Shaping your Cyber Practice in 2022

5/5 (1)

5/5 (1)

Against a backdrop of extended disruption, cybersecurity risks are expanding rapidly and current defences are inadequate. Ransomware attacks are increasing in frequency and impact, focusing more on targets where outages are not an option, such as critical infrastructure and hospitals. Supply chain attacks are creating chaos and has led to a much-needed focus on supply chain vulnerabilities.

As digitalisation continues at a faster pace, cybersecurity is too often, a secondary concern.

With the acceleration of cloud adoption; widespread remote working; the resulting proliferation of endpoints; and the expansion of attack surface for malicious actors, this is the time for organisations to transform their cybersecurity approaches.

Here are the 5 steps that you should consider:

  • Having CISOs report directly into top management – bypassing CIOs
  • Focusing on configuration management
  • Building resilience against ransomware attacks
  • Migrating away from a legacy perimeter-based approach
  • Shifting to Policy-as-Code

In 2022, attacks on organisations will grow in frequency and intensity. Organisations need to transform their approaches to cybersecurity. This involves embracing new concepts such as zero-trust and Secure Access Service Edge (SASE) as well as a stronger focus on policy as code and human factors.

Shaping-your-Cyber-Practice-in-2022-1
Shaping-your-Cyber-Practice-in-2022-2
Shaping-your-Cyber-Practice-in-2022-3
Shaping-your-Cyber-Practice-in-2022-4
Shaping-your-Cyber-Practice-in-2022-5
Shaping-your-Cyber-Practice-in-2022-6
Shaping-your-Cyber-Practice-in-2022-7
Shaping-your-Cyber-Practice-in-2022-8
previous arrowprevious arrow
next arrownext arrow
Shaping-your-Cyber-Practice-in-2022-1
Shaping-your-Cyber-Practice-in-2022-2
Shaping-your-Cyber-Practice-in-2022-3
Shaping-your-Cyber-Practice-in-2022-4
Shaping-your-Cyber-Practice-in-2022-5
Shaping-your-Cyber-Practice-in-2022-6
Shaping-your-Cyber-Practice-in-2022-7
Shaping-your-Cyber-Practice-in-2022-8
previous arrow
next arrow
Shadow

Click here to download Shaping your Cyber Practice in 2022 as a PDF

Cybersecurity Insights
0
Ecosystm Predicts: The Top 5 Trends for Cybersecurity & Compliance in 2022

5/5 (2)

5/5 (2)

Cyber operations become more complex with distributed company assets due to the hybrid work model; the need to revamp supply chains; and constantly monitor business continuity measures. And of course, 2021 has shown us that hackers are getting smarter and more vicious. Attacks now often originate from what appears to be trusted devices, people, applications – that reside inside the network. This will drive organisations to continue to focus on cybersecurity, and tech providers to develop on security by design in 2022. 

Read on to find out what Ecosystm Analysts, Andrew Milroy and Claus Mortensen think will be the leading cybersecurity and compliance trends in 2022.

Click here to download Ecosystm Predicts: The Top 5 Trends for Cybersecurity & Compliance in 2022 as PDF

Ecosystm Predictions 2022
0
The Empire Strikes Back – Vendors Respond to Cloud Hype

5/5 (4)

5/5 (4)

“Cloud is universal – everything is going to be on the cloud soon! If you are not moving to the cloud, you are going extinct! AWS, Microsoft and Google are going to rule the world!” This has been the hyped narrative for some time now. But watch out New World – the Old World is fighting back!

Traditional vendors like HP Enterprise, Cisco, and Oracle are all deploying strategies to remain relevant in the new world. For these vendors – especially for HPE and Cisco that come from a predominantly hardware background – the future is hybrid. They picture a world in which the data centre – either on-prem or in a co-located facility – thrives on, in tandem with the cloud. This is a reasonably good bet. For most large enterprises with a huge repository of applications and data sitting in the data centre, migrating everything to the cloud is a nightmare – fraught with risk and very expensive.

Ecosystm research shows that 32% of organisations have deployed containerisation – and this percentage will only grow. The ability for firms to toggle between data centre bare metal based applications and completely on-the-cloud ones is becoming more manageable by the day. This enormous flexibility allows a firm that has large compute needs to keep some stable workloads in a data centre, whether on-prem or co-located, while simultaneously using cloud-based workloads, optimising spends and performance.

