IEEE released the results of a survey of CIOs and CTOs in the U.S., U.K., China, India and Brazil regarding the most important technologies for 2021 overall, the impact of the COVID-19 pandemic on the speed of their technology adoption and the industries expected to be most impacted by technology in the year ahead.
2021 most important technologies and challenges
Which will be the most important technologies in 2021? Among total respondents, 32% say AI and machine learning, followed by 5G (20%) and IoT (14%).
Manufacturing (19%), healthcare (18%), financial services (15%) and education (13%) are the industries that most believe will be impacted by technology in 2021, according to CIOs and CTOS surveyed.
At the same time, 52% of CIOs and CTOs see their biggest challenge in 2021 as dealing with aspects of COVID-19 recovery in relation to business operations. These challenges include a permanent hybrid remote and office work structure (22%), office and facilities reopenings and return (17%), and managing permanent remote working (13%).
However, 11% said the agility to stop and start IT initiatives as this unpredictable environment continues will be their biggest challenge. Another 11% cited online security threats, including those related to remote workers, as the biggest challenge they see in 2021.
Technology adoption, acceleration and disaster preparedness due to COVID-19
CIOs and CTOs surveyed have sped up adopting some technologies due to the pandemic:
- 55% of respondents have accelerated adoption of cloud computing
- 52% have accelerated 5G adoption
- 51% have accelerated AI and machine learning
The adoption of IoT (42%), augmented and virtual reality (35%) and video conferencing (35%) technologies have also been accelerated due to the global pandemic.
Compared to a year ago, 92% of CIOs and CTOs believe their company is better prepared to respond to a potentially catastrophic interruption such as a data breach or natural disaster. What’s more, of those who say they are better prepared, 58% strongly agree that COVID-19 accelerated their preparedness.
When asked which technologies will have the greatest impact on global COVID-19 recovery, 25% of those surveyed said AI and machine learning.
The top two concerns for CIOs and CTOs when it comes to the cybersecurity of their organization are security issues related to the mobile workforce including employees bringing their own devices to work (37%) and ensuring the IoT is secure (35%). This is not surprising, since the number of connected devices such as smartphones, tablets, sensors, robots and drones is increasing dramatically.
34% of CIO and CTO respondents said they can track and manage 26-50% of devices connected to their business, while 20% of those surveyed said they could track and manage 51-75% of connected devices.
The year 2020 has been defined globally by the COVID-19 pandemic. One of few silver linings for this difficult set of circumstances is innovation – redesigning normal processes so that life can carry on with some degree of regularity and reliability.
Pre-COVID, we all took certain risks routinely, and the consequences were minor. Now the consequences are much more serious and we respond to these risks by very carefully deciding how we expose ourselves to the coronavirus. Whether sheltering in place, social distancing, or in full government lock-down, we have all felt the fatigue of being under the siege of an invisible threat.
The good news is there is hope at the end of the tunnel – in a matter of months, medical science will catch up to the threat and normal life will resume.
The cyber pandemic
The pandemic has digital consequences as well, for both enterprise networks and OT networks. Not only has the pandemic brought us more online, and forced us into doing nearly everything remotely, macro trends continue as well.
Computers are getting cheaper and CPUs are more ubiquitous than ever before – which means there are more targets for cyber attacks than ever before. Communications is getting cheaper, faster and more universal, and all this connectivity means steadily-increasing opportunities to attack the steadily-increasing number of targets.
The trend towards remote work is not likely to reverse very much post-pandemic, and the macro trends certainly will not reverse – no amount of social distancing will slow down cyber breaches, targeted attacks or targeted ransomware.
Unfortunately, many conventional IT security defenses that we deploy to protect against these threats are porous and hackable. Firewalls, IDS, security updates, VPNs are all software, with inevitable bugs and security holes, which means that all these defenses can be compromised. This is especially troubling in a world of physical, industrial operations that are increasingly dependent on these software-based protections for safe and reliable operation.
Worse, the industrial equivalent of “lock-down”, which is air-gapping, is folklore of the past; air-gapping defeats modern efficiency initiatives and so is either consciously avoided as a modern security strategy, or is implemented badly, resulting in residual connectivity and associated cyber risks.
To operate efficiently, industrial operations nearly always must share data with enterprise and customer systems, and – just as in a global pandemic – the risks and consequences of such contact through cyber connections must be weighed very carefully.
What if there were a vaccine for cyber?
Every pandemic begs a vaccine. What if there were a vaccine for the cyber pandemic? What if there were a vaccine that could prevent OT attacks and the OT ransomware that has shut down hundreds of industrial sites in 2020? Targeted ransomware is one of today’s biggest and nastiest cyber threats.
These targeted attacks defeat conventional defenses at heavily-defended industrial sites. In a sense this is no surprise – many of today’s targeted ransomware groups use attack tools and techniques that were once the sole province of nation-states. A cyber vaccine is needed, urgently.
Unidirectional Security Gateways
The good news – future-proofing our most important services and industries from the cyber pandemic is not as difficult as a COVID vaccine. Today’s hardware-enforced unidirectional gateways stop targeted ransomware and other targeted, remote-control attacks from reaching into industrial networks.
The physical security embedded in the unidirectional hardware does not protect the information, but rather protects the industrial networks from information, more specifically from attacks that may be embedded in information that enters industrial networks.
And unlike air gaps, unidirectional gateways enable seamless flows of operations information from industrial operations out into the enterprise or even out into the Internet beyond the enterprise.
Unidirectional hardware prevents attacks from entering industrial networks, while unidirectional gateway software makes copies of databases and other servers from industrial networks to external networks.
Enterprise and other users simply access the industrial data in the external replica databases. Unidirectional gateways “vaccinate” industrial networks against online attacks, while providing the kind of seamless access to industrial data that modern, efficient enterprises rely on.
There are indeed lessons from the pandemic that we can apply to our industrial networks. Using only software protections means making difficult risk decisions on a regular basis, just as we do with social distancing and lock-downs.
We all look forward to the day of the COVID19 vaccine, when these difficult decisions and risks will disappear. The good news on the cyber side is that the vaccine for OT networks is already available, in the form of Waterfall’s Unidirectional Security Gateways.
With up to 75 percent of remote device management projects deemed “not successful,” in 2020, IoT deployment has been limited in realizing its full potential.
Path to IoT project success
However, a new wave of affordable silicon that provides a wide array of features and functionality, in conjunction with the maturation of pre-packed software, will lead to a substantial increase in IoT project success in the upcoming year, predict experts at Sequitur Labs.
According to Verified Market Research, the global IoT market size was valued at $212.1 Billion in 2018 and is expected to witness a growth of 25.68% to reach $1.3 trillion by 2026.
While there are many reasons for IoT deployment struggles, the most common ones involve project complexity, lack of required skills and the inability to implement effective security.
With recent improvements that enable vendors to implement a new generation of functionality into their solutions and device updates, ensuring a substantial increase in the success of IoT projects.
Being heavily involved in the IoT security space, there are several advancements in 2021 that are expected to move the industry forward in several key areas.
Improved industrial IoT remote device management and control
COVID-19 has not only forced people to work remotely, it has also accelerated the need to configure, control and manage industrial devices remotely as well. As a result, the vast majority of industrial end points are expected to support IP-based networks (like Ethernet and Wi-fi) rather than purpose-built networks (for example, Modbus or Profibus).
The devices can be connected to the internet, and as such will also require the ability to boot safely, update securely, enable system recovery, secure sensitive applications and data storage.
Increased cloud integration
Smart device platforms from Google (Google Assistant), Amazon (Alexa) and Apple (Apple Homekit) have emerged as the central communications point in the connected home. Each of these vendors require compliance from their ecosystem partners in order to join their solution.
