Ecosystm Predicts: The Top 5 Cloud Trends for 2021

5/5 (1)

5/5 (1)

As organisations stride towards digitalisation, re-evaluating their business continuity plans and defining how the Future of Work will look for them, cloud adoption is expected to surge. Almost all technologies being evaluated by organisations today have cloud as their pillar. Cloud will the key enabler for ease of doing business, real-time data access for productivity increase, and process automation.

Ecosystm Advisors Claus Mortensen, Darian Bird and Tim Sheedy present the top 5 Ecosystm predictions for Cloud Trends in 2021. This is a summary of our cloud predictions – the full report (including the implications) is available to download for free on the Ecosystm platform here.

 The Top 5 Cloud Trends for 2021

  1. 2021 Will be All About SaaS

2020 was a breakout year for SaaS providers – and a tough one for a lot of on-premises software vendors. SaaS (or mainly SaaS) providers like Salesforce, Zoom, Microsoft had record growth and some of the best quarters in their history, while other mainly on-premises software providers have had poor quarters. SAP is even accelerating the transition to a 100% cloud-based business as their revenue suffers. The race to deploy SaaS tools and platforms is well and truly happening. Many of the usual ROI models and business cases have been abandoned as the need for agility – to drive business change at pace trumps most other business needs. Ecosystm data validates this

This trend will continue in 2021 – in fact, we expect it to accelerate. Most SaaS solutions (such as CRM, ERP, SCM, HRM etc.) are implemented by less than 30% of businesses today – which means the upside for the SaaS providers is huge.

  1. Hybrid Cloud Will Finally Become Mainstream

The sudden move to remote working in 2020 forced most organisations to increase their use and reliance on cloud-based applications. Employees have relied on collaborative tools such as Zoom, Microsoft Teams and WebEx to conduct virtual meetings, call centre workers had to respond to calls from home – most if not all relying on cloud-based apps and platforms. This trend is set to continue going forward. Ecosystm research finds that 44% of organisations will spend more on cloud-based collaboration tools in the next 6-12 months.

But the forced adoption of these tools has also prompted many – especially larger organisations – to worry about losing control of their IT resources, including worries related to security and compliance, cost, and reliability. As for the latter, both Microsoft Azure and Zoom experienced outages after the pandemic hit and this has made many organisations wary of relying too much on a single public cloud platform. Ecosystm therefore expects a sharp increase in focus on hybrid cloud platforms in 2021 as IT Teams seek to regain control of the apps and services their employees rely the most upon.

  1. Carrier Investment in 5G Will Give Edge Computing a Boost

The gap between the hype around edge computing and the actual capabilities it offers will narrow in 2021 as 5G networks are built out. One of the most promising methods of deploying edge computing involves carriers embedding cloud capacity in their own data centres connected to their 5G networks. This ensures data does not unnecessarily leave the network, reducing latency and preserving bandwidth. This combination of 5G and the Edge will be of particular benefit to applications that until now have faced a trade-off between mobility and connectivity. Over the last twelve months, the major hyperscalers announced their 5G edge computing offerings, and some of the major global telecom providers have served as test cases by partnering with at least one hyperscaler and will likely add more over the next year. Expect this ecosystem to expand greatly in 2021.

Cloud environments can benefit from pushing computing-heavy workloads to the Edge in much the same way as IoT and provides a great platform for managing the edge computing endpoints. The flipside of pushing containers to the Edge will be the increased complexity and the fact that the number of attack surfaces will increase. Containerisation must therefore be deployed with security at its core.

  1. Stateful Applications Will Move to the Cloud with Containers and Orchestration

As organisations seek to migrate workloads and applications between platforms in an increasingly hybrid cloud environment, the need for “lifting and shifting”, refactoring and partitioning applications will increase. These approaches all have their shortcomings, however. Lifting and shifting an application may limit its functionality now or in the future; refactoring may take too long or be too costly; and partitioning is often not feasible or possible. A better approach to this task is to modernise the applications to make use of application containers like Docker, Windows Server Containers, Linux VServer and so on, to enable a faster and more seamless way to migrate applications between platforms. We also see container orchestration environments like Kubernetes and containerised development and deployment platforms like IBM’s Cloud Paks.

How these technologies are used to deploy stateful applications in multicloud environments will evolve. A raft of container management platforms, based on Kubernetes, are being released to simplify what was once a complex DIY process. New entrants will look to challenge the cloud hyperscalers, virtualisation giants, and Kubernetes specialists. The emerging features that previously required cobbling together third-party tools, like service mesh, data fabric, and machine learning, will speed up containerisation of stateful core applications. The deployment of containers on bare metal rather than in virtualised environments will also gather pace. The most challenging task will be delivering containerised applications at the Edge, forcing developers and platform providers to create inventive solutions.

  1. Serverless will take us a step closer to NoOps

As the application lifecycle speeds up and the distinction between development and operations shrinks, the motivation to adopt serverless computing will grow in 2021. While NoOps, the concept that operations could become so automated that it fades into the background, is still a distant goal, serverless computing will make a stride in that direction by abstracting the application from the infrastructure. Having seen the agility benefits of a microservices architecture, many DevOps teams will experiment with breaking services down further into functions. Moreover, the pay-as-you-go model of serverless will appeal to OpEx driven organisations. Expect stories of bill shock, however, as were seen in the early days of cloud adoption. While AWS Lambda is currently considered the serverless industry standard, it is likely that in 2021, Microsoft, Google, and IBM will ramp up efforts in this space. Each of these providers will build out their offering in terms of languages supported, event triggers, consumption plans, machine learning/AI options, observability, and user experience.


Download Ecosystm Predicts: The Top 5 Cloud Trends for 2021

The full findings and implications of The Top 5 Cloud Trends for 2021 are available for download from the Ecosystm platform. Signup for Free to download the report.

New call-to-action
2
Ecosystm Predicts: The Top 5 Future of Work Trends For 2021

5/5 (2)

5/5 (2)

2020 has been a watershed year for Future of Work policies and technologies. Organisations are still evaluating their workplace strategies and 2021 is likely to see experiments in work models – every organisation will choose the model that works for their nature of work and their organisational culture. Against this backdrop of disruption and change, Ecosystm’s 360o Future of Work team – Audrey William, Mike Zamora, Ravi Bhogaraju and Tim Sheedy – present the top 5 Ecosystm predictions for the Future of Work in 2021.

This is a summary of the predictions, the full report (including the implications) is available to download for free on the Ecosystm platform here.

The Top 5 Future of Work Trends For 2021

  1. Human-centricity Will be Front and Centre of Organisational Priorities

2020 saw immense humanitarian disruption. Enabling remote work was a key component of business continuity. Both organisations and their employees have a better understanding now of the implications of remote working and how it can be made to work. They are also aware of the challenges of remote working. Monitoring productivity, maintaining the right work-life balance and ensuring employee emotional well-being have been challenging. Despite the challenges, hybrid/blended working is definitely here to stay. Employees will expect more options on the location of their work, often choosing to work where they are most productive.  

All decisions related to the organisation, filtered through the lens of human-centricity, will drive better employee engagement – and engaged employees provide better customer experience. Organisations that will operationalise this at scale and across cultures will emerge as success stories.  

  1. Technology Will Bond with Facilities and Operations – Connecting with HR Will be a Challenge

There has to be an alignment between the Business, People, Work Environment and Technology to make an organisation truly empowered to handle sudden pivots that will be required in 2021 as well (Figure 1).

Future of Work Framework

This will require cross-departmental coordination and synergy. Tech teams have traditionally driven the Digital Workplace strategy; now they will have to work closely with Operations and Facilities Management teams on “Smart and Safe Office” strategies. That may not be the real challenge given that there are overlaps between these three teams – they have a shared language and similar KPIs. The real challenge will be the need for Tech teams and HR to work more closely to improve the overall employee experience, including a focus on employee productivity and wellness. Human-centricity makes the role of HR even more important – IT will find it challenging to find common grounds as there have traditionally been few shared KPIs between these two departments.

  1. Office Spaces Will Become Truly Digital

The hybrid/blended workplace model means that the physical workplace is not disappearing soon. Even as the model evolves for each organisation, what becomes clear is that employee expectations have changed drastically in the last year, and the traditional employee experience expectations of Salary, Recognition, and Job Satisfaction may not be enough. Employees will now expect flexibility, social cohesion, and effective communication. If they are to return to the physical office, they will expect the same benefits as working from home.

This will drive the adoption of digital tech to ensure the office space is safer, more effective and a productive environment for the employees and the business. Two key areas of focus will be on seamless access to information and employee control over work environment.

  1. Providers Will Deepen Digital Workplace Offerings, but the Market Will Not Consolidate

Key tech providers in the digital workspace space (such as Microsoft, Google, Zoom, Cisco, AWS and so on) will broaden their capabilities and make it easier to procure and use solutions. It will no longer be a “tool-centric” approach (chat, video, document sharing, online meetings, whiteboards and so on) – it will become a platform play. Information workers will be able to choose the approach that best fits the problem they are trying to resolve,  without being limited by the capabilities of the tool. E.g. documents will be sharable and editable within chats; whiteboards will be integrated into all other communication services and so on.

Tech providers will deepen and strengthen their capabilities organically and acquisitions will mostly be about buying market share, customers and not the technology.

  1. Industry-centric Digital Workplace Services Will Emerge and Witness Rapid Growth

The Services industry has been leading in the adoption of digital workplaces – but blue-collar roles and front-line employees will also start benefiting from these technologies. In 2021, new digital workplace capabilities will extend beyond the employee base to systems that drive better connectivity and communication with customers. This will open the market up for smaller, niche players (and this may well run counter to the previous trend). Tech teams will focus on employees and a platform-based approach to collaboration, while Customer teams and others will implement tools and platforms to better communicate outside of the business. The next few years will bring the traditional “employee-centric” collaboration players into direct competition with the “customer-centric” ones. Those that play across both today (such as Google) will be better positioned to win the enterprise-wide “Future of Work” style deals.


Download Ecosystm Predicts: The top 5 Future of Work Trends For 2021

The full findings and implications of The top 5 Future of Work Trends For 2021 are available for download from the Ecosystm platform. Signup for Free to download the report .

Ecosystm Predicts: The Top 5 FUTURE OF WORK Trends for 2021
4
Ecosystm VendorSphere: ZaaP! – New Infrastructural Norm?

5/5 (1)

5/5 (1)

Authored by Alea Fairchild and Audrey William

Video conferencing company Zoom hosted its virtual Zoomtopia user conference lasts week. Given the attention the company has received as the de-facto standard video communication service for the many stranded work-from-home folks, Zoom has been using the event to launch a number of new products. This includes bringing into general availability its OnZoom events platform and marketplace, and introducing Zapps which brings apps from other providers into the Zoom experience.

ZaaP!

In this age of work-from-home connectivity, we are all asked to multi-platform depending on customer preference, company standards and choice of scale-out from a licensing perspective. But will video-led unified communications help position Zoom to be the infrastructure platform of choice of the workforce? Will Zoom as a Platform (ZaaP!) become a well-used phrase to discuss unified collaboration infrastructures?

The agenda of Zoomtopia, covering healthcare, government, financial services, sales engagement, blending learning in education, mindfulness, CSR, and a whole gambit of other vertical topics, demonstrates a virtual play to highlight use cases where other platforms have focused on the horizontal aspect of productivity.

If you compare Microsoft’s horizontal approach with Cisco’s networking approach, both come from places of productivity.  Zoom, being video-led and UC oriented, comes from a place of communication and collaboration.  Is collaboration now the real driver for the future of work?

Zoom connects the dots with these two product introductions. Zapps is designed to link productivity tools directly into the Zoom experience for user access to multiple applications from the platform. OnZoom allows hosts to run one-time events or event series with up to 100 or 1,000 attendees (depending on their license) and sell tickets for them. Zoom is also integrating the ability to receive donations through events via Pledgeling. Think a combination of EventBrite meeting GoFundMe meeting Facebook Events.

Zooming Ahead

With the wide variety of activities during this social distancing period around the world that have been Zoom-powered, familiarity leads to experimentation and early adoption.

Without using the word ‘portal’ – Zoom as a Platform (ZaaP!) enforces the drive for a main infrastructure for live interaction via video as the main means of communication over written material or pre-recorded media materials. And many of us are video-led, more than ever.

Zoom is scaling rapidly. When it started out many years ago, they were known as a company that offered video sessions for free and everyone was wondering who this new kid on the block was. In a span of a few years, they have become a powerhouse.

The announcement of  OnZoom is something that marketeers will take note of. Many marketeers are Zoom users but could be using other platforms for hosting events. The solution will have in-built tools for selling tickets, scheduling, gifting tickets, promotional activities, etc. Zoom is thinking about video and layering that with added functionality to run a large-scale event. You can see them going into using AI to churn out rich analytics on attendees, attendance rates, effectiveness of campaigns and so on. All of a sudden it is about hosting an event with in-built rich features plus analytics so events can be run better. They are reaching a new audience and making it a fully built all-purpose solution for event organisers and marketeers.

Security Front and Centre

Ecosystm research shows that security has been a key component in organisation’s COVID-19 responses – and rightly so (Figure 1).

Organisations key measures during COVID-19

While Zoom received some negative publicity this year around security, they were quick to admit the issues and made incremental changes in the subsequent months including an acquisition. With E2EE, no third party including Zoom is provided with access to the meeting’s private keys. Zoom’s E2EE ensures that communication between meeting participants using Zoom applications is encrypted using cryptographic keys known only to the devices of those participants. Zoom is starting to penetrate larger accounts and the security aspect is important as it is the top of the mind discussion for every business leader.

Ecosystm Comments

With the hybrid work model evolving between home and work, and work patterns changing, one thing that is going to stay is the use of video and collaboration tools and it is only going to accelerate (Figure 2).

Organisations to accelerate Cloud collaboration use in 2021

What Zoom is doing well is how they take workflows and APIs seriously, making productivity flow into UC and UX, and not the other way around.

With longer work hours becoming a norm, growing instances of emotional stress and mental fatigue, UX becomes paramount. Knowledge workers want to seamlessly move between workflows and still find the experience simple and not tiring. Zoom is building on that vision as a platform enabler and infrastructure provider.


More insights on the impact of the COVID-19 pandemic and technology areas that will see transformation post COVID, as organisations get into the recovery phase, can be found in the Ecosystm Digital Priorities in the New Normal Study
Ecosystm COVID-19 Research Data

2
Genesys Partners with Adobe to Break Data Silos in Contact Centres

5/5 (1)

5/5 (1)

Contact centres were already on a path to modernisation – which got accelerated by the COVID-19 crisis. The need for omnichannel delivery and better insights from customer data has forced contact centres to adopt cloud solutions. Ecosystm Principal Advisor Audrey William says, “There is still a disconnect between integrating and synchronising customer data between Sales, Marketing and Customer Teams. However, the market is starting to see contact centre vendors work closer with vendors in customer experience management segment.”

Genesys and Adobe are collaborating on integrating Genesys cloud and the Adobe Experience Platform. The deeper integration of both platforms is aimed to give organisations a better omnichannel presence. The platform is live for users and Genesys and Adobe will introduce other features and capabilities throughout 2020. Genesys is already a partner of Adobe’s Exchange Program designed for technology partners to supplement Exchange Marketplace with extensions and applications for Adobe Creative Cloud users.

Augmenting the CX journey through Data Synchronization

Ecosystm data finds that 62% of contact centres have driving omnichannel experience as a key customer experience (CX) priority and 57% want to analyse data across multiple data repositories. However, when asked about the challenges of driving consistent CX, data access and integration appears to be a barrier in achieving their priorities. These challenges are the reason why getting a “true view” of the customer data has been an arduous task and achieving consistent CX continues to be a struggle.

William says. “The customer data collected by a particular service or department does not always move along in real-time with the customer interactions across different touchpoints. This complicates maintaining a real-time customer profile and impacts the CX.”

“Sales and Marketing have different KPIs and tend to view customer data from different angles. The data from in-store, Marketing and Sales interactions sits within departmental silos. They may deal with the same customers and not follow them through their entire journey. This leads to missed opportunities in reaching out to them at the right time with the right products to upsell, resell or provide better CX. Data synchronisation across channels, would solve that problem.”

