Although we have some of the best minds at SolarWinds, even our Head Geeks are not omniscient when it comes to predicting the future of this fast-moving industry.
However, before looking at the upcoming year, we wanted to take a moment to highlight some of the key trends that have shaped the IT industry over the past 12 months.
The complete adoption of virtualisation, as well as investigation into cloud and other strategies, is far more advanced than expected – particularly amongst SMBs. Making applications truly mobile is redefining how companies think about their IT infrastructure.
Microsoft Office 365 and a number of previously ‘untouchable’ infrastructures that were never considered pliable enough to leave the data centres are now being housed offsite. People not only no longer fear this move, but are actually excited about it. Successful implementations of Office 365 drive more companies to consider the move to offsite. The general feeling for portability and software-based configurability of infrastructure is really beginning to take off.
The security predictions for 2015 went far beyond everyone’s expectations, based on the number of extremely high-profile breaches that were spotlighted in the mainstream media.
Advanced Persistent Threats (APT) was a term that went mainstream in 2014, but the sheer volume of APTs over the past year has taken everyone by surprise. The sophistication of attacks, number of zero day vulnerabilities exploited, and general lack of preparedness on the part of many companies have made these breaches particularly agonising.
These well publicised breaches also caused financial fallouts, which, to a certain extent, were unexpected. This forced many companies to reflect on their previous assumption of “well, what’s the worst that could happen?” They highlighted the notion that if you don’t secure your environment, you not only need to consider the cost implications of the breach, including loss of sales, but you also face the liability of negligence to customers.
On the flip side, these assaults have raised awareness of the need for diligence when it comes to security. They have brought into focus the fact that the possibility of a breach is not only real, but attackers are getting more sophisticated in their methods.
2015 saw a surge in the development of the Internet of Things (IoT). With the advancement of connected cars, buildings, wearable technologies, and healthcare – to name but a few – connected devices have certainly been a hot topic within the technology industry. This ‘game-changing’ technology, which offers both significant cost-savings, as well as productivity enhancements for companies and individuals, is not set to slow down as tech leaders race to stay ahead of the trend.
For two decades, we’ve had it pretty easy as security admins. With a few exceptions, we’ve drawn seething, grey external “Internet” clouds on those Visio diagrams, firewalls, and (relatively) safe internal networks we protect. But that perimeter defence strategy is no longer enough. This past year’s network compromises largely came via 3rd-parties or insider access to nodes behind the firewall.
Early in 2015, there was a lot of discussion about comprehensive security solutions, including auditing, risk assessment, and remediation. But sadly, at year end, not much has changed. J. P. Morgan famously announced plans to double cybersecurity spending to $500 million in 2015, along with similar, if less headline-grabbing efforts by other firms. But spending alone does not address the new vulnerabilities of cloud and the increasing use of SaaS.
Leading businesses began to buck the recommendation to spend more on what they were already doing, and instead, identify and address new challenges of hybrid IT – smore VPNs, loss of east-west traffic analysis, new security policy architectures, Internet-available micro services, and ever-increasing HTTP volume. They found effective network segmentation worth the investment in increased staff hours and slightly more complex troubleshooting, overcoming years of resistance.
There are so many topics that could be tapped into for 2016, but we want to focus on what we at SolarWinds believe will be the top seven industry drivers in the coming 12 months.
DevOps is a software development practice where development and operation teams collaborate on taking the intelligence of how an application runs to inform and improve how the application is being built – in a rapid iterative process. It’s a practice that is growing in both use and discussion; yet engineers, analysts, and product managers are all interpreting DevOps differently.
However, one thing that is clear is that DevOps is about culture, enabling cross-functional teams to quickly deliver value in a sustained manner. Done well, DevOps can lead to teams planning, coding, building, testing, releasing, deploying, operating, and monitoring in a continuous loop. In 2016, businesses will be more aware of the benefits of DevOps, which will lead to more places implementing it.
Businesses and IT organisations continue to struggle to integrate the DevOps culture, but, slowly, they’re realising the potential competitive advantages of continuous delivery and continuous integration. 2016 will whet the appetite of both big and small businesses to embrace DevOps as the benefits, such as faster time to market and reduced support costs in the long run, become clearer.
Over the past few years, cloud migration has been a big topic, as everyone from large enterprises to SMEs moved to the cloud. Furthermore, businesses which hadn’t migrated to the cloud were at least thinking about it. Now, most businesses are aware of the cloud and what benefits it can bring to business.
Following the security hacks of 2015, it’s almost a foregone conclusion that during 2016 a cloud service provider will become victim to a breach, which will have a huge impact on the full range of businesses that rely on them. The repercussions of a breach of this type will be increased due to the fact that many businesses have been so keen to move to cloud services so quickly that many haven’t invested enough time and money in security protocol and data encryption. Therefore, with cloud vendors connecting so much data, it’s just a matter of time before it happens – and we find out about it.
Finally, we believe there will be a move by large industry players (we’re watching Amazon Web Services, Azure, and Heroku who have all experienced significant growth this year) to create cloud offerings. However, they’ll need to have sufficient amounts of capital behind this move to provide an effective and secure solution. Rushing to get the services to market means they could lack substance and be extremely vulnerable to breaches.