With the number of connected devices in the home accelerating, the need for device security will become more critical than ever in the coming year.
Increased deployment of IoT for medical devices
Medical products such as remote monitoring devices and sensors for medical equipment are accelerating in adoption. The benefits include lower medical management costs, reduction in hospital stay time and effective equipment monitoring.
The risk of a corrupted or compromised device is high in this industry, and as sheer volumes of remotely monitored and controlled products increase, so do security needs.
Device authentication, secure monitoring for updates, maintenance and health diagnostics, and protection against remote attacks will drive the need for purpose-based solutions in this industry.
“There is huge potential in the deployment of IoT devices into industries that will improve the way people work, communicate and live. However, successful implementation will be limited if these devices cannot be used securely,” said Philip Attfield, CEO, Sequitur Labs.
“The advances in securing remote devices over the past year will lead to incredible innovations in the marketplace, expected to accelerate artificial intelligence and significant technological benefits at the edge.”
Unit4 surveyed business and IT decision makers and users working in service industries in August and September 2020, to understand how well organizations are embracing innovation and adapting to the challenges of the pandemic.
Growing people-centric innovation
The study shows that 84% of global decision makers are accelerating their digital transformation plans, in response to growing demands from users, who want more flexibility to work remotely in the future.
During COVID-19, global decision makers cited three main impacts on their enterprise applications strategies. They have become more agile in their planning (49%) and acknowledge the pace of innovation (42%) has increased, while 35% say it has sped up their investment in moving to the cloud and 24% are more comfortable failing fast.
They’ve also outlined specific priorities to enable workforces to be more productive, which shows that innovation has become much more focused on the needs of users.
As decision makers look ahead to future strategies, the research identifies the top three priorities for users, which decision makers must respond to:
- Having the freedom to access IT systems so they can work from anywhere
- Better tools for collaboration
- Increased automation to reduce their workloads.
Consequently, decision makers say their future IT plans are very people-centric, listing their main objectives as: wanting to enable the flexibility of remote working, creating environments to encourage greater collaboration and empowering employees to be more productive, as well as meeting the demands of customers. Decision makers believe this is achievable by focusing on three tech-based priorities:
- Building a simple and intuitive user interface and experience – 43%
- Using automation to simplify and speed up workflows – 39%
- Enabling users to communicate with enterprise applications using their preferred tools, such as Slack and WhatsApp – 38%
The adaptable organization
As many organizations transitioned to remote working during 2020, a positive outcome has been that 60% of global users say they have been more productive during lockdown. They are also predominantly satisfied that their IT systems have helped them to get the most out of their roles.
It is perhaps unsurprising that 84% of global decision makers want to encourage colleagues to work remotely more often following the lockdown, which is mirrored by 69% of global users who also want the same flexibility.
Clearly, now that organizations have proven their enterprise IT systems can handle the demands of a remote, distributed workforce there is confidence they can sustain the model.
However, there are challenges ahead, as 34% of global decision makers say they must break down silos of information across their organizations and 31% of users are reluctant to change.
On a more positive note a resounding majority (84%) say that the pandemic is forcing meaningful board discussions about future strategy, which clearly shows C-Suite decision makers are engaged.
Traditional on-premise IT systems not capable of reacting to rapid change
77% of global decision makers also believe traditional on-premise IT systems and enterprise applications are not capable of reacting to rapid change, hence why 86% say the cloud offers more flexibility, with more than two-thirds expecting their enterprise applications to be fully cloud-based in the next two years.
“New ways of working, initially broadly imposed by the global pandemic, are morphing into lasting models for the future,” said Mickey North Rizza, program vice president for IDC‘s Enterprise Applications and Digital Commerce research practice.
“Permanent technology changes, underpinned by improved collaboration, include supporting hybrid work, accelerating cloud use, increasing automation, going contactless, adopting smaller TaskApps, and extending the partnership ecosystem. Enterprise application vendors need to assess their immediate and long-term strategies for delivering collaboration platforms in conjunction with their core software.”
“If we’ve learned anything this year, it’s that the business environment can change almost overnight, and as business leaders we have to be able to reimagine our organizations and seize opportunities to secure sustainable competitive advantage,” said Mike Ettling, CEO, Unit4.
“Our study shows what is possible with continued investment in innovation and a people-first, flexible enterprise applications strategy. As many countries go back into some form of lockdown, this people-centric focus is crucial if businesses are to survive the challenges of the coming months.”
While COVID-19 has created new concerns and deepened traditional challenges for IT, organizations with complete insight and governance of their technology ecosystem are better positioned to achieve their priorities, a Snow Software survey of 1,000 IT leaders and 3,000 workers in the United States, United Kingdom, Germany and Australia reveals.
The challenge of managing risk
In fact, mature technology intelligence – defined as the ability to understand and manage all technology resources – correlated to resilience and growth. Of the IT leaders classified as having mature technology intelligence, 79% were confident in their organization’s ability to weather current events and 100% indicated that innovation continues to be a strategic focus for their organization.
“The complexities, risks and budget concerns IT departments traditionally face have been exacerbated, and a rapid acceleration of digital transformation and cloud adoption has brought new issues to the forefront. Now more than ever, IT leaders need to be in a position to quickly adapt to these macro trends as they define their top technology priorities in 2021.”
Technology management has become increasingly difficult
Many IT leaders indicated increases in technology spend across the board – on software, hardware, SaaS and cloud – over the past 12 months. Faced with more complex ecosystems, it is no surprise that 63% also reported technology management had become more difficult.
As anticipated budget restrictions go into effect for 2021, IT leaders will need to demonstrate the value of their investments and ensure proper governance over their entire technology stack.
Improved employee perception of IT
Employee perception of IT has improved, but differing perceptions on technology management and procurement hint at potential issues. While 41% of workers believe that access to technology has improved, there remains a 22-point gap between IT leaders and employees on how easy it is to purchase software, applications or cloud services.
This is not the only area where IT leaders and workers have varying views. Though they agree that security is the number one issue caused by unmanaged and unaccounted for technology, awareness of additional issues drops dramatically after that, with 16% of workers believing it causes no business issues whatsoever.
The data suggests continued challenges ahead for organizations as they try to reduce risk across the board.
Vendor audits a looming but potentially underestimated risk in 2021
87% of IT leaders said they had been audited by a software vendor over the last 12 months.
The vendors that audited the most were Microsoft, IBM, Oracle, Adobe and SAP. Yet only 51% said they were concerned about audits over the next 12 months, an answer that varied wildly based on geography – 81% of US leaders said they were concerned compared to just 30% in Germany and 42% in the UK.
Based on 2020 trends as well as vendor behavior following the 2008 recession, it appears European IT leaders are significantly underestimating this risk.
Organization’s top IT priorities
Organization’s top IT priorities are inherently at odds with each other and often align with the IT department’s biggest challenges. IT leaders reported that their organization’s top priorities in 2020 were adopting new technologies (38%), reducing security risks (38%), reducing IT spend (38%).
They paralleled the biggest challenges IT leaders faced over the past 12 months with managing cybersecurity threats (43%), implementing new technologies (40%) and supporting remote work (39%). Juggling these conflicting and difficult priorities became even more complicated in light of COVID-19.
Few meeting the bar for mature technology intelligence
Strong technology intelligence enabled IT leaders to more effectively tackle their top priorities and challenges. Just 14% of IT leaders met the bar for mature technology intelligence. This elite group outpaced other respondents in their ability to support digital transformation, reduce risk, enable employees and control spend.
“As we collectively look ahead to 2021, it’s more important than ever that CIOs and IT leaders strike the right balance between managing risk and remaining agile in the face of continued unpredictability,” said Pooley.
“It is clear from the data that a comprehensive understanding of technology resources and the ability to manage them is a key differentiator. IT leaders can use the insights to endure challenging periods like the pandemic, as well as embrace innovation to drive future growth and resilience.”
