In the recently published the Top 5 Cybersecurity & Compliance Trends for 2021 report Ecosystm predicts that 2021 is when M&As will ramp up in earnest to consolidate the fragmented cybersecurity market. The pandemic has slowed down M&A activities in 2020. Early signs of what we can expect from the market when we emerge from COVID-19 can be seen in the recent acquisition of Asavie by Akamai Technologies. The market is realising the full implication of the shift to remote working and the potential of increased cyber threats – and this acquisition is a sign that larger vendors will continue to strengthen their cybersecurity capabilities by acquiring vendors, with complementary capabilities.
Asavie Enabling the Secure Office Anywhere
Asavie, headquartered in Ireland, offers a global platform that manages the security, performance, and access policies for mobile and internet-connected devices. Asavie delivers secure access to business resources for a mobile workforce – without requiring installation and management of client software. Increasing mobile workloads and Office Anywhere trends mean that the enterprise private network is no longer just PCs/laptops. All enterprise endpoints must be considered to be a part of the enterprise network – and security and authentication solutions must be able to handle this. Organisations will need to explore options where they can give seamless access to their employees without straining their IT and cybersecurity teams – a rapidly installable, scalable, and cloud-managed solution will become a necessity.
More than ever before, enterprises will have to treat all endpoints as branches of the organisation, and the Future of Work goes beyond enabling home offices. The Global CXO Study: The Future of the Secure Office Anywhere finds that 66% of IT and business leaders think of multiple locations, when they think of Office Anywhere. Employees will work wherever they get the best work experience and are most productive. Future work patterns will require that all endpoints are considered as extended branches of the organisation. This involves the ability to extend the enterprise WAN – with speed, flexibility, and security in mind – whether it is a temporary or a home office, an ad-hoc point of sales or an employee on the go. Every employee or device should be treated like a Branch of One.
“Akamai has been diversifying away from its well-known content delivery network (CDN) offering and has successfully built its security business offering in recent years. In 2019, the company nearly doubled its security revenue to USD 849 million from just USD 488 million in 2017. In their 3rd quarter financial results reported in end October 2020, the Cloud Security Solutions revenue was US$266 million, up 23% year-over-year.”
“The move into the mobile security segment has been timely for Akamai as enterprise application and content is moving from behind the firewall to the cloud; adding to the criticality of the cybersecurity threat management. The COVID-19 pandemic has further driven the onboarding of businesses and consumers alike, adding to significant addressable market opportunities.”
“The acquisition of Asavie is a strategic move. Asavie’s solution effectively extends the enterprise security management to incorporate mobile devices as a ‘Branch of One’ enabling CIOs and CISOs to manage security and policies the same way as traditional enterprise network resources. The growth of 5G will further drive IoT devices and a myriad of applications and use cases which will provide for a significant growth opportunity for Akamai – the acquisition of Asavie is a positive move to support this trend.”
Akamai Strengthens Intelligent Edge Capabilities
Asavie’s mobile, IoT and security solutions will integrate with Akamai’s Security and Personalisation Services (SPS) product line sold to carrier partners that embed the solution within the technology bundle sold to their subscribers. With the Asavie acquisition, Akamai intends to help their carrier partners address enterprise and mid-market customer demand for IoT and mobile device security and management services.
“The addition of Asavie to Akamai’s SPS product line provides synergy for the company to expand into new addressable markets for the remote workforce and internet-connected devices to deliver superior experience in a multi-cloud environment. The Global CXO Study conducted by Ecosystm found that three quarters of the organisations rate mobile security as an important or very important part of their digital transformation strategy. Secure mobile experiences will be a core element of the enterprise going forward in the post COVID-19 business environment – driven by employee needs for mobile services and corporate resources from remote locations, with superior identity and policy management, in a frictionless manner.”