Integrating Genesys and Adobe Experience Platform will give organisations the capability to provide contact centre agents with real-time customer data and profiles from a single point to provide an personalised experience. The platform is powered by Genesys Predictive Engagement that uses AI to provide more intelligence based on past interactions to drive effective, data-driven conversations. In addition to this, the partnership also enables businesses and marketing departments to customise campaigns and extend their digital and voice capabilities for optimal conversions. William says, “The ability to use AI to understand customer intent, behaviour and patterns is critical as it will allow brands to re-look at how to design the customer journey. When you keep using the same and outdated profile, it will be hard to have discussions around intent, customer interest and assess how customer priorities have changed. Accurate and automate data profiling will lead to more targeted and accurate marketing campaigns.”

Genesys Deepening Industry Partnerships

Genesys is re-shaping its strategy on Contact Centre as a Service (CCaaS) offerings through partnerships and working on its vision of providing Experience as a Service to its global clients. The need for CCaaS has been accelerated by the pandemic. Last month Genesys signed a five year deal with Infosys to develop and deploy cloud CX and contact centre solutions.

Earlier this year, Genesys partnered with MAXIMUS, a US Government services provider to set up the MAXIMUS Genesys Engagement Platform, an integrated, cloud-based omnichannel contact centre solution driven by the government requirement for public sector organisations to provide seamless customer experiences similar to those offered in the private sector.

The company has also partnered with various other industry leaders like MicrosoftGoogle Cloud, and Zoom to roll out cloud-based innovations to benefit customers.


Click below to access insights from the Ecosystm Contact Centre Study on visibility into organisations’ priorities when running a Contact Centre (both in-house and outsourced models) and the technologies implemented and being evaluated

Contact Centre Best Practices


2
AWS and Slack Partnership Announced

5/5 (1)

5/5 (1) As organisations aim to maintain operations during the ongoing crisis, there has been an exponential increase in employees working from home and relying on the Workplace of the Future technologies. 41% of organisations in an ongoing Ecosystm study on the Digital Priorities in the New Normal cited making remote working possible as a key organisational measure introduced to combat current workplace challenges.

Ecosystm Principal Advisor, Audrey William says, “During the COVID-19 pandemic, people have become reliant on voice, video and collaboration tools and even when things go back to normal in the coming months, the blended way of work will be the norm. There has been a surge of video and collaboration technologies. The need to have good communication and collaboration tools whether at home or in the office has become a basic expectation especially when working from home. It has become non-negotiable.”

William also notes, “We are living in an ‘Experience Economy’ – if the user experience around voice, video and collaboration is poor, customers will find a platform that gives them the experience they like. To get that equation right is not easy and there is a lot of R&D, partnerships and user experience design involved.”

AWS and Slack Partnership

Amid a rapid increase in remote working requirements, AWS and Slack announced a multi-year partnership to collaborate on solutions to enable the Workplace of the Future. This will give Slack users the ability to manage their AWS resources within Slack, as well as replace Slack’s voice and video call features with AWS’s Amazon Chime. And AWS will be using Slack for their internal communication and collaboration.

Slack already uses AWS cloud infrastructure to support enterprise customers and have committed to spend USD 50 million a year over five years with AWS. However, the extended partnership is promising a new breed of solutions for the future workforce.

Slack and AWS are also planning to tightly integrate key features such as: AWS Key Management Service with Slack Enterprise Key Management (EKM) for better security and encryption; AWS Chatbot to push AWS Virtual machines notifications to Slack users; and AWS AppFlow to secure data flow between Slack, AWS S3 Storage and AWS Redshift data warehouse.

William says, “It’s a win-win for both vendors. AWS has sealed a good partnership for its Chime solution and other AWS cloud services. This ensures that Amazon Chime is used alongside a vendor with a reputation in the collaboration space. On the other hand, Slack gets the benefits of a robust cloud architecture including reliability and security and can now embed its collaboration offering with voice and video capabilities for its customers.”

The Competitive Landscape

The partnership between AWS and Slack has enabled Slack to scale and compete with more tools in its arsenal. The enterprise communication and collaboration market is heating up with announcements such as Zoom ramping up its infrastructure on Oracle Cloud. The other major cloud platform players already have their own collaboration offerings, with Microsoft Teams and Google Meet. The AWS-Slack announcement is another example of industry players looking to improve their offerings through partnership agreements. Slack is already integrated with a number of Microsoft services such as OneDrive, Outlook and SharePoint and there was talk of being integrated with Microsoft Teams  earlier this year. Similarly, Slack has also integrated some GSuite tools on its platform.

“There is a battle going on now in the voice, video and collaboration space and there are many players that offer rich enterprise grade capabilities in this space. AWS is already Slack’s “preferred” cloud infrastructure provider, and the two companies have a common rival in Microsoft, competing with its Azure and Teams products, respectively,” says William.

The Single Platform Approach

The competition in the video, voice and collaboration market in becoming increasingly intense and the ability to make it easy for users across all functions on one common platform is the ideal situation. This explains why we have seen vendors in recent months adding greater capabilities to their offerings. For instance, Zoom added Zoom phone functionality to expand its offerings to users. Avaya released Spaces – an integrated cloud meeting and team collaboration solution with chat, voice, video, online meetings, and content sharing capabilities. The market also has Cisco as an established presence, providing video and voice solutions to many large organisations.

Organisations want an all-in-one platform for voice, video and collaboration if possible as it makes it easier for management. Microsoft Teams is a single platform for enterprise communications and collaboration. William says, “Teams has seen steady uptake since its launch and for many IT managers the ability to capture all feedback, issues/logs on one platform is important. Other vendors are pushing the one vendor platform option heavily; for example, 8×8 has been able to secure wins in the market because of the one vendor platform push.”

“As the competition heats up, we can expect more acquisitions and partnerships in the communications and collaboration space, in an effort to provide all functions on a single platform,” says William. “However, irrespective of what IT Teams want, we are still seeing organisations use different platforms from multiple vendors. This is a clear indication that in the end there is only one benefit that organisations seek – quality of experience.”