Despite highly publicized risks of data-sharing and AI, from facial recognition to political deepfakes, leadership at many organizations seems to be vastly underestimating the ethical challenges of the technology, NTT DATA Services reveals.
Just 12% of executives and 15% of employees say they believe AI will collect consumer data in unethical ways, and only 13% of executives and 19% of employees say AI will discriminate against minority groups.
Surveying 1,000 executive-level and non-executive employees across industries in North America in early 2020, the results indicate that organizations are eager to increase the pace of transformation.
AI and automation technologies play a vital role, helping businesses improve decision-making, business processes and even workplace culture. In fact, 61% say that AI will speed up innovation, and respondents say the technology is beginning to support improvements to efficiency (83%) and productivity (79%). Yet, there are many challenges with adoption and implementation, with ethical considerations and data security among the top few.
“AI presents one of the great leadership opportunities and challenges of our time. Leaders must be diligent in striking the balance, but they don’t have to go it alone,” said Eric Clark, Chief Digital Officer, NTT DATA Services.
“Our study outlines how businesses can take full advantage of emerging technologies and accelerate transformation, while taking necessary precautions on the path to responsible and secure adoption of artificial intelligence.”
Ethics and effectiveness of AI
For AI to be effective and avoid ethical pitfalls, businesses need to ensure that AI isn’t being programmed with biases that could lead to ethically charged decision-making or that cause AI to malfunction in some way.
One-quarter of executives and 36% of employees say they have experienced AI ignoring a command, and about one-fifth of both groups say AI offered them suggestions that reflected bias against a marginalized group.
Organizations do not have money or time to waste on technology investments gone wrong—so they must pivot their organizations to focus on agility, talent, change management, ethics, and other pressing issues.
Automation’s impact on the modern workforce
Modernizing the workforce means giving all employees access to the data and technologies that help them achieve optimum productivity. Most executives and employees believe that AI and automation will help improve employee effectiveness.
71% of executives say AI will make employees more efficient, 69% say it will improve employee accuracy, and 61% say it will speed up innovation. For this to happen, leaders need to invest in reskilling their workforce to get the most value out of emerging technologies.
Empowering the workforce through technology not only helps improve the bottom line, it helps drive employee retention – with 45% of employees responding they would be motivated to stay by education opportunities.
“The study overall paints a realistic picture of what we are seeing in the market,” said Tom Reuner, Senior Vice President at HFS Research.
“Going forward, enterprises will have to manage talent, organization, culture and provide the right environment for the new workforce, which seeks interesting projects and looks for meaning and motivation. AI technologies and methodologies are a critical enabler on that journey.”
AI adoption to create culture of speed, reinvention
Businesses and entire markets are being remade in terms of opportunity, operations and customer expectations, and there is no going back to the old pace of innovation. In fact, 47% of those surveyed believe failing to implement AI in some way will cause them to lose customers to competitors, and 44% think the bottom line will suffer.
However, few employees at companies surveyed think the pace of change at their organization is fast enough. In fact, less than one-third of executives and employees describe the pace of technology change, process change, or executive decision-making at their company as fast.
Even fewer—just 18% of employees and 19% of executives—say culture, which plays a major role in determining how workers respond to adjustments in technology and processes, changes quickly. This creates an opportunity for AI to drive sweeping change and speed up the pace of innovation and technology adoption.
IT leaders are increasingly concerned accelerated digital transformation, combined with the complexity of modern multicloud environments, is putting already stretched digital teams under too much pressure, a Dynatrace survey of 700 CIOs reveals.
This leaves little time for innovation, and limits teams’ ability to prioritize tasks that drive greater value and better outcomes for the business and its customers.
- 89% of CIOs say digital transformation has accelerated in the last 12 months, and 58% predict it will continue to speed up.
- 86% of organizations are using cloud-native technologies, including microservices, containers, and Kubernetes, to accelerate innovation and achieve more successful business outcomes.
- 63% of CIOs say the complexity of their cloud environment has surpassed human ability to manage.
- 44% of IT and cloud operations teams’ time is spent on manual, routine work just ‘keeping the lights on’, costing organizations an average of $4.8 million per year.
- 56% of CIOs say they are almost never able to complete everything the business needs from IT.
- 70% of CIOs say their team is forced to spend too much time doing manual tasks that could be automated if only they had the means.
“The benefits of IT and business automation extend far beyond cost savings. Organizations need this capability – to drive revenue, stay connected with customers, and keep employees productive – or they face extinction,” said Bernd Greifeneder, CTO at Dynatrace.
“Increased automation enables digital teams to take full advantage of the ever-growing volume and variety of observability data from their increasingly complex, multicloud, containerized environments. With the right observability platform, teams can turn this data into actionable answers, driving a cultural change across the organization and freeing up their scarce engineering resources to focus on what matters most – customers and the business.”
Cloud environment complexity
- Organizations are using cloud-native technologies including microservices (70%), containers (70%) and Kubernetes (54%) to advance innovation and achieve more successful business outcomes.
- However, 74% of CIOs say the growing use of cloud-native technologies will lead to more manual effort and time spent ‘keeping the lights on’.
Traditional tools and manual effort cannot keep up
- On average, organizations are using 10 monitoring solutions across their technology stacks. However, digital teams only have full observability into 11% of their application and infrastructure environments.
- 90% of CIOs say there are barriers preventing them from monitoring a greater proportion of their applications.
- The dynamic nature of today’s hybrid, multicloud ecosystems amplifies complexity. 61% of CIOs say their IT environment changes every minute or less, while 32% say their environment changes at least once every second.
CIOs call for radical change
- 74% of CIOs say their organization will lose its competitive edge if IT is unable to spend less time ‘keeping the lights on’.
- 84% said the only effective way forward is to reduce the number of tools and amount of manual effort IT teams invest in monitoring and managing the cloud and user-experience.
- 72% said they cannot keep plugging monitoring tools together to maintain observability. Instead, they need a single platform covering all use cases and offering a consistent source of truth.
Observability, automation, and AI are key
- 93% of CIOs said AI-assistance will be critical to IT’s ability to cope with increasing workloads and deliver maximum value to the business.
- CIOs expect automation in cloud and IT operations will reduce the amount of time spent ‘keeping the lights on’ by 38%, saving organizations $2 million per year, on average.
- Despite this advantage, just 19% of all repeatable operations processes for digital experience management and observability have been automated.
“History has shown successful organizations use disruptive moments to their advantage,” added Greifeneder. “Now is the time to break silos, establish a true BizDevOps approach, and deliver agile processes across a consistent, continuous delivery stack.
“This is essential for effective and intelligent automation and, more importantly, to enable engineers to take more end-to-end responsibility for the outcomes and value they create for the business.”
COVID-19 has accelerated the push toward digital business transformation for most businesses, and legal and compliance leaders are under pressure to anticipate both the potential improvements and possible risks that come with new legal technology innovations, according to Gartner.
Legal technology innovations
To address this challenge, Gartner lists the 31 must watch legal technologies to allow legal and compliance leaders to identify innovations that will allow them to act faster. They can use this information for internal planning and prioritization of emerging innovations.
“Legal and compliance leaders must collaborate with other stakeholders to garner support for organization wide and function wide investments in technology,” said Zack Hutto, director in the Gartner Legal and Compliance practice.
“They must address complex business demand by investing in technologies and practices to better anticipate, identify and manage risks, while seeking out opportunities to contribute to growth.”
Analysts said enterprise legal management (ELM), subject rights requests, predictive analytics, and robotic process automation (RPA) are likely to be most beneficial for the majority of legal and compliance organizations within a few years. They are also likely to help with the increased need for cost optimization and unplanned legal work arising from the pandemic.
