19 Feb

Landscape analysis reveals who is leading the tech race for cybersecurity

IPlytics GmbH - IP analytics


The development of the World Wide Web and Industry 4.0 have enabled and will continue to enable major productivity gains and new business opportunities. Further productivity and the emergence of new businesses will be accelerated by the emergence of AI applications and the new 5G telecommunication standard, which is in the process of being deployed.

However, the evolution of new digital solutions also increases the dangers and risks of cyberattacks, defined as any types of offensive manoeuvre that targets computer information systems, infrastructures, computer networks or personal computer devices. Attempts to expose, alter, disable, destroy, steal or gain unauthorised access to or make unauthorised use of an asset in the digital world are prevented through applications in cybersecurity. This term can be described as the practice of defending computers, servers, mobile devices, electronic systems, networks and data from malicious attacks. Although new technical interfaces and developments bring technical progress, they also increase potential target areas.

This article examines the development of innovations and standards in the field of cybersecurity in order to gain an overview of the security landscape in the digital age.

In order to identify cybersecurity-related patents, the IPlytics platform database was used to perform an extensive keyword search of patents filed worldwide in the cybersecurity field. The search was based on the patent’s content (title, abstracts, description and claims), making use of state-of-the-art stemming and semantic indexing methods. As the granting process of patents may take several years we have included patent applications as well as granted patents. Figure 1 illustrates the number of patent applications per year between 2007 and 2019. The numbers overall illustrate increasing filings since 2011 with a slight decrease in 2015.

Figure 1. Cybersecurity patent applications per year

In order to identify patent ownership, IPlytics aggregated the patents with regard to the patent portfolio of each company, making use of entity-disambiguation techniques. Further, applications were counted in relation to the corresponding patent family in order to determine the number of unique patented inventions per company.

Figure 2. Top owners of cybersecurity patent applications

Figure 2 reveals that IBM, Microsoft and Huawei are the strongest owners of patent applications in this space. While Europe is lagging behind, by comparison, with three companies among the top 15, the United States follows with four companies and Asia with seven companies. Japan stands out with five companies in the cybersecurity space.

Figure 3 shows cybersecurity-related patent applications as these relate to patent offices. Most cybersecurity patents have been filed in the United States, followed by China and Japan. Further, cybersecurity patent applications are also being filed at WIPO and the EPO, which indicates that the patents are filed in multiple territories simultaneously. This seems reasonable, since applications on the Internet can easily be used and deployed anywhere in the world.

Figure 3. Top owners of cybersecurity patent applications

As well as counts and designated location of patent applications, patent quality is also important as niche patents may cover only a particular area of technology in comparison to valuable patented technologies that disrupt whole industries. IPlytics makes use of statistical patent valuation indicators to analyse strengths, weaknesses and positioning of patent portfolios. In close collaboration with the Technical University of Berlin, Mines Paris Tech and Northwestern Chicago, IPlytics uses scientifically validated methods to calculate relevant indicators. In the analysis we used three valuation indicators, as shown in Table 1.

Table 1. Top owners of cybersecurity patent applications with associated patent portfolio indicators.

The market coverage (MC) indicator estimates the patent family size by counting each country of a patent family divided by the country’s gross domestic product. The count is normalised and compared to industry averages (using international patent classification (IPC) or cooperative patent classification (CPC), year and country). A high MC value reflects a global internationalisation strategy and a wide legal market protection. Further, a high MC value reflects a high perceived patent value for the applicant. Patent applications and maintenance fees create considerable costs at each patent office. The more countries in which a patent has been filed, the higher the perceived international market potential for the patented invention. Table 1 shows that 14 of 15 cybersecurity patent portfolios of the Top 15 patent applicators have extensive international coverage (a score higher than one is above average). Patent portfolios with a high market coverage suggest that the owners consider their patents important enough to protect them internationally.

The technical relevance (TR) indicator is calculated by counting the number of prior art citations that a patent receives (ie, forward citations). Citations are counted as citing families. Self-citations as well as subsidiary citations are not counted. Finally, counts are normalised by year, country of jurisdiction and main IPC/CPC. A high TR value reflects a high technical relevance, as subsequent patents have to cite the patent as prior art. Patent citations are reviewed and verified by objective and qualified patent examiners. A high TR value thus identifies leading technologies of a particular market segment. Table 1 shows that almost all (14 of 15) patent portfolios have high technical relevance (a score higher than one is above average). It reveals that Hitachi, although the weakest in market coverage in the list, holds the technically most relevant portfolio. Overall, there are many high technically relevant patent application portfolios, except for Intel, which has a technical relevance indicator below 1.

The radicalness indicator (RA) is calculated by counting the number of patent citations a patent has to cite as prior art (ie, backward citations) taking into account whether a cited patent has cited frequently itself (cited backward citations). Finally, counts are normalised by year, country of jurisdiction and main IPC/CPC. In particular, IBM has a radical patent application portfolio followed by Ericsson, Canon and Cisco as illustrated in Table 1.

An overview of the development of a technology spectrum is provided not only by the development of patent applications, but also by the development of standardisation in this area. In the subsequent sections, the standardisation database of IPlytics was used to analyse who has influenced the cybersecurity standardisation. Standards development in the cybersecurity industry is a process where companies send their best engineers to meet in worldwide conferences and working group meetings to present their latest R&D findings. Standard developing companies submit so-called technical contributions, for example, by introducing new projects (new work items) or proposing changes to existing projects (change requests). These contributions often include patented technologies that eventually will be included in the next standards release. The number of technology contributions is a measure to identify future technology and patent leaders for the next standard generation. The IPlytics Platform database was used to perform an extensive search in full text technical contribution documents to identify which companies participate in developing standards regarding cybersecurity. Figure 4 shows the top 10 companies that contributed to cybersecurity specifications. The result shows that there are three main standard contributors: Ericsson, Huawei and Nokia. The ranking mainly includes companies in the telecommunications sector.

Figure 4. Number of standards contributions per company related to cybersecurity

Standard contributions can include patented technologies. If companies want to incorporate their patents in standards, they must allow other companies to license these patents under FRAND terms. The analysis identifies the top 10 patent application owners declaring SEPs families that describe a cybersecurity application. Figure 5 shows that most families are owned by Nokia and Huawei followed by Qualcomm and Ericsson. The declared SEPs cover standards from organisations such as ETSI, IEEE, IEC, IETF, ISO or ITUT.

Figure 5. Number of declared SEPs and SEPs families related to cybersecurity applications.


New uses cases in the World Wide Web and for Industry 4.0 applications emerge every day. We will see how the vulnerability of new products can be minimised by countermeasures from patented and standardised cybersecurity technology. The increasing number of patent applications cannot be attributed solely to companies from a single country. Instead, companies from many countries are standardising and patenting worldwide, which can be recognised by the slightly cross-border scope of cybersecurity technology providers, including providers from China. In addition, companies from the telecommunications industry are mainly involved in patenting and standardisation.

For further information contact:

Tim Pohlmann
IPlytics GmbH
View website

Hans Magnus Joachim Buggenhagen
IPlytics GmbH
View website

This is a co-published article whose content has not been commissioned or written by the IAM editorial team, but which has been proofed and edited to run in accordance with the IAM style guide.