Exploring the evolving landscape of cybersecurity patents and innovations

Today, innovation within cybersecurity is critical. The rise in remote working and cloud computing, among other factors, continues to expose vulnerabilities that cyber attackers are quick to exploit. As cyber threats become more sophisticated, cybersecurity prevention measures must evolve as well.

Cybercrime Magazine expects global cybercrime costs to grow by 15% per year, reaching $10.5 trillion USD annually by 2025. Although large enterprises often dominate the headlines when it comes to cybercrime, Verizon’s latest Data Breach Investigations Report highlights that even very small organizations are just as attractive to criminals. In many ways they can be more appealing targets and the cost of a cyber attack can, and has, made small and medium-sized businesses (SMBs) bankrupt.

Companies of all sizes must keep pace with new technologies and future developments to avoid becoming a target. It’s innovations within cybersecurity that are laying new foundations to help defend against unwanted attacks on businesses.

To take the pulse of how cybersecurity innovations are shaping the prevention measures of the future, IS Decisions analyzed thousands of cybersecurity patent filings. Read on to learn which countries, industries, and companies are leading the way when it comes to cybersecurity innovation.

Cybersecurity industry growth

One way to gauge cybersecurity innovation over the past few years is to understand how much the sector has grown. Data shows the industry’s steady growth, with revenue more than doubling from $83 billion in 2016 to a projected $166.20 billion in 2023. We can assume that increasing awareness of data risks and threats is at least partially responsible for the global cybersecurity market’s robust growth over the last few years.

Cybersecurity patent applications per year

The number of cybersecurity patent applications per year shows that the amount of investment, research, and development going into finding new ways to help prevent cyber attacks is huge.

Since the turn of the millennium, there have been 2,269 applications filed to date that relate to cybersecurity. Applications have accelerated over the last 10 years, which can be linked to a rapid growth in innovation.

In the early 2000s, crime organizations started to heavily fund professional cyber attacks, and governments clamped down, holding hackers accountable with criminal penalties and serious sentences.

However, cyber attacks continued to rise, and the 2010s saw many high-profile breaches and attacks impact national security across the globe, costing businesses millions. This could explain the jump in cybersecurity patent applications during this period, as inventors worked to find new and innovative ways to prevent attacks.

In 2020, filings peaked with a total of 453 applications received by patent offices around the world. That number dropped in 2021, indicating that cybersecurity advancements slowed down because of the global pandemic’s impact and the disruption caused to the economy.

What’s clear from the data is that the last few years have seen a huge spike in innovation. The widespread adoption of mobile and cloud applications, as well as the use of artificial intelligence (AI), introduces new vulnerabilities that call for a different approach, and therefore new security solutions.

The graph below reveals how the cybersecurity patent landscape has evolved:

The countries leading the way in cybersecurity patent applications

Competition between countries can be fierce when it comes to innovation, but the data shows there are clear winners when it comes to the offices receiving the most cybersecurity patent filings.

The U.S. tops the list, with 1,087 patents filed with the U.S. Patent and Trademark Office (USPTO) since 2000. With an estimated 1.3 million cybersecurity professionals in the U.S., the country has the biggest cybersecurity workforce in the world. This could explain why it leads the way in innovation within this space.

International patent applications account for the next highest number, with 326 filed since 2000. International patents are filed under the Patent Cooperation Treaty (PCT) administered by the World Intellectual Property Organization (WIPO), and provide worldwide patent protection. This means that PCT patent holders can defend and safeguard their intellectual property in all of the 157 contracting states.

China ranks next, with 304 cybersecurity patent filings received by the Chinese Patent Office. This is interesting because China leads the world with the most patent applications in general as of 2022. However, the country has been criticized in the past for its high level of abnormal and fraudulent patents. Studies dating back to 2014 discovered that the quality of China’s patent applications was below the world average. Therefore, in recent years, the Chinese government has made it a priority to improve the quality of its patents by introducing strict new requirements to regulate abnormal filings.

The European Patent Office (EPO) comes in fourth place, with 250 patent filings received. Applicants seeking patent protection in Europe can either apply through the European Patent Office, which provides a single examination procedure for all 39 EPO member states, or via the national route. This involves filing applications “at the IP offices in the countries for which you are seeking protection.”

The European patent application system via the EPO remains the default for many who seek patent protection in Europe. The EU is working on various fronts to promote cyber resilience, fight cybercrime, and foster cyber diplomacy and defense. It recently committed €49 million to boost innovation in cybersecurity and privacy systems.

The companies applying for the most cybersecurity patent applications

To examine cybersecurity innovation growth from another angle, we also looked at which companies and industries lead the way in cybersecurity patent applications.

