in the future, mainly due to the falling
prices of security solutions and the rising consumer awareness of internet security solutions.

Market Opportunities
Rising Uptake in IoT Applications in Smart City Projects
In smart cities, every connected device follows a common platform for data connectivity, and it can
serve as an easy way for attackers to infect a major part of the system through a few connected devices.
For example, in 2012, the FBI reported a hack of smart device functionality, which could have cost its
electricity department around $400 million per year if it had not been detected. For all these kinds of
reasons, city officials in the North American region are spending huge amounts of money to safeguard
their city environment through strategic partnerships with solution providers. Recently, in April 2018,
Nokia announced a joint program with the Canadian government to implement a secure mobile virtual
network operator for public safety agencies, protecting its telecom networks from cyberattacks. The
total funding for this program is expected to exceed $1.5 billion, according to sources. Furthermore,
growth in the adoption of bring your own devices (BYOD) among enterprises attracts more vulnerability
to the office systems though their employees’ unprotected devices. To protect company data, whether
it is on mobile devices or office systems, vendors have already started providing specific security
solutions for mobile devices in BYOD environments.

© 2018 | BCC Research LLC IFT174A Cyber Security: North American Markets | 18