Enterprise legal management
This is a multifaceted market where several vendors are trying to consolidate many of the technologies on this year’s Hype Cycle into unified platforms and suites to streamline the many aspects of corporate governance.
“Just as enterprise resource planning (ERP) overhauled finance, there is promise for a foundational system of record to improve in-house legal operations and workflows,” said Mr. Hutto. “Legal leaders should take a lesson from ERP’s evolution: ‘monolithic’ IT systems tend to lack flexibility and can quickly become an anchor not a sail.”
Legal application leaders and general counsel must begin with their desired business outcomes, and only then find a technology that can help deliver those outcomes.
Subject rights requests
The demand for subject rights requests (SRRs) is growing along with the number of regulations that enshrine a data subject’s right to access their data and request amendment or deletion. Current regulations include the CCPA in the U.S., the EU’s GDPR and Brazil’s Lei Geral de Proteção de Dadosis.
Many organizations are funneling their subject access requests (SARs) through internal legal counsel to limit the potential exposure to liability. This is costing, on average, $1,406 per SAR.
“In the face of rising request volumes and significant costs, there is great potential for legal and compliance leaders to make substantial savings and free up time by using technology to automate part, if not most, of the SRR workflow,” said Mr. Hutto.
This is a well-established technology and the market is mature, so it can be relatively simple to use “out-of-the-box” or via a cloud service. Typically, the technology can examine data or content to answer the question, ”What is likely to happen if…?”
“Adoption of this technology in legal and compliance is typically less mature than other business functions,” said Mr. Hutto. “This likely means untapped use cases where existing solutions could be used in the legal and compliance context to offer some real benefits.
“While analytics platforms may make data analysis more ‘turnkey’ extracting real insights may be more elusive. Legal and compliance leaders still should consider and improve the usefulness of their data, the capabilities of their teams, and the attainability of data in various existing systems.”
Robotic process automation (RPA)
RPA’s potential to streamline workflows for repetitive, rule-based tasks is already well-established in other business functions. Typically, RPA is best suited to systems with a standardized — often legacy — user interfaces for which scripts can be written.
“Where legal departments already use these types of systems it is likely that RPA can drive higher efficiency,” said Mr. Hutto. “However, not all legal departments use such systems. If not, it could make sense to take a longer view and consider investing in systems that have automation functionality built in.”
Gartner advice is to consider these four technologies is not solely based on their position on the Hype Cycle. Legal and compliance leaders should focus on the technologies that have the most potential for driving the greatest transformation within their own organizations in the near to medium term; the position on the Hype Cycle is part of that but not the whole story.
For example, Mr. Hutto said blockchain is a technology that has the potential to make a successful journey to the Plateau of Productivity within five years. But for now, its application will likely be limited to quite a narrow set of use cases, and it is unlikely to be transformational for corporate legal and compliance leaders.
There’s an overwhelming support for mainstreaming the mainframe, new strategic priorities, and a resurgence of next generation mainframe talent, according to a BMC survey.
The study queried over 1000 executives and practitioners on their priorities, challenges, and growth opportunities for the platform. High-level insights include:
- 90% of respondents see the mainframe as a platform for growth and long-term applications.
- 68% expect MIPS, the mainframe’s measure of computing performance, to grow.
- 63% of respondents say security and compliance were their top mainframe priorities.
- More than half of survey respondents increased mainframe platform data and transaction volume by 25% or more, signaling its ongoing importance in the digital business environment.
“The Mainframe Survey validates that businesses see the mainframe as a critical component of the modern digital enterprise and an emerging hub for innovation,” says Stephen Elliot, Program VP, Management Software and DevOps, IDC.
“They’re putting it to work more and more to support digital business demands as they strive to achieve greater agility and success across the enterprise.”
Top mainframe priorities
With mainframe enterprises competing to bring new, digital experiences to market to delight customers, the survey’s themes are resoundingly strong: adapt, automate, and secure.
Adapt – responses indicated that enterprises’ need to adapt spanned several areas:
- New processes to keep up with digital demand.
- Technology demands such as application development/DevOps across the mainframe; 78% of respondents want to be able to update mainframe applications more frequently than currently possible.
- Changing workforce, as the number of next generation mainframe talent increases along with the number of women working on the platform.
Automate – mainframe modernization continues to play a key role in priorities among respondents with the need to implement AI and machine learning strategies jumping by 8% year over year.
Secure – while the mainframe has a reputation of being a naturally secure platform, respondents are seeing the growing need to fortify its “walls.” Security trumped cost optimization as the leading mainframe priority among respondents for the first time in the 15-year history of the survey.
“Early results were shared with leading industry analysts and key customers from our Mainframe Executive Council in order to validate findings with market sentiment,” states John McKenny, SVP of Mainframe Innovation and Strategy at BMC.
“These conversations further solidified the study’s findings that the platform’s positive outlook and growth is largely due to the need to create intuitive, customer-centric digital experiences. The mainframe continues to shine as innovative, agile, and secure and is a vital component to digital success.”
Workforce demographic shifts
The survey revealed the demographic shifts in mainframe operations, as younger, less experienced staff replaces departing senior staff, and a higher proportion of women respondents than last year.
75% of AppSec practitioners and 49% of developers believe there is a cultural divide between their respective teams, according to ZeroNorth.
As digital transformation takes hold, it is increasingly vital that AppSec teams and developers work well together. With DevOps methodology seeing more adoption, teams are delivering software at continually higher velocities. Speed is the culture of DevOps, which often runs counter to the culture of Security – risk adverse and rigid.
The research, conducted by Ponemon Institute, surveyed 581 security practitioners and 549 developers on the cultural divide, its implications, the impact of COVID-19 and teleworking on the divide, and how to bridge the divide.
The findings of the research highlight both the software delivery and security impacts resulting from the cultural divide across AppSec and developer teams. For example, 56% of developers say AppSec stifles innovation.
On the other hand, 65% of AppSec professional believe developers do not care about securing applications early in the software development lifecycle.
Teams not sharing opininon on application risk
Importantly, too, for AppSec and developers to share a culture centered on delivering secure applications, there must be a shared understanding of risk. The teams are not aligned on this front, however. Only 35% of Developers say application risk is increasing; 60% of AppSec professionals believe this to be true.
“As this survey shows, the cultural divide is here today, and will become more exacerbated as organizations move towards DevOps, rendering the traditional, centralized model for security obsolete,” said ZeroNorth CEO, John Worrall.
“We believe this opens the doors for CISOs to become a pillar that supports the bridge between AppSec and development cultures. By enabling a culture that empowers both development and security to execute on their priorities, CISOs can transform the cultures that stifle innovation while significantly improving security.”
“This important research reveals the serious impact the AppSec and Developer cultural divide can have on an organization’s security posture,” said Larry Ponemon, chairman, Ponemon Institute.
“Based on the research findings, we recommend organizations take the following five steps to help bridge the cultural divide: (1) ensure sufficient resources are allocated to ensure applications are secured in the development and production phase of the SDLC, (2) apply application security practices consistently across the enterprise, (3) ensure developers have the knowledge and skill to address critical vulnerabilities in the application development and production life cycle, (4) conduct testing throughout the application development and (5) ensure testing methods scale efficiently from a few to many applications.”
Understanding the cultural divide and its implications
- Developer and AppSec practitioners don’t agree on which function is responsible for the security of applications. 39% of developers say the security team is responsible, while 67% of AppSec practitioners say their teams are responsible.
- AppSec and developer respondents admit working together is challenging, with AppSec respondents saying it is because the developers publish code with known vulnerabilities. Developers say security does not understand the pressure of meeting their deadlines and security stifles their ability to innovate.
