Category: investment
Worldwide SD-WAN market to reach $43 billion by 2030
Due to the rising adoption of IoT and the growing utilization of big data, the valuation of the global SD-WAN market is predicted to increase from $1.4 billion to $43 billion from 2019 to 2030. Further, the market will demonstrate a CAGR of 38.6% between 2020 and 2030, according to ResearchAndMarkets.
Big data and IoT help businesses in monitoring the utilization of their products by consumers and gaining valuable insights from the analysis of this information, offering a customized customer experience, and tracking their various operations. Additionally, the adoption of these technologies allows the real-time monitoring of company assets.
As the big data and IoT technologies bring them a host of numerous challenges such as data handling and management, security concerns, data privacy, demand for advanced technical expertise and knowledge, and high implementation costs, the rising integration of these technologies is massively boosting the progress of the SD-WAN market.
SD-WAN effectively resolves these issues with the help of risk minimization, centralized management and control, and zero-touch provisioning.
In addition to this, SD-WAN solutions simplify device and network security management, provide deep visibility into network performance, which allows the IT professionals to easily detect network problems and security threats, and integrate application filters, firewalls, and UTM functionality.
The pandemic severely affecting the progress of the SD-WAN market
The current COVID-19 crisis is severely affecting the progress of the SD-WAN market. This is because businesses operating in various sectors have had to either scale down or shut down their operations because of the lockdown initiated in several countries for controlling the spread of the virus.
Because of this reason, companies are incurring huge financial losses and are therefore, reducing their IT spending, including their expenditure on SD-WAN solutions. Moreover, as most of the employees are working remotely (from home), the requirement for advanced networking solutions is very low.
Between the solution and service categories, under the offering segment of the SD-WAN market, the former is expected to register higher revenue growth in the market in the coming years.
This is ascribed to the rapidly rising popularity of multi-cloud ecosystems, rising compliance requirements, increasing procurement of connected and IoT devices, and the growing requirement for secured network infrastructure and application optimization. These factors are fueling the adoption of SD-WAN solutions in the BFSI (banking, financial services, and insurance), healthcare, and IT & telecom sectors.
Under the deployment segment, the on-premises category recorded the highest growth in the SD-WAN market in the last few years, mainly because the SD-WAN solutions come with various security concerns.
Additionally, the on-premises deployment method helps in the management of large volumes of unstructured data. Moreover, the usage of physical devices is usually preferred for the effective management of network in the corporate sector.
The bright future of the network operations visibility category
In the future years, the network operations visibility category, based on use case, would exhibit the fastest growth in the SD-WAN market. This is credited to the rising requirement for real-time insights for resolving the issues arising in SD-WAN and making its operation hassle-free.
Historically, under the industry segment of the SD-WAN market, the IT & telecom classification had the highest share, mainly because of its rapid expansion and digitization and the high requirement for a better customer experience in this industry. In addition to this, the rising usage of mobile phones in offices, development and penetration of 5G, increasing adoption of IoT, and mushrooming utilization of big data are boosting the demand for SD-WAN solutions in the industry.
Globally, the North American SD-WAN market is currently the most prosperous one, on account of the presence of several well-established SD-WAN solution providing firms, favorable government policies for 5G adoption, quick integration of various advanced technologies, and the increasing need for simple and hassle-free networking operations in the region.
In the near future, the market will demonstrate the highest CAGR in the Asia-Pacific region. This is because of the rising investments being made in the IT sector, increasing implementation of supportive government policies for 5G, rapid digital transformation in enterprises, expanding operations of market players, and the ballooning popularity of cloud computing and connected devices in the region.
Pandemic thinking: What if there were a vaccine for OT ransomware?
The year 2020 has been defined globally by the COVID-19 pandemic. One of few silver linings for this difficult set of circumstances is innovation – redesigning normal processes so that life can carry on with some degree of regularity and reliability.
Pre-COVID, we all took certain risks routinely, and the consequences were minor. Now the consequences are much more serious and we respond to these risks by very carefully deciding how we expose ourselves to the coronavirus. Whether sheltering in place, social distancing, or in full government lock-down, we have all felt the fatigue of being under the siege of an invisible threat.
The good news is there is hope at the end of the tunnel – in a matter of months, medical science will catch up to the threat and normal life will resume.
The cyber pandemic
The pandemic has digital consequences as well, for both enterprise networks and OT networks. Not only has the pandemic brought us more online, and forced us into doing nearly everything remotely, macro trends continue as well.
Computers are getting cheaper and CPUs are more ubiquitous than ever before – which means there are more targets for cyber attacks than ever before. Communications is getting cheaper, faster and more universal, and all this connectivity means steadily-increasing opportunities to attack the steadily-increasing number of targets.
The trend towards remote work is not likely to reverse very much post-pandemic, and the macro trends certainly will not reverse – no amount of social distancing will slow down cyber breaches, targeted attacks or targeted ransomware.
Unfortunately, many conventional IT security defenses that we deploy to protect against these threats are porous and hackable. Firewalls, IDS, security updates, VPNs are all software, with inevitable bugs and security holes, which means that all these defenses can be compromised. This is especially troubling in a world of physical, industrial operations that are increasingly dependent on these software-based protections for safe and reliable operation.
Worse, the industrial equivalent of “lock-down”, which is air-gapping, is folklore of the past; air-gapping defeats modern efficiency initiatives and so is either consciously avoided as a modern security strategy, or is implemented badly, resulting in residual connectivity and associated cyber risks.
To operate efficiently, industrial operations nearly always must share data with enterprise and customer systems, and – just as in a global pandemic – the risks and consequences of such contact through cyber connections must be weighed very carefully.
What if there were a vaccine for cyber?
Every pandemic begs a vaccine. What if there were a vaccine for the cyber pandemic? What if there were a vaccine that could prevent OT attacks and the OT ransomware that has shut down hundreds of industrial sites in 2020? Targeted ransomware is one of today’s biggest and nastiest cyber threats.
These targeted attacks defeat conventional defenses at heavily-defended industrial sites. In a sense this is no surprise – many of today’s targeted ransomware groups use attack tools and techniques that were once the sole province of nation-states. A cyber vaccine is needed, urgently.
Unidirectional Security Gateways
The good news – future-proofing our most important services and industries from the cyber pandemic is not as difficult as a COVID vaccine. Today’s hardware-enforced unidirectional gateways stop targeted ransomware and other targeted, remote-control attacks from reaching into industrial networks.
The physical security embedded in the unidirectional hardware does not protect the information, but rather protects the industrial networks from information, more specifically from attacks that may be embedded in information that enters industrial networks.
And unlike air gaps, unidirectional gateways enable seamless flows of operations information from industrial operations out into the enterprise or even out into the Internet beyond the enterprise.
Unidirectional hardware prevents attacks from entering industrial networks, while unidirectional gateway software makes copies of databases and other servers from industrial networks to external networks.
Enterprise and other users simply access the industrial data in the external replica databases. Unidirectional gateways “vaccinate” industrial networks against online attacks, while providing the kind of seamless access to industrial data that modern, efficient enterprises rely on.
There are indeed lessons from the pandemic that we can apply to our industrial networks. Using only software protections means making difficult risk decisions on a regular basis, just as we do with social distancing and lock-downs.
We all look forward to the day of the COVID19 vaccine, when these difficult decisions and risks will disappear. The good news on the cyber side is that the vaccine for OT networks is already available, in the form of Waterfall’s Unidirectional Security Gateways.
New wave of affordable silicon leading to greater IoT project success
With up to 75 percent of remote device management projects deemed “not successful,” in 2020, IoT deployment has been limited in realizing its full potential.
Path to IoT project success
However, a new wave of affordable silicon that provides a wide array of features and functionality, in conjunction with the maturation of pre-packed software, will lead to a substantial increase in IoT project success in the upcoming year, predict experts at Sequitur Labs.
According to Verified Market Research, the global IoT market size was valued at $212.1 Billion in 2018 and is expected to witness a growth of 25.68% to reach $1.3 trillion by 2026.
While there are many reasons for IoT deployment struggles, the most common ones involve project complexity, lack of required skills and the inability to implement effective security.
With recent improvements that enable vendors to implement a new generation of functionality into their solutions and device updates, ensuring a substantial increase in the success of IoT projects.
Being heavily involved in the IoT security space, there are several advancements in 2021 that are expected to move the industry forward in several key areas.
Improved industrial IoT remote device management and control
COVID-19 has not only forced people to work remotely, it has also accelerated the need to configure, control and manage industrial devices remotely as well. As a result, the vast majority of industrial end points are expected to support IP-based networks (like Ethernet and Wi-fi) rather than purpose-built networks (for example, Modbus or Profibus).
The devices can be connected to the internet, and as such will also require the ability to boot safely, update securely, enable system recovery, secure sensitive applications and data storage.
Increased cloud integration
Smart device platforms from Google (Google Assistant), Amazon (Alexa) and Apple (Apple Homekit) have emerged as the central communications point in the connected home. Each of these vendors require compliance from their ecosystem partners in order to join their solution.
With the number of connected devices in the home accelerating, the need for device security will become more critical than ever in the coming year.
Increased deployment of IoT for medical devices
Medical products such as remote monitoring devices and sensors for medical equipment are accelerating in adoption. The benefits include lower medical management costs, reduction in hospital stay time and effective equipment monitoring.
The risk of a corrupted or compromised device is high in this industry, and as sheer volumes of remotely monitored and controlled products increase, so do security needs.
Device authentication, secure monitoring for updates, maintenance and health diagnostics, and protection against remote attacks will drive the need for purpose-based solutions in this industry.
“There is huge potential in the deployment of IoT devices into industries that will improve the way people work, communicate and live. However, successful implementation will be limited if these devices cannot be used securely,” said Philip Attfield, CEO, Sequitur Labs.
“The advances in securing remote devices over the past year will lead to incredible innovations in the marketplace, expected to accelerate artificial intelligence and significant technological benefits at the edge.”
Enterprises addressing data security and e-waste issues generated by remote work
47 percent of large global enterprises created roles responsible for implementing and ensuring compliance with e-waste policies specifically to deal with e-waste issues generated from the COVID-19 pandemic, according to Blancco Technology Group.
E-waste is a global concern – and is quickly becoming a crisis of its own. More than 53 million metric tons of e-waste was produced in 2019. The purchases of new technology to facilitate employees’ transition to remote work during the pandemic has sparked both data security and e-waste fears as businesses increase the volumes of devices they own and ultimately the amount of data that resides on them.
COVID-19 caused unnecessary short-term investment in technology
The study revealed that 97 percent of enterprises had to purchase laptops, with 75 percent buying the devices brand new, to deal with the mass exodus from traditional offices to home office environments.
However, the study found that 78 percent of respondents agreed with the statement, “COVID-19 caused unnecessary short-term investment in technology, which will leave us at risk with data being stored on a wide range of devices.” This demonstrates an awareness of security risks among decision makers.
Enterprises will inevitably face challenges following the switch to remote working, but the importance of employing appropriate methods of data sanitization when new devices are eventually decommissioned remains imperative. If enterprises fail to do this, they run the risk of data breaches and regulatory penalties.
Aiming to understand how these new challenges might be overcome, the survey explored current approaches to e-waste management and found that while 44 percent of enterprises did have an e-waste policy in place for end-of-life device management, it was not yet being communicated or implemented.
E-waste initiatives tend to struggle within the modern enterprise
However, the survey identifies that e-waste initiatives tend to struggle within the modern enterprise due to a lack of ownership around the communication of the policies and in their implementations and compliance.
“The flood of technology investment which followed the beginning of the pandemic has created clear issues for both e-waste and secure data management,” said Alan Bentley, President of Global Strategy at Blancco.
“The switch to remote work spurred on a wave of new device purchases, but these new, widely distributed devices have left enterprises feeling vulnerable. It’s fascinating that so many businesses have implemented roles to manage the e-waste issue resulting from COVID-19, demonstrating corporate social responsibility (CSR), but also their concern around how these devices will be dealt with when they reach end-of-life.
“It’s crucial that this issue is not overlooked and that these devices are appropriately disposed of. But it’s just as crucial to ensure the safeguarding of sensitive data during that process.
“Appropriate data sanitization might at times be overlooked as an element of e-waste policies, but it is the perfect opportunity to engage data management best practices. Because not only will this reduce environmental impact, it will also remove the risk of a data breach when disposing of devices at end-of-life.”
The report concludes that enterprises must rethink their device management practices. It is now more important than ever that enterprises include end-of-life device and data management best practices within e-waste policies.
Key global findings
- 92 percent of enterprises agree with the statement, “We must take a serious view on ensuring all devices used to equip the workforce throughout the COVID-19 pandemic are appropriately stored and disposed of.”
- 47 percent of enterprises are “uncertain” about how best to communicate e-waste policies. This challenge is exacerbated by the fact that the task of being responsible for e-waste and CSR policy communications lacks ownership. Indeed, 39 percent of respondents said the reason their e-waste policies hadn’t been communicated was because no one had taken control of them.
- 35 percent of enterprises said their organizations carried out physical destruction on end-of-life equipment because it’s viewed as better for the environment.
- When asked what will happen to their newly purchased devices when no longer required for remote work, 28 percent of enterprises said laptops would be erased to be resold. A further 27 percent said they would be erased to be reused internally. An additional 12 percent said they would be erased and recycled, and 9 percent will send them to an ITAD.
SMBs eagerly adopting IaaS, 60% prefer resellers over providers
As the “as-a-service” cloud model revolutionizes the way businesses of all sizes use technology, a study released by AppDirect reveals that SMBs are eagerly adopting infrastructure as a service (IaaS) and that they prefer to purchase solutions from resellers.
The report also found that 72% of SMBs already run most of their workloads in the cloud, and that eight out of 10 plan to increase their IaaS spend over the next three years.
SMBs inceasingly using IaaS solutions
For years, SMBs have been eager SaaS adopters. Now, as their understanding of—and comfort with—the public cloud has increased, many SMBs are adopting IaaS solutions to manage critical parts of their businesses.
Small businesses already spend more than $60 billion on IaaS, a figure that is set to reach more than $90 billion by 2023.
“As-a-service solutions have been a game-changer for SMBs, giving them access to enterprise-grade technology that levels the playing field, and IaaS is no different,” said Dan Saks, co-CEO of AppDirect.
“Our report shows that SMBs are eager to adopt IaaS, but they want trusted partners to help them scale the solutions that are best for their businesses. There’s a huge IaaS opportunity for IaaS resellers who offer the products and ease of use that SMBs want.”
SMB spending is on the rise
Just 20% of SMBs say they will hold spending at current levels, while 80% plan to increase IaaS purchasing over the next three years. Many are starting to shop around for the best products and deals, with 69% SMBs buying from multiple providers to get better pricing.
Others also pursue a multi-vendor strategy to diversify their technology (41%) or find the products that best suit their needs.
Resellers are valuable partners
Businesses have two main options to purchase IaaS services – going directly to a provider or working with a reseller. They prefer working with resellers by nearly a 20-point margin—59% vs 41%—primarily for the more personalized attention that resellers offer.
In fact, resellers have the edge in almost every area measured, including trust, support, understanding business needs, and flexibility. Providers came out ahead only on pricing and discounting options.
Challenges for resellers in gearing up to serve SMBs
SMBs prefer to purchase from multiple providers. However, resellers are experiencing significant obstacles to a multi-provider strategy. Lack of skilled staff (82%) is the biggest challenge, followed by provider exclusives (46%).
With most SMBs looking to spend more on IaaS, resellers who balance investing in additional personnel and platform technology that can streamline IaaS provider onboarding and management are likely to see a return on their efforts to reach SMBs.
Many resellers seem to recognize this fact. 56% of resellers plan to increase their investment in selling to SMBs over the next three years.
What is the future of working professional education?
The Executive MBA Council (EMBAC) published research which addresses how business education needs to evolve to keep pace with changing demands and expectations about professional development from both students and their employers over the next five years and beyond.
The study draws on new original qualitative research from in-depth interviews with relevant decision makers at international business schools and within major employers who invest in working professional development. It also involved a survey of over 300 individual learners who were looking to take business school courses in the next five years.
“The relationship between employees and employers has been evolving for some time, and this study opens up what that means for the future of working professional education. Economic uncertainty, online learning, lifelong development, remote working, and digital transformation in business schools and other organizations are not new.
“However, the global pandemic is accelerating these trends. Our sector will benefit from a healthy and honest debate about how future ways of learning and work can help leaders in business and business education find new answers to the problems of our time,” said Michael Desiderio, executive director of EMBAC.
Working professional education: Key findings
- 38% of individual learners said they rated blended learning (face to face and online) as their ideal skills development path for the next five years.
- When choosing a business school, the top requirements are flexibility in how learning is delivered (45%), how much the school embraces digital transformation (42%) and how much the program will accelerate career prospects (37%).
- More than three quarters of employer respondents believe that business schools need to develop short, inexpensive programs that deliver relevant skills for those working and be clear about how their offer positively impacts our wider society, not just the business industry.
- While employers agree that leadership remains an important skill for development, new leadership models are emerging that have stronger roots in “soft skills” such as emotional intelligence, more agility and conscious, continuous learning.
- Employers also point out that as the workforce ages, one of the most frequently sought-after development programs is how to manage effectively across generations since attitudes and lifestyles can vary significantly.
Fundamental shifts in the workforce were already taking place
While the COVID-19 may have accelerated change in the workforce, fundamental shifts were already taking place. There is no one-size fits all solution with the different circumstances – economic, political and social – having a significant impact on the approach that a school decides to take.
However, it is clear that institutions will need to evolve from the focus on quantity of degrees awarded to becoming a learning partner to companies and organizations; keenly understanding the needs of both the workforce and individual industries.
56% of organizations faced a ransomware attack, many paid the ransom
There’s a continued proliferation of ransomware, heightened concerns around nation-state actors, and the need for acceleration of both digital and security transformation, a CrowdStrike survey reveals.
Proliferation of ransomware leads to more frequent payouts, costing millions
Survey data indicates ransomware attacks have proven to be especially effective, as 56% of organizations surveyed have suffered a ransomware attack in the last year. The COVID-19 pandemic catalyzed increasing concerns around ransomware attacks, with many organizations resorting to paying the ransom.
The global attitude shifts from a question of if an organization will experience a ransomware attack to a matter of when an organization will inevitably pay a ransom. Notable findings include:
- Concern around ransomware attacks continues to increase, with the stark increase in this year’s findings (54%) compared to 2019 (42%) and 2018 (46%).
- 71% of cybersecurity experts globally are more worried about ransomware attacks due to COVID-19.
- Among those hit by ransomware, 27% chose to pay the ransom, costing organizations on average $1.1 million USD owed to hackers.
- The APAC region is suffering the most when paying the ransom with the highest average payout at $1.18 million USD, followed by EMEA at $1.06 million and the U.S. at $0.99 million.
Fear of nation-state cyberattacks can stifle business growth in post COVID-19 world
Nation-state activity continues to weigh heavily on IT decision makers, as 87% of respondents agree that nation-state sponsored cyberattacks are far more common than people think.
As growing international tensions and the global election year have created a nesting ground for increased nation-state activity, organizations are under increased pressure to resume operations despite the increased value of intellectual property and vulnerabilities caused by COVID-19. Key highlights include:
- Even with the massive rise in eCrime over the course of 2020, 73% believe nation-state sponsored cyberattacks will pose the single biggest threat to organizations like theirs in 2021. In fact, concerns around nation-states have steadily increased, as 63% of cybersecurity experts view nation-states as one of the cyber criminals most likely to cause concern, consistently rising from 2018 (54%) and 2019 (59%).
- 89% are fearful that growing international tensions (e.g. U.S.-China trade war) are likely to result in a considerable increase in cyber threats for organizations.
- Approximately two in five IT security professionals believe a nation-state cyberattack on their organization would be motivated by intelligence (44%) or to take advantage of vulnerabilities caused by COVID-19 (47%).
Digital and security transformation accelerated as business priority
In the wake of these threats, cybersecurity experts have accelerated their digital and security transformation efforts to address the growing activity from eCrime and nation-state actors.
While spend on digital transformation continues to trend upward, the COVID-19 pandemic accelerated the timeline for many organizations, costing additional investment to rapidly modernize security tools for the remote workforce. Security transformation rollout findings include:
- 61% of respondents’ organizations have spent more than $1 million on digital transformation over the past three years.
- 90% of respondents’ organizations have spent a minimum of $100,000 to adapt to the COVID-19 pandemic.
- 66% of respondents have modernized their security tools and/or increased the rollout of cloud technologies as employees have moved to work remotely.
- 78% of respondents have a more positive outlook on their organization’s overarching security strategy and architecture over the next 12 months.
“This year has been especially challenging for organizations of all sizes around the world, with both the proliferation of ransomware and growing tensions from nation-state actors posing a massive threat to regions worldwide,” said Michael Sentonas, CTO, CrowdStrike.
“Now more than ever, organizations are finding ways to rapidly undergo digital transformation to bring their security to the cloud in order to keep pace with modern-day threats and secure their ‘work from anywhere’ operations.
“Cybersecurity teams around the globe are making strides in improving their security posture by moving their security infrastructure to the cloud and remaining diligent in their incident detection, response and remediation practices.”
Network traffic and consumption trends in 2020
As COVID-19 lockdown measures were implemented in March-April 2020, consumer and business behavioral changes transformed the internet’s shape and how people use it virtually overnight. Many networks experienced a year’s worth of traffic growth (30-50%) in just a few weeks, Nokia reveals.
By September, traffic had stabilized at 20-30% above pre-pandemic levels, with further seasonal growth to come. From February to September, there was a 30% increase in video subscribers, a 23% increase in VPN end-points in the U.S., and a 40-50% increase in DDoS traffic.
Ready for COVID-19
In the decade prior to the pandemic, the internet had already seen massive and transformative changes – both in service provider networks and in the evolved internet architectures for cloud content delivery. Investment during this time meant the networks were in good shape and mostly ready for COVID-19 when it arrived.