The third largest electronics company in China, China Electronics Technology Group Corporation (CETC), applied for the most cybersecurity patents worldwide, with a total of 135. This is followed by 114 applications from Honeywell, an American multinational conglomerate operating in aerospace and automotive, as well as building technologies, performance materials, and safety and productivity solutions. Argus Cyber Security, an Israeli automotive cybersecurity company, ranked in third place, with 67 applications. Other notable mentions include Microsoft, with 52 applications, and IBM, with 35 applications.

Companies in the aviation and aerospace industry appear twice in the top 10, which could indicate a response to the growing frequency of cyber attacks on the industry. According to The European Organization for the Safety of Air Navigation (EUROCONTROL), there was a 530% rise in cyber attacks between 2019 and 2020, with 775 cyber attacks against airlines.

Furthermore, the 2023 Aviation and Defense Cyber Security Global Market Report states that “Rising cyber-attacks in the aircraft industry are expected to propel the growth of the aviation and defense cyber security market going forward," and the cyber security market in this space is projected to rise from $66.21 billion in 2021 to $75.53 billion by the end of 2023.

The graph below shows how cybersecurity innovation is becoming more prevalent across several industries:

The top patent applications by type of attack

When it comes to developing new prevention methods against certain types of attacks, cybersecurity patent applications reveal where innovation is taking place. Patent applications related to denial-of-service (DoS) attacks come out on top, with a total of 1,406 filed.

The first documented DoS attack dates back to early 2000. Fast forward two decades and these attacks have grown bigger and bolder. Although DoS attacks don’t typically result in the theft or loss of significant information or other assets, they can cost the victim a great deal of time and money to handle.

A potentially more dangerous form of DoS attack is known as a Distributed Denial-of-Service Attack (DDoS). Patent applications relating to DDoS attacks were the second highest, with 1,114 filed. DDoS attacks are also the most searched-for type of attack globally, with 94,750 average monthly searches in 2022.

Patent applications relating to replay attacks came in third, with 640 filings. A replay attack allows criminals to impersonate genuine customers and perform account takeover maneuvers.

A replay attack can also be a type of Man-in-the-Middle (MitM) attack, and patent applications related to these were fourth, with 366 filings.

A MitM attack can infiltrate a company’s IT network and cybercriminals can quickly cause widespread damage by stealing financial information. This is done by intercepting someone’s online connection to a banking or financial website.

To protect networks, systems, and data against these types of cybersecurity threats, robust security controls and prevention methods can help. Fortunately, there are effective prevention methods that can help stop an attack before any damage is done.

One of these methods is to manage and analyze login events, which has now become a security protocol. Logons are a common activity across many attack patterns and are the necessary first step to gaining access to an endpoint with valuable data. Because of this, organizations are moving to strengthen user identity authentication to protect access to this data.

One of the ways that organizations are strengthening logon security is through multi-factor authentication (MFA), which can further verify that users are who they say they are, and help stop an attack before damage is done.

Since MFA is an essential first step in strengthening user access security, it’s easy to see why the MFA market size is projected to grow from an estimated value of $15.2 billion in 2023 to $34.8 billion by 2028.

The graph below provides an overview of patent applications by type of cyber attack:

The companies applying for the most patents by type of attack

Companies in the telecoms industry, such as Nippon Telegraph & Telephone (NTT), Electronics & Telecommunications Research Institute (ETRI), and China Mobile are front-runners when it comes to applying for patents, particularly those related to preventing DDoS and DoS attacks.

Why do we see so many patents from companies in the telecoms industry? One possibility is that telecom companies are high-value targets for cybercriminals because, as the Information Technology Security Evaluation Criteria (ITSEC) states, they “maintain and operate critical communications infrastructure which is used to transmit and store large amounts of private and sensitive data.”

Companies in the tech industry, including Huawei, IBM, Samsung, and Philips are also leading in patent application numbers. These patent applications relate to preventing MitM attacks, replay attacks, and cross-site scripting attacks. But what are the reasons behind these high patent applications in the tech industry? According to the InfoSec Institute, there are “critical security concerns facing the technology industry,” with very valuable information to be stolen. This includes intellectual property such as software code or technical documentation, which is often shared using the cloud.

Find out which other companies are leading the way in patent application filings below:

Cybersecurity patent applications shed light on where companies are engaging in research and development, and how they’re investing in their future. As new technologies are developed, cybercriminals find new ways to exploit them, making it crucial for companies to keep up with the latest trends in cybersecurity innovation.

Every year, there are new developments within the industry that could help further protect sensitive data and prevent cyber attacks from occurring. Organizations can never be too careful when it comes to safeguarding sensitive information, which has resulted in a need to constantly re-evaluate prevention methods and adapt to new threats.

It’s important for cybersecurity to be considered in every business decision – whether it’s by introducing new technology or implementing MFA, which is quickly becoming a must for all accounts to secure network, remote, and cloud access.

After all, SMBs that build effective IT security frameworks can move more quickly than their competitors. Environments without effective IT security solutions will have difficulty innovating and are likely to fall behind more quick-moving competitors.