By the U.S. Commercial Service International Trade Administration
In the digital age, the Internet has transformed how we live, shop and work. It has transformed how companies do business and how they operate. Yet using the Internet means as you are connecting to someone, they are connecting to you. As our inter-connectedness has increased, so has the frequency and sophistication of cyber-crimes.
Computer and network intrusions, ransomware, keylogging and identify theft impact not just individuals, but multi-million-dollar companies and world governments as well. The cost of this cyber-crime is measured in billions of dollars and, like with any problem, it brings opportunities to those that can help with a solution. With that in mind, cybersecurity has become an increasingly important and growing market. Innovative hardware, cutting-edge software, security consulting and best practices training all feed into the broad cybersecurity market. This is true not only in the United States, but abroad as well.
U.S. companies are well positioned in the global market to take advantage of the growing international demand for cyber-security solutions. According to a study by CIO Applications, 22 of the top 25 cybersecurity companies in 2017 were based in the United States. For U.S. cybersecurity companies, opportunities will generally be concentrated in advanced-ICT markets with large volumes of data flows and digital transactions, as well as highly digitized manufacturing and services sectors. In a recent market survey conducted by the U.S. Department of Commerce, U.S. Commercial Service, the leading regions for U.S. cybersecurity-related companies are Europe and the Indo-Pacific.
The European region offers U.S. companies numerous growth markets in the cybersecurity sector, two leading ones being the U.K. and Germany. According to our commercial section of the U.S. Embassy in London, the U.K. represents the largest single cybersecurity market in Europe, with an estimated value of $5 billion. Opportunities exist to supply solutions to both large and small companies in the U.K., yet the largest of opportunities will be with organizations where IT systems are mission critical. These include but are not limited to major financial institutions, utilities and governmental departments. Add to these opportunities a similar business culture and a common language and the U.K. becomes a very good market for U.S. cybersecurity companies.
Looking at Germany, an important factor driving the cybersecurity market is the IT Security Act (ITSA) which came into effect in July 2015 with the goal of increasing protection against IT security risks. The act affects companies operating critical infrastructure in a number of sectors to include energy, IT, transportation, health, water, food and finance. Germany also has focused economic and innovation policies driving the digitalization of the economy, infrastructure, manufacturing sector and the workplace environment. The recently enacted General Data Protection Regulation (GDPR) is another factor driving European cybersecurity markets, including Germany and the United Kingdom. The GDPR is likely to drive future spending on cybersecurity as companies seek to comply with the regulation. Under the new legislation, companies that suffer data breaches in the future will be liable for heavy penalties that could amount to as much as 4% of a company’s global revenues.
The Indo-Pacific market, like Europe, represents significant opportunities for U.S. cybersecurity-related companies. South Korea and Singapore are among the most highly connected countries in the world, and, as a result, offer lucrative opportunities for talented cybersecurity companies. South Korea boasts advanced use of mobile devices and significant intellectual property, it has also been a prime target for cyber-attacks in recent years. With one of the world’s fastest and most mobile IT infrastructures, South Korea also has an insecure infrastructure which is vulnerable to cyber-attacks. The Korean government recognizes the threat to national security and has heightened its security protocols over recent years leading to a number of opportunities for U.S. suppliers of cybersecurity solutions.
Despite its size, Singapore is a significant market for U.S. cybersecurity companies. Singapore is ranked as the most connected country in the world and is universally regarded as the Indo-Pacific region’s number one tech hub. The country is pursuing a “Smart Nation” initiative that leverages innovation, technology, and connectivity to dramatically alter not just how people work and live, but how a city itself operates. With so much reliance on cloud-based functionality and connectivity, cybersecurity is of great concern, which is why the commercial section of the U.S. Embassy considers cybersecurity solutions a leading sector for U.S. companies.
Regardless of which region or market U.S. companies elect to pursue, there are several factors companies should keep in mind. Firstly, while many U.S. companies maintain a competitive edge through technology, how a company approaches a market is very important. This is especially true in regions such as the Indo-Pacific and Latin America where personal relationships are an integral step in the development of business relationships. There is no substitute for visiting the market, meeting potential customers and partners in person to demonstrate your interest and commitment. Secondly, you need a strong and reliable partner, especially in the cybersecurity sector.
A good partner will keep you informed of market conditions, provide connections to potential customers, and, very importantly, will help you navigate local requirements and regulations that would be difficult to identify and comply with on your own. In many instances, a local partner will be required to participate in government-funded opportunities, which can be a considerable part of the cybersecurity market. Finally, U.S. companies need to recognize the resources available to them through federal, state and local providers of export assistance. Especially for smaller companies with more limited resources, these providers can simplify the learning curve, speed up market entry and help to stretch limited resources.
If you would like to learn more about cybersecurity market opportunities abroad and tap into our world-wide network of cybersecurity industry specialists, please visit www.export.gov or contact the U.S. Commercial Service at 412-644-2800.