EFTA01074050.pdf

•• ••• • •• • •• • •• • •• ••• • • • • • • • • • • •• • ••• • • • • • ••• • • • • • • •• ••• • •• • • • • • • • • • •••• • • • • •• •••. • ••• • • • • • •••• • ••• A strategy for investment in global cyber security t tavniiv. withizosznentown / aia iv• ‘ 14 or. • 1 00 1 G5 1 21101001Nimes la 1 01212Sb AZNingAINVIIA 01 1 WM\ MIAs\ I) 0 Gi 1 gtti50001 Was vcaRiMvava vn.s, WoNvinni - M N 0 001 121%,(Ins\ \CV; •nvt,\I% , • -v• ^ •' n Atn %Li C70 V \ I I. ' EISVOGEL EFTA01074050  Project Aspen — A strategyfor investment in global cyber security xecutive Summary lobal cyber security spending 2012: $60 billion Forecast to reach $120 billion by2017 Cyber crime costs the UK economy over £27 billion a year Cyber criminals are now targeting the consumer... Consumer cyber crime affects over 1.5 million victims daily Cyber criminals have switched to targeting mobile platforms and social networks By 2020 261%: more than Growth in 50 billion number of devices will be unique mobile connected to threats in HI the Internet 2013 Global mobile device security market estimated to be worth $14.4 billion by 2017 Secure mobile for consumers and business will become the new norm There is currently no single commercial provider of effective integrated mobile security solutions in the UK or US market place Project ASPEN is targeting small providers of niche security technologies to acquire an operating platform to consolidate further technologies, expertise and businesses in order to build a single integrated mobile security solutions capability provider EFTA01074051  Project Aspen —A strategyfor investment in global cyber security Introduction In the last two decades, technology has dramatically changed the way the world communicates and does business. Traditional boundaries have shifted and we now operate in a dynamic environment that is increasingly interconnected, integrated and interdependent. The technological ecosystem is built around a model of open collaboration and trust — the very attributes now being exploited by an increasing number of criminals and, in extremis, global adversaries. Whilst the digital revolution has evolved the way we conduct our everyday activities it has also created a sophisticated and complex set of security issues. Technology and the internet have become an integral part of everyday life and business. As key technologies become more pervasive government, business and individuals are becoming more dependent upon them for a variety of basic functions. Organisations and individuals now hold increasing amounts of sensitive information electronically and the ability to readily store and share this data across interconnected networks has created new efficiencies. It has also created critical exposure to new risks, which include computer-based fraud, the theft or manipulation of sensitive or private information and viruses that can destroy data, damage hardware and disrupt systems and operations. The World Economic Forum describes this risk associated with these "cyber attacks" as one of the biggest risks that organsiations will face in the next decade. However, the potential impact of cyber attacks on individuals, businesses or organisations is often underestimated and not always fully understood. The proliferation of cyber attacks over the past decade has placed an increasing responsibility on companies and government organisations to become more aware and better prepared for the dangers exposed to them through under-protected networks or from individual negligence. While cyber security risks have dramatically evolved, the approach individuals and businesses use to manage them has not kept pace. The traditional information security model does not address the realities of today. Effective and appropriate cyber security is critical if organisations and individuals are to operate effectively and prosper in our hyper-connected world. The growing sophistication and range of cyber threats, and the increasing awareness of the risks and associated costs, is driving investment in the sector. There is already an active and growing volume of M&A activity. Traditional defence primes are seeking to expand their offerings to Governments, both to provide additional security services and to develop cyber tools that can be used both offensively and defensively against other technologies. Consumers and organsiations are demanding more from the companies that provide hardware and software; existing providers are looking for ways to gain more rapid access to emerging technologies that can differentiate their offerings with enhanced levels of security. As the world becomes ever more connected and demanding of the benefits that unprecedented information sharing and communications creates, there is also a growing awareness of how vulnerable such extensive and complex networks can be. Vast amounts of data are available more readily to more people than ever before, but there is equal recognition that managing and securing the data explosion is increasingly difficult. The divide between work and home is blurring, with constantly connected mobile users now working in ways that create challenges for corporate IT departments in securing their systems without damaging productivity. Added to these trends are the specific impacts of e-finance, the emergence of tougher regulatory standards for data protection and privacy and the development of "new intemets" of large private networks. Together these key trends are driving cyber security as a critical contemporary issue and reinforcing the sector as a major growth industry. This short paper aims to provide an overview of the cyber security sector, defining what is encompassed by the term cyber and the nature of the threat that ultimately feeds it. It examines the key trends that are driving this rapidly evolving industry and, in conclusion, identifies specific sub-sectors and segments where we believe the most attractive opportunities for investors exist. 2 EFTA01074052  Project Aspen — A strategyfor investment in global cyber security Defining "Cyber" The broad term "cyber" encompasses more than just a technology and more than just the internet. It is a domain similar to that of land, air, sea, and space, but with its own distinct characteristics and challenges. The cyber domain has national and international dimensions that include intellectual property, security, technology across industry, trade, culture, policy, and diplomacy. Operationally, it includes the creation, transmission, manipulation, and use of digital information. Technologically, it consists of all converged elements of electronic exchange, including voice, video, and data that involve the movement of electrons and photons across wired and wireless environments. The exchange takes place between devices of varying size and sophistication, such as desktops, laptops, smart phones, mainframes, televisions, radios, supervisory control and data acquisition (SCADA) systems and communications satellites. Convergence brings together digitised content (e.g., television programs, music, and books), digital devices, digital services, telecommunications, and cable into the increasingly interdependent and complex cyber domain, a domain that has little regard for traditional geographical or national boundaries. The threat to this cyber domain is also global, pervasive, and growing exponentially. The threat, when realised, also bears a significant cost to the victim and one that extends far deeper than simply the direct financial cost of response and remedy. Victims of successful cyber attacks are likely to incur significant costs both in relation to remediation and repair, but also in reputational damage, litigation, loss of revenues and compensation. These costs may include notifying affected parties and/or regulators, hiring external advisers, paying fines imposed by regulators, defending or conducting litigation, restoring brand equity, and recreating lost, damaged or stolen data. A cyber threat can be unintentional and intentional, targeted or no targeted, and can come from a variety of sources, including foreign sovereign nations engaged in espionage and information warfare, organised criminal groups, terrorist groups, hackers, virus writers, business competitors, and disgruntled employees and contractors working within an organization. Cyber threats by their very nature pervade national boundaries and legal systems. Cyber security encompasses all aspects of defending information and systems from risks such as cyber terrorism, cyber warfare, and cyber espionage. In their most disruptive form, cyber threats work to infiltrate and attack secret, political, military, or infrastructure assets of a nation and its people. Cyber security is consequently a critical part of any national security strategy. Most broadly cyber security is therefore the collection of tools, policies, security concepts, safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber domain and organisations and individuals data and hardware. A recent report for the UK Government estimated that the cost to UK companies of cyber security breaches had tripled since 2012 and that attacks are costing the UK economy around £27 billion in losses annually. To give some context to the extent of the threat; around 90% of all British companies suffered some form of cyber attack in 2012. The US IT firm Symantec assesses the theft of intellectual property costs US companies in excess of $250 billion per year and estimates the total global cost of cybercrime at over S1 trillion. In response the UK, US, and other governments are investing heavily in raising cyber capability at national level and in critical supply chains and national infrastructure. The U.S. Federal Government has allotted over $13 billion annually to cyber security since late 2010 and the UK Government has now committed a further £210 million of investment in addition to the £650 million already allocated for its National Cyber Security Programme. Recently there has been increasing global awareness, through well-publicised cases in the media, of the impact cyber attacks have had on both government and commercial organisations. Anti-virus vendors report increasing volumes of malware on the internet against which "patches" to software and applications have to be deployed (through regular software updates). Operating systems are a fruitful target, whether on mobile devices or computers. The cyber security market broadly splits into two subsets. The first is the development of products and services for offensive applications. These are largely (if not exclusively) designed for government and 3 EFTA01074053  Project Aspen — A strategyfor investment in global cyber security• military use, and are often also referred to as cyber warfare or cyber attack and defence. The second encompasses the IT domain (primarily Internet Protocol or just `Internet' connected devices), but also telecoms equipment and industrial equipment for both commercial and personal users. The cyber security industry is comprised of companies that provide products and/or services for defensive and offensive applications across both the government and IT domains. Market size and projected growth Global cyber security spending was approximately $60 billion (£38.5 billion) in 2012 and is expected to grow at close to 10% annually over the next 3 to 5 years. Global Industry Analysts Inc put a headline figure on the sector of $80 billion (£51.3 billion) by 2017. Visiongain also estimates a global market size of around $60 billion (£38.5 billion) for the 2012 market but goes further to estimate that the market will reach $120 billion by 2017. The US accounts for over half of the total global revenues for cyber security. The next largest market is Japan, followed by the UK. In most countries, the private corporate sector accounts for the majority of cyber security spending. The notable exception is the US where government spending is almost equal to that of the private sector. US Federal Government spending is around $13 billion per annum, with a CAGR of 6.2% over the period 2013-2018. • NoM America • Scs.th knees • Western Europe • Made Eat ante Peolfc •APAC Oncl .-04 6 Grins) • Euwe • MENA • WM /envoi • Earth Amenca • Eastern Europe Fig 1: Cyber Security Market: Global Fig 2: Global Cyber Security• Market Revenues 2010-2020. Spending by Region 2011. Governments typically spend a higher than average percentage of their overall IT budget on security and cyber than the private sector because of their enhanced need to protect their information. Moreover, because of their more demanding architectural needs their IT systems typically cost more than those in the private sector. Our estimate is that the UK government spends around £12 billion per annum on IT and around £1bn per annum on IT security, including cyber security measures. Furthermore the UK government is making increased spending commitments to its National Cyber Security Programme, which is intended to improve capacity and capability in government, supply chain and society on both defensive and offensive capability. In addition, certain government agencies in both the UK and US are devoting more of their internal resources to this growing problem — achieving this capability will require technology solutions and support. The private sector generally is a far larger market. Spending in the UK is currently around £60 billion per annum on IT but less as a proportion on cyber and system security. Our estimate is that the private sector typically spend around 5% to 7% of their IT budgets on security, suggesting an annual spend of around £3 to £5 billion. The private sector's cyber security needs are different to government, focusing more on the protection of assets, whether customer data or IP, and having a resilient infrastructure that ensures robust productivity and commercial resilience. 4 EFTA01074054  Project Aspen —A strategyfor investment in global cyber security Recent high profile security breaches and subtle yet aggressive corporate espionage cases have highlighted the scale of the threat faced by business from cyber security attacks. Commercial organisations must now accept that this issue is no longer the preserve of IT departments and the CIO. The simultaneous benefits and vulnerabilities inherent in digital networks are board level issues. One of the key problems is the fact that organisations may not be immediately aware that they have been the target or the victim of an attack. Direct targeting of intellectual property, theft of customer and client information, vulnerability of supply chains, and reputational protection for both customers and shareholders are among the critical isks faced by organsiations on a daily basis. In the UK alone an average of 33,000 malicious emails a month, containing sophisticated malware, are blocked at the gateway to the Government Secure Intranet. In addition, a far greater number of less malicious threats, comprising less sophisticated malware and spam, are blocked by the UK Government on a monthly basis. There have been a number of high profile cyber security incidents this year alone, from computer hacking groups, such as LulzSec's attack on the Sony Playstation network to foreign intelligence services, including an attack in March where 24,000 confidential files were stolen from a Pentagon defence contractor. More recently, quasi-political activist groups such as Anonymous have targeted a range of high-profile businesses and organisations. The apparent ease with which some of these activities have taken place has very publicly highlighted the importance of effective cyber security. The costs arising from such breaches have also focused corporate attention on security. Sony reported that the hack of its PlayStation network and the consequent loss of its network availability will cost its business over $170 million. Viruses have also been developed to attack specific types of equipment. The Stuxnet virus, for example, aimed at industrial control systems, was largely attributed with the problems that hit key Iranian nuclear facilities, impacting its uranium enrichment programme. On a more personal, but no less sensational, level, the breach of individuals' mobile phone voicemail accounts by reporters from a News Corporation publication, The News of the World, has also highlighted the vulnerability of telecoms and other personal mobile equipment to unauthorised access. Against this backdrop of growing threats deal activity continues to increase. Cumulative global corporate spending on cyber security deals since 2008 totals nearly $22 billion, an average of over S6 billion in each year. Acquirers have been from a range of sectors including technology, IT services, aerospace & defence as well as financial investors. Much of this activity is being driven by the large global defence primes who's traditional global aerospace and defence markets are worth around $450 billion. However, revenues in the traditional defence sector are not expected to show much growth over the next decade at least, so the cyber security represents a significant opportunity for the defence majors. Many have already grasped this opportunity through acquisition as well as building on, and organically growing, their own in-house cyber security solutions. BAE Systems purchased Detica for £531 million and Boeing has acquired up a range of specialist providers, such as Narus Inc and SMSi. BAE and Safran shared a purchase of L-1 Identity Solutions, and Raytheon has spent over $1 billion on a range of smaller cyber companies over the past four years. QinetiQ, an important player in Europe, has also made several acquisitions. 5 EFTA01074055  Project Aspen — A strategyfor investment in global cyber security IT Infrattracesue • Increase in penetration if high speed and wireless networks. rritiladdeos • Centralisation of IT resources and adoption of cloud computing. • Proliferation of IP connected devices and growth n functionality. • Improved global ECT infrasbucare • Device convergence. • Erosion of wonsbocial divson in personal IT - Bring Your Own' approach to enterprise • Evolution n user interfaces and emergence of (irruptive technologies. Explosion of "Big • Greater sharing of sanative data between onsannations and individuals. 2 Doke' • Significant 'unease in visual data • Greater number of the worlds population comeaed. • Greater volume of automated traffic from devices • Multiplication of devices and applications generating traffic. • Greater need for the classification of data. • More data being stored 'at -eV' on ever h gher- capacity devices. Always-on ea ahem- • Greater connectivity between people driven by social networking devices 3 connected world • Increasing connectivity between devices • Increasing information connectivity and data mining • Increased Crtical National Infrastructure and public services connectivity. -a Future finance • Rising levels of electronic and =Ode commerce and banking. 4 • Development of now banking models. • Growth in new payment models. • Emergence of digrtal cash. 5 Law, negadotions and standard* • • • Increasing legal protecton and regulation relating to privacy increasing standards on inkxmation security Nationally imposed standards for industry ■ 1 • Globalisationr as an opposing force to increased natonal regutaton. More than one inkmerst • Greater censorship. 6 • Political motivations driving new statotregonal ['cornets • Now and more secure intranets • Closed socel networks • Growth in pad content New identity and trust • The effectiveness of current denoty concepts continues to ded ne 7 models • identity becomes increasingly important in the move from penrretor to informaton based • Now models of trust develop for wept°. infnagructure. induct rig devices and data Fig 3: Key trends and drivers in the cyber security sector. The cyber market has, to date, been mainly dominated by large-scale corporations responding to the increasing demand from the Government sector. This capability requirement has traditionally been met by the large US and UK defence primes, including companies such as Lockheed Martin, General Dynamics, Northrop Grumman and BAE. Some of the most prominent traditional information technology sector players have also been engaged in the cyber domain as well as the traditional security software product providers such as MacAfee and Symantec. Hewlett Packard, IBM, CSC, CGI, Unisys, Cap Gemini and the large telecoms integrators such as Siemens and BT have increasingly large cyber capabilities. Together these major companies dominate the government and larger scale corporate sector. They are primarily focused on delivering cyber as a managed service including the network and security operating centers that actively manage the infrastructures that they are contracted to deliver. Going mobile — the exploding trend We live in an increasingly connected and mobile world. In recent years, there has been a fundamental transformation of the mobile ecosystem. Evolving technologies are presenting new opportunities for applications. Smartphones, tablets, portable gaming consoles, digital media players and cameras can deliver powerful integrated computing functionality which only desktop computers were capable of less than a decade ago. Mobile devices have been transformed into a multi-purpose utility with multimedia capability, delivering critical tools for personal expression, enterprise and entertainment. Mobile devices are now used for video 6 EFTA01074056  Project Aspen — A strategyfor investment in global cyber security conferencing, storing documents and media, sending and receiving messages, online banking, gaming, navigation, shopping and other entertainment purposes. Many individuals, and in particular the younger generation, now rely on their mobile device to act as their digital identity for a carrying out a number of critical daily operations, such as completing financial transactions, and as a way of communicating within their social network. Since the launch of devices like BlackBerry and iPhone, the smartphone and tablet market has rapidly evolved in three key areas: technology (better hardware and more optimized software), market (sales, number of users, number of applications), and connectivity and infrastructure (3G and 4G LTE). This sector has experienced considerable growth as opposed to "traditional" computer markets, whose sales have seen significant reductions as a result of the growth of mobile devices. While the traditional PC market has experienced a year-on-year decline of 11.2% (as of the first quarter of 2013), mobile device (netbook, smartphone and tablet) shipments exceeded 300 million devices in the first quarter alone, a year-on-year growth rate of 37.4% during the same period. A total of over 1 billion smartphones are expected to be sold in 2013, compared to the 700 million smartphones that were shipped in total in 2012, in itself a 43% increase over 2011's numbers. The increasing adoption and the roll-out of more powerful mobile data networks (for example 4G LTE) in many regions will increase the availability of broadband and parallel services such as e-commerce, mobile payments, mobile banking, access to cloud services, video streaming and content download. Availability of such services further reinforce the critical role of mobile devices as well as increase the "attack surface" — the vulnerability and exposure to attack. In 2013, for the first time, the number of people accessing the intemet via a mobile device will be greater than those who use a PC. This distinct and measurable shift towards the use of mobile devices, such as phones and tablets, replacing PCs as the primary method of accessing the intemet presents clear opportunities for individuals and organisations to exploit the benefits of mobile and cloud technologies. Worldwide smartphone sales are forecast to hit one billion units in 2013 while connection speeds are forecast to rise sevenfold by 2017. Despite the scale of adoption of mobile devices there are still 5 billion global mobile phone users, which suggests that the growth in the total number of smart phone users still has some way to go. Networks are becoming more robust and able to handle larger and larger volumes of data. The number of networked devices is estimated to outnumber people by six to one, transforming our current conceptions of the internet. Global Mobile data traffic 2012 Global data traffic in mobile networks ernartphorte subscriptions 1600 watery we. POW3Y10.3 1400 1200 • •Voice •Data 2018 forecast 1000 4.5bn BOO ' 600 - 2012 400 1 2bn 200 • Fie sharing •1Adeo MAP • Audio • Encrypted • Social networked •Web browsing • Software updates 'Other 06 07 08 09 10 11 12 13 90% lbn 85 minutes 90% t Global population Smart phones Average lime that Global data traric with a mobile forecast to be smartphone users spend on over mobile phone today sold in 2013 social netwoncs per day devices by 2016 EFTA01074057  Project Aspen —A strategyfor investment in global cyber security Together with the rise in smartphones sales, the number of mobile applications downloaded from Google Play and Apple Store have also increased over the same period of time. In July 2011,15 billion downloads from Apple Store were registered globally, while in March 2012, this number had almost doubled to 25 billion with a total of 550,000 available applications for iPhone, iPod and iPad. In the case of Google Play, the figures indicate a similar growth rate: in September 2012, the service