Manish Gulyani, General Manager and Head of Nokia Deepfield, said: “Never has so much demand been put on the networks so suddenly, or so unpredictably. With networks providing the underlying connectivity fabric for business and society to function as we shelter-in-place, there is a greater need than ever for holistic, multi-dimensional insights across networks, services, applications and end users.”
The networks were made for this
While the networks held up during the biggest demand peaks, data from September 2020 indicates that traffic levels remain elevated even as lockdowns are eased; meaning, service providers will need to continue to engineer headroom into the networks for future eventualities.
Content delivery chains are evolving
Demand for streaming video, low-latency cloud gaming and video conferencing, and fast access to cloud applications and services, all placed unprecedented pressure on the internet service delivery chain.
Just as Content Delivery Networks (CDNs) grew in the past decade, it’s expected the same will happen with edge/far edge cloud in the next decade – bringing content and compute closer to end users.
Residential broadband networks have become critical infrastructure
With increased needs (upstream traffic was up more than 30%), accelerating rollout of new technologies – such as 5G and next-gen FTTH – will go a long way towards improving access and connectivity in rural, remote and underserved areas.
Better analytical insights enable service providers to keep innovating and delivering flawless service and loyalty-building customer experiences.
Deep insight into network traffic is essential
While the COVID-19 era may prove exceptional in many ways, the likelihood is that it has only accelerated trends in content consumption, production and delivery that were already underway.
Service providers must be able to have real-time, detailed network insights at their disposal – fully correlated with internet traffic insights – to get a holistic perspective on their network, services and consumption.
Security has never been more important
During the pandemic, DDoS traffic increased between 40-50%. As broadband connectivity is now largely an essential service, protecting network infrastructure and services becomes critical.
Agile and cost effective DDoS detection and automated mitigation are becoming paramount mechanisms to protect service provider infrastructures and services.
How a move to the cloud can improve disaster recovery plans
COVID-19 and the subsequent global recession have thrown a wrench into IT spending. Many enterprises have placed new purchases on hold. Gartner recently projected that global spending on IT would drop 8% overall this year — and yet dollars allocated to cloud-based services are still expected to rise by approximately 19 percent, bucking that downward trend.
Underscoring the relative health of the cloud market, IDC reported that all growth in traditional tech spending will be driven by four platforms over the next five years: cloud, mobile, social and big data/analytics. Their 2020-2023 forecast states that traditional software continues to represent a major contribution to productivity, while investments in mobile and cloud hardware have created new platforms which will enable the rapid deployment of new software tools and applications.
With entire workforces suddenly going remote all over the world, there certainly are a number of specific business problems that need to be addressed, and many of the big issues involve VPNs.
Assault on VPNs
Millions of employees are working from home, and they all have to securely access their corporate networks. The vast majority of enterprises still rely on on-premises servers to some degree (estimates range from 60% to 98%), therefore VPNs play a vital role in enabling that employee connection to the network. This comes at a cost, though: bandwidth is gobbled up, slowing network performance — sometimes to a crippling level — and this has repercussions.
Maintenance of the thousands of machines and devices connected to the network gets sacrificed. The deployment of software, updates and patches simply doesn’t happen with the same regularity as when everyone works on-site. One reason for this is that content distribution (patches, applications and other updates) can take up much-needed bandwidth, and as a result, system hygiene gets sacrificed for the sake of keeping employees productive.
Putting off endpoint management, however, exposes corporate networks to enormous risks. Bad actors are well aware that endpoints are not being maintained at the same level as pre-pandemic, and they are more than willing to take advantage. Recent stats show that the volume of cyberattacks today is pretty staggering — much higher than prior to COVID-19.
Get thee to the cloud: Acceleration of modern device management
Because of bandwidth concerns, the pressure to trim costs, and the need to maintain machines in new ways, many enterprises are accelerating their move to the cloud. The cloud offers a lot of advantages for distributed workforces while also reducing costs. But digital transformation and the move to modern device management can’t happen overnight.
Enterprises have invested too much time, money, physical space and human resources to just walk away. Not to mention, on-premises environments have been highly reliable. Physical servers are one of the few things IT teams can count on to just work as intended these days.
Hybrid environments offer a happy medium. With the latest technology, enterprises can begin migrating to the cloud and adapt to changing conditions, meeting the needs of distributed teams. They can also save some money in the process. At the same time, they don’t have to completely abandon their tried-and-true servers.
Solving specific business problems: Content distribution to keep systems running
But what about those “specific business problems,” such as endpoint management and content distribution? Prior to COVID-19, this had been one of the biggest hurdles to digital transformation. It was not possible to distribute software and updates at scale without negatively impacting business processes and without excessive cost.
The issue escalated with the shift to remote work. Fortunately, technology providers have responded, developing solutions that leverage secure and efficient delivery mechanisms, such as peer-to-peer content distribution, that can work in the cloud. Even in legacy environments, vast improvements have been made to reduce bandwidth consumption.
These solutions allow enterprises to transition from a traditional on-premises infrastructure to the cloud and modern device management at their own speed, making their company more agile and resilient to the numerous risks they encounter today. Breakthrough technologies also support multiple system management platforms and help guarantee endpoints stay secure and updated even if corporate networks go down – something that, given the world we live in today, is a very real possibility.
Disaster averted
Companies like Garmin and organizations such as the University of California San Francisco joined the unwitting victims of ransomware attacks in recent months. Their systems were seized, only to be released upon payment of millions of dollars.
While there is the obvious hard cost involved, there are severe operational costs as well — employees that can’t get on the network to do their jobs, systems must be scanned, updated and remediated to ensure the network isn’t further compromised, etc. A lot has to happen within a short period of time in the wake of a cyberattack to get people back to work as quickly and safely as possible.
Fortunately, with modern cloud-based content distribution solutions, all that is needed for systems to stay up is electricity and an internet connection. Massive redundancy is being built into the design of products to provide extreme resilience and help ensure business continuity in case part or all of the corporate network goes down.
The newest highly scalable, cloud-enabled content distribution options enable integration with products like Azure CDN and Azure Storage and also provide a single agent for migration to modern device management. With features like cloud integration, internet P2P, and predictive bandwidth harvesting, enterprises can leverage a massive amount of bandwidth from the internet to manage endpoints and ensure they always stay updated and secure.
Given these new developments precipitated and accelerated by COVID-19, as well as the clear, essential business problem these solutions address, expect to see movement and growth in the cloud sector. Expect to see an acceleration of modern device management, and despite IT spending cuts, expect to see a better, more secure and reliable, cost efficient, operationally efficient enterprise in the days to come.
Exploring the progress organizations are making in their investments towards digital resiliency
Overall investments in digital resiliency have increased steadily throughout the year as businesses prioritize or accelerate adoption of cloud, collaborative, and digital transformation projects, IDC reveals.
Security has also been a major investment area, driven by the shift to more remote work and accelerated cloud adoption in 2020.
“Digital resiliency refers to an organization’s ability to rapidly adapt to business disruptions by leveraging digital capabilities to not only restore business operations, but also capitalize on the changed conditions,” said Stephen Minton, VP in IDC‘s Customer Insights & Analysis group.
“As the COVID-19 crisis has shown, the ability to respond quickly and effectively to unexpected changes in the business environment are critical to an organization’s short-term success. To prepare for future business disruptions, organizations need plans that will enable them to rapidly adapt as opposed to just respond.
