big companies have been preparing themselves for a few years, I don’t see anything in that CISA notification that hasn’t been pushed super hard internally where I work (I work in Denmark, but for a large company based in the US). Basically my work for the last 3 years or so has been 80% dedicated to security and getting everything up to compliance standards including legacy systems. It is my impression that other large organizations have been doing the same for a few years since security breaches started ramping up.
That said even without certain threats looming, as long as the amount of security breaches are rising as quickly as they are I think growth in the cyber security sector is going to grow along with it.
From an OPS perspective security takes a crap ton of knowledge (and constantly keeping it up) and most companies won’t have the expertise or the resources to do it inhouse, especially when you get out of the large enterprise space. This is where a lot of cybersecurity companies come in, they offer services that will essentially take care of specific areas for you.
Anyways all of this was just to say that most companies who are in the space stand to grow because there are no real alternatives. Most of these things were deemed as being not necessary 10 years ago, but suddenly it’s moving into the area where it’s absolutely vital even for small to medium sized companies.
There are a ton of companies in the space and they usually all specialize in one or a few things.
Things that companies will absolutely need going forward are:
Endpoint protection - This could be something like Imperva ($IMPV) or Cloudflare ($NET). These services are in front of all of the things you have exposed to the internet. They will monitor all incoming traffic and monitor for things like DDoS attacks and also do layer 7 traffic inspection (commonly referred to as a web Application firewall, or WAF). There are other companies in the space, but these are the ones I know of.
Vulnerability management / scanning - Qualys ($QLYS), Rapid7 ($RPD). They might do other stuff, but I mainly know them from their vulnerability scanning. They offer cloud services where you install an agent on all your servers and these agents will report to their cloud service and scan for all published vulnerabilities or known vulnerable configurations for applications. It gives IT professionals a fighting chance at keeping up with all the vulnerabilities that are being published (like the recent Log4j one for example)
That’s just the tip of the iceberg though. There are identity providers like Okta ($OKTA) helping companies provide MFA for their client or internal solutions and there are identity management systems like CyberArk ($CYBR). Proofpoint(not publicly traded) for e-mail and data loss prevention etc.
There are competitors for all of these companies, I essentially just listed the ones I have had personal interaction with because I use them at work.
TLDR: I think the cyber security sector is going to grow massively over the next 10 years. 10 years ago we used nothing of the things I listed above, all of it has been implemented in the last 4 years. We are a large company that is extremely sensitive about our security, so I imagine that there are a lot of companies that are slower moving than us, but everyone will need to do so eventually (especially true for companies dealing with the EU as well because of GDPR).