 

1
Tech Spotlight for May – Cybersecurity

5/5 (2)

5/5 (2) In his blog, The Cybercrime Pandemic, Ecosystm Principal Advisor, Andrew Milroy says, “Remote working has reached unprecedented levels as organisations try hard to keep going. This is massively expanding the attack surface for cybercriminals, weakening security and leading to a cybercrime pandemic. Hacking activity and phishing, inspired by the COVID-19 crisis, are growing rapidly.” Remote working has seen an increase in adoption of cloud applications and collaborative tools, and organisations and governments are having to re-think their risk management programs.

We are seeing the market respond to this need and May saw initiatives from governments and enterprises on strengthening risk management practices and standards. Tech vendors have also stepped up their game, strengthening their Cybersecurity offerings.

Market Consolidation through M&As Continues

The Cybersecurity market is extremely fragmented and is ripe for consolidation. The last couple of years has seen some consolidation of the market, especially through acquisitions by larger platform players (wishing to provide an end-to-end solution) and private equity firms (who have a better view of the Cybersecurity start-up ecosystem). Cybersecurity providers continue to acquire niche providers to strengthen their end-to-end offering and respond to market requirements.

As organisations cope with remote working, network security, threat identification and identity and access management are becoming important. CyberArk acquired Identity as a Service provider Idaptive to work on an AI-based identity solution. The acquisition expands its identity management offerings across hybrid and multi-cloud environments. Quick Heal invested in Singapore-based Ray, a start-up specialising in next-gen wireless and network technology. This would benefit Quick Heal in building a safe, secure, and seamless digital experience for users. This investment also shows Quick Heal’s strategy of investing in disruptive technologies to maintain its market presence and to develop a full-fledged integrated solution beneficial for its users.

Another interesting deal was Venafi acquiring Jetstack.  Jetstack’s open-source Kubernetes certificate manager controller – cert-manager – with a thriving developer community of over 200 contributors, has been used by many global organisations as the go-to tool for using certificates in the Kubernetes space. The community has provided feedback through design discussion, user experience reports, code and documentation contributions as well as serving as a source for free community support. The partnership will see Venafi’s Machine Identity Protection having cloud-native capabilities.   The deal came a day after VMware announced its intent to acquire Octarine to extend VMware’s Intrinsic Security Capabilities for Containers and Kubernetes and integrate Octarine’s technology to VMware’s Carbon Black, a security company which VMware bought last year.

Cybersecurity vendors are not the only ones that are acquiring niche Cybersecurity providers. In the wake of a rapid increase in user base and a surge in traffic, that exposed it to cyber-attacks (including the ‘zoombombing’ incidents), Zoom acquired secure messaging service Keybase, a secure messaging and file-sharing service to enhance their security and to build end-to-end encryption capability to strengthen their overall security posture.

Governments actively working on their Cyber Standards

Governments are forging ahead with digital transformation, providing better citizen services and better protection of citizen data.  This has been especially important in the way they have had to manage the COVID-19 crisis – introducing restrictions fast, keeping citizens in the loop and often accessing citizens’ health and location data to contain the disaster. Various security guidelines and initiatives were announced by governments across the globe, to ensure that citizen data was being managed and used securely and to instil trust in citizens so that they would be willing to share their data.

Singapore, following its Smart Nation initiative, introduced a set of enhanced data security measures for public sector. There have been a few high-profile data breaches (especially in the public healthcare sector) in the last couple of years and the Government rolled out a common security framework for public agencies and their officials making them all accountable to a common code of practice. Measures include clarifying the roles and responsibilities of public officers involved in managing data security, and mandating that top public sector leadership be accountable for creating a strong organisational data security regime. The Government has also empowered citizens to raise a flag against unauthorised data disclosures through a simple incident report form available on Singapore’s Smart Nation Website.

Australia is also ramping up measures to protect the public sector and the country’s data against threats and breaches by issuing guidelines to Australia’s critical infrastructure providers from cyber-attacks. The Australian Cyber Security Centre (ACSC) especially aims key employees working in services such as power and water distribution networks, and transport and communications grids. In the US agencies such as the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy (DOE) have issued guidelines on safeguarding the country’s critical infrastructure. Similarly, UK’s National Cyber Security Centre (NCSC) issued cybersecurity best practices for Industrial Control Systems (ICS).

Cyber Awareness emerges as the need of the hour

While governments will continue to strengthen their Cybersecurity standards, the truth is Cybersecurity breaches often happen because of employee actions – sometimes deliberate, but often out of unawareness of the risks. As remote working becomes a norm for more organisations, there is a need for greater awareness amongst employees and Cybersecurity caution should become part of the organisational culture.

Comtech received a US$8.4 million in additional orders from the US Federal Government for a Joint Cyber Analysis Course. The company has been providing cyber-training to government agencies in the communications sector. Another public-private partnership to raise awareness on Cybersecurity announced in May was the MoU between Europol’s European Cybercrime Centre (EC3) and Capgemini Netherlands. With this MoU, Capgemini and Europol are collaborating on activities such as the development of cyber simulation exercises, capacity building, and prevention and awareness campaigns. They are also partnered on a No More Ransomware project by National High Tech Crime Unit of the Netherlands’ Police, Kaspersky and McAfee to help victims fight against ransomware threats.

The Industry continues to gear up for the Future

Technology providers, including Cybersecurity vendors, continue to evolve their offerings and several innovations were reported in May. Futuristic initiatives such as these show that technology vendors are aware of the acute need to build AI-based cyber solutions to stay ahead of cybercriminals.