- Digital transformation is putting pressure on organizations to develop applications at increasing speeds, which puts security at risk. 65% of developer respondents say they feel the pressure to develop applications faster than before the digital transformation, and 50% of AppSec respondents agree.
- 71% of AppSec respondents say the state of security is undermined by developers who don’t care about the need to secure applications early in the SDLC and 69% say developers do not have visibility into the overall state of application security.
The impact of COVID-19 and teleworking on the cultural divide
- 66% of developers and 72% of AppSec respondents say teleworking is stressful. Only 29% of developers and 38% of AppSec respondents are very confident that teleworkers are complying with organizational security and privacy requirements.
- 74% of AppSec and 47% of developer respondents say their organizations were highly effective at stopping security compromises before COVID-19. After the pandemic started, only one-third of both respondents say their effectiveness is high.
Enterprise digital transformation budgets continue to increase despite a recession, developers find it challenging to innovate and standard incident management tools and processes hinder digital service resilience, an xMatters research reveals.
Digital service resilience is the ability to recover quickly, adapt and learn from incidents such as outages and interruptions to prevent future technology and customer-impacting issues.
The report also analyzed the varying degrees of incident management readiness or preparedness within an organization to identify its position in the Incident Management Spectrum.
The research found that comparatively, across the Incident Management Spectrum, only the most advanced organizations have isolated keys to success across business and incident management functions.
“Through a series of research reports over the past year, we studied the growing challenges faced by those tasked with the delivery and maintenance of digital services. Customer-impacting issues continue to be a roadblock to innovation as today’s digital, fast moving environment requires technology teams to spend more time supporting operations,” said Troy McAlpin, CEO at xMatters.
“However, there is an opportunity for technology professionals to evolve incident management approaches through incident response automation, collaboration and constant learning in order to achieve customer delight and further innovation.”
Pandemic forces digital transformation
Spending on digital transformation has increased continually since the November 2019 research. Twenty percent of companies with 1,001-5,000 employees are budgeting more than $10 million on digital transformation initiatives, compared with 9.3% in November 2019.
This focus on digital transformation was accelerated by the COVID-19 pandemic. Findings from the April 2020 Impact of COVID-19 on Digital Transformation survey showed more than half of consumers experienced a rise in application performance issues, forcing many companies to accelerate digital transformation in order to deliver accessible digital experiences for customers and employees.
Customer-impacting issues are a roadblock to innovation
The research found that the proportion of technology professionals affected by customer-impacting issues when building out services has increased by almost ten percentage points to 84.3%, compared to results from the November 2019 Incident Management in the Age of Customer-Centricity research. Overall, there is a marked need for improvement in customer experiences and an organizational commitment to innovation across industries.
72.3% of respondents—across a variety of titles including development, SRE, IT operations and management—reported that at least half of their team’s time is spent resolving incidents compared to time spent on innovation. Of these respondents, 27.3% said at least 80% of their team’s time is spent resolving incidents.
Opportunity for advancement in the Incident Management Spectrum
To assess the efficacy of incident management in organizations, the State of Automation in Incident Management analyzed components of a comprehensive incident management practice (i.e., team structure, tools) and how organizations detect, resolve and learn about incidents.
Responses to survey questions were further analyzed and scored to determine an organization’s position in the Incident Management Spectrum based on approaches to incident management.
The four categories within the Incident Management Spectrum include: ad hoc where there is no formal incident management practice; traditional incident management, an approach driven by service desk tickets and ITIL processes; modern incident management where individual teams detect and resolve service-based issues; and adaptive incident management where a scalable and service-centric model harnesses as much automation as possible.
The results of the research found that almost all respondents employ either a traditional (40.1%) or modern (58.6%) approach to incident management.
“Traditional teams spend much of their time on firefighting and completing non-value-added tasks compared to innovation, while modern teams, who have allocated more budget toward digital transformation, spend equal amounts of time resolving incidents and building out features,” continued McAlpin.
Automation, collaboration and learning are key to superior customer experiences
While most technology professionals reported the implementation of team-oriented incident management processes, there is room for advancement in multiple aspects of day-to-day processes.
43.4% of technology professionals deploy less sophisticated processes such as alerting; emailing and paging; conference bridges; or manual setup and outreach to engage team members, stakeholders and customers during an incident.
Most organizations who employ a traditional approach to incident management use service desks and process-heavy approaches, whereas modern organizations leverage incident management tools for incident response and management.
Moreover, as companies look to reliable digital services as an indicator of customer success, there is an opportunity to automate the postmortem process.
When asked about top benefits of using artificial intelligence or machine learning for incident management, respondents identified informing post-incident reporting with data from previous, related incidents (36%) and aggregation of data to detect anomalies early (28.9%).
The GAIA-X Initiative announced that it is one step closer to its goal of a trustworthy, sovereign digital infrastructure for Europe, with the official signing of incorporation papers for GAIA-X AISBL, a non-profit association that will take the project to the next level.
GAIA-X: A vision for Europe
The initiative’s twenty-two founding members signed the documents in Brussels to create an association for securing funding and commitment from members to fulfill the initiative’s vision for Europe.
“We are deeply motivated to meet the challenges of the European digital economy,” said Servane Augier, COO at 3DS OUTSCALE.
“Through GAIA-X, we are building, all together, a sovereign and reliable digital infrastructure and an ecosystem for innovation in Europe. In this way, we will strengthen the digital sovereignty of businesses, research and education, governments and society as a whole.”
Seeking active participation and membership
While final incorporation is pending, the founding members of GAIA-X AISBL are seeking active participation and membership from national and multi-national, European and non-European companies, as well as partners in the worlds of science and politics, who share European standards and values.
The association views its members as the primary drivers of progress and innovation, working closely together to define standards and prototype implementations from both provider and user perspectives.
“The BMW Group sees the future of automotive software in the cloud, whether it is about pioneering IT solutions for the development and production of premium vehicles, new digital services for our customers or innovative features in the car,” said Marco Görgmaier, Head of DevOps Platform and Cloud Technologies, The BMW Group.
”Participation in the GAIA-X project is a logical step in our intention to further expand our innovative strength. The goals of the GAIA-X project—striving for data sovereignty, reducing dependencies, establishing cloud services on a broad scale and creating an open ecosystem for innovation—are fully in line with our own efforts. “
Setting-up head office in Brussels
As the incorporation process is moving forward, the association will continue to set-up its head office in Brussels and establish key organizational structures.
Overall, the GAIA-X founders aim to establish a culture of trust, knowledge exchange and transparency. They anticipate that as the membership of GAIA-X grows, it will be able to have an increasing impact on innovation and collaboration in the development of technical solutions and standards for business, science and society across Europe.
Policymakers should focus on five critical success factors in order to ensure the US continues to build its emerging 5G economy, according to a report from Boston Consulting Group (BCG).
Drawing on an in-depth analysis of the factors that secured America’s leadership of the 4G economy, the study concludes that spectrum availability and wireless network deployments, along with broader economic factors such as a pro-investment and innovation business climate, private sector R&D, and workforce readiness are key to expanding a country’s 5G penetration rate and 5G-powered economic growth.
“A country’s 5G progress shouldn’t be based on misleading snapshots in time such as the number of 5G subscribers or the amount of 5G base stations deployed in a given quarter,” said Enrique Duarte Melo, a BCG managing director and senior partner and lead author of the report.
“Policymakers should instead look at how these factors—network coverage, spectrum availability, the quality of the innovation ecosystem, business climate, and technology talent—will blend together to drive 5G penetration and make 5G use cases widely available throughout society.”
Spectrum is the foundation of mobile wireless service, and particularly for 5G networks, providers need a mix of low-, mid-, and high-band spectrum.
The study finds that the US has made significant amounts of low- and high-band spectrum available, but lags in crucial midband spectrum.