“Investments in digital capabilities not only enable an organization to adapt to the current crisis but also to capitalize on the changed conditions.”
The Digital Resiliency Investment Index
The Digital Resiliency Investment Index is comprised of two factors – digital core investments and digital innovation investments.
Digital core investments are comprised of spending on the core components of digital resiliency: cloud, security, collaborative support for remote workers, and digital transformation projects. This score should increase over time as organizations shift budget away from traditional and legacy IT spending and toward these core components of digital resiliency.
Digital innovation investments are measured using a monthly survey of enterprises on their current and anticipated IT investment focus, including how much new or reallocated spending is targeted at digital resiliency and business acceleration versus crisis response measures. This score should also increase over time as organizations shift their spending focus back to building a digital enterprise.
Overall, investments in cloud, collaboration, and security have managed to grow throughout 2020, despite a decline in overall IT spending.
In recent, months, the focus on resiliency has increased as organizations realize the importance of being prepared for future business disruptions. As a result, digital resiliency spending is expected to accelerate in 2021 as the global economy improves.
Resiliency investments by location
On a geographic basis, resiliency investments grew fastest in Asia/Pacific, in line with the region’s overall response to the pandemic. Investments in the United States improved noticeably in October, which may reflect a combination of short-term and long-term factors.
Meanwhile, Europe’s results declined slightly in October as the region returned to crisis response mode with a surge in coronavirus cases and new socio-economic restrictions.
“The next several months may put increased pressure on some organizations to respond to second waves of COVID infections and economic lockdowns, which will be reflected in our monthly surveys throughout the winter,” said Minton.
“What we have learned already this year is that the organizations which were among the early adopters of cloud, digital, and collaborative technologies were best-positioned for a crisis no one could have predicted.
“Digital resiliency in the coming 6-12 months will to some extent reflect the speed at which others were able to pivot their tech investments in 2020, even as overall budgets were constrained by economic uncertainty.”
Direct digital transformation investment to approach $6.8 trillion by 2023
Despite a global pandemic, direct digital transformation (DX) investment is still growing at a compound annual growth rate (CAGR) of 15.5% from 2020 to 2023 and is expected to approach $6.8 trillion as companies build on existing strategies and investments, becoming digital-at-scale future enterprises, according to IDC.
Digital transformation investment predictions
Prediction 1: accelerated DX investments create economic gravity. The economy remains on course to its digital destiny with 65% of global GDP digitalized by 2022 and will drive over $6.8 trillion of direct DX investments from 2020 to 2023.
Prediction 2: digital organization structures and roadmaps mature. By 2023, 75% of organizations will have comprehensive digital transformation implementation roadmaps, up from 27% today, resulting in true transformation across all facets of business and society.
Prediction 3: digital management systems mature. By 2023, 60% of leaders in G2000 organizations will have shifted their management orientation from processes to outcomes, establishing more agile, innovative, and empathetic operating models.
Prediction 4: the rise of the digital platform and extended ecosystems. By 2025, driven by volatile global conditions, 75% of business leaders will leverage digital platforms and ecosystem capabilities to adapt their value chains to new markets, industries, and ecosystems.
Prediction 5: a digital first approach. While “digital first” prevails in every experience, 60% of enterprises will invest heavily in digitalizing employee experience in 2021, transforming the relationship between employers and employees.
Prediction 6: business model reinvention. By 2021, at least 30% of organizations will accelerate innovation to support business and operating model reinvention, fast-tracking transformation programs to future-proof their businesses.
Prediction 7: sustainability and DX. By 2022, the majority of companies will realize greater value by combining digital and sustainability, giving rise to digitally driven and sustainably enabled projects as the de-facto standard.
Prediction 8: digitally native cultures. To thrive in digital supremacy economy, 50% of enterprises will implement the organizational culture optimized for DX in 2025, based on customer-centric and data-driven.
Prediction 9: accelerating digital experiences. By 2022, 70% of all organizations will have accelerated use of digital technologies, transforming existing business processes to drive customer engagement, employee productivity, and business resiliency.
Prediction 10: business innovation platforms. By 2023, 60% of G2000 companies will build their own business innovation platform to support innovation and growth in the new normal.
According to Shawn Fitzgerald, research director, Worldwide Digital Transformation Strategies at IDC, “Organizations with new digital business models at their core that are successfully executing their enterprise-wide strategies on digital platforms are well positioned for continued success in the digital platform economy.
“Our 2021 digital transformation predictions represent areas of notable opportunity to differentiate your own digital transformation strategic efforts.”
Enterprise IT security teams continue to struggle
CyberEdge conducted a web-based survey of 600 enterprise IT security professionals from seven countries and 19 industries in August 2020 in an effort to understand how the pandemic has affected IT security budgets, personnel, cyber risks, and priorities for acquiring new security technologies.
Impacts from the work-from-home movement
Prior to the pandemic, an average of 24% of enterprise workers had the ability to work from home on a full-time, part-time, or ad hoc basis. As of August 2020, that number more than doubled to 50%.
Many enterprises without existing BYOD policies were instantly compelled to permit employee-owned laptops, tablets, and smartphones to access company applications and data – in some instances without proper endpoint security protections.
Resulting IT security challenges
A 114% increase in remote workers coupled with a 59% increase in BYOD policy adoption has wreaked havoc among enterprise IT security teams.
The top-three challenges experienced by enterprise IT security teams have been an increased volume of threats and security incidents, insufficient remote access / VPN capacity, and increased risks due to unmanaged devices.
Furthermore, an astounding 73% of enterprises have experienced elevated third-party risks amongst their partners and suppliers. Adding fuel to the fire, 53% of these teams were already understaffed before the pandemic began.
Healthy 2020 and 2021 IT security budgets
While most enterprises searched for ways to reduce overall operating expenses in 2020, 54% of those surveyed increased their IT security operating budgets mid-year by an average of 5%.
Only 20% of enterprises reduced their overall IT security spending after the start of the pandemic. With regard to the impact of the pandemic on next year’s security budgets, 64% of organizations plan to increase their security operating budgets by an average of 7%.
Increased demand for cloud-based IT security investments
Arguably the biggest impact that the COVID-19 pandemic has had on the IT security industry is an increased appetite for cloud-based IT security solutions. This is primarily driven by the massive increase in remote workers but may also be influenced by having fewer IT security personnel available on site to install and maintain traditional on-premises security appliances.
Exactly 75% of respondents have indicated an increased preference for cloud-based security solutions. The top-three technology investments to address pandemic-fueled challenges are cloud-based secure web gateway (SWG), cloud-based next-generation firewall (NGFW), and cloud-based secure email gateway (SEG).
Reducing IT security personnel costs
Despite increased funding for cloud-based security technology investments, 67% of enterprise security teams were forced to temporarily reduce personnel expenses through hiring freezes (36%), temporary reductions in hours worked (32%), and temporary furloughs (25%). Fortunately, only 17% were forced to lay off personnel.
Training and certification make a huge difference
78% of those with IT security professional certifications feel their certification has made them better equipped to address pandemic-fueled challenges.
Next year, enterprises anticipate increasing their security training and certification budgets by an average of 6%.
Taking third-party risks seriously
The doubling of remote workforces has significantly increased third-party risks. As a result, 43% of enterprises have increased their third-party risk management (TPRM) technology investments. 77% are seeking technologies to help automate key TPRM tasks.
Securing employee-owned devices
In an effort to secure employee-owned devices connecting to company applications and data, 59% of enterprises are providing antivirus (AV) software, 52% are investing in mobile device management (MDM) products, and 48% are acquiring network access control (NAC) solutions.