Samsung introduced a new secure element (SE) Cybersecurity chip to protect mobile devices against security threats. The chip received an Evaluation Assurance Level (EAL) 6+ certification from CC EAL – a technology security evaluation agency which certifies IT products security on a scale of EAL0 to EAL7. Further applications of the chip could include securing e-passports, crypto hardware wallets and mobile devices based on standalone hardware-level security. Samsung also introduced a new smartphone in which Samsung is using a chipset from SK Telecom with quantum-crypto technology. This involves Quantum Random Number Generator (QRNG) to enhance the security of applications and services instead of using normal random number generators. The technology uses LED and CMOS sensor to capture quantum randomness and produce unpredictable strings and patterns which are difficult to hack. This is in line with what we are seeing in the findings of an Ecosystm business pulse study to gauge how organisations are prioritising their IT investments to adapt to the New Normal. 36% of organisations in the Asia Pacific region invested significantly in Mobile Security is a response to the COVID-19 crisis.

The same study reveals that nearly 40% of organisations in the region have also increased investments in Threat Analysis & Intelligence. At the Southern Methodist University in Texas, engineers at Darwin Deason Institute for Cybersecurity have created a software to detect and prevent ransomware threats before they can occur. Their detection method known as sensor-based ransomware detection can even spot new ransomware attacks and terminates the encryption process without relying on the signature of past infections. The university has filed a patent for this technique with the US Patent and Trademark Office.

Microsoft and Intel are working on a project called STAMINA (static malware-as-image network analysis). The project involves a new deep learning approach that converts malware into grayscale images to scan the text and structural patterns specific to malware. This works by converting a file’s binary form into a stream of raw pixel data (1D) which is later converted into a photo (2D) to feed into image analysis algorithms based on a pre-trained deep neural network to scan and classify images as clean or infected.

 


Click below for more data on organisations’ Cybersecurity priorities and investments
Get Started


1
The Cybercrime Pandemic

5/5 (2)

5/5 (2) Organisations across the globe, are facing disruption on a scale never seen before, and are urgently seeking ways of remaining viable. Predictably, cybersecurity is a secondary concern and is often handled reactively. To make matters worse, a chronic cybersecurity skills shortage is being made much more severe by the crisis.

Remote working has reached unprecedented levels as organisations try hard to keep going. This is massively expanding the attack surface for cyber criminals, weakening security and leading to a cybercrime pandemic. Hacking activity and phishing, inspired by the COVID-19 crisis, are growing rapidly. Containing and suppressing this cybercrime pandemic is proving to be almost impossible.

Remote working intensifies known threats posed by phishing and ransomware. More alarming are the distinctive cybersecurity vulnerabilities associated with home working including reliance on home Wi-Fi, increased use of unpatched VPNs and devices, and the exponential growth of network access points. These vulnerabilities increase the likelihood of a breach enormously.

Corporate IT is in a very challenging position. It needs to ensure that organisations can operate in a way that they have never operated before, while ensuring that their assets are secure – a very difficult, if not an impossible task for which there is no precedent.

Some important cybersecurity considerations, during and after the COVID-19 pandemic include:

Re-enforce Basic Cyber Hygiene

As massive numbers of people work from home, basic cyber hygiene becomes more critical than ever before. Organisations must maintain awareness of security threats among employees, ensure security policies are being followed and be certain that corporate software is being updated and patched on time. With a dispersed workforce, these basic practices are more challenging, and training becomes more critical. Phishing attacks are often the primary attack vector for malicious actors, so employees must be able to identify these attacks. They increasingly exploit shortages of goods such as protective equipment and sometimes claim to offer official information relating to COVID-19.

Remote employees often access sensitive business data through home Wi-Fi networks that will not have the same security controls – such as firewalls – that are used in offices. There is more connectivity from remote locations, which requires greater focus on data privacy, and hunting for intrusions from a much larger number of entry points.

Place More Focus on Endpoint Security

The unprecedented switch to remote working is radically increasing the number of vulnerable endpoints. Given that endpoints are located at a distance from corporate premises, it is frequently difficult for IT departments to configure endpoint systems and install necessary security software.

It is vital to assess the security posture of all endpoints connecting to the corporate network. This practice enables an organisation to determine whether or not an endpoint requesting to access internal resources meets security policy requirements. It requires the ability to monitor and enforce policy across all devices, while making onboarding and offboarding seamless.

It is essential that endpoint solutions can be rapidly deployed for remote workers, as needed on both personal and corporate devices. Devices used for remote work need much more than the basic antivirus and antispyware protection. Multi-factor authentication (MFA) and on-board endpoint detection and response (EDR) capabilities are crucial.

Be More Selective About How and When Video Conferencing and Collaboration Platforms are Used

Since lockdowns spread around the world, the use of video conferencing and collaboration tools has grown beyond the wildest expectations of suppliers of these tools. The extraordinary growth of Zoom has made it a target for attackers. Many security vulnerabilities have been discovered with Zoom such as, a vulnerability to UNC path injection in the client chat feature, which allows hackers to steal Windows credentials, keeping decryption keys in the cloud which can potentially be accessed by hackers and gives the ability for trolls to ‘Zoombomb’ open and unprotected meetings. Zoom has so far managed to augment its security features in part by its recent acquisition of Keybase, a secure messaging service.

Switching to an alternative video conferencing platform will not necessarily offer greater levels of security as privacy is typically not a strength of any collaboration platform. Collaboration platforms tend to tread a fine line between a great experience and security. Too much security can cause performance and usability to be impacted negatively. Too little security, as we have seen, allows hackers to find vulnerabilities. If data privacy is critical for a meeting, then perhaps collaboration platforms should not be used, or organisations should not share critical information on them.