Widespread network deployment is critical to laying the foundations of a 5G economy and achieving high levels of wireless penetration—the number of active 5G subscribers per capita.
The study finds that US telecom companies have invested seven times more than Chinese companies and that from 2020 to 2025, US operators are expected to invest over $250 billion to build 5G networks, more than any other country.
Strong R&D investment and IP protection will help spur the development of innovative new 5G services as well as cross-industry collaboration.
The study finds that US technology and telecom companies spend significantly more on R&D, as a percentage of sales, than other global competitors. On an absolute basis, US wireless companies invest five times as much as Chinese companies.
Capital expenditures and investment and an openness to risk-taking, combined with business-friendly policies, will create an environment conducive to wireless innovation and entrepreneurship.
The study finds that the US ranks in the top three nations on key drivers of new business creation and ranks first for entrepreneurship. It’s also home to 12 of the world’s top 30 cities for startups and serves as a startup hub for key 5G technologies like artificial intelligence and cybersecurity.
A workforce with digital and technical skills will provide countries the expertise to build state-of-the-art wireless networks and develop new 5G applications.
The study finds that the US’s ability to attract the best global talent has promoted innovation and that training and retraining employees in tech-related certifications and degrees will be critical.
Further, the study finds that that the foremost impact of 5G will be the services and applications unlocked by powerful and ubiquitous 5G networks.
Enterprises of the future will be built on a foundation of artificial intelligence (AI), analytics, machine learning, deep learning and automation, that are central to solving business problems and driving innovation, Wipro finds.
Most businesses consider AI to be critical to improve operational efficiency, reduce employee time on manual tasks, and enhance the employee and customer experience.
The report examines the current landscape and shows the challenges and the driving factors for businesses to become truly intelligent enterprises. Wipro surveyed 300 respondents in UK and US across key industry sectors like financial services, healthcare, technology, manufacturing, retail and consumer goods.
The report highlights that while collecting data is critical, the ability to combine this with a host of technologies to leverage insights creates an intelligent enterprise. Organizations that fast-track adoption of intelligent processes and technologies stand to gain an immediate competitive advantage over their counterparts.
- While 80% of organizations recognize the importance of being intelligent, only 17% would classify their organizations as an Intelligent Enterprise.
- 98% of those surveyed believe that being an Intelligent Enterprise yields benefits to organizations. The most important ones being improved customer experience, faster business decisions and increased organizational agility.
- 91% of organizations feel there are data barriers towards being an Intelligent Enterprise, with security, quality and seamless integration being of utmost concern.
- 95% of business leaders surveyed see AI as critical to being Intelligent Enterprises, yet, currently, only 17% can leverage AI across the entire organization.
- 74% of organizations consider investment in technology as the most likely enabler for an Intelligent Enterprise, however 42% of them think that this must be complemented with efforts to re-skill workforce.
Jayant Prabhu, VP & Head – Data, Analytics & AI, Wipro said, “Organizations now need new capabilities to navigate the current challenges. The report amplifies the opportunity to gain a first-mover advantage to being Intelligent.
“The ability to take productive decisions depends on an organization’s ability to generate accurate, fast and actionable intelligence. Successful organizations are those that quickly adapt to the new technology landscape to transform into an Intelligent Enterprise.”
The world is one step closer to having a totally secure internet and an answer to the growing threat of cyber-attacks, thanks to a team of international scientists who have created a multi-user quantum communication network which could transform how we communicate online.
The invention led by the University of Bristol has the potential to serve millions of users, is understood to be the largest-ever quantum network of its kind, and could be used to secure people’s online communication, particularly in these internet-led times accelerated by the COVID-19 pandemic.
By deploying a new technique, harnessing the simple laws of physics, it can make messages completely safe from interception while also overcoming major challenges which have previously limited advances in this little used but much-hyped technology.
Lead author Dr Siddarth Joshi, who headed the project at the university’s Quantum Engineering Technology (QET) Labs, said: “This represents a massive breakthrough and makes the quantum internet a much more realistic proposition. Until now, building a quantum network has entailed huge cost, time, and resource, as well as often compromising on its security which defeats the whole purpose.”
“Our solution is scalable, relatively cheap and, most important of all, impregnable. That means it’s an exciting game changer and paves the way for much more rapid development and widespread rollout of this technology.”
Protecting the future internet
The current internet relies on complex codes to protect information, but hackers are increasingly adept at outsmarting such systems leading to cyber-attacks across the world which cause major privacy breaches and fraud running into trillions of pounds annually. With such costs projected to rise dramatically, the case for finding an alternative is even more compelling and quantum has for decades been hailed as the revolutionary replacement to standard encryption techniques.
So far physicists have developed a form of secure encryption, known as quantum key distribution, in which particles of light, called photons, are transmitted. The process allows two parties to share, without risk of interception, a secret key used to encrypt and decrypt information. But to date this technique has only been effective between two users.
“Until now efforts to expand the network have involved vast infrastructure and a system which requires the creation of another transmitter and receiver for every additional user. Sharing messages in this way, known as trusted nodes, is just not good enough because it uses so much extra hardware which could leak and would no longer be totally secure,” Dr Joshi said.
How the multi-user quantum communication network works
The team’s quantum technique applies a seemingly magical principle, called entanglement, which Albert Einstein described as “spooky action at a distance.” It exploits the power of two different particles placed in separate locations, potentially thousands of miles apart, to simultaneously mimic each other. This process presents far greater opportunities for quantum computers, sensors, and information processing.
“Instead of having to replicate the whole communication system, this latest methodology, called multiplexing, splits the light particles, emitted by a single system, so they can be received by multiple users efficiently,” Dr Joshi said.
The team created a network for eight users using just eight receiver boxes, whereas the former method would need the number of users multiplied many times – in this case, amounting to 56 boxes. As the user numbers grow, the logistics become increasingly unviable – for instance 100 users would take 9,900 receiver boxes.
To demonstrate its functionality across distance, the receiver boxes were connected to optical fibres via different locations across Bristol and the ability to transmit messages via quantum communication was tested using the city’s existing optical fibre network.
“Besides being completely secure, the beauty of this new technique is its streamline agility, which requires minimal hardware because it integrates with existing technology,” Dr Joshi said.
The team’s unique system also features traffic management, delivering better network control which allows, for instance, certain users to be prioritised with a faster connection.
Saving time and money
Whereas previous quantum systems have taken years to build, at a cost of millions or even billions of pounds, this network was created within months for less than £300,000. The financial advantages grow as the network expands, so while 100 users on previous quantum systems might cost in the region of £5 billion, Dr Joshi believes multiplexing technology could slash that to around £4.5 million, less than 1 per cent.
In recent years quantum cryptography has been successfully used to protect transactions between banking centres in China and secure votes at a Swiss election. Yet its wider application has been held back by the sheer scale of resources and costs involved.
“With these economies of scale, the prospect of a quantum internet for universal usage is much less far-fetched. We have proved the concept and by further refining our multiplexing methods to optimise and share resources in the network, we could be looking at serving not just hundreds or thousands, but potentially millions of users in the not too distant future,” Dr Joshi said.
“The ramifications of the COVID-19 pandemic have not only shown importance and potential of the internet, and our growing dependence on it, but also how its absolute security is paramount. Multiplexing entanglement could hold the vital key to making this security a much-needed reality.”
Collaborating institutions with the University of Bristol are the University of Leeds, Croatia’s Ruder Boskovic Institute (RBI) in Zagreb, Austria’s Institute for Quantum Optics and Quantum Information (IQOQI), in Vienna, and China’s National University of Defence Technology (NUDT) in Changsha.
