The critical role of defence companies in cyber security
From defending the integrity of elections to protecting intellectual property, cyber threats have been near the top of many governments’ agendas for several years now.
Industry research duly suggests that cyber security spending as a portion of government budgets has been increasing. In most cases, the protection needs of national-security institutions – whether GCHQ or the Pentagon – can only be met by defence firms. These companies are specialised in cross-border attacks and possess the ability to build defences at the requisite scale. As a result, we expect such defence companies’ revenues to grow as governments increasingly depend on the cyber solutions offered by these firms.
Over the past few decades, the aerospace and defence industries have undergone a critical transformation as military and civil infrastructures have become increasingly interconnected, thereby making them more vulnerable to cyber attacks. These industries are adapting to this digital disruption: according to GlobalData, cyber security was the most discussed topic within the aerospace and defence community in 2019.
This is warranted. In January 2020, a state-sponsored hacker group attacked a US government database, the Federal Depository Library Program website. Australia was also targeted by highly sophisticated and widespread cyber attacks earlier this year against “all levels of government”, according to its prime minister. State-sponsored hacks are markedly different in scale and sophistication from other attacks, and they doubled in volume between 2016 and 2018.
Even large organisations such as Twitter* have been increasingly raising concerns about state-sponsored attacks. In fact, Twitter has removed more than 10,000 bots posting messages deterring people from voting and highlighted two state-sponsored operations spreading disinformation on its platform.
Coming to our defence
In order to embed security products into their business verticals, aerospace and defence companies have developed end-to-end cyber security strategies, hired specialised workforce, partnered with IT and software providers, and have been on an acquisition spree too.
Take BAE Systems* as an example. The company shifted its strategy towards cyber security solutions by acquiring five cyber security firms between 2001 and 2018. In August 2020, BAE won an $85 million five-year contract to continue developing and deploying solutions for secure information transfers between US government networks. BAE also partners with many software vendors that specialise in cloud services, and employs over 10,000 people in its Intelligence & Security Group.
Similarly, Northrop Grumman’s* Cyber & Intelligence Mission Solutions segment employs more than 2,300 people in the US who help detect and thwart nearly 36 million cyber attacks the US Department of Defense faces every day. General Dynamics* has more than 3,000 cyber professionals and also partners with cyber security providers such as Symantec*, CyberArck*, Rapid7* and FireEye*.
Artificial intelligence in cyber security
Over the years, aerospace and defence companies have been at the forefront of innovation across a wide range of Internet of Things, AI and cloud technologies that are only now being exploited in the wider cyber security field. The focus on AI-related cyber solutions is also the result of the growing concerns about AI’s impact on attacks. A June 2019 Accenture survey found that 84% of executives believe that AI will continue to drive cyber risks in the near future.
Northrop Grumman launched a research consortium for AI and machine learning in 2019, with the collaboration of leading universities in this domain. Earlier this year, Thales* introduced its new AI-based Cybels Analytics platform, which allows users to detect sophisticated attacks in real time, including new unknown threats. Cybels Analytics increases the number of indicators of detection by a factor of three, helping to reduce detection time down to a few days from the prior average of three months. And in September, BAE announced the launch of its new anti-money laundering cyber solution, built on Amazon Web Services to protect very sensitive data through its cloud security capabilities.
As cyber attacks continue to evolve, defence companies are now serving a wider range of customers and are actively engaged in several cyber security sub-segments. Although governments currently remain their primary customers, corporations are also starting to benefit from the cutting-edge solutions of defence companies in cloud security, data encryption and payment security. We therefore expect defence companies to continue to expand their customer base and play an indispensable role in the cyber security industry.
*For illustrative purposes only. Reference to a particular security is on a historic basis and does not mean that the security is currently held or will be held within an LGIM portfolio. The above information does not constitute a recommendation to buy or sell any security.