reached 25 billion downloads around the world and a total of 675,000 applications and games. At the same time, 1.3 million Android devices are activated every day. Mobile devices (tablets and smartphones) have rapidly evolved in terms of both hardware and software. The market now offers smartphones with quad-core processors, increased RAM, more advanced graphic processors and other features that allow more complex tasks than was ever possible before. At the same time, new versions of operating systems like iOS, Android and Windows Phone have improved in areas like usability, functionality and performance. Society has increasingly adopted this mobile equipment with the intention of staying connected to family, friends, and work; consuming gaming or informative content; streamlining banking operations; and so on. The volume of malware designed for mobile devices is a direct response to the speed at which technology is being adopted. As this market grows and technology is enhanced, and as users store increasing amounts of sensitive information and use their devices to complete critical tasks, while not adopting the necessary security measures, the threats designed to exploit them will continue to grow in parallel. 00 40.000 36.000 60 30.000 40 25.000 30 20.000 16.000 20 10.000 10 6.000 0 0 2009 2015 2020 2010 2012 2014E 2018E 2018E 2020E Fig 4: Global total number of devices tonnened to the Fig 5: Total global digital data (exabges). interne. In the workplace the lines between personal and professional technology, home and office are blurring. Increasing numbers of organisations are allowing employees to bring or choose their own devices (BYOD) or are providing them with smart phones, laptops and tablets to work and to access sensitive information on the move. The BYOD phenomenon is directly related to the development of increasingly advanced mobile devices and applications. BYOD implies that a company's employees can carry and use personal devices such as laptops, smartphones and tablets within the corporate environment (including access to Wi-Fi wireless networks, VPNs, shared files and printers, among others). In the UK 87% of large organisations and 65% of small businesses now allow mobile devices to connect to their systems remotely. It saves money, increases efficiency and attracts and retains staff. Intel, for example, calculates that employees using their own devices save up to 50 minutes a day and that productivity gains will be worth $177 million this year. Consequently, unless the necessary security measures are taken, BYOD can introduce significant security threats. For example, an employee could have access to all his employer's corporate resources through a smartphone that is infected with a malicious program, and that program could steal the organisation's confidential information. Another problem that may arise as a result of this trend is the theft or loss of a mobile device; therefore, if it is not properly protected, a third party could access the sensitive data stored on or accessible via the device. The consumerisation of IT is one of the biggest challenges facing businesses and government departments worldwide and whilst there are clear business benefits from the use of mobile devices, companies also need to be aware of the critical data loss and security risks 8 EFTA01074058  Project Aspen —A strategyfor investment in global cyber security associated with them. As mobile devices become even more pervasive and store more personal and corporate data, new tools to secure that information will drive the mobile-security market. 6.000 5 Billion 2000 Motile • SfrWIDhOne Phone Users 1800 5.000 • Mobile Phone 1600 1400 1200 3 3.000 "‘ 1000 600 2,000 1 Billion Smarlphone 600 Users 400 1.000 —Mode 200I 0 0 2007 2033 2000 2010 2011 2012 2013 2014 2015 Fig 6: Global Smartphone and Mobile Phone Users 2012. Fig 7: Global mobile vs. desktop interpret users 2007-2015. Companies are also increasingly adopting remotely hosted services in the cloud as an affordable and easily accessible alternative to internal IT systems. Over 80% of UK companies are now using at least one cloud computing service. Website and email remain the most commonly used services, particularly for small businesses, where the majority of websites are external and many use an externally hosted email solution. The biggest rise in cloud computing usage has been data storage on the cloud and increasing numbers of companies are storing confidential data on the Internet. Both large and small organisations have confidential or highly confidential data on the cloud. Though cloud computing remains in its infancy, security and privacy issues have been magnified by the velocity, volume and variety that it presents. The use of large scale cloud infrastructures, with a diversity of software platforms, spread across large networks, also increase the attack surface of the entire system. The increased risk to personal and corporate data is the 36% key opportunity for the mobile-security industry. The global market for mobile security is expected to reach $14.4 billion by 2017. Issues