Chief audit executives (CAEs) and internal audit leaders report their next-generation competency levels in three vital areas – governance, methodology and enabling technology – to be remarkably low, a Protiviti survey reveals. The survey also identified that the majority of internal audit functions are at risk of losing relevance for not modernizing and transforming the audit process, against the increasing demands of today’s stakeholders. Nearly 780 Chief Audit Executives (CAEs) and internal audit leaders were … More
The post Internal audit leaders should develop new skills to stay relevant appeared first on Help Net Security.
Companies are placing business and shareholder goals above employee needs when they adopt new technology, according to Lenovo.
The research, conducted among 1,000 IT managers across EMEA, found that just 6% of IT managers consider users as their top priority when making technology investments. This approach to IT adoption is ultimately leading to productivity being stifled.
When businesses implement new technologies without considering the human impact, many employees become overwhelmed due to the complexity and pace of change, with 47% of IT managers reporting that users struggle to embrace new software.
With all industries having to adapt to the ‘next normal’ and take stock of their responsibility – to employees, to the environment and to the wider world – businesses are encouraged to place the needs of their people at the heart of IT decisions.
There is an understandable desire for businesses to embrace transformational technologies, such as Artificial Intelligence, and the Internet of Things, as soon as possible.
The benefits these promise – innovation, improved productivity, reducing cost and greater customer experience most importantly – are tantalizing for any organization, but their true potential is completely untapped if adoption is purely led by business goals.
While successfully implemented technology should act as an enabler for employees and businesses to achieve greater things, a poor strategy can see technology become an inhibitor – hampering users whose needs have not been carefully considered and catered for.
48% of respondents reported a negative outcome where technology implementations have actively inhibited their teams’ ability to operate.
Businesses need to focus on people, offering everything from comprehensive training, to change management, while ensuring leadership KPIs, robust policy and strategy and thorough rollout analyses are aligned with a people-first ethos.
Businesses should also ask people-centric questions during any adoption process – is this technology intuitive, will it solve rather than create challenges for employees, will users get a good experience.
By taking these steps, businesses can realize the benefits new tools promise, seeing greater productivity and driving innovation. In fact, 52% of IT managers are optimistic about emerging tech’s ability to deliver improved productivity.
However, with 21% of users reporting new technology has actually slowed down processes, it is imperative for businesses to embrace the right technology at the right time. It’s also vitally important businesses consider everyone in the organization – from those who use it every day, to the IT teams implementing it, to the boardroom decision makers.
The goal should be to adopt smarter technology that is always connected, seamless, agile, flexible, easy to collaborate, adaptive to needs, reliable, high performance and with enhanced security and privacy. Not only that, but it should be suited to the needs of everyone in an organization.
Responsible business in the ‘next normal’
Organizations are currently re-evaluating how they operate in order to thrive in the next normal. Being a responsible business must now be a priority – placing human impact on the same level as achieving business goals. With 62% of IT managers reporting their investment decisions are entirely business-centric, it will require a fundamental mindset shift for many businesses.
However, as flexible working policies are embraced in order to provide more support to employees during the COVID-19 outbreak, a people-first approach is beginning to emerge, with 70% of respondents seeing more emphasis within their organization on responsible business.
Giovanni Di Filippo, President of Lenovo’s Data Center Group, EMEA, says: “Times are changing rapidly, not only for businesses, but the technology industry as a whole. Stripped of office walls, we are seeing organizations place greater emphasis on the wellbeing of their employees, and it’s heartening to see this shift in priorities from being all about the bottom line. But the study shows that this is only the beginning.”
“If there is a change of heart and mind within the industry, taking a people-first approach to IT adoption, we will see positive change for both organizations and wider society. Happier employees, greater productivity and a faster pace of innovation – these are the benefits of placing people at the centre of IT decisions.”
Companies adopt new technology: Time to think human
IT vendors whose portfolio can empower businesses to think human, will help employees embrace change and enable them to be more productive. Such vendors do this by having an open mindset in working with other organizations, thinking about customer outcomes, not just adoption, reducing the burden on customers as well as the IT department nad by helping put usability and experience first.
Giovanni Di Filippo says, “For too long IT decisions have placed pure cost above a business’s most valuable asset: people. It’s people that change the world, and we know that data and technology cannot be transformative without humans bringing it to life and giving it purpose.”
“We want businesses to think human by investing in ‘Smarter Technology for All’. As for vendors – it’s time to think beyond what they make and consider who they make it for. If people are put first, we know the benefits and desired company outcomes will be great.”
The COVID-19 pandemic has forced public health, supply chain, transportation, government, economic and many other entities to interact in real time. One of the challenges in large systems interacting in this way is that even tiny errors in one system can cause devastating effects across the entire system chain.
Now, Purdue University innovators have come up with a possible solution: a set of patented algorithms that predict, identify, diagnose and prevent abnormalities in large and complex systems.
“It has been proven again and again that large and complex systems can and will fail and cause catastrophic impact,” said Shimon Y. Nof, a Purdue professor of industrial engineering and director of Purdue’s PRISM Center.
“Our technology digests the large amount of data within and across systems and determines the sequence of resolving interconnected issues to minimize damage, prevent the maximum number of errors and conflicts from occurring, and achieve system objectives through interaction with decision makers and experts.”
Applying systems science and data science to solve problems
Nof said this technology would be helpful for smart grids, healthcare systems, supply chains, transportation systems and other distributed systems that deal with ubiquitous abnormalities and exceptions, and are vulnerable to cascading or large amount of failures.
This technology integrates constraint modeling, network science, adaptive algorithms and state-of-the-art decision support systems.
“Our algorithms and solution apply systems science and data science to solve problems that encompass time, space and disciplines, which is the core of industrial engineering,” said Xin Chen, a former graduate student in Nof’s lab who helped create the technology.
Nof said the novelty of the technology lies in three main areas. First, analytical and data mining tools extract underlying network structures of a complex system and determine its unique features. A robust set of algorithms then are analyzed based on the objectives for system performance, structures and features of fault networks in the system.
Finally, algorithms with specific characteristics are applied to manage errors and conflicts to achieve desired system performance.
Most enterprises (85%) believe embracing the public cloud is critical to fuel innovation, but the majority are not equipped to operate in the cloud securely, according to a DivvyCloud survey of nearly 2,000 IT professionals.
In fact, of those surveyed whose organization has already adopted public cloud, only 40% have in place an approach to managing cloud and container security.
Avoiding security issues in the cloud
Only a little over half (58%) said their organization has clear guidelines and policies in place for developers building applications and operating in the public cloud. And of those, 25% said these policies are not enforced, while 17% confirmed their organization lacks clear guidelines entirely.
“Enterprises believe they must choose between innovation and security—a false choice we see manifested in the results of this report, as well as in conversations with our customers and prospects,” said Brian Johnson, CEO at DivvyCloud.
“Only 35% of respondents do not believe security impedes developers’ self-service access to best-in-class cloud services to drive innovation—meaning 65% believe they must choose between giving developers self-service access to tools that fuel innovation and remaining secure.
“The truth is, security issues in the cloud can be avoided. By employing the necessary people, processes, and systems at the same time as cloud adoption (not weeks, months, or years later), enterprises can reap the benefits of the cloud while ensuring continuous security and compliance.”
Additional key findings
Automation is coveted but not leveraged in cloud security: Nearly 70% of all respondents believe that automation can provide benefits to their organization’s cloud security strategy, but only 48% say their cloud security strategy currently incorporates products that leverage automation.
The vast majority of respondents (85%) trust automated security solutions more than or the same as human security professionals.
Developers and security are misaligned: Almost half (49%) of all respondents whose organizations use public cloud said their developers and engineers at times ignore or circumvent cloud security and compliance policies.
Enterprises lack understanding of applicable regulations and standards: Out of all respondents, 42% do not know which frameworks their company uses to maintain compliance with relevant standards and regulations (such as GDPR, HIPAA, PCI DSS, SOC 2, etc.)