Here is a glimpse into the strategies of three key vendors.

HPE’s ‘as-a-service’ Messaging is Spot on   

Two years ago, Antonio Neri boldly went where no HPE CEO had gone before, promising that HPE’s entire portfolio would be available ‘as-a-service’ within 3 years. At the recently concluded HPE Discover event, there were a flurry of announcements to showcase that GreenLake is indeed on its way to meet that ambitious goal in 2022.

HPE’s recent announcements show customers that GreenLake is an end-to-end solution for managing their IT infrastructure moving forward. It ticks all the boxes: providing flexibility and scalability; the advantage of using both data centre and cloud; and high manageability and security with a full suite of applications.

Examples are the partnership with Azure Stack HCI, to add to earlier ones with leading vendors like SAP, Citrix, and VMware. HPE is building a platform that provides customers with the comfort that they can adopt GreenLake and pretty much have access to any application they may choose to implement – offering full coverage from the Edge to the Cloud. It is extremely interesting that GreenLake allows the option of switching on and switching off processor cores as needed, and the customer pays based on usage. This is surely a first for the industry!

Another example is Lighthouse, which allows the customer to rapidly configure, and provision workloads based on dynamic needs. While all the hyperscalers provide similar services when the workload is on the cloud, Lighthouse allows the same flexibility and speed for cloud services which can be run in the data centre, on-prem, co-located, or even at the Edge.

A third example was the announcement of Project Aurora which will add an additional security layer from validating the input data all the way to verifying the workload at the start and then as it is running. It appears to use an AI/ML system that checks for unexpected behaviours to detect any kind of malware.

It makes good sense for HPE to push GreenLake and move to offering ‘everything-as-a-service’. As one of the incumbent enterprise hardware business leaders, this is a good response rather than to watch one’s business continue to shrink YoY. GreenLake is HPE’s way of futureproofing themselves and making sure they stay relevant in the new cloud world.

HPE Discover 2021

Cisco Secures the Hybrid Workplace

Cisco has been active launching Cisco Plus earlier this year, as their bridge to the as-a-service model with a network-as-a-service (NaaS) offering. Somewhat like GreenLake, Cisco Plus offers flexible consumption for compute, storage, and networking. They are committed to offering most of their portfolio as-a-service over time.

Cisco has shown some resilience in terms of revenue but has still been struggling to grow. After a steady growth since 2017, the revenues dropped by 7% in 2020 almost as a direct impact of COVID-19. The post-pandemic world has the potential of being a bigger threat for Cisco. Many estimates show the number of people working from home is likely to go up dramatically and Cisco’s key networking offering could rapidly become redundant. However, at Ecosystm we believe that the hybrid work model will be predominant.   

Cisco is also betting on a hybrid world. No matter where one works from, there are networking needs. Cisco’s focus, therefore, is on security – this will be on the mind of virtually any enterprise as it chalks out its future strategy. With a hybrid environment, making everything secure becomes more complex while continuing to be vital. Cisco has a heavy emphasis on Secure Access Service Edge (SASE) – the idea that the security envelope now has to be a flexible form that has a presence everywhere that the enterprise needs to be. This will make a lot of sense to most enterprises as they tread the hybrid path.

Cisco will offer a portfolio of tools to make it increasingly easier for customers to use multi-cloud, multi-vendor environments, offering the best of both worlds.

Oracle Incentivises Cloud Migration

Oracle has a different approach because they are trying to solve a different problem. They are competing with the hyperscalers, while fully acknowledging a hybrid world. However, as a company with less legacy in hardware, it makes sense for them to focus on migrating to cloud rather than on hybridisation. Oracle has just announced that they will subsidise existing customers who add cloud workloads with them, by providing discounts on the existing licensing fees that the customer is paying Oracle. This discount appears to be around 25% to 33%. In essence, this means that if a customer spends about USD 100k with Oracle on licensing and decides to start moving workloads to the Oracle Cloud worth somewhere between USD 300-400k, they can potentially write off the entire license fees they are currently paying!

