Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts By :

Stuart O'Brien

Five IT trends to watch in 2020

960 640 Stuart O'Brien

By Alberto Pan, Chief Technical Officer, Denodo 

Edge Computing will emerge as the key to device management 

Next year, devices are set to become smarter than ever before. The use of them is will also increase to new levels. Already, through the collection and analysis of data, these devices – whether they be voice assistants or smart thermostats – are able to learn about our preferences and adjust accordingly. 

But, the volume of data they collect is expected to exceed record levels in 2020. The more devices we use, the harder it becomes to collect all data into a central repository, analyse it and then push the resulting recommendations back to the device. Next year, businesses will need to adopt technologies that execute the compute function on these devices, or on the ‘edge’ of these devices, rather than doing it centrally. This will enable devices to learn and adjust in real-time.  

The use of data fabrics will increase 

In 2020, the search for an effective integration platform to access and utilise data and deal with issues like data security and siloed information will continue. But an increased amount of organisations will look towards using a data fabric to overcome these data challenges.  

By combining historical and real-time data sets across multiple data silos, a data fabric offers a single, secure and consistent data management framework. It reduces data delivery and helps to support the automation of data preparation and integration as well as enabling organisations to focus more on machine learning and artificial intelligence.  

Legacy to Cloud: hybrid, multi-location architecture will become the norm 

In 2020, as the cloud initiative progresses with more and more data migrating to the cloud, the center-of-gravity will shift. The balance will tip towards platforms where the data is spread across both cloud and on-premises data sources.  

Similarly, integration of the data will transition to a multi-location architecture. Unlike traditional data integration technologies, data virtualisation was designed from the beginning to provide data location transparency, data abstraction, and integrated security across multiple locations, which makes it a perfect fit for these scenarios. Therefore, it will take an increasingly important role in hybrid architectures next year. 

Voice technologies will infiltrate the office 

Voice assistants have established themselves as common place in our personal lives. But 2020 will see an increasing amount of businesses turning to them to improve and personalise the customer experience.  

This is because, advances in AI-driven technology and natural language processing are enabling voice interactions to be translated into data. This data can be structured so that conversations can be analysed for insights. 

Next year, organisations will likely begin to embrace conversational analytics to improve their chatbots and voice applications. This will ultimately result in better data-driven decisions and improved business performance. 

Selling information to third-parties using the Data-as-a-Service approach will become a growing source of revenue for big companies 

The effective use of enterprise data for strategic decision making has become a key priority for all big companies in the last few years. As a consequence, companies have created high quality datasets and a sophisticated technology architecture to manage them and expose them to consumers.  Companies have also invested heavily in automating their business processes for greater efficiency.   

In the new year, since many big companies will now own high-value, unique data and services, the next logical step is reusing this infrastructure in order to offer them to third-parties. For instance, we are already seeing telecommunications companies selling customers geolocation data for a variety of purposes. This trend will be significantly accentuated during 2020 in all major industries. 

From the investment standpoint, this will involve higher demand for the technologies involved in creating and exposing data as a service, like GraphQL, Data Virtualization and/or API management tools.

Image by 849356 from Pixabay 

5 Minutes With… James Hart, Business Critical Solutions

960 640 Stuart O'Brien

For the latest instalment of our IT executive interview series we sat down with Business Critical Solutions CEO Jim Hart to talk about his company, industry issues, opportunities and what Peaky Blinders means to the Black Country…

Tell us about your company, products and services

Privately owned, BCS is the only company in the world that is dedicated to optimising digital infrastructure across the globe for our clients. We offer consultancy services, including project management, cost & commercial management and business strategy, across the development, implementation and operation of the IT asset lifecycle and have delivered 1,500mW of IT load of mission critical data centre space in every continent. Our 100% record of repeat business is testament to the quality of our solutions and we nurture the strength and longevity of our client relationships.

What have been the biggest challenges the industry has faced over the past 12 months?

Our recent European wide survey highlighted concerns that a shortage of sufficiently qualified professionals at the design and build stages will cause a bottle neck, with 64% of data centre users and experts believing there is a lack of skilled design and delivery resource.

And what have been the biggest opportunities?

As we see the greater adoption of the Edge there will be deployments of much smaller facilities on a multiple scale. We see that as a real opportunity as it is about managing an ongoing and overarching programme rather than a single project. While the hyperscalers will still be there, we believe this change will start to redefine a data centre going forward. The edge of the network will continue to be at the epicentre of innovation in the data centre space and we are seeing a strong increase in the number of clients coming to us for help with the development of their edge strategy and rollouts. 

What is the biggest priority for the industry in 2020?

The industry will continue to come under pressure from a resource perspective, there is a real lack of new talent coming to the market. We’ve got to start training and become ambassadors for the industry by going in to universities and telling STEM graduates about the data centre industry and how great it is – it’s an exciting place to be and we have to get out there and spread the word. Going into 2020, this issue will become more acute.

What are the main trends you are expecting to see in the market in 2020?

Into 2020 we expect distributed cloud infrastructure to drive edge computing. Allied to the advent of 5G, Edge will start to gain real traction as organisations require near-instant access to data and computing power to serve their customers, and they are increasingly looking to edge computing to provide a suitable infrastructure.

What technology is going to have the biggest impact on the market next year?

The adoption of serverless computing. Serverless computing is predicted to be one of the biggest developments in the cloud space, however, the serverless transition would require a strategic approach. Moving to serