The cybersecurity industry will be fiercely competitive in 2017

We recently reported on the cybereconomy fundamentals including cybercrime damage costs, job openings, the unemployment rate, and cybersecurity spending which is predicted to exceed $1 trillion over the next five years from 2017 to 2021.

2017 is shaping up to be a fiercely competitive year for the cybersecurity industry. Here is how I see the market playing out in the next 12 months.

Hundreds of cybersecurity startups have raised billions of dollars in venture funding over the past three years. The companies who have successfully built their technology and fielded competent sales forces will be the disruptors. The tech giants, large pure plays, big consulting firms, and niche regional players will all be facing a large pool of new market entrants next year. Many of the startups are influenced and controlled by anxious investors who are looking for a return on their money.

Tech giants Cisco and IBM have grown their security businesses to the tune of around $2 billion each. Both gained another 10 percent last quarter. Expect to see more growth from them, and other large participants including Unisys who view cyber as growth vehicles for their businesses. Big tech will go big cyber in 2017.

Oracle acquired Dyn, the leading DNS company which has 3,500 enterprise customers. Thomas Kurian, president, Product Development at Oracle, said in a press release that Dyn’s DNS is a critical core component of Oracle’s cloud platform.

That was fast. Oracle brings other interesting technology to the table including a cyber range platform it picked up in their $500 million purchase of Ravello Systems earlier in the year.

Large consulting houses with core competencies in crunching financials and advising large corporations are crowding into the upper tier of cyber defense providers. The Big 4 — Deloitte, EY, KPMG, and PwC — are growing their risk and security businesses as hacks, data breaches, and reputational harm have elevated to major discussion topics in boardrooms.

The big pure play cyber firms will be divided. Some of the largest — which include FireEye and Palo Alto Networks — are aiming at larger seven figure deals with F500 and G2000 corporations – which puts them on a collision course with the tech giants. To the victors go the spoils. 2017 will tell.

Other pure plays have bulked up while remaining largely in one space with a lot of headroom to grow. Mimecast is one example. Now one of the stock market darlings in cyber, they are sitting pretty on the heels of a U.S. presidential election campaign that brought huge attention to email – which is transitioning to the cloud – where it needs to be protected all over again.

Mobile security is hot and Blackberry emerged as a surprise security player to many. The company suffered a knock out in the phone space. They got up, dropped their handset gear business, acquired a few small security companies, and are now running an aggressive advertising campaign tooting their pure-play software status. IT security is old school, and oversaturated with vendors. Mobile security is new school, and opportunities abound for new entrants. Blackberry lost to Apple. Now they’ll be squaring off against a field of up-and-comers.

Major corporations and midsized companies are struggling through a prolonged cybersecurity workforce shortage. Niche boutiques on the cutting edge of cyber defense are attracting the better security talent – marking it up – and selling it to their clients. HUNT operations and MSSPs (managed security services providers) are the buzzwords, and there’s a finite list of regional firms in the U.S. and internationally who can truly claim they play there. They can say yes when asked if they employ cyber operators or if they own their own SOCs (security operations centers). It will interesting to hear what they say when the tech giants come knocking, seeking to acquire.

Training employees on security may be the most underspent sector. No surprise the world’s most famous hacker – Kevin Mitnick – singled that one out. KnowBe4, a fast growing security awareness training provider, inked a deal to productize Mitnick’s know-how into a series of programs to train users up on how to detect phishing and malware attacks. Some estimates have pegged this as a billion dollar market. 2017 may put an s at the of that number. No surprise this space is seeing a lot of new entrants, and all sorts of spins on how to engage and educate on what can be a boring topic.