Conclusion

There is a strong effort from every vendor right now to retain and consolidate their customer share and build a vision that convinces the customer that they are the way to go. For the traditional hardware players that vision is of a hybrid world – attractive to today’s large enterprise. For the likes of AWS, Microsoft, Google, and Oracle it is all about moving the customer to their cloud. The assumption of course is that moving someone to your cloud will lead to more of your apps being used by the customer. For the hardware vendors like Cisco and HPE, it is all about moving the customer to their own platforms which empower hybridisation. In all cases, a necessary component is to offer ‘everything-as-a-service’ upending the traditional models of selling.

In my opinion, with time the IaaS portion of the cloud is likely to gradually devolve into something like a utility. There will be a lot of upheavals and market disruption before we get there, but eventually, software and other services are likely to stand separate from the infrastructure provider. All the vendors are therefore depending on capturing the customer at the platform-as-a-service (PaaS) level, but even this is likely to get commoditised over time. Eventually, the winners will be disparate providers of the best applications for different functions. Meanwhile, we are in for an extremely interesting ride as we see all the vendors jockeying for space!

Cloud Insights
1
AT&T & Fortinet Partner for a Managed SASE Solution

5/5 (1)

5/5 (1)

Last week AT&T announced a partnership with Fortinet to expand their managed security services portfolio. This partnership provides global managed Secure Access Service Edge (SASE) solutions at scale. The solution uses Fortinet’s SASE stack which unifies software-defined wide-area network (SD-WAN) and network security capabilities into AT&T managed cybersecurity framework. Additionally, AT&T SASE and Fortinet will integrate with AT&T Alien Labs Threat Intelligence platform, a threat intelligence unit to enhance detection and response. AT&T has plans to update its managed SASE service during the year and will continue to bring more options.

Talking about the AT&T-Fortinet partnership, Ecosystm Principal Advisor, Ashok Kumar says, “This move continues the trend of the convergence of networking and security solutions. AT&T is positioning themselves well with their integrated offer of network and security services to address the needs of global enterprises.”  

Convergence of Network & Security

AT&T’s improved global managed security service includes features such as secure web gateway, firewall-as-a service, cloud access security broker (CASB) and zero-trust access, which provides security teams and analysts with unified capabilities across the cloud, networks and endpoints. The solution aims to enable enterprises to create a more resilient network bringing the core capabilities of the two companies that will reduce operational costs and deliver a unified offering.

Last year AT&T also partnered with Cisco to expand its SD-WAN solution and to support AT&T Managed Services using Cisco’s vManage controller through a single management interface. Over the past years multiple vendors including Fortinet have developed comprehensive SASE solution capabilities through partnerships or acquisitions to provide a unified offering. Last year Fortinet acquired Opaq, a SASE cloud provider to bolster their security capabilities through OPAQ’s patented Zero Trust Network Access (ZTNA) cloud solution and to strengthen SD-WAN, security and edge package.

The Push Towards Flexible Networking

Kumar says, “The pandemic has created a higher demand and value for secure networking services. Enterprises experienced greater number of phishing and malware attacks last year with the sudden increase in work-from-home users. The big question enterprises need to ask themselves is whether legacy networks can support their evolving business priorities.”

“As global economies look to recover, securing remote users working from anywhere, with full mobility, will be a high priority for all enterprises. Enterprises need to evaluate mobile SASE services that provide frictionless identity management with seamless user experiences, and be compatible with the growing adoption of 5G services in 2021 and beyond.”


The Top 5 Telecommunications & Mobility Trends that will dominate the telecom industry to watch out for in 2021. Signup for Free to download the report.

New call-to-action
1
Ecosystm Predicts: The Top 5 Telecommunications & Mobility Trends for 2021

5/5 (1)

5/5 (1)

2020 saw a shutdown in both supply and demand which has effectively put the brakes on many economic activities and forced a complete rethink on how to continue doing business and maintain social interactions. The COVID-19 pandemic has accelerated digitalisation of consumers and enterprises, and the telecommunications industry has been the pillar which has kept the world ticking over. The rise in data use coupled with the fervent growth of the digital economy augurs well for the telecom sector in 2021.

Ecosystm Advisors Claus Mortensen, Rahul Gupta, and Shamir Amanullah present the top 5 Ecosystm predictions for Telecommunications & Mobility trends for 2021. This is a summary of the predictions – the full report (including the implications) is available to download for free on the Ecosystm platform.

The Top 5 Telecommunications & Mobility Trends for 2021

  1. The 5G Divide – Reality for Some and Hype for Others

Despite the economic challenges in 2020, GSMA reports that the global 5G subscriptions doubled QoQ in Q2 2020 to hit at least 137.7 million subscribers. This accounts for 1.5% of total subscribers – and is expected to rise to 30% by 2025.

The value of 5G will become increasingly mainstream in the next few years. 5G offers a tailored user-centric approach to network services, low latency and significantly higher number of connections which will power a new era of mobile Internet of Everything (IoE).

However, there are many operators who are still sceptical about 5G. In the US, many operators failed to get any tangible positives from 5G. In the near term, many operators will continue to evolve their 5G capabilities – a full grown standalone 5G technology implementation in some verticals might take longer. 

The unsuccessful launch of 5G by the US operators does not mean that 5G is a failure, however. It also implies that we need to look at other geographies to lead us into 5G – and Asia Pacific may well emerge as a leader in this space. China, for example, leads the drive in 5G adoption; and 5G smartphones account for more than half of global sales in recent months.

  1. Telecom Operators Will Accelerate Digital Transformation

Telecom operators are facing increasing demands for cutting-edge services and top-notch customer experience (CX). The global pandemic has caused revenue loss, due to struggling economies and many operators will aim to reduce OpEX to circumvent these financial pressures, raise the quality of CX and retain existing customers. To realise this, there will be much focus on improvement in efficiencies, better operations management as well as improving the IT stack. These digital transformation efforts will enable rapid and flexible services provisioning, which will be better prepared for the tailored services customers now demand.

Many operators are increasingly incorporating cloudification alongside the 5G network deployment. Operators are moving towards transforming their operations and business support systems to a more virtualised and software-defined infrastructure. 5G will operate across a range of frequencies and bands – with significantly more devices and connections becoming software-defined with computing power at the Edge. Operators will also harness the power of AI to analyse massive volumes of data from the networks accessed by millions of devices in order to improve CX, ramp up operational efficiencies as well as introduce new services tailored to customer needs to increase revenue.

  1. Remote Working Will Transform Telecommunications Networks

The changing patterns in peak network traffic and the substantial movement of traffic from central business districts to residential areas require a fundamental rethink in network traffic management. In addition, many businesses continue to ramp up digital transformation efforts to conduct business online as physical channels will remain limited. Consumer onboarding will also be fervent, as organisations look at business recovery – resulting in increase in bandwidth requirements.

The increasing remote working trend is amplifying the need for greater cybersecurity. Cybersecurity has catapulted in importance as the pandemic has seen a worrying increase in attacks on banks, cloud servers and mobile devices, among others. Cyber-attack incidents specifically due to remote working, has seen a rise. A telecom operator’s compromised security can have country-wide, and even global consequences.

  1. SASE Will Grow – and Sprawl

Although it was perhaps originally seen as an Over-The-Top (OTT) provisioned competitive service to operators’ MPLS services, many telecom service providers have been embracing SD-WAN over the years as part of their managed services portfolio. “Traditional” SD-WAN offers some of the flexibility needed to address the change towards a more distributed access and the workload requirements that the pandemic has accelerated – the technology does not address all of the issues related to this transformed workspace.

Employees are now working from a variety of locations and workloads are becoming increasingly distributed. To address this change, organisations are challenged to move workloads and applications between platforms, potentially compromising security. Despite all the challenges that the pandemic brought with it – both human and technical – it has also provided organisations with an opportunity to rethink their IT and WAN architectures and to adopt an approach that has security at its core.

We believe that secure access service edge (SASE), which is a model for combining SD-WAN and security in a cloud-based environment, will see a drastic rise in adoption in 2021 and beyond.

  1. OTT Players Will Continue their Expansion in the Telecommunications Space

Facebook, Google, Amazon are no longer considered as web companies as they moved from standalone ‘web’ companies to become OTT providers and are now significant players in telecom space. With the Facebook-Jio deal in India earlier this year, and with Google and Amazon actively eyeing the telecom space, these players will continue to explore this space especially in the emerging markets of Asia and Africa. There are telecom providers in these countries which will be prime targets for partnerships. These operators could be those that have a large customer base, are struggling with their bottom lines or are already looking at exit routes. OTT players were already offering services like voice, messaging, video calling and so on which have been the domain expertise of mobile operators for a long time. The market will see instances where telecom providers will sell small stakes to OTT players at a premium and get access to the vast array of services that these OTT providers offer.


New call-to-action
2