In his blog, The Cybercrime Pandemic, Ecosystm Principal Advisor, Andrew Milroy says, “Remote working has reached unprecedented levels as organisations try hard to keep going. This is massively expanding the attack surface for cybercriminals, weakening security and leading to a cybercrime pandemic. Hacking activity and phishing, inspired by the COVID-19 crisis, are growing rapidly.” Remote working has seen an increase in adoption of cloud applications and collaborative tools, and organisations and governments are having to re-think their risk management programs.
We are seeing the market respond to this need and May saw initiatives from governments and enterprises on strengthening risk management practices and standards. Tech vendors have also stepped up their game, strengthening their Cybersecurity offerings.
Market Consolidation through M&As Continues
The Cybersecurity market is extremely fragmented and is ripe for consolidation. The last couple of years has seen some consolidation of the market, especially through acquisitions by larger platform players (wishing to provide an end-to-end solution) and private equity firms (who have a better view of the Cybersecurity start-up ecosystem). Cybersecurity providers continue to acquire niche providers to strengthen their end-to-end offering and respond to market requirements.
As organisations cope with remote working, network security, threat identification and identity and access management are becoming important. CyberArk acquired Identity as a Service provider Idaptive to work on an AI-based identity solution. The acquisition expands its identity management offerings across hybrid and multi-cloud environments. Quick Heal invested in Singapore-based Ray, a start-up specialising in next-gen wireless and network technology. This would benefit Quick Heal in building a safe, secure, and seamless digital experience for users. This investment also shows Quick Heal’s strategy of investing in disruptive technologies to maintain its market presence and to develop a full-fledged integrated solution beneficial for its users.
Another interesting deal was Venafi acquiring Jetstack. Jetstack’s open-source Kubernetes certificate manager controller – cert-manager – with a thriving developer community of over 200 contributors, has been used by many global organisations as the go-to tool for using certificates in the Kubernetes space. The community has provided feedback through design discussion, user experience reports, code and documentation contributions as well as serving as a source for free community support. The partnership will see Venafi’s Machine Identity Protection having cloud-native capabilities. The deal came a day after VMware announced its intent to acquire Octarine to extend VMware’s Intrinsic Security Capabilities for Containers and Kubernetes and integrate Octarine’s technology to VMware’s Carbon Black, a security company which VMware bought last year.
Cybersecurity vendors are not the only ones that are acquiring niche Cybersecurity providers. In the wake of a rapid increase in user base and a surge in traffic, that exposed it to cyber-attacks (including the ‘zoombombing’ incidents), Zoom acquired secure messaging service Keybase, a secure messaging and file-sharing service to enhance their security and to build end-to-end encryption capability to strengthen their overall security posture.
Governments actively working on their Cyber Standards
Governments are forging ahead with digital transformation, providing better citizen services and better protection of citizen data. This has been especially important in the way they have had to manage the COVID-19 crisis – introducing restrictions fast, keeping citizens in the loop and often accessing citizens’ health and location data to contain the disaster. Various security guidelines and initiatives were announced by governments across the globe, to ensure that citizen data was being managed and used securely and to instil trust in citizens so that they would be willing to share their data.
Singapore, following its Smart Nation initiative, introduced a set of enhanced data security measures for public sector. There have been a few high-profile data breaches (especially in the public healthcare sector) in the last couple of years and the Government rolled out a common security framework for public agencies and their officials making them all accountable to a common code of practice. Measures include clarifying the roles and responsibilities of public officers involved in managing data security, and mandating that top public sector leadership be accountable for creating a strong organisational data security regime. The Government has also empowered citizens to raise a flag against unauthorised data disclosures through a simple incident report form available on Singapore’s Smart Nation Website.
Australia is also ramping up measures to protect the public sector and the country’s data against threats and breaches by issuing guidelines to Australia’s critical infrastructure providers from cyber-attacks. The Australian Cyber Security Centre (ACSC) especially aims key employees working in services such as power and water distribution networks, and transport and communications grids. In the US agencies such as the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy (DOE) have issued guidelines on safeguarding the country’s critical infrastructure. Similarly, UK’s National Cyber Security Centre (NCSC) issued cybersecurity best practices for Industrial Control Systems (ICS).
Cyber Awareness emerges as the need of the hour
While governments will continue to strengthen their Cybersecurity standards, the truth is Cybersecurity breaches often happen because of employee actions – sometimes deliberate, but often out of unawareness of the risks. As remote working becomes a norm for more organisations, there is a need for greater awareness amongst employees and Cybersecurity caution should become part of the organisational culture.
Comtech received a US$8.4 million in additional orders from the US Federal Government for a Joint Cyber Analysis Course. The company has been providing cyber-training to government agencies in the communications sector. Another public-private partnership to raise awareness on Cybersecurity announced in May was the MoU between Europol’s European Cybercrime Centre (EC3) and Capgemini Netherlands. With this MoU, Capgemini and Europol are collaborating on activities such as the development of cyber simulation exercises, capacity building, and prevention and awareness campaigns. They are also partnered on a No More Ransomware project by National High Tech Crime Unit of the Netherlands’ Police, Kaspersky and McAfee to help victims fight against ransomware threats.
The Industry continues to gear up for the Future
Technology providers, including Cybersecurity vendors, continue to evolve their offerings and several innovations were reported in May. Futuristic initiatives such as these show that technology vendors are aware of the acute need to build AI-based cyber solutions to stay ahead of cybercriminals.
Samsung introduced a new secure element (SE) Cybersecurity chip to protect mobile devices against security threats. The chip received an Evaluation Assurance Level (EAL) 6+ certification from CC EAL – a technology security evaluation agency which certifies IT products security on a scale of EAL0 to EAL7. Further applications of the chip could include securing e-passports, crypto hardware wallets and mobile devices based on standalone hardware-level security. Samsung also introduced a new smartphone in which Samsung is using a chipset from SK Telecom with quantum-crypto technology. This involves Quantum Random Number Generator (QRNG) to enhance the security of applications and services instead of using normal random number generators. The technology uses LED and CMOS sensor to capture quantum randomness and produce unpredictable strings and patterns which are difficult to hack. This is in line with what we are seeing in the findings of an Ecosystm business pulse study to gauge how organisations are prioritising their IT investments to adapt to the New Normal. 36% of organisations in the Asia Pacific region invested significantly in Mobile Security is a response to the COVID-19 crisis.
The same study reveals that nearly 40% of organisations in the region have also increased investments in Threat Analysis & Intelligence. At the Southern Methodist University in Texas, engineers at Darwin Deason Institute for Cybersecurity have created a software to detect and prevent ransomware threats before they can occur. Their detection method known as sensor-based ransomware detection can even spot new ransomware attacks and terminates the encryption process without relying on the signature of past infections. The university has filed a patent for this technique with the US Patent and Trademark Office.
Microsoft and Intel are working on a project called STAMINA (static malware-as-image network analysis). The project involves a new deep learning approach that converts malware into grayscale images to scan the text and structural patterns specific to malware. This works by converting a file’s binary form into a stream of raw pixel data (1D) which is later converted into a photo (2D) to feed into image analysis algorithms based on a pre-trained deep neural network to scan and classify images as clean or infected.
Organisations across the globe, are facing disruption on a scale never seen before, and are urgently seeking ways of remaining viable. Predictably, cybersecurity is a secondary concern and is often handled reactively. To make matters worse, a chronic cybersecurity skills shortage is being made much more severe by the crisis.
Remote working has reached unprecedented levels as organisations try hard to keep going. This is massively expanding the attack surface for cyber criminals, weakening security and leading to a cybercrime pandemic. Hacking activity and phishing, inspired by the COVID-19 crisis, are growing rapidly. Containing and suppressing this cybercrime pandemic is proving to be almost impossible.
Remote working intensifies known threats posed by phishing and ransomware. More alarming are the distinctive cybersecurity vulnerabilities associated with home working including reliance on home Wi-Fi, increased use of unpatched VPNs and devices, and the exponential growth of network access points. These vulnerabilities increase the likelihood of a breach enormously.
Corporate IT is in a very challenging position. It needs to ensure that organisations can operate in a way that they have never operated before, while ensuring that their assets are secure – a very difficult, if not an impossible task for which there is no precedent.
Some important cybersecurity considerations, during and after the COVID-19 pandemic include:
Re-enforce Basic Cyber Hygiene
As massive numbers of people work from home, basic cyber hygiene becomes more critical than ever before. Organisations must maintain awareness of security threats among employees, ensure security policies are being followed and be certain that corporate software is being updated and patched on time. With a dispersed workforce, these basic practices are more challenging, and training becomes more critical. Phishing attacks are often the primary attack vector for malicious actors, so employees must be able to identify these attacks. They increasingly exploit shortages of goods such as protective equipment and sometimes claim to offer official information relating to COVID-19.
Remote employees often access sensitive business data through home Wi-Fi networks that will not have the same security controls – such as firewalls – that are used in offices. There is more connectivity from remote locations, which requires greater focus on data privacy, and hunting for intrusions from a much larger number of entry points.
Place More Focus on Endpoint Security
The unprecedented switch to remote working is radically increasing the number of vulnerable endpoints. Given that endpoints are located at a distance from corporate premises, it is frequently difficult for IT departments to configure endpoint systems and install necessary security software.
It is vital to assess the security posture of all endpoints connecting to the corporate network. This practice enables an organisation to determine whether or not an endpoint requesting to access internal resources meets security policy requirements. It requires the ability to monitor and enforce policy across all devices, while making onboarding and offboarding seamless.
It is essential that endpoint solutions can be rapidly deployed for remote workers, as needed on both personal and corporate devices. Devices used for remote work need much more than the basic antivirus and antispyware protection. Multi-factor authentication (MFA) and on-board endpoint detection and response (EDR) capabilities are crucial.
Be More Selective About How and When Video Conferencing and Collaboration Platforms are Used
Since lockdowns spread around the world, the use of video conferencing and collaboration tools has grown beyond the wildest expectations of suppliers of these tools. The extraordinary growth of Zoom has made it a target for attackers. Many security vulnerabilities have been discovered with Zoom such as, a vulnerability to UNC path injection in the client chat feature, which allows hackers to steal Windows credentials, keeping decryption keys in the cloud which can potentially be accessed by hackers and gives the ability for trolls to ‘Zoombomb’ open and unprotected meetings. Zoom has so far managed to augment its security features in part by its recent acquisition of Keybase, a secure messaging service.
Switching to an alternative video conferencing platform will not necessarily offer greater levels of security as privacy is typically not a strength of any collaboration platform. Collaboration platforms tend to tread a fine line between a great experience and security. Too much security can cause performance and usability to be impacted negatively. Too little security, as we have seen, allows hackers to find vulnerabilities. If data privacy is critical for a meeting, then perhaps collaboration platforms should not be used, or organisations should not share critical information on them.
Protect all Cloud Workloads
In today’s remote working paradigm, cloud computing is being used more than ever. This frequently exposes organisations to risks that are not adequately mitigated.
Organisations typically need to manage a mix of on-premises technology together with multiple clouds, which are often poorly integrated. These complexities are compounded by the increasing risk from cyberattacks associated with cloud migration and hybrid cloud implementations. In cloud environments, the leading cybersecurity risks include insecure interfaces and APIs, data breaches and data loss, unauthorised access, DDoS attacks, and a lack of a unified view of assets.
Protection requirements for securing hybrid multicloud environments are evolving rapidly. In addition to tightening up endpoint security, organisations must also place greater emphasis on cloud workload protection. Cloud security solutions need to offer a unified and consistent view across all physical machines, virtual machines, serverless workloads and containers, used by an organisation.
Amend Incident Response Plans
It is the containment of breaches that often determines the success of security policies and procedures. Basic cyber hygiene as well as changes to IT architecture, such as micro segmentation, play an essential role in breach containment. But incident response plans also need to be made relevant to the current pandemic scenario.
Employees and IT teams are now working in a completely different environment than envisaged by most incident response plans. Existing plans may now be obsolete. At the very least, they will need to be modified. Usually, incident response plans are designed to respond to threats when most employees are operating in a corporate environment. This clearly needs to change. Employees need to be trained in the updated plan and know how to reach support if they believe that a security breach has occurred in their remote location.
Critically, new alert and warning systems need to be established, which can be used by employees to warn of threats as well as to receive information on threats and best practices.
Organisations are struggling to keep the lights on. In this battle to remain operational, cybersecurity has been taking a back seat. This cannot last for long as the deluge of new vulnerabilities is creating easy pickings for attackers. Cyber hygiene, endpoint security, cloud security, security policies and incident response plans must be continually reviewed.
Click here to download the full report ?
The COVID-19 crisis has forced countries to implement work from home policies and lockdowns. Since the crisis hit, uptake of cloud communication and collaboration solutions have seen a dramatic increase. Video conferencing provider, Zoom has emerged as a key player in the market, with a rapid increase in user base from 10 million daily active participants in December 2019 to 200 million in March 2020 – a growth in the number of users of nearly 200%!
Security Concerns around Zoom
The rapid increase in user base and the surge in traffic has required Zoom to re-evaluate its offerings and capacity. The platform was primarily built for enterprises and now is seeing unprecedented usage in conducting team meetings, webinars, virtual conferences, e-learning, and social events.
The one area where they were impacted most is security. In his report, Cybersecurity Considerations in the COVID-19 Era, Ecosystm Principal Advisor Andrew Milroy says, “The extraordinary growth of Zoom has made it a target for attackers. It has had to work remarkably hard to plug the security gaps, identified by numerous breaches. Many security vulnerabilities have been discovered with Zoom such as, a vulnerability to UNC path injection in the client chat feature, which allows hackers to steal Windows credentials, keeping decryption keys in the cloud which can potentially be accessed by hackers and the ability for trolls to ‘Zoombomb’ open and unprotected meetings.”
“Zoom largely responded to these disclosures quickly and transparently, and it has already patched many of the weaknesses highlighted by the security community. But it continues to receive rigorous stress testing by hackers, exposing more vulnerabilities.”
However, Milroy does not think that this issue is unique to Zoom. “Collaboration platforms tend to tread a fine line between performance and security. Too much security can cause performance and usability to be impacted negatively. Too little security, as we have seen, allows hackers to find vulnerabilities. If data privacy is critical for a meeting, then perhaps collaboration platforms should not be used, or organisations should not share critical information on them.”
Zoom to increase Capacity and Scalability
Zoom is aware that it has to increase its service capacity and scalability of its offerings, if it has to successfully leverage its current market presence, beyond the COVID-19 crisis. Last week Zoom announced that that it had selected Oracle as its cloud Infrastructure provider. One of the reasons cited for the choice is Oracle’s “industry-leading security”. It has been reported that Zoom is transferring more than 7 PB of data through Oracle Cloud Infrastructure servers daily.
In addition to growing their data centres, Zoom has been using AWS and Microsoft Azure as its hosting providers. Milroy says, “It makes sense for Zoom to use another supplier rather than putting ‘all its eggs in one or two baskets’. Zoom has not shared the commercial details, but it is likely that Oracle has offered more predictable pricing. Also, the security offered by the Oracle Cloud Infrastructure deal is likely to have impacted the choice and it is likely that Oracle has also priced its security features very competitively.”
“It must also be borne in mind that Google, Microsoft and Amazon are all competing directly with Zoom. They all offer video collaboration platforms and like Zoom, are seeing huge growth in demand. Zoom may not wish to contribute to the growth of its competitors any more than it needs to.”
Milroy sees another benefit to using Oracle. “Oracle is known to have a presence in the government sector – especially in the US. Working with Oracle might make it easier for Zoom to win large government contracts, to consolidate its market presence.”
Gain access to more insights from the Ecosystm Cloud Study
The COVID-19 pandemic has highlighted the importance of the telecommunications industry which has now become the backbone of the new normal, both in a social and business sense. The last few months have seen a number of changes including more video usage, location of traffic and time of traffic. Network usage is on the rise and telecom carriers are prioritising on the resilience of their networks and the quality of services offered to their customers.
What goes up must come down
According to Speedtest, global mobile and broadband speeds have suffered as a result of the increase in traffic with speeds dropping in March 2020 for mobile to 30.47 Mbps (from 31.62 Mbps in February) and fixed broadband to 74.64 Mbps (from 75.41 Mbps in February). In Southeast Asia, only Singapore and Vietnam averaged mobile speeds of 54.37 Mbps and 33.97 Mbps respectively, exceeding the global average speeds. As for fixed broadband, Singapore ranked highest globally achieving 197.26 Mbps while Thailand and Malaysia clocked 149.95 Mbps and 79.86 Mbps respectively, trumping the global average speeds.
Southeast Asian carriers increase network efficiency and quality
Singapore. The country’s ICT regulator, Infocomm Media Development Authority (IMDA), reported an increase in internet usage and its intentions to support telecom carriers in boosting network capacity to ensure essential services run smoothly. Priority will be given to high traffic and residential areas where a larger proportion of the population are working from home. The Ministry of Communications and Information (MCI) reported that Singapore has at least 30 percent buffer in network capacity even during peak periods. Major TV operators Mediacorp, Singtel and Starhub have made more content available for free during this period. This may further impact network speeds as customers are consuming more content over wifi (on mobile apps) or over the fibre networks.
Thailand. Part of the country’s public assistance measures during the pandemic, include offering about 30 million mobile subscribers 10GB free data. The National Broadcasting and Telecommunications Commission (NBTC) will also upgrade the speeds of fixed broadband to at least 100 Mbps which is expected to benefit 1.2 million household subscribers. Leading operator Advanced Info Service (AIS) recently announced that it has deployed 5G networks at hospitals to boost network capacity and speeds, and is deploying robots for telemedicine to empower the healthcare system to fight COVID-19.
Malaysia. Maxis and Telekom Malaysia (TM) reported a surge in traffic since the movement control order (MCO) was implemented by the Government on the 18th March 2020. The MCO is expected to run at least until 28th April 2020. TM cited a 30 percent increase in usage attributed to the increase in traffic for streaming, online games and teleconferencing. Leading operators Maxis, Digi, Celcom and U Mobile have offered 1GB free data during the MCO period as part of the Government’s stimulus package. Maxis, TM, Digi and Celcom have also committed significant manpower to ensure that the networks are operating efficiently and to ensure customer support. Leading TV operator Astro has made all movie, news and cartoon networks available to all its customers until the 28th April 2020.
Social distancing fillip for video conferencing
The rise of social distancing has made us all seek new ways to connect, mainly through video chat. Video conferencing traffic is on the rise as it is the next best thing to face-to-face meetings. Microsoft Teams and Zoom have been big benefactors. The American Economic Institute (AEI) notes that Zoom hit some 200 million users daily from a daily average 10 million. Microsoft Teams added some 12 million registrations to a total of 44 million.
Many predict that the home working trend will continue in the recovery stage and beyond, due to improvements in the telecommunications infrastructure and impending rollout of 5G. It is also predicted that the commercial property sector is likely to suffer due to this trend. This period also highlights the critical importance of cybersecurity with increasing occurrences of hacking and fraud. Zoom is being forced to reinforce their privacy and security measures, as an example.
COVID-19 has changed the way we web
On the social front, many are also using video conferencing to communicate with friends and family. Operators relaxing and offering additional data has undoubtedly contributed to the increase in this usage too. Now that many are homebound, network traffic in residential areas are higher than ever. In the past, peak hours of traffic at homes were at night – this has changed with adults and children homebound. Adults are using video conferencing and more voice calls; while children are using elearning, playing games or streaming videos. The European Commission had asked Netflix and other streaming platforms to reduce streaming quality to standard definition (SD). Netflix has assured that it has the capability to manage levels of streaming quality in accordance with the networks quality requirement of individual countries.
Online gaming and video streaming have emerged as winners and have seen an increase in consumption in these times as they provide for entertainment for millions stuck at home. There is tremendous opportunity for both telecom operators and content providers to increase their number of services in this area. Netflix, YouTube, Microsoft Xbox and PlayStation are among the winners in this sector. YouTube provides for a primary news source and commentary on the epidemic for many. Netflix’s stocks are near an all-time high at present.
eCommerce boost for essentials goods and services
The eCommerce sector should see a major improvement in Southeast Asia as physical channels to market have reduced. Emerging economies such as Malaysia and Thailand should see an improvement in services and embrace eCommerce like their mature counterparts. Statista reports that the average Malaysian eCommerce shopper spent just US$159 and Thailand just US$100 on online consumer goods purchases in 2018, considerably lower than the global average of US$634. There is huge opportunity to provide for basic necessities such as online grocery, food and delivery of goods. As a consequence, contactless payment and the transport and logistics sector will be forced to adapt their business operations to ride this wave successfully. As eCommerce transactions diversify and increase in emerging markets, it will give telecom providers an opportunity to keep engaging with platform players.
Telecom carriers are likely to suffer financial losses due to the scale of the disruption COVID-19 has brought about. However, there are some positives takeaways from this period. The increase of network traffic and the changing patterns have driven carriers to better understand network traffic management. The sharp consumer and business onboarding as far as applications and digital services are concerned, has given the digital economy and 5G use cases a shot in the arm. This is likely to spur innovation in services including communications, eCommerce, payments, logistics and healthcare among others.
As far back as in 2018, Tencent had set its eyes on the business customer, starting a Cloud and Smart Industries business group (CSIG). Since then it has not lost focus on what businesses need and has continued to evolve its offerings. Late last year, Tencent Meeting , a video-conferencing app for its enterprise business was launched. This was a savvy move, as it came right after Zoom was blocked from the China market forcing local users to search for in-country alternatives.
Tencent’s Go-to-Market Strategy
Talking about Tencent’s go-to-market strategy, Ecosystm Principal Advisor, Niloy Mukherjee says, “The current leader in the video-conferencing space, Zoom is not available in China so that market alone can sustain an offering like Tencent Meeting. With the popularity of WeChat, Tencent has a huge opportunity to combine conferencing on the desktop and the mobile and I see that as an advantage for Tencent when compared to other players in the market.”
In another savvy move, as enterprises grapple with remote employees and video-conferencing solution grow in importance, Tencent rolled out its video-conferencing solution for the global market. VooV Meeting, the global version of the domestic app Tencent Meeting, was launched in over 100 countries including the larger Asia Pacific markets such as Malaysia, Hong Kong, Singapore and Japan.
Mukherjee says, “At this particular moment in time, the COVID-19 crisis has suddenly brought video-conferencing front and centre. While people are now resorting to it out of compulsion, they are likely to discover that this is a great way to work. As bandwidths and connectivity improve across countries, video-conferencing emerges as a really viable solution. Organisations will soon realise that this technology can help save tremendous amounts of travel and facility rental costs. So, usage is likely to grow exponentially – and it is not a bad time at all for Tencent to enter this market.”
The Video-Conferencing Market is Heating up
The video-conferencing market continues to grow and providers such as Zoom, Microsoft, Google, and Slack have made many of their offerings free. In the current milieu industries such as healthcare, education and professional services are using unprecedented video collaboration tools, both internally and for customer interactions.
Zoom is gaining global popularity with stock prices rising 28% in the last month in an otherwise under-performing global market. Zoom continues to evolve user-friendly features such as the virtual background, forcing other conferencing providers such as Microsoft to emulate them. Microsoft Teams has also seen a steep rise in popularity, with the company reporting over 50% rise in chat volume in the last month.
Ecosystm Principal Advisor, Audrey William says, “Expanding the capabilities beyond video will be critical for a larger market share. Zoom is now expanding its offering to include calling capabilities with Zoom phone. Beyond video, collaboration platforms are growing in importance and Microsoft Teams, as an example, has made the platform feature-rich across voice, video and collaboration capabilities. Users will want features that will make chat, video, voice and collaboration sessions rich and intuitive. If the experience is not good, they will find another platform to use. It will all come down to user experience!”
Tencent is by no means the only tech organisation from China that is eyeing the global market. Recently, Alibaba launched a free international collaboration platform based on their productivity app Dingtalk for medical professionals to share information and advice on prevention and treatment of COVID-19. In a boost to Tencent however, the United Nations (UN) announced that they will be using VooV Meeting to host their online conversations, especially for their initiatives to mark their 75th anniversary – UN75. Not only will the UN use Tencent’s video-conferencing capabilities, they will also leverage other Tencent offerings such as WeChat Work, and Tencent AI SI.
William thinks that the market might be crowded and Tencent will face some challenges. “Tencent’s challenge is that it is entering an established market. To make a mark, it will have to continue to innovate on features, focus on platform security and ensure that the experience is seamless. Tencent announced in January that the solution can support 300 attendees simultaneously. To sustain this and make a bigger push internationally, it will need to work with local partners to help take this product to market.”
“With all the options around, people will not use VooV Meeting just because it is free – they will if they find the features to be unique and the experience brilliant.”
Mukherjee adds, “Tencent is one of the most admired companies in China – it is a top pick for most graduates as their preferred employer and is seen as a better company to work for than other big players in China. This is a reflection of its strong corporate culture and continuing success. Tencent has, so far, had a good track record of competing with the likes of Alibaba and I believe that they will move quickly to muscle in and take a leadership space in the global video-conferencing market.”
Poly’s CEO Joe Burton was in Sydney recently to meet with staff, customers and partners. I had the privilege of interviewing him about the roadmap ahead for the company. Plantronics acquired Polycom for $2 billion at the end of March 2018 and earlier this year at Enterprise Connect, Poly was unveiled as the new brand – the coming together of Plantronics and Polycom. The company prides themselves on the strong engineering heritage they have across their product portfolio. Poly is playing in a large addressable market and these segments include unified communications (UC), video, headsets and contact centres.
Big news last week – Poly and Zoom partnership
At Zoomtopia last week, Zoom announced purpose-built appliances for their Zoom Rooms conference room system. These appliances are custom developed hardware that lets users gather room intelligence and analytics and will simplify installation and management of large-scale conference room deployments. One of the major partnerships for this was with Poly. Joe Burton was on stage with Eric Yuan the CEO of Zoom to unveil the Poly Studio X Series – The X30 (for smaller rooms) and the X50 (for midsize conference rooms).