Security professionals enjoy working from home
Not surprising, 81% of IT security professionals enjoy working from home. Once a COVID-19 vaccine is developed and the pandemic is over, 48% would like to continue working from home part-time while 33% would like to work from home full-time.
60% of organizations have accelerated their zero trust projects
The COVID-19 pandemic has not impacted the adoption of zero trust technology globally, a Pulse Secure report reveals. In fact, 60% of organizations said they have accelerated zero trust implementation during the pandemic.
The report surveyed more than 250 technology professionals. The newly published report examines how enterprises are moving forward with zero trust networking initiatives, where they’re being successful in doing so and how COVID-19 has affected the forward movement of those projects.
Formalized zero trust projects putting orgs ahead of the DX curve
The research found that the main difference between those who were successful in moving their zero trust initiatives forward were those that started out with formalized zero trust projects.
Those that had dedicated budgets and formal initiatives (69%) were far more likely to continue accelerating those projects throughout the pandemic, while those that had ad hoc zero trust projects were more likely to stall progress or stop entirely.
“The global pandemic has had some profound effects on the enterprise – with remote working being rolled out on an unprecedented scale, increased leverage of cloud resources and applications, and the transition to greater workplace flexibility,” said Scott Gordon, CMO at Pulse Secure.
“The findings indicate that organizations that advance their initiatives and planning towards zero trust process and technology implementation will be ahead of the digital transformation curve and much more resilient to threats and crises.”
The research went further into enterprises’ efforts to bring about zero trust networking in their environments. 85% of respondents have defined zero trust initiatives. However, 42% have received added budget for their projects. The projects that did receive added budget were more likely to persist through the pandemic.
Enterprises were overwhelmingly positive about their success in pursuing zero trust networking, with 94% indicating degrees of success; 50% labeled their efforts as successful and 44% of respondents indicating somewhat successful.
Bringing together security and networking teams
Dedicated zero trust projects tend to be interdisciplinary, bringing together security and networking teams. In 45% of such projects, security and networking teams have a zero trust partnership in which they formally share tools and processes. In 50% of cases, enterprises created a taskforce from both teams to pursue zero trust.
The three primary ways in which they collaborated were by coordinating access security controls across different systems (48%), assessing access security control requirements (41%) and defining access requirements according to user, role, data, and application (40%).
However, the survey found that collaboration is not without its own roadblocks. 85% of respondents in zero trust taskforces and partnerships found themselves struggling with cross-team skills gaps (33%), a lack of tools and processes that might facilitate collaboration (31%), and budget conflicts (31%).
“Enterprises are clearly accelerating efforts to adopt zero trust networking initiatives,” said Shamus McGillicuddy, VP of Research at Enterprise Management Associates.
“The survey shows that organizations that move forward with formal initiatives and budget are more likely to achieve implementation success and operational gain. We appreciate Pulse Secure’s support and sponsorship of this report that organizations can use to benchmark and progress their zero trust programs.”
Additional key findings
- Prime zero trust benefits: When asked what they consider to be the prime benefit of zero trust networks, IT operations agility (40%), improved governance risk and compliance (35%), breach prevention (34%), reducing the attack surface (31%), and unauthorized access mitigation (28%) ranked among the strongest responses.
- Hybrid IT remote access: Respondents are applying hybrid IT requirements to Secure Remote Access requirements within their zero trust network strategy, while 62% wanted cloud application access, half of enterprises access to public and private cloud resources and applications.
- IoT device exposures: Respondents discussed their position towards IoT devices which cannot be provided with the user identities on which zero trust is based and how they intend to create access policies for them. 36% said that devices would receive tailored access privileges based on function and characteristics; others said that all devices would receive a generic minimum level of access privileges (28%) and that untrusted devices would have limited network access with no access to high risk or compliance zones (23%).
Most businesses are rethinking how they work
In the wake of COVID-19, nearly 72 percent of U.S. based businesses have been rethinking how they work, 58 percent of businesses feel remote working is enabling them to hire a more distributed workforce, and 8 out of 10 businesses are already retooling to provide improved customer and employee experiences that enable new ways of working, Avaya reveals.
According to the survey, 3 out of 4 businesses say they have focused more on employee and team communication since COVID-19:
- 66 percent of mid-sized companies, those with 251-500 employees, have seen collaboration and communications technology increase in priority due to COVID-19
- 57 percent of businesses reported some struggle with remote communication and fatigue
- 32 percent reported employees having difficulties adapting to the new technology and communications tools available to them
“Work from Anywhere is creating new business models the world is adapting to, and it has become clear that trying to adopt a ‘business as usual, but remote’ approach is not enough,” said Simon Harrison, SVP and CMO, Avaya.
“COVID has accelerated digital transformation projects and put a new focus on customer and employee experiences, which have never mattered more. Additionally, new processes and new solutions need to completely change the way teams work together. Change has become a constant and embracing the cloud and the new experience economy, an opportunity.”
Technology decision makers are rethinking business at every level
- 72 percent of businesses have been revisiting their overall business model due to the changes brought on by COVID-19
- An even larger number, 80 percent, are rethinking their customer experience
- 77 percent are examining their employee experience
- 75 percent are rethinking their sales approach
Businesses focused on investing in communication and collaboration
83 percent of businesses responded that they thought their technology stack was prepared for remote working – however, many businesses did have to implement new technologies to improve their work-from-anywhere capabilities, including 65 percent adding video conference tools, 54 percent adding chat/messaging software and 53 percent adding project collaboration tools.
85 percent of businesses reported they plan on making the new technologies they have adopted during this time a permanent addition to their tech stacks.
Tech priorities are shifting
71 percent of tech decision makers reported faster adoption of new technologies in their organization due to COVID-19. Most companies also had a shift in technology priorities with 52 percent increasing investment in collaboration software, second only to spending on security, which nearly two-thirds of businesses increased.
Mid-sized companies with 251-500 employees have seen the biggest shifts in priorities, including increases in spending for security (74 percent), collaboration (66 percent), contact center software (59 percent) and contact tracing (53 percent). Overall, company owners and CEOs are more likely to say AI has increased in priority (46 percent).
How important are vulnerability management investments for a cybersecurity posture?
Vulnerability management (VM) technology addresses the threat landscape, which is in a constant state of flux. The wider dispersal of endpoints across private and public cloud environments increases the points of vulnerabilities in an enterprise network, intensifying the demand for VM solutions that make endpoints easier to track, verify, and secure.
To prevent attacks and damage to a business, VM providers employ various means of identifying, prioritizing, communicating, and suggesting possible responses to the risks companies face in their networked business environments.
The leading VM platforms provide a complete picture of a client’s security posture, correlating the client organization’s assets, classifying their importance with the vulnerabilities identified in the scan, and offering information for remediation.
A multilayered defense
Frost & Sullivan’s latest thought leadership paper analyzes the threat landscape and the role of VM in addressing the security concerns of the entire enterprise. It analyzes end-user willingness to invest in VM platforms that help provide a holistic cybersecurity approach in various areas, including vulnerability prioritization, automated workflows, and third-party integration.
“There is a shift toward bidirectional integration of VM platforms with other technologies,” explained Jarad Carleton, Global Program Leader, Cybersecurity at Frost & Sullivan.