As we approach the end of 2015 and move into 2016, technology company consolidations are proving to be growing rapidly with an increasing number of mergers and acquisitions. Technologies such as IoT, cloud computing, and the overall digitisation of everything are becoming a requirement in order to remain competitive, resulting in an increased convergence of IT companies.
2015 saw a surge of mergers and acquisitions within the tech industry. According to an EY research study, the percentage of technology executives expecting to pursue acquisitions more than doubled in 2015, and is set to continue to grow into 2016. Shrinking margins are pushing IT companies to buy, sell, and grow in order to meet the challenges of an innovative and efficient business.
Looking forward into 2016, deals in the technology space are being driven by a number of desires; greater access to valuable IP, talent procurement, product enhancement, disruption, and expansion are just some of the primary motivators. As M&As increase, particularly amongst leaders, the boundaries between tech and other industries are blurred by advances towards disruptive innovations such as healthcare IT, mobile payments, and cybersecurity.
Moving through 2015 and into 2016, the speed of IoT development has already revealed security issues. Within business, the recent Gartner report agreed that IT professionals struggle to maintain control of their networks as the BYOD trends grow beyond just mobile phones, making the countless endpoints difficult to manage, monitor, and control.
With everything now being connected in some way to the Internet, and even the network, the IoT trend is becoming every hacker’s dream, creating a pathway to potentially harmful data when in the wrong hands. These threats don’t just affect the workplace, but personal and public space too. Gartner recently stated that “by year-end 2018, 20 per cent of smart buildings will have suffered from digital vandalism” e.g. plunging buildings into darkness and defacing digital signage. These hacks may just seem like only nuisances at the moment, but the recent memorable car hacking of a Jeep on the highway put the potential safety threat into context as the lack of protection and security for individuals was publicly demonstrated.
As the race to be ahead of the game of innovative IoT solutions continues, it’s predicted that hacks, which affect personal safety will continue to emerge. Whether it is a thermostat turning itself off in the middle of winter, controlling a car remotely, or a hospital device hack, the dangerous lack of security within IoT will make the need for human intervention and network management a much higher priority.
Containers, from tech players like Google, Docker, CoreOS, and Joyent, have become a key area of discussion in the cloud computing space. Organisations across all major industries, from finance to e-commerce, want to better understand what containers are, and how they can best be used for IT operations scenarios. This growth in awareness, and the success of disruptive webscale companies like Google, Amazon, and Netflix have led to increased evaluations in IT organisations to try and glean some differentiated value from integrating containers.
Put simply, a container consists of an entire runtime environment (an application, its dependencies, libraries and other binaries, and configuration files needed to run it) bundled into one package. This move to containerisation puts pressure on the ability to understand what tools are available (e.g. Kubernetes, Chef, Puppet), as well as how they can be best implemented.
We predict the future for containerisation is in education and better understanding how to best utilise them for their applications and services. Organisations, while able to experience container services as a reaction, need to better understand that there is an event that has been detected as a trigger. While some may be reluctant to adopt containers due to a familiarity with virtualisation, containers are much more lightweight, and use far fewer resources than virtual machines. Arguably, containers can be seen as the key to the OpenStack kingdom.
Due to increasing and changing threats to enterprise security remains a key concern for 2016, with the expectation that we are likely to see a continued rise in targeted attacks – whether politically or emotionally motivated. With the digitisation of healthcare and the growth of IoT in the public sector, hospitals are becoming increasingly connected, and, therefore, increasingly at risk. There have already been high-profile hacks of US hospitals, including UCLA, and reports that drug pumps used in the UK can be hacked and controlled. Hospital networks are increasingly relied upon to manage x-rays, Bluetooth-enabled defibrillators, and temperature settings on blood and drug storage units; therefore, opening themselves up for severe breaches.
Similarly, healthcare records hold a gold mine of data that is valuable to an attacker. Medical records and patient data are some of the worst protected personal information on file anywhere. As healthcare systems become digitised, they become the most vulnerable they have ever been. Therefore, in 2016, it is extremely important that security remains front-of-mind, and encryption is used for a healthy future.
Cloud is no longer the next big thing, it’s well past the height of its hype-cycle. In 2015, it truly became just another tool in the IT pro toolbox. More importantly, management came to trust it in terms of availability and security, and budget managers discovered the “Joy of Elastic Scalability” – the flexibility to scale up or down as required.
With step one of cloud under our belts (migrating existing applications running on local hypervisors) IT is embracing and trying to enable ubiquitous and on-demand services, the real opportunity of cloud. Today, we spend billions on packaged application licencing, and, although we can easily scale instances to meet demand, that’s not necessarily true of the apps running in those instances.
In 2016, we’ll see more and more businesses looking to bypass the model of apps simply running in the cloud. They’re already migrating to fully managed services like Amazon RDS and Azure SQL, and away from private Oracle, SQL Server, and MySQL boxes.
Next year will bring further experimentation with cloud native database systems, queues, communication brokers, distributed cache, and other foundational cloud technologies. The possibility for paying for only what you eat is too attractive to miss.
Head Geeks, SolarWinds
Photo Credit: alphaspirit/Shutterstock