What is promising about this offering is that the whole concept of launching a meeting by connecting to a screen has become simple. In a world where user experience is everything, simplicity and quality are what end-users expect. The Poly Studio X Series are all-in-one video bars that will simplify the Zoom Rooms experience and will feature Poly Meeting AI capabilities. Some of the features include advanced noise suppression to make it easier to hear human voices while simultaneously blocking out background noise.
For Poly, this is a great partnership given Zoom’s good growth in the Asia Pacific region. Poly is also increasingly deepening their relationships with other major players in the Video and UC market including Microsoft.
Flexible Workspaces and Contact Centres drives the headset market in Asia Pacific
According to JLL, the flexible space sector in Asia Pacific is expanding rapidly. From 2014 to 2017, flexible space stock across the region recorded a CAGR of 35.7% in Asia Pacific – much higher than in the United States (25.7%) and Europe (21.6%) over the same period. When you consider the changes in the modern workplace which include the rise of open flexible workplaces, remote and home working and the rise of freelancers, providing a seamless experience for the office worker will be important – it should be the same for a contractor as it is for full-time staff. As we move into more mobile and agile work practices and with the rise of open offices, headsets will play an important role for the office worker. More organisations across Asia are investing in headsets and whilst it may sound simple to just buy the headsets, it is more sophisticated than that. There is no one-size-fits-all headset and IT managers will have to invest in headsets to suit the persona of employees taking into account the role, workload, use of voice and video services and ultimately their comfort level. Vendors in the headset space are heavily investing in easy-to-use features, more automation, deep workflow integration and machine learning to deliver that experience. The opportunity for headsets does not stop there. In the contact centre space as agents spend long hours on calls, designing the right headset with feature rich AI capabilities will go a long way especially for training and coaching.
The one area Burton emphasised on is how AI and analytics is transforming this market and Poly investing in building these features into the headsets. Some of these examples include:
- Tracking conversations by using analytics to gain insights into long pauses of silence and “overtalking”. The analytics generated from these insights can help for training and coaching.
- AI can help track user behaviour patterns related to noise, volume and mute functions. These patterns can be used to detect problems during the call and could lead to possible training sessions for the agents. It is a great mechanism for supervisors to understand and work through where agents are struggling during the call.
Partnerships to expand their reach into the contact centre markets in the Asia Pacific region will be important. The market for contact centres is seeing a big shift and new entrants are making their presence felt in the Asia Pacific region. Poly will need to capitalise on this and expand their partnerships beyond the traditional vendors to expand their footprints across the contact centre markets.
Asia Pacific – an important growth theatre
Poly continues to win and have some large-scale deployments in Japan, China, India, and ANZ. They have also made several strides to develop what is best fit for the local market in terms of user requirements. With a deep understanding of the Chinese market, Poly released the Poly G200 in September this year which is tailor-made for the Chinese users with easy to use and collaborate solutions. The Poly G200 is the first and significant customised product launched in China, after Poly announced their ‘In China, for China’ strategy. This is a logical move given China is an important market and one that presents its own unique business dynamics.
Conclusion
The shift to mobility and the cloud has changed everything and is driving a new level of user experience. The ability to offer the same and frictionless experience when on the desktop, mobile device as well as other applications is what is driving fierce competition in the market. Users get frustrated when they cannot launch a video session instantly or when there is poor quality in audio. These may sound simple but addressing these frustrations are critical. Vendors in the UC, Collaboration and Video space are working hard to make sure that the experience is seamless when they are inside the office, out of the office and when they are working in open plan offices. Ultimately users want their daily office communication and collaboration solutions to work seamlessly and to integrate well into the various workflows such as Microsoft Teams.
On the contact centre front, Digital and AI initiatives are taking centre stage in nearly every conversation I have had with end-users. Company-wide CX strategy and customer journey mapping and analytics are what CX decision makers are talking about most. Poly is addressing that segment of the market by providing quality headsets coupled with AI to help in coaching and training by identifying trends and bridging the training gaps. There are new vendors starting to disrupt the status quo of some of the more traditional vendors in the contact centre market and hence deepening the partnerships with these new vendors in the contact centre space will be important.
Poly has a good addressable market to go after in unified communications and collaboration with their headsets and extensive range of video solutions. The most important part will be deepening the partnerships with the wide range of vendors in this space and engineering their products to be tightly integrated with their partner ecosystems’. The release of the Studio X series at Zoomtopia is a good example. I am confident that the road ahead for Poly is promising given the deep engineering capabilities the company invests in and how they are taking their partnerships seriously.