“This aids a multilayered defense, which has proven to be superior to discrete technologies working separately in network defense. VM platforms that allow IT departments to conduct continual vulnerability assessments are emerging as one of the top five solutions for organizations concerned about system vulnerabilities as part of their security maturity improvement initiatives.”
According to the research, two out of every three cyberattacks in the United States and three out of every four in Europe are categorized as severe by the organizations affected by them.
As offices emptied and remote work became the norm, security teams struggled
One Identity released a global survey that reveals attitudes of IT and security teams regarding their responses to COVID-19-driven work environment changes. The results shed insight into IT best practices that have emerged in recent months, and how organizations rushed to adopt them to maintain a secure and efficient virtual workplace.
Cloud computing has been a lifesaver
99% of IT security professionals said their organizations transitioned to remote work because of COVID-19, and only a third described that transition as “smooth.” 62% of respondents indicated that cloud infrastructure is more important now than 12 months ago.
Thirty-one percent attributed this shift directly to COVID-19. The cloud has become front and center to the new working reality, creating flexibility for employees.
These results demonstrate that the previous level of attention to cloud deployments, while notable, does not appear to have been nearly enough to accommodate the dramatic computing shift across organizations.
“This research makes it clearly evident that cloud computing has been a lifesaver for many enterprises as IT teams pivoted and supported the massive shift to working away from offices,” said Darrell Long, president and general manager at One Identity.
“While we knew the pandemic-driven changes were sudden, what was particularly notable was how strongly the results proved that organizations had to turn their focus on the immediate challenges presented by the aggressive move to cloud computing, chiefly finding solutions that streamlined administering and securing who has access to what and how.”
Higher priority on access request technologies
Shifts in priorities indicate organizations are turning their focus on tackling the security basics. When compared to 12 months ago, 50% of respondents are placing a higher priority on access request technologies, and 31% said this change in prioritization is because of COVID.
Identity/access lifecycle management, identity process and workflow, and role management all saw increased priority among at least half of those surveyed.
Perhaps shell shocked, only 45% of IT security professionals indicated they are prepared for the IT changes necessary when their employees move back to organizations’ offices, according to survey results. Yet, 66% expressed increased confidence in the effectiveness of their identity management programs post COVID-based changes.
“We now know the truth: the COVID pandemic did not change the need to be productive, nor did it change the regulatory compliance requirements companies face, but clearly IT and security teams scrambled to shift their systems to accommodate work from home in a secure and controlled way,” said Long.
“Companies and organizations were helped to an extent by cloud investments that prepared them pre-COVID. However, most of them are still dealing with new challenges as employees adapt, IT and security teams effectively respond to the challenge of providing effective processes for gaining access to the resources needed for the workforce to do their jobs and security challenges associated with this new working environment.”
Adapt cybersecurity programs to protect remote work environments
Earlier this year, businesses across the globe transitioned to a remote work environment almost overnight at unprecedented scale and speed. Security teams worked around the clock to empower and protect their newly distributed teams.
Protect and support a remote workforce
Cisco’s report found the majority of organizations around the world were at best only somewhat prepared in supporting their remote workforce. But, it has accelerated the adoption of technologies that enable employees to work securely from anywhere and on any device – preparing businesses to be flexible for whatever comes next. The survey found that:
- 85% of organizations said that cybersecurity is extremely important or more important than before COVID-19
- Secure access is the top cybersecurity challenge faced by the largest proportion of organizations (62%) when supporting remote workers
- One in two respondents said endpoints, including corporate laptops and personal devices, are a challenge to protect in a remote environment
- 66% of respondents indicated that the COVID-19 situation will result in an increase in cybersecurity investments
“Security and privacy are among the most significant social and economic issues of our lifetime,” said Jeetu Patel, SVP and GM of Cisco’s Security & Applications business.
“Cybersecurity historically has been overly complex. With this new way of working here to stay and organizations looking to increase their investment in cybersecurity, there’s a unique opportunity to transform the way we approach security as an industry to better meet the needs of our customers and end-users.”
People worried about the privacy of their tools
People are worried about the privacy of remote work tools and are skeptical whether companies are doing what is needed to keep their data safe. Despite the pandemic, they want little or no change to privacy requirements, and they want to see companies be more transparent regarding how they use their customer’s data.
Organizations have the opportunity to build confidence and trust by embedding privacy into their products and communicating their practices clearly and simply to their customers. The survey found that:
- 60% of respondents were concerned about the privacy of remote collaboration tools
- 53% want little or no change to existing privacy laws
- 48% feel they are unable to effectively protect their data today, and the main reason is that they can’t figure out what companies are doing with their data
- 56% believe governments should play a primary role in protecting consumer data, and consumers are highly supportive of the privacy laws enacted in their country
“Privacy is much more than just a compliance obligation. It is a fundamental human right and business imperative that is critical to building and maintaining customer trust,” said Harvey Jang, VP, Chief Privacy Officer, Cisco. “The core privacy and ethical principles of transparency, fairness, and accountability will guide us in this new, digital-first world.”
Biometric device revenues to drop 22%, expected to rebound in 2021
In the aftermath of the COVID-19 pandemic, global biometric device revenues are expected to drop 22%, ($1.8 billion) to $6.6 billion, according to a report from ABI Research. The entire biometrics market, however, will regain momentum in 2021 and is expected to reach approximately $40 billion in total revenues by 2025.
Global biometric device revenues in 2020
“The current decline in the biometrics market landscape stems from multifaceted challenges from a governmental, commercial, and technological nature,” explains Dimitris Pavlakis, Digital Security Industry Analyst.
“First, they have been instigated primarily due to economic reforms during the crisis which forced governments to constrain budgets and focus on damage control, personnel well-being, and operational efficiency.
“Governments had to delay or temporarily cancel many fingerprint-based applications related to user/citizen and patient registration, physical access control, on-premise workforce management, and certain applications in border control or civil, welfare, immigration, law enforcement, and correctional facilities.
“Second, commercial on-premise applications and access control suffered as the rise of the remote workers became the new norm for the first half of 2020. Lastly, hygiene concerns due to contact-based fingerprint technologies pummelled biometrics revenues forcing a sudden drop in fingerprint shipments worldwide.”
Not all is bleak, though
New use-case scenarios have emerged, and certain technological trends have risen to the top of the implementation lists. For example, enterprise mobility and logical access control using biometrics as part of multi-factor authentication (MFA) for remote workers.
“Current MFA applications for remote workers might well translate into permanent information technology security authentication measures in the long term,” says Pavlakis. “This will improve biometrics-as-a-service (BaaS) monetization and authentication models down the line.”
Biometrics applications can now look toward new implementation horizons, with market leaders and pioneering companies like Gemalto (Thales), IDEMIA, NEC, FPC, HID Global, and Cognitec at the forefront of innovation.
“Future smart city infrastructure investments will now factor in additional surveillance, real-time behavioral analytics, and face recognition for epidemiological research, monitoring, and emergency response endeavors,” Pavlakis concludes.
How will blockchain impact the global economy?
An analysis by PwC shows blockchain technology has the potential to boost global gross domestic product (GDP) by $1.76 trillion over the next decade. That is the key finding of a report assessing how the technology is being currently used and exploring the impact blockchain could have on the global economy.
Through analysis of the top five uses of blockchain, ranked by their potential to generate economic value, the report gauges the technology’s potential to create value across industry, from healthcare, government and public services, to manufacturing, finance, logistics and retail.
“Blockchain technology has long been associated with cryptocurrencies such as Bitcoin, but there is so much more that it has to offer, particularly in how public and private organizations secure, share and use data,” comments Steve Davies, Global Leader, Blockchain and Partner, PwC UK.