such as data breaches, unauthorised access to and loss of personal information stored within the mobile phone, malware and malicious applications all highlight the need for 2012 2016E more comprehensive and effective mobile security. Fig 8: Growth in totalnumber offdes belonging to end-suers stored in the cloud. When it comes to protecting the enterprise, IT departments are also increasingly looking beyond basic, simple security applications; demand for specialized services is beginning to drive the market. Network security, managed security and professional services are set to become the biggest categories for business-to-business mobile security. Bundled network security, which includes unified threat management, deep packet inspection, virtual private networks and remote device management, will become ever more important. Increasingly, mobile security is concentrating on services for mobile devices, identity and authentication management, as well as for audits, certification and consulting. 9 EFTA01074059  Project Aspen - A strategyfor investment in global cyber security Growing threats and increasing awareness As mobile devices proliferate so do the number of threats designed specifically to exploit them. In the first six months of 2013 the number of unique mobile threats has grown by 261%. Increasingly complex malware is taking advantage of the wider range of mobile functionalities and are specifically deployed to exploit vulnerabilities on the device and in the network. At the start of 2013, researchers at the anti virus software company McAfee Labs identified 36,699 mobile malware samples. 95% of those samples only appeared over the course of the previous 12 months. In comparison, McAfee fl ojanA °twined. threat researchers gathered just 792 samples of mobile malware in total during 2011. Kaspersky Lab, a competitor to McAfee, identified a total of 22,750 new modifications of malicious programs targeting mobile devices during Q1 2013. This is in comparison to a total of 40,059 modifications of malicious programs targeting mobile devices detected over the whole of 2012. 99.9% of the threats identified targeted the Android platform (Android remains the preferred operating system in more price-sensitive markets such as Asia and Latin America). The most prevalent category of mobile threats is that of SMS trojans, which send unauthorized text messages to short, premium-rate numbers. Other threats include information theft (spyware), and the transformation of machines into zombies (botnet recruitment). Many trojans target internet users attempting to download software for their mobile devices from dubious sites. Often, cybercriminals use these websites to spread malware under the guise of useful software. "Adware" trojans are used by the developers of free software to monetize products by displaying ads. Cyber criminals are able to disguise malicious programs as new versions of other popular apps (e.g. Skype, Angry Birds). T00% CO0% • Subsunption to 00O% Prom.Len SMS NLmbers •0 0% • Tvn ng Dome into Zombie 70A% • in'oematte Theft 20 0% (Soywaro) 10.0% DO% Aunt OS Syfroon liamodlorry hIcroost pP•n Fig 9: Smartphone sales to end users by operating system in the Fig 10: 2012 Threat Families and Malicious Actions Second Quarter of 2012 (Payloads). There have been two notable incidents in Q1 2013 involving mobile malware: In the first two weeks of March a new banking trojan targeting mobile devices, and allegedly affecting users in 69 countries, was identified. Dubbed Perkel it was designed to steal text messages containing mTANs (online banking transaction references). The second is the MTK Botnet, which by mid-January had infected up to one million Android devices owned primarily by Chinese users. The trojan spread via unofficial Chinese app stores with popular, cracked games. In addition to stealing information about the infected smartphone, user contact data and messages, threats in this family also send out false ratings on a variety of applications. To do so, the trojans stealthily download and install apps on the victim's mobile device, and then give that app the highest possible rating in the app store. Then, they report their actions to a remote server. Incredibly only 4% of smartphones shipped in 2010 were sold with any form of pre-installed security 10 EFTA01074060  Project Aspen — A strategyfor investment in global cyber security software. A similar study in the UK in 2011 identified that only 5% of smartphones and tablets had third- party security software installed on them. It is estimated that given the nature of the extant vulnerabilities and emerging threats that this number will grow rapidly, with some within the industry estimating that this will grow to as much as 20% of all mobile users installing some form of third party security software in the next 24 months. Market opportunity The growing number of threats targeting mobile devices and the exponential growth that both the devices and accompanying malware are experiencing present a clear opportunity in the confluence of cyber and mobile trends. Recent global media coverage of