Zoom is no stranger in today’s world of video and collaboration. Organisations would have heard of Zoom, trialled the product or are now users of the product for video collaboration. Zoom’s success is built on the simplicity of their technology and the ability of the solution to be deeply embedded within workflows. They have put some serious thoughts into user design and how that experience through the app or when launching the solution from the PC/ laptop allows for a smooth integration to email, calendars as well as other popular collaboration applications (including Slack). The market for cloud videoconferencing is growing rapidly. As the market shifts towards new and more agile ways of working and as co-working spaces rise globally, the need to collaborate and communicate instantaneously without too much hassle and interruptions will be critical. We are living in an era where it will be all about the experience.
Zoom’s share value has risen more than 120% from the $36 IPO debut price. Zoom has been focusing on building a base of high-value customers (those that spend more than USD 100,000 per year for services). In the last quarter alone the number of high-value customers went up by over 17%.
Rapid expansion outside of the ANZ region
Zoom has witnessed rapid growth in the ANZ region in recent years. Demand for the solution continues to come from both medium and large enterprises. Japan will be an important market for Zoom and they are starting to work with some big names in the market such as Rakuten and are expanding on growing their partner network. With a good data centre footprint which is critical for video and collaboration, other key markets for Zoom in Asia include India, South East Asia, Hong Kong and China. Their wins in these markets are from some of the biggest brands and conglomerates. Zoom’s growth in Asia is demonstrating how their cloud-based video solution is becoming the preferred platform, even if IT has already invested in other cloud video offerings. Demand is coming from the lines of business and not necessarily through IT. That is a big differentiator – Zoom being used by lines of business changes the entire sales process. It is now driven by word of mouth and individual user experience and LOBs which then becomes a companywide opportunity for Zoom. When you put that into context, the sheer numbers in terms of users within an organisation becomes large.
The launch of Zoom Phone
Zoom launched their Zoom Phone cloud phone service in Australia, supporting local phone numbers and PSTN access with new metered and unlimited call plans. Customers have the option of using their own carrier or using a Zoom number. The launch of Zoom phone should not be taken lightly by their competitors as they have so far succeeded in pulling customers to their app and impressing them with the user experience. Once the customer is locked into Zoom, the user experience has somehow led them to want to use it even more. With the launch of voice, they are now pushing themselves deeper into an account by creating upsell opportunities in workplace video, collaboration and voice technologies. This allows them to take on UC players across the stack of video, voice and collaboration.
Accelerating deep partnerships with leading cloud innovators
Zoom has strong partnerships with leading cloud platforms. Zoom’s partnership with Dropbox allows customers of both services to start a Zoom Meeting while viewing or working on shared files via shortcuts built into Dropbox’s viewer tool. The Atlassian partnership, for instance, allows Jira Ops to be integrated with Zoom. Users will be able to start a meeting directly from a Jira Ops ticket with anyone associated with the ticket. These are some of the partnerships and it demonstrates how Zoom has thought about other critical cloud apps that are important for day-to-day work and collaboration and the ability that can make Zoom the app that can provide that in-between integration for collaboration.
Ecosystm Comments
Zoom’s architecture is video-first, cloud-native and optimised to process and deliver high-quality video across devices. They reported recently that their approach to video has been uniquely different from that taken by others who have attempted to add a video to an aging, pre-existing conference call or chat tool. Zoom developed a proprietary multimedia router optimised for the cloud that separates content processing from the transporting and mixing of streams.
With the launch of Zoom Phone and the adoption they are witnessing of their video platform, Zoom is set to be a leading provider in video and voice collaboration. We can expect Zoom to further build on the office collaboration stack in the near future. As organisations start deploying solutions from cloud innovators such as AWS, Slack, Microsoft, Google and others, Zoom stands out from that standpoint. They are a cloud innovator that has thought about the issues of the past and the pain points of those using video. The thinking behind user design and simplicity and the integration to workflows has paved the way for the success they are seeing today.
As they grow their presence with some of the largest brands and Fortune 500 companies in the Asia Pacific region, they will also start attracting partners who will want to be part of that journey with them so it’s a win-win for both parties. These partnerships will include a range – from the existing players in the video to other workplace collaboration vendors.
For the fiscal year ended January 31, 2019, Zoom reported that 55% of their 344 high-end customers started with at least one free host prior to subscribing. These 344 customers also contributed to 30% of revenue in that fiscal year.
The journey has just started for Zoom in Asia Pacific and we can expect the next 12 months to be good for them as they expand rapidly across the region.