- The Biden administration's response to the widespread SolarWinds cyberattacks will reshape the $134.6 billion cybersecurity industry for years, experts say.
- A new prioritization of cybersecurity at the White House will bring more federal contacts, more collaboration with the private sector, and more regulation, they say.
- Some $200 billion is about to pour into cloud-based cybersecurity, according to one forecast, benefiting Tenable, Microsoft, Palo Alto Networks, and Netskope.
- Investors also say little startups like SightGain and Scythe will pull in venture capital, as government and industry seek new tools.
- Visit Business Insider's homepage for more stories.
The Biden administration's response to the widespread SolarWinds cyberattacks will reshape the $134.6 billion cybersecurity industry for years, as federal agencies and big companies beef up their defenses and new standards and regulation are implemented, according to government leaders, cybersecurity CEOs, investors, and analysts.
A new prioritization of cybersecurity at the White House will bring more federal contacts, more focus on nation-station threats and cybercrime, more collaboration with the private sector, and more regulation of how companies address cyber threats, experts say.
"The Biden-Harris Administration will make cybersecurity a top priority, elevating it as an imperative across the government from day one," a Biden transition spokesperson told Insider on Friday. "We will strengthen our partnerships with the private sector," the spokesperson said, and "expand our investment in the infrastructure and people we need."
That will give some additional tailwind to the entire industry: Some $200 billion is about to pour into cloud-based cybersecurity, according to one forecast, as big firms including Tenable, Microsoft, Palo Alto Networks, and Netskope rake in lucrative contracts and smaller startups like SightGain and Scythe pull in venture capital, analysts and investors say.
New SolarWinds CEO Sudhakar Ramakrishna wrote in a blog post Thursday that the company is working "in cooperation with important stakeholders – including industry colleagues, third-party cybersecurity experts, law enforcement, and intelligence agencies." Ramakrishna's appointment was announced two days before SolarWinds reportedly knew about the breach. The company has hired Chris Krebs, former head of the Cybersecurity and Infrastructure Security Agency, as well as Alex Stamos, former Facebook security chief, to act as advisors on how to address the attacks.
Here's how government and industry experts say Biden will approach cybersecurity, and who that will benefit in the industry.
Biden will bring more federal-industry collaboration
Federal officials are signalling that new industry coordination is on the way. This week Biden named veteran National Security Agency official Anne Neuberger as filling a new role in the White House, indicating to analysts that cybersecurity will be a new priority – with increased spending. Analysts told Insider on Friday that the appointment of Neuberger, who coordinated NSA partnerships with the cybersecurity industry, was a signal that the administration wants to work closely with cybersecurity companies.
In terms of cybersecurity policy, prominent figures in the public and private sectors both see change coming to the relationship between the government and the tech industry.
Sen. Mark Warner, a Virginia Democrat and vice chairman of the Senate Intelligence Committee, said on an Aspen Institute cybersecurity panel Thursday that the government could consider a national board similar to the National Transportation Safety Board to review big breaches the way the NTSB does plane crashes. SolarWinds points out the need for "some notification process" required of companies, Warner said.
On the same panel, Kevin Mandia, CEO of FireEye – the company that alerted the government to the SolarWinds supply chain attacks, widely believed to have originated in Russia – said the government should have a robust response to nation-state hacking and ransomware, which he said come from the same actors.
Mandia called for a "strong policy and international cooperation to shut down ransomware," which he said "will in fact be invoking punishment on the very people that probably did" the SolarWinds attacks that hit government agencies and thousands of companies.
Calling for federal guidelines on the response to ransomware, the paralyzing cybercrime that locks up enterprises' systems demanding payment, Mandia said "We can damn well have norms for ransomware. The whole world is sick of hospitals, pharma companies being targeted for ransomware and watching billions of dollars leave the United States and other Western nations."
Theresa Payton, former White House chief information officer and CEO of cybersecurity consultancy Fortalice Solutions, says more collaboration between federal agencies and the cybersecurity industry is ahead.
"It is very likely President Biden's response will include financial sanctions, enhanced counter surveillance, and a renewed commitment to ensure supply chain risk management provides more visibility and transparency to avoid the next attack like this," she told Insider on Friday. She believes the new administration should "quickly develop and drive a White House strategy that focuses on compelling cybersecurity threat intelligence sharing between the public and private sector."
Biden's new approach is a 'windfall' for the industry
The heightened federal focus Biden has vowed in response to SolarWinds will benefit many companies and sectors, said Daniel Ives, managing director of equity research at Wall Street analyst firm Wedbush Securities.
Ives told Insider on Friday that he expects growth especially in cloud security and the "zero trust" areas of user authentication and vulnerability management. Zero trust is the approach that relies on verifying users continually and addressing instructions rather than relying on traditional antivirus and firewall-based approaches.
"What it's going to do is bring more and more spending, and a shift from hardwire infrastructure to software," Ives said, benefiting big companies, major startups, and young startups as venture capital flows into the booming industry.
Microsoft, "frustrated by being caught up in SolarWinds," will further expand its cybersecurity offerings under Biden, building more into its products, he predicted. The tech titan found that its own security had been breached via the SolarWinds hack in December, though it's said that its own products and services remain secure.
Telos, ZScaler, Checkpoint, Fortinet, Netskope, and Palo Alto Networks will benefit as federal agencies and big companies look to cloud solutions at scale. Companies that authenticate enterprise users will also see increased business, including Okta, CyberArk, Sailpoint Solutions, and Ping.
Real cybersecurity innovation will come when the public and private sectors work together
Others said that while Biden can direct government's approach to SolarWinds, the industry will bring the most change.
"Any new administration can only do so much, regardless of how much they spend. The commercial sector is where the advancements are made. Most of these commercial advancements in cybersecurity are actually built by practitioners who come out of the NSA, DARPA, CyberCom, CIA," said Mike Janke, cofounder of the cybersecurity startup incubator DataTribe. "This is where we should put the money."
Biden's response to SolarWinds will mean "all things network security, endpoint and cloud security, as well as services will boom," Janke said.
Nikesh Arora, CEO of Palo Alto Networks, told Insider on Friday that government must work better with industry under Biden. "Government needs to accelerate the deployment of innovative technologies as a core element of cyber-defense," he said. "That's what protected our systems and is the only way to rapidly respond to sophisticated attacks. The bad actors are always trying to out-innovate us. We can't let government agencies get mired in red tape that inhibits the adoption of new defensive capabilities."
New companies will also benefit, analysts and investors say, as new innovation is sought to address the issues raised by SolarWinds, such as supply chain weaknesses, and the difficulty finding vulnerabilities.
Investors say Janke's investment SightGain, which uses cybersecurity intelligence to test whether companies are secure, could benefit from the government's SolarWinds response.
Ron Gula, a former National Security Agency hacker, Tenable executive and investor in 50 security companies is advising Congress and the White House on the response to SolarWinds. Gula sees a "doubling-down" on companies that "can simulate things like SolarWinds," such as his investment, Scythe.
Scythe hacks federal agencies and companies to show where they are vulnerable – and happens to be run by a former federal cybersecurity advisor with close ties to how the government is addressing cybersecurity.
To stay ahead of the Russians and other threat-actors, the government must innovate, and that means connecting more with small companies, says Bryson Bort, CEO of Scythe. Bort is a special advisor to the Cybersecurity and Infrastructure Security Agency last year, and is a senior fellow at the R Street Institute think tank.
The US needs to speed up procurement of new cybersecurity tools, Bort told Insider Friday. "I think this will accelerate under Biden. It has to for us to turn this battleship."