Protect all Cloud Workloads

In today’s remote working paradigm, cloud computing is being used more than ever. This frequently exposes organisations to risks that are not adequately mitigated.

Organisations typically need to manage a mix of on-premises technology together with multiple clouds, which are often poorly integrated.  These complexities are compounded by the increasing risk from cyberattacks associated with cloud migration and hybrid cloud implementations. In cloud environments, the leading cybersecurity risks include insecure interfaces and APIs, data breaches and data loss, unauthorised access, DDoS attacks, and a lack of a unified view of assets.

Protection requirements for securing hybrid multicloud environments are evolving rapidly. In addition to tightening up endpoint security, organisations must also place greater emphasis on cloud workload protection. Cloud security solutions need to offer a unified and consistent view across all physical machines, virtual machines, serverless workloads and containers, used by an organisation.

Amend Incident Response Plans

It is the containment of breaches that often determines the success of security policies and procedures. Basic cyber hygiene as well as changes to IT architecture, such as micro segmentation, play an essential role in breach containment. But incident response plans also need to be made relevant to the current pandemic scenario.

Employees and IT teams are now working in a completely different environment than envisaged by most incident response plans. Existing plans may now be obsolete. At the very least, they will need to be modified. Usually, incident response plans are designed to respond to threats when most employees are operating in a corporate environment. This clearly needs to change. Employees need to be trained in the updated plan and know how to reach support if they believe that a security breach has occurred in their remote location.

Critically, new alert and warning systems need to be established, which can be used by employees to warn of threats as well as to receive information on threats and best practices.

 

Organisations are struggling to keep the lights on. In this battle to remain operational, cybersecurity has been taking a back seat. This cannot last for long as the deluge of new vulnerabilities is creating easy pickings for attackers. Cyber hygiene, endpoint security, cloud security, security policies and incident response plans must be continually reviewed.


This blog is based on Andrew Milroy’s recent report titled “Cybersecurity in the COVID-19 Era”.
Click here to download the full report ?

Download Report


1
Zoom selects Oracle as Cloud Infrastructure Provider

5/5 (6)

5/5 (6) The COVID-19 crisis has forced countries to implement work from home policies and lockdowns. Since the crisis hit, uptake of cloud communication and collaboration solutions have seen a dramatic increase. Video conferencing provider, Zoom has emerged as a key player in the market, with a rapid increase in user base from 10 million daily active participants in December 2019 to 200 million in March 2020 – a growth in the number of users of nearly 200%!

Security Concerns around Zoom

The rapid increase in user base and the surge in traffic has required Zoom to re-evaluate its offerings and capacity. The platform was primarily built for enterprises and now is seeing unprecedented usage in conducting team meetings, webinars, virtual conferences, e-learning, and social events.

The one area where they were impacted most is security. In his report, Cybersecurity Considerations in the COVID-19 Era, Ecosystm Principal Advisor Andrew Milroy says, “The extraordinary growth of Zoom has made it a target for attackers. It has had to work remarkably hard to plug the security gaps, identified by numerous breaches. Many security vulnerabilities have been discovered with Zoom such as, a vulnerability to UNC path injection in the client chat feature, which allows hackers to steal Windows credentials, keeping decryption keys in the cloud which can potentially be accessed by hackers and the ability for trolls to ‘Zoombomb’ open and unprotected meetings.”

“Zoom largely responded to these disclosures quickly and transparently, and it has already patched many of the weaknesses highlighted by the security community. But it continues to receive rigorous stress testing by hackers, exposing more vulnerabilities.”

However, Milroy does not think that this issue is unique to Zoom. “Collaboration platforms tend to tread a fine line between performance and security. Too much security can cause performance and usability to be impacted negatively. Too little security, as we have seen, allows hackers to find vulnerabilities. If data privacy is critical for a meeting, then perhaps collaboration platforms should not be used, or organisations should not share critical information on them.”

Zoom to increase Capacity and Scalability

Zoom is aware that it has to increase its service capacity and scalability of its offerings, if it has to successfully leverage its current market presence, beyond the COVID-19 crisis. Last week Zoom announced that that it had selected Oracle as its cloud Infrastructure provider. One of the reasons cited for the choice is Oracle’s “industry-leading security”. It has been reported that Zoom is transferring more than 7 PB of data through Oracle Cloud Infrastructure servers daily.

In addition to growing their data centres, Zoom has been using AWS and Microsoft Azure as its hosting providers. Milroy says, “It makes sense for Zoom to use another supplier rather than putting ‘all its eggs in one or two baskets’. Zoom has not shared the commercial details, but it is likely that Oracle has offered more predictable pricing. Also, the security offered by the Oracle Cloud Infrastructure deal is likely to have impacted the choice and it is likely that Oracle has also priced its security features very competitively.”

“It must also be borne in mind that Google, Microsoft and Amazon are all competing directly with Zoom. They all offer video collaboration platforms and like Zoom, are seeing huge growth in demand. Zoom may not wish to contribute to the growth of its competitors any more than it needs to.”

Milroy sees another benefit to using Oracle. “Oracle is known to have a presence in the government sector – especially in the US. Working with Oracle might make it easier for Zoom to win large government contracts, to consolidate its market presence.”


Gain access to more insights from the Ecosystm Cloud Study

Ecosystm Cloud Insights


0
How Will COVID-19 Change the Telecom Industry?

5/5 (1)

5/5 (1) The COVID-19 pandemic has highlighted the importance of the telecommunications industry which has now become the backbone of the new normal, both in a social and business sense. The last few months have seen a number of changes including more video usage, location of traffic and time of traffic. Network usage is on the rise and telecom carriers are prioritising on the resilience of their networks and the quality of services offered to their customers.