“As organizations grapple with the impacts of the COVID-19 pandemic, many disruptive trends have been accelerated. The analysis shows the potential for blockchain to support organizations in how they rebuild and reconfigure their operations underpinned by improvements in trust, transparency and efficiency across organizations and society.”
Key takeaways
- The report identifies five key application areas of blockchain and assesses their potential to generate economic value using economic analysis and industry research. The analysis suggests a tipping point in 2025 as blockchain technologies are expected to be adopted at scale across the global economy.
- Tracking and tracing of products and services – or provenance – which emerged as a new priority for many companies’ supply chains during the COVID-19 pandemic, has the largest economic potential ($962bn). Blockchain’s application can be wide ranging and support companies ranging from heavy industries, including mining through to fashion labels, responding to the rise in public and investor scrutiny around sustainable and ethical sourcing.
- Payments and financial services, including use of digital currencies, or supporting financial inclusion through cross border and remittance payments ($433bn).
- Identity management ($224bn) including personal IDs, professional credentials and certificates to help curb fraud and identity theft.
- Application of blockchain in contracts and dispute resolution ($73bn), and customer engagement ($54bn) including blockchain’s use in loyalty programmes further extends blockchain’s potential into a much wider range of public and private industry sectors.
Blockchain’s success will depend on a supportive policy environment, a business ecosystem that is ready to exploit the new opportunities that technology opens, and a suitable industry mix.
Economic benefits across continents
Across all continents, Asia will likely see the most economic benefits from blockchain technology. In terms of individual countries, blockchain could have the highest potential net benefit in China ($440bn) and the USA ($407bn). Five other countries – Germany, Japan, the UK, India, and France – are also estimated to have net benefits over $50bn.
The benefits for each country differ however, with manufacturing focused economies such as China and Germany benefiting more from provenance and traceability, while the US would benefit most from its application in securitisation and payments as well as identity and credentials.
At a sector level, the biggest beneficiaries look set to be the public administration, education and healthcare sectors. These sectors are expected to benefit approximately $574bn by 2030, by capitalising on the efficiencies blockchain will bring to the world of identity and credentials.
Meanwhile, there will be broader benefits for business services, communications and media, while wholesalers, retailers, manufacturers and construction services, will benefit from using blockchain to engage consumers and meet demand for provenance and traceability.
Digital transformation as top priority
The potential for blockchain to be considered as part of organizations’ future strategy is linked to a research with business leaders that showed 61% of CEOs said they were placing digital transformation of core business operations and processes among their top three priorities, as they rebuild from COVID-19.
“One of the biggest mistakes organizations can make with implementing emerging technologies is to leave it in the realm of the enthusiast in the team. It needs C-Suite support to work, identify the strategic opportunity and value, and to facilitate the right level of collaboration within an industry,” comments Davies.
“Given the scale of economic disruption organizations are dealing with currently, establishing proof of concept uses which can be extended and scaled if successful, will enable businesses to identify the value, while building trust and transparency in the solution to deliver on blockchain’s potential.”
The report warns that if blockchain’s economic impact potential is to be realized, its energy overhead must be managed. Growing business and government action on climate change, including commitments to Net Zero transformation, will mean that organizations need to consider new models for consolidating and sharing infrastructure resources to reduce reliance on traditional data centres and their overall technology related energy consumption.
Theory and practice of web application security efforts in organizations worldwide
75% of executives believe their organization scans all web applications for security vulnerabilities, while nearly 50% of security staff say they don’t, a Netsparker survey reveals.
Web application security efforts are insufficient
Even more concerning, over 60% of DevOps respondents indicate that new security vulnerabilities are being found faster than they can be fixed, indicating that web application security efforts are insufficient.
However, only just over 40% of executives are aware of this situation, and thus most companies are unlikely to be making the required investments to remedy the situation.
Despite this, respondents ranked web application security highest among areas they believe their company should focus. Over 66% of respondents named web application security as a priority – more than any other aspect of IT security, ahead of network security, endpoint security, and patch management.
Additional highlights
- While just 20% of developers believe that development teams are resistant to incorporating security, close to half of security professionals say they encounter developer resistance.
- Just under 40% of developers indicated that critical security issues get automatically escalated, showing that organizations still have a long way to go to fully integrate security into the software development process.
- Just under 35% of developers report friction caused by security false positives, compared to over 54% of security staff. This suggests that security teams bear the bulk of extra work caused by false alarms.
Disconnect between theory and practice
The survey shows a worrying disconnect between the theory and practice of web application security. While most organizations appreciate the importance of web security, many still don’t scan all their applications and an even greater number struggle to deal with vulnerabilities in a timely manner.
This research shows that perceptions and expectations of web application security vary widely depending on the role. This misalignment between perception and reality creates dangerous threats to the security of organizations and their customer’s data as well.
State and local governments under siege from cyber threats
With both security budgets and talent pools negatively affected by the ongoing pandemic, state and local governments are struggling to cope with the constant wave of cyber threats more than ever before, a Deloitte study reveals.
The study is based on responses from 51 U.S. state and territory enterprise-level CISOs.
Key themes
- COVID-19 has challenged continuity and amplified gaps in budget, talent and threats, and the need for partnerships.
- Collaboration with local governments and public higher education is critical to managing increasingly complex cyber risk within state borders.
- CISOs need a centralized structure to position cyber in a way that improves agility, effectiveness and efficiencies.
The report also details focus areas for states during the COVID-19 pandemic. While the pandemic has highlighted the resilience of public sector cyber leaders, it has also called attention to long-standing challenges facing state IT and cybersecurity organizations such as securing adequate budgets and talent, and coordinating consistent security implementation across agencies.
Remote work creating new opportunities for cyber threats
These challenges were exacerbated by the abrupt shift to remote work spurred by the pandemic. According to the study:
- Before the pandemic, 52% of respondents said less than 5% of staff worked remotely.
- During the pandemic, 35 states have had more than half of employees working remotely; nine states have had more than 90% remote workers.
“The last six months have created new opportunities for cyber threats and amplified existing cybersecurity challenges for state governments,” said Meredith Ward, director of policy and research at NASCIO.
“The budget and talent challenges experienced in recent years have only grown, and CISOs are now also faced with an acceleration of strategic initiatives to address threats associated with the pandemic.”
“The pandemic forced state governments to act quickly, not just in terms of public health and safety, but also with regard to cybersecurity,” said Srini Subramanian, principal, Deloitte & Touche LLP.
“However, continuing challenges with resources beset state CISOs/CIOs. This is evident when comparing the much higher levels of budget that federal agencies and other industries like financial services receive to fight cyber threats.”
The need for digital modernization amplified by the pandemic
State governments’ longstanding need for digital modernization has only been amplified by the pandemic, along with the essential role that cybersecurity needs to play in the discussion. Key takeaways from the 2020 study include:
- Fewer than 40% of states reported having a dedicated budget line item for cybersecurity.
- Half of states still allocate less than 3% of their total information technology budget on cybersecurity.
- CISOs identified financial fraud as three times greater of a threat as they did in 2018.
- Overall, respondents said they believe the probability of a security breach is higher in the next 12 months, compared to responses to the same question in the 2018 study.
- Only 27% of states provide cybersecurity training to local governments and public education entities.
- Only 28% of states reported that they had collaborated extensively with local governments as part of their state’s security program during the past year, with 65% reporting limited collaboration.