Infrastructure-as-a-Service (IaaS) reigns supreme: When asked about the architectures their organizations currently use or plan to use within the next year to build apps, 42% said IaaS; among larger organizations with 10,000 or more employees, that number goes up to 53%.
The cloud is ubiquitous: Only 7% of respondents work for organizations that do not use any public cloud services, and only 5% reported no plans to adopt public cloud—a significant drop from the 11% who reported no adoption plans last year.
Enterprise multicloud strategies are declining: 64% of this year’s survey respondents confirmed their organization is using two or more cloud services, a 13% decline from last year.
Throughout history, individuals have taken innovations in their prime and tried to mold them into objects they were never designed to be. An example? The first cars were carriages with engines, the first powered ships were sailing ships with paddles, and so on.
That said, history has shown us that there are also many limitations to evolving objects outside of their intended purpose and that these efforts often end in failure.
Much like the flying car which never took off (no pun intended), repurposing existing technology often restricts innovation. Because repurposing objects for new, unique purposes isn’t innovative – it’s resourceful. It is not until someone steps forward and solves an existing problem from scratch, that the possibilities of real, ground-breaking thinking are revealed.
The problems imposed by repurposing unique innovations can also be seen in the world of network technology. Society has a history of taking a product that is perfectly designed for one intended purpose and diminishing its value by trying to make it do something it cannot or should not do. Why would you take a connectionless protocol like IP and then try and use it for a connection-oriented application like voice? Why would you use a watch to view TV? These are the questions that keep innovators up at night.
Repurposing a purpose-built network
In the “olden days,” data center networks were built using either token ring or Ethernet, depending on different protocols based on the application and use. The computers would connect to hubs with shared bandwidth and each subnet would subsequently connect to a router – essentially providing the collapsed backbone.
As network speeds increased from 10Mb to 100Mb, it was discovered that this model could not scale. Fortunately, this problem was unveiled just as the Ethernet switch was arriving, allowing some networks to scale more seamlessly by inserting switches at key points.
In time, it became obvious that router technology would not be able to keep up with new developments, thus a need for a new solution that could determine how to route on switch networks came about. This solution came in the form of an SDN-like approach, which tagged packets with a destination label on another subnet, allowing the packet to be delivered without touching the router.
After several years, almost all vendors had their own, unique approach to this – none of which were particularly elegant or easy to implement. As Ethernet switching became more prevalent, it became obvious that the complexity of these technologies would not scale.
After some time, a more obvious solution arrived – routing IP in silicon. After that, several notable things happened. Almost overnight, all of the SDN-style solutions disappeared, and IP over Ethernet became the standard for all communication between computers. This standardization allowed for massive innovation, which eventually paved the way for Wi-Fi, the World Wide Web, and perhaps most importantly, cat videos.
Defending against innovative attackers requires hyper-innovative thinking
Fast forward to the 2020s – organizations today are finding themselves in a similar position. There is a fundamental cybersecurity problem running amok in today’s IT, data center, and cloud environments: organizations are unable to stop the lateral movement of malware. In layman’s terms this means that data breaches, ransomware and cyber attacks today are getting first class access to organizations’ “crown jewels” just by bypassing a firewall or infiltrating a supply chain. The solution is to segment resources in the data center and cloud.
At the moment, companies are attempting to self-segment by leveraging network solutions to combat the threat problem at the network level. Yet, once again, organizations are turning to existing technologies to achieve network and cloud segmentation, resulting in both complex and unsatisfactory implementation and regulation methods. This is the flying car approach. The “try to make something work because it probably can” approach. But when it comes to cybersecurity, a flying car approach won’t cut it. Repurposing technology can be used to apply some coarse segmentation, but as soon as organizations try to do something more granular, they are experiencing problems.
Ideally, companies need to be able to define whitelist rules for each process within an application and control how connections are made, independent of their location or computing environment. At the network layer this is near impossible, so it must be executed within the workload. But the primary challenge here is achieving this with as little complexity as possible. Like switching to IP, the solution should be elegant and simple.
Organizations should use the intelligence in the workload operating system to enforce policies. Then, provide the intelligence to automate the creation of rules and provide complete visibility on all communication. Lastly, this process should be enhanced with the capability to conform to regulations by applying one-click encryption.
Much like in the mid-90s, we are once again at a technology tipping point where innovation can make an impact beyond its own world. By simplifying segmentation across the hybrid cloud, organizations are able to more easily remove one of the inhibitors to cloud adoption – opening the door to a plethora of new innovations and solutions. Who knows – by relying on organic innovation alone, we may just witness the introduction of the first flying car (though we may need to wait another 50 years for that technology to catch up). Let’s keep our fingers crossed – I’ll be catching up on my cat videos in the meantime.
Time-critical, unplanned work caused by IT disruptions continues to plague enterprises around the world, leading to lost revenue, significant employee morale problems and missed opportunities to innovate.
In fact, more than 81% of respondents agreed that urgent, unplanned work keeps their company from focusing on key objectives. These are just some of the key findings from a study of more than 500 IT professionals released by PagerDuty.
Orgs frequently experiencing technology issues
The global study also found that almost half of participants said their organizations experience major technology issues at least once a month. In addition, 40% of North American respondents said their issue resolution process is entirely manual, and customers worldwide are discovering major issues before tech teams become aware.
“Today, every company is a software company with customer experience determining your success. Delays, outages or any form of downtime are unacceptable and redirect teams away from innovation projects. The downside of this is lost productivity, revenue and brand equity,” said Jonathan Rende, SVP of Product at PagerDuty.
“Compounding the situation is the fact that ensuring a perfect customer experience is very difficult. Complicated ecosystems, lack of time and resources and changing consumer behaviors create huge complexity for developer and IT teams. It’s very difficult to plan for every possible situation that could arise which means many companies are on the back foot when something needs urgent attention.”
“So, what if your organization is trying to adjust to a remote workforce almost overnight? Where do you even start? First, you should make sure you have an infrastructure in place for communication and collaboration. Without that, everything else fails. Also consider that with people not in the office anymore, you are going to have two types of communication needs: synchronous (real-time) and asynchronous (not real-time),” said Cody Cornell, CEO at Swimlane.
Unplanned work leaving little time for innovation
One of the most striking findings in the report shows that 62% of IT professionals in North America spend more than 100 hours each year on disruptive, unplanned work.
“Based on the average IT team size of six to eight people for a mid-market company, you’re looking at nearly two days a week spent on firefighting and dealing with time-critical unplanned work. This leaves little time for innovation or working on the projects that matter, consistently.”
Unplanned work also surfaced as a major factor in employee unhappiness, particularly in North America. While nearly one in every five employees worldwide said they would leave their positions as a result, nearly three-quarters (72%) of North American respondents said unplanned work impacts their work-life balance, compared to 55% in APJ and 49% in EMEA.
“Unplanned, time-critical work is unavoidable. How you prepare for it makes a huge difference. You need to take an automated approach so that when unplanned work arises you can bring together the right people with the right information in real-time.
“This is what allows identifying and resolving issues in minutes and seconds, not hours. It also means your teams are freed up to focus on innovation and fueling your company’s competitive edge,” adds Rende.
“Once you’ve figured out how to keep your team feeling connected and your company moving forward, what now? How do you keep things interesting and engaging? While this might be a moment of uncertainty and stress, it can also be an opportunity to learn, become savvier, and focus on personal and professional development. To help with this, Swimlane has launched the SOAR Learning Hub. We’ve aggregated content for security professionals at every level to learn more about and become knowledgeable of security orchestration, automation and response (SOAR) tools, security automation workflows, common and unique use cases and more. And we’ll continue adding content in effort to help SecOps professionals gain new skills while navigating through this moment in history,” Cornell concluded.