What goes up must come down

According to Speedtest, global mobile and broadband speeds have suffered as a result of the increase in traffic with speeds dropping in March 2020 for mobile to 30.47 Mbps (from 31.62 Mbps in February) and fixed broadband to 74.64 Mbps (from 75.41 Mbps in February). In Southeast Asia, only Singapore and Vietnam averaged mobile speeds of 54.37 Mbps and 33.97 Mbps respectively, exceeding the global average speeds. As for fixed broadband, Singapore ranked highest globally achieving 197.26 Mbps while Thailand and Malaysia clocked 149.95 Mbps and 79.86 Mbps respectively, trumping the global average speeds.

Southeast Asian carriers increase network efficiency and quality

Singapore. The country’s ICT regulator, Infocomm Media Development Authority (IMDA), reported an increase in internet usage and its intentions to support telecom carriers in boosting network capacity to ensure essential services run smoothly. Priority will be given to high traffic and residential areas where a larger proportion of the population are working from home. The Ministry of Communications and Information (MCI) reported that Singapore has at least 30 percent buffer in network capacity even during peak periods. Major TV operators Mediacorp, Singtel and Starhub have made more content available for free during this period. This may further impact network speeds as customers are consuming more content over wifi (on mobile apps) or over the fibre networks.

Thailand. Part of the country’s public assistance measures during the pandemic, include offering about 30 million mobile subscribers 10GB free data. The National Broadcasting and Telecommunications Commission (NBTC) will also upgrade the speeds of fixed broadband to at least 100 Mbps which is expected to benefit 1.2 million household subscribers. Leading operator Advanced Info Service (AIS) recently announced that it has deployed 5G networks at hospitals to boost network capacity and speeds, and is deploying robots for telemedicine to empower the healthcare system to fight COVID-19.

Malaysia. Maxis and Telekom Malaysia (TM) reported a surge in traffic since the movement control order (MCO) was implemented by the Government on the 18th  March 2020. The MCO is expected to run at least until 28th April 2020. TM cited a 30 percent increase in usage attributed to the increase in traffic for streaming, online games and teleconferencing. Leading operators Maxis, Digi, Celcom and U Mobile have offered 1GB free data during the MCO period as part of the Government’s stimulus package. Maxis, TM, Digi and Celcom have also committed significant manpower to ensure that the networks are operating efficiently and to ensure customer support. Leading TV operator Astro has made all movie, news and cartoon networks available to all its customers until the 28th April 2020.

Social distancing fillip for video conferencing

The rise of social distancing has made us all seek new ways to connect, mainly through video chat. Video conferencing traffic is on the rise as it is the next best thing to face-to-face meetings. Microsoft Teams and Zoom have been big benefactors. The American Economic Institute (AEI) notes that Zoom hit some 200 million users daily from a daily average 10 million. Microsoft Teams added some 12 million registrations to a total of 44 million.

Many predict that the home working trend will continue in the recovery stage and beyond, due to improvements in the telecommunications infrastructure and impending rollout of 5G. It is also predicted that the commercial property sector is likely to suffer due to this trend. This period also highlights the critical importance of cybersecurity with increasing occurrences of hacking and fraud. Zoom is being forced to reinforce their privacy and security measures, as an example.

COVID-19 has changed the way we web

On the social front, many are also using video conferencing to communicate with friends and family. Operators relaxing and offering additional data has undoubtedly contributed to the increase in this usage too. Now that many are homebound, network traffic in residential areas are higher than ever. In the past, peak hours of traffic at homes were at night – this has changed with adults and children homebound. Adults are using video conferencing and more voice calls; while children are using elearning, playing games or streaming videos. The European Commission had asked Netflix and other streaming platforms to reduce streaming quality to standard definition (SD). Netflix has assured that it has the capability to manage levels of streaming quality in accordance with the networks quality requirement of individual countries.

Online gaming and video streaming have emerged as winners and have seen an increase in consumption in these times as they provide for entertainment for millions stuck at home. There is tremendous opportunity for both telecom operators and content providers to increase their number of services in this area. Netflix, YouTube, Microsoft Xbox and PlayStation are among the winners in this sector. YouTube provides for a primary news source and commentary on the epidemic for many. Netflix’s stocks are near an all-time high at present.

eCommerce boost for essentials goods and services

The eCommerce sector should see a major improvement in Southeast Asia as physical channels to market have reduced. Emerging economies such as Malaysia and Thailand should see an improvement in services and embrace eCommerce like their mature counterparts. Statista reports that the average Malaysian eCommerce shopper spent just US$159 and Thailand just US$100 on online consumer goods purchases in 2018, considerably lower than the global average of US$634. There is huge opportunity to provide for basic necessities such as online grocery, food and delivery of goods. As a consequence, contactless payment and the transport and logistics sector will be forced to adapt their business operations to ride this wave successfully. As eCommerce transactions diversify and increase in emerging markets, it will give telecom providers an opportunity to keep engaging with platform players.

 

 

Telecom carriers are likely to suffer financial losses due to the scale of the disruption COVID-19 has brought about. However, there are some positives takeaways from this period. The increase of network traffic and the changing patterns have driven carriers to better understand network traffic management. The sharp consumer and business onboarding as far as applications and digital services are concerned, has given the digital economy and 5G use cases a shot in the arm. This is likely to spur innovation in services including communications, eCommerce, payments, logistics and healthcare among others.


For more insights on the key trends in the telecom services market in Southeast Asia, read Shamir’s report

Get Access

For more information on “The New Normal for Telecom Providers in South East Asia”, report please contact us at info@ecosystm360.com


1