“There is an opportunity for mobile service providers and mobile virtual network operators (MVNOs) to leverage the Asavie solution combined with Akamai’s strength at the edge with over 1,500 networks worldwide to offer cloud-based value-added cybersecurity services. The Global CXO Study also found that scaling of endpoint security was a major pain point for half the organisations with more than 100 branches. Service providers can become the enabler by offering services for small and medium enterprises (SMEs) to dynamically adapt their network and security services to fluctuating demand conditions.”
“Although Akamai does offer CDN services for the SME segment, the company heavily relies on service providers and carriers to address this segment in the CDN, cloud security and its burgeoning IoT Edge offerings. Asavie’s market approach is similar and its products and services portfolio appears to complement Akamai’s very well, making it a very good fit for the company. Not only will it enhance Akamai’s SME positioning on the secure connectivity space, but it will also boost its offerings for carriers in the IoT space.”
“Carriers have had a checkered history at best, in understanding and making the most of data services. Mobile Internet took off because of smartphone manufacturers (Apple) and Internet companies – not through carrier offerings. Although carriers appear to be more proactive and forward-looking with regards to IoT, they should not expect to have the foresight to see what services and business cases will make 5G and IoT truly profitable. Rather, their main focus should be on enabling the secure and flexible infrastructure that can ultimately enable others to develop the use cases. The next logical step would then be for carriers to develop IoT orchestration platforms that can manage much larger parts of the IoT value chain. If they succeed in this (and even if they don’t) it could result in a major boost for Akamai’s CDN business.”
“In other words, carriers need help with IoT and to that end, Akamai’s acquisition of Asavie may strengthen its ability to support carriers to reach that goal.”
The full findings and implications of The top 5 Cybersecurity & Compliance Trends For 2021 are available for download from the Ecosystm platform. Sign up for Free to download the report.
The European Union (EU) founded the GAIA-X Foundation to build a unified system of cloud and data services to be protected by EU Laws – including GDPR, the free flow of non-personal data regulation and the Cybersecurity Act. France and Germany kicked off the GAIA-X cloud project last year and the system is open for participation to national and European initiatives for exchange of data across industries and services such as AI, IoT and data analytics. GAIA-X took another step towards becoming a real option for European organisations with the establishment as a legal entity in June. Founding members of GAIA-X include Atos, Bosch, BMW, Deutsche Telekom, EDF, German Edge Cloud, Orange, OVHcloud, SAP, and Siemens. Non-European providers, such as AWS, Microsoft, Google, and IBM will also have the opportunity to join GAIA-X. The UK Crown Commercial Service (CCS) has also been entering into agreements with public cloud platform providers to encourage increased cloud adoption in cash-strapped public sector organisations. It is a good time to evaluate organisations’ perception on cloud and their adoption patterns.
Ecosystm research finds that while most organisations have migrated at least some simple workloads to the cloud, the sophistication of these systems ranges from SaaS deployed as shadow IT, all the way up to cloud-native applications that are core to a digital business strategy. When asked about the maturity of their cloud deployments, 36% of organisations in EMEA consider themselves advanced, leaving the remaining 64% with more basic environments. These figures vary by business size with only 31% of SMEs considering their deployments advanced, rising to 40% for large enterprises.
Cloud technology providers should segment the market according to the maturity of their client’s systems. Those in the early stages of modernising their infrastructure will be seeking different benefits and will have different concerns than those already using cloud to underpin their digital transformation.
In the mature economies in the region, 75% of those with advanced deployments, considered improved service levels and agility as a key benefit of cloud. These organisations have moved beyond simply replacing legacy systems with cloud infrastructure and now look to the IT department to provide a platform on which new, client-facing services can be delivered. In the emerging economies, the most-reported benefits of cloud are flexibility and scalability, and standardised systems, both at 68% of respondents. These could be viewed as benefits expected from organisations not as far along in the cloud journey. The benefit of reduced IT costs was important in both mature EMEA (67%) and emerging EMEA (62%).
Looking at those who consider their cloud deployments as still basic, security is the leading challenge to greater adoption and by a large margin. Of those respondents in mature EMEA, 73% cited security as a key challenge, more than 20 percentage points higher than the next greatest difficulty. In emerging EMEA, a similar trend was evident, with 61% of respondents considering security as a key challenge. Moreover, data privacy is the second-most significant concern for those who do not consider their cloud deployments advanced. This was visible in both mature EMEA (51%) and emerging EMEA (48%). As organisations look to shift more critical workloads to the cloud, they will be increasing their attack surfaces and at the same time will face greater consequences if a breach does occur.
Services providers targeting organisations with less developed cloud environments should include security early in the conversation to push them along to the next stage of maturity.
The challenge that varied most according to market maturity and business size was the concern that cloud-based services were more expensive that traditional licencing or in-house solutions. Only 29% of respondents with basic cloud deployments in the mature economies, held this view, while in emerging economies the figure rose to 43%. Competition in those mature markets has in some cases put pressure on prices or at least resulted in wider choice. While 29% of SME respondents considered cost a key challenge, 41% of large enterprises did. Migrating larger, more complex environments to cloud will be viewed as more costly than the status quo due to organisational inertia.
The perception that cloud can be more costly, provides an opportunity for cloud management including expense optimisation services.
Organisations looking to move from a basic cloud environment to one that adopts a cloud-first model should begin with a maturity assessment. Understand what your systems will look like at the next stage, what the benefits will be, and what are the risks. More importantly, decide on the long-term business goal that you are trying to achieve, particularly how IT can be a critical player in the organisation’s digital strategy.
Note: Mature economies – France, Germany and the UK/ Emerging economies – Middle Eastern countries, Russia and South Africa Identify emerging cloud computing trends that can help you drive digital business decision making, vendor and technology platform selection and investment strategies.Gain access to more insights from the Ecosystm Cloud Study.
Last week, trading on the New Zealand Exchange (NZX) was disrupted on four consecutive days as a result of a sustained cyber-attack on to push market updates to the public as their website crashed and as a precautionary measure, NZX halted the trading sessions. Ecosystm Principal Advisor, Andrew Milroy says, “The recent NZX attack overwhelmed its public-facing NZX.com website and its Market Announcement Platform (MAP). This meant that investors could not see company announcements in real-time, preventing NZX from complying with regulatory requirements for continuous disclosure.”
The attacks which began on Tuesday came from overseas and made NZX struggle in recovering connectivity, over a five-day period. The cyber-attackers targeted NZX through distributed denial-of-service (DDoS) attacks which is a common way to overwhelm the network with sheer amount of traffic until it disrupts the services.
Milroy says, “It is not clear yet clear who launched the attack, but it is likely to be either an extortion attempt by a large cyber gang or a nation state attack. The attack was a very large, persistent, and sophisticated volumetric DDoS attack. A typical response to such an attack is to increase network bandwidth. However, additional bandwidth is becoming less effective at preventing DDoS attacks. DDoS attacks are getting larger and no amount of bandwidth can address the largest attacks, some of which exceed 1Tbps. DDoS attackers are increasingly focusing on the harder to protect application layer, rather than the network layers.”
The Government Communications Security Bureau (GCSB), network provider Spark, and international bodies provided assistance to NZX to mitigate the attack. Milroy adds, “NZX has also turned to Akamai for additional DDoS protection. Akamai’s Kona Site Defender is understood to be the solution being used. The product is designed to deflect network-layer DDoS traffic and absorb application-layer DDoS traffic at the edge. Mitigation capabilities aim to protect against attacks in the cloud.”
Growing Importance of Government Advisories and Investments
In November 2019, CERT NZ warned financial organisations of several global attacks including ransomware. The attacks were reportedly from Russia-based hacking groups. In an advisory, CERT NZ suggested businesses should implement DDoS protection services, and check network ports connected to avoid vulnerabilities and not pay any ransom to cybercriminals.
Following the CERT NZ warning last year, and considering the recent cyberattacks, GCSB has issued a security advisory to all businesses in New Zealand to be cautious on cyber incidents such as DDoS and ransomware attacks. The advisory comes from the GCSB’s National Cyber Security Centre. This is particularly aimed at small businesses that might have limited cybersecurity resources. The agency has asked them to report such incidents to Cert NZ. Advice includes:
Approaching cybersecurity services providers to immediately implement any responsive actions (warning that organisations might incur additional fees)
Temporarily transferring online services to a cloud-based hosting service
Avoiding the disclosure of the IP address of the origin web server, and using a firewall, if using a content delivery network
Using a DDOS mitigation service for the duration of attacks, in case they face attacks
Disabling functionality or removing content from vulnerable online services
Milroy says, “It will become increasingly important for governments the world over to make a concerted effort to protect their critical infrastructure, data assets and especially empower their SME communities with the right cybersecurity measures and timely guidance.”
Get to know the key cybersecurity challenges that have emerged during the COVID-19 crisis and the best practices for overcoming those challenges. Read Andrew Milroy’s report titled “Cybersecurity in the COVID-19 Era”.
Like many countries, Malaysia has announced economic stimulus packages to ensure help for the poor and needy, that workers do not lose their jobs and that companies avoid bankruptcy – albeit with an inevitably reduced output – to keep the economy functioning. The stimulus offered is short-term covering a few months, and more assistance will be required should the epidemic linger and for the recovery period.
The Government announced a stimulus package on the 27th February worth RM20 billion (US$4.5 billion) and another one on the 27th March worth RM230 billion (US$52.6 billion). The packages comprise of direct fiscal injection of RM25 billion (US$5.7 billion) as well as loan deferments, one-off cash assistance, credit facilities and rebates. The focus of the stimulus packages is to assist people in the lower-income (B40) and mid-income (M40) groups, aid for employees in the private sector and for traders during the movement control order (MCO) which is to run until 14th April 2020.
An additional COVID-19 stimulus package worth RM10 billion (US$2.2 billion) was announced on the 6th April to address the challenges of the small and medium enterprises (SMEs) that employ two-thirds of the workforce and contribute to 40 percent of the GDP. The wage subsidy is to benefit 4.8 million workers earning less than RM4,000 (US$915) per month. In addition, SMEs will have access to interest free loans of RM200 million (US$45.7 million) from the National Entrepreneur Group Economic Fund and a further RM500 million (US$114.4 million) via Bank Simpanan Nasional. The Government allowed 750,000 SMEs to postpone income tax payment for three months from 1st April – companies in the tourism sector are allowed to postpone income tax for six months.
Impact on Industries
Banking & Financial Services. Banking institutions will support the Government’s stimulus initiatives by providing a six months’ loan repayment moratorium, corporate loan restructuring and conversion of credit card balance to long term loans. Banking and financial institutions are focussing on business continuity planning to ensure minimal disruption to their business and customer support. Many key business processes are now being put to test in-home working with scaled-down office operations. Digital Transformation (DX) has been accelerated as a result.
Contactless payments have seen a boost and many financial institutions have increased payment limits for such payments. Early last month the World Health Organisation (WHO) and the Bank of England had issued advisories against the use of banknotes, as it could increase the chances of the virus spread, instead recommending the use of contactless payment where possible. This might give a boost to the use of Cryptocurrency and cross-border payment services in Malaysia. In 2019, cryptocurrency start-ups received an estimated 12 percent of Fintech funding – but, only three cryptocurrency exchanges were given conditional approval by the Securities Commission. The current situation may well see that changing.
Insurance. The Prime Minister announced that the Insurance industry is to create a fund of RM8 million (US$1.8 million) to cover the cost of RM300 (US$68.6) per policyholder to undergo COVID-19 tests. In addition to this, insurance companies are to offer a 3-month suspension on premiums for policyholders whose income is affected by the pandemic.
Agriculture. Even prior to COVID-19, there has been a brewing narrative against globalisation, favouring a nationalistic emphasis as reflected globally by Brexit and the China-US trade wars tension. Food security is key, and COVID-19 has further highlighted its importance with priorities shifting to local requirements over exports. The Government intends to distribute a food security fund of RM1 billion (US$228.8 million) to increase the local production of farms, fisheries and livestock. According to the Department of Statistics, Malaysia’s food and beverage imports amounted to RM54 billion (US$12.3 billion) in 2018 while food exports stood at RM35 billion (US$8.0 billion) resulting in a trade deficit of RM18.8 billion (US$4.3 billion). As countries focus on internal supplies instead of exports in the current scenario, Malaysia needs to address this risk by producing more locally.
Impact on Industry Transformation
Amidst the gloomy outlook, there are plenty of opportunities, especially to the country’s Digital Economy. Malaysia has been committed to the Digital Economy vision with the Malaysia Digital Economy Corporation (MDEC) estimating that the country’s Digital Economy is worth US$3 trillion. The COVID-19 crisis may well be the key driver in achieving that vision. DX efforts are being accelerated with businesses adopting more cloud and mobility solutions. More workloads have to be digitalised and there is greater adoption of Cloud for storage and services. AWS, Microsoft Azure and Google Cloud will be beneficiaries in this area.
I have already spoken about the Financial Services industry – other industries are also getting transformed out of a necessity to survive this crisis. The Education sector has seen an increase in access to educational content and traffic to education portals and blogs. Some schools have implemented online lessons and group chats between teachers, students and parents to ensure education continues through this pandemic. Many universities have used their e-learning platforms to move lectures online.
The Telecommunications industry is being appreciated more than ever and it is the backbone to normal life, in both a social and business sense. The Government’s stimulus package includes offers of free internet to all customers until the MCO is over at RM600 million (US$137.3 million) and an investment of about RM400 million (US$91.5 million) to improve coverage and quality of service. Leading operators Maxis, Digi, Celcom and U Mobile have offered 1GB free data during the MCO period. The Axiata Group recently announced a cash fund of RM150 million (US$34.3 million) to assist micro-SMEs within the ecosystem providing eCommerce, digital payments and related services.
Video conferencing traffic is on the rise as it is the next best thing to face-to-face meetings. Microsoft Teams and Zoom have been the biggest winners so far. The home working trend should continue in the recovery stage and beyond, due to improvements in the telecommunications infrastructure and the impending rollout of 5G.
The eCommerce sector should see a major improvement in Malaysia with physical channels to the market being suspended. Malaysians have not embraced eCommerce like mature economies have, and it has significant room for improvement. Development of the SME sector and eCommerce are twin focus areas for the Digital Economy vision. Statista reports that the average Malaysian eCommerce shopper spent just US$159 on online consumer goods purchases in 2018, considerably lower than the global average of US$634. There is huge opportunity to provide for necessities such as online grocery, food and delivery of goods. As a consequence, the Transport & Logistics sector will have to adapt their business operations in order to ride this wave successfully.
Video streaming and gaming has also seen an increase in consumption in these times as they provide for entertainment for millions stuck at home. Netflix, YouTube, Microsoft Xbox and PlayStation are among the winners in this sector. YouTube provides for a primary news source and commentary on the epidemic for many. There provides a tremendous opportunity for both telecom operators and content providers to increase their number of services in this area.
Malaysia, like all other countries, will have to ride out this wave. It has made a positive step in the direction with the stimulus packages, especially for the SME sector. How well the country rides this wave out will depend on how targeted the future stimulus packages are and how fast industries can transform to handle the new world order that will emerge after the COVID-19 crisis.
A survey conducted by United Overseas Bank (UOB) in November 2019 illustrates that SMEs in Singapore are focusing on boosting productivity as they grapple with macro-economic and socio-political uncertainties this year. The UOB survey included 615 local SMEs with a revenue of less than S$100 million. Nearly half of the SMEs surveyed have a positive outlook for their business in 2020, while nearly a third are not so optimistic about it.
While cost reduction and new streams of revenue generation are top business priorities, more than half of the SMEs polled, mentioned increasing productivity as their top priority. Technology adoption has often been linked to an increase in productivity. SMEs in Singapore appear to be on the right track as currently 65% use digital solutions, mostly geared towards accounting, HR and customer relationship management. Digitalisation involves a widespread adoption of cloud and automation solutions. If we look at the key drivers of cloud adoption across all global organisations (Figure 2), we find that optimisation and productivity are key incentives.
Interestingly, the UOB survey also finds that more than half of SMEs in Singapore have sustainability goals. Resource optimisation and energy efficiency will also see higher adoption of technology in the future.
Government Initiatives Empowering SMEs
Government agencies and industry bodies have always been proactive in empowering SMEs with technological knowledge. There are various programs and initiatives to promote digitalisation, which have made Singapore SMEs competitive at a global level.
The Infocomm Media Development Authority (IMDA) is helping Singapore SMEs to scale and improve their digital capabilities, expand their network and go global through collaboration with multinational companies (MNCs). The SMEs Go Digital program launched in 2017, has seen an estimated 4,000 SMEs adopting pre-approved digital solutions.
Several organisations in Singapore – such as A*Star and Enterprise Singapore – have targeted programs for the SME community. One of the key challenges for SMEs that impacts their ability to invest in technology is a lack of internal IT skills. Initiatives such as the Technology Adoption Programme (TAP) recognise this and bring in multiple industry and technology stakeholders to translate new technologies into Ready-to-Go (RTG) solutions, aimed at SMEs.
Apart from technology, access to financing is a key factor that determines the success of an SME and remains a key focus of Singapore’s banking and financial sector. The digital wholesale licenses are also aimed at SME financing, especially targeting those that are unable to procure funds from traditional sources.
Technologies Enabling Digitalisation in Singapore SMEs
As mentioned earlier, cloud is the key enabler of digitalisation, giving organisations the ability to access solutions anywhere and anytime. Ecosystm research shows that 80% of SMEs in Singapore use an IaaS solution, while more than 75% use a SaaS solution.
There are programs that boost cloud adoption in Singapore SMEs as well. As an example, SMECEN, developed by the Association of Small & Medium Enterprises (ASME), and supported by Enterprise Singapore, Accounting and Corporate Regulatory Authority (ACRA) and Inland Revenue Authority of Singapore (IRAS) is a SaaS solution with accounting, HR and compliance modules – integration with other business tools is on the cards.
Digitalisation will eventually involve investments in Automation and AI. For Singapore, AI is a key technology as it continues to focus on IoT, smart buildings, smart electricity, autonomous electric vehicles and other smart city solutions. The Government is working to open up access to data and AI tools so everyone can experiment. It especially wants to encourage SMEs to adopt AI and work on government use cases.
Singapore SMEs are ramping up their AI investments, especially in IoT sensor analytics (27%), machine learning (21%) and robotic process automation (16%), according to the Ecosystm AI study. Their key short-term drivers are insights into the competition and enhanced internal process monitoring. However, in the longer term, they are looking at cost reduction and better profit margins.
According to an OCBC survey in 2018, which polled 200 such companies, two-thirds of SMEs in Singapore are likely to go cashless by 2023. It is estimated that over 75% of Fintech transactions in Singapore are digital payments and it receives over a quarter of Fintech funding. Government initiatives such as FAST and SGQR, have opened up digital payment options for consumer use as well as for SMEs.
However, the UOB survey notes some concerns that SMEs have over digital payments adoption, including customer/supplier acceptance and security. This is an encouraging sign, which indicates that SMEs are not just adopting technology because of the hype – but are evaluating the pros and cons of tech adoption before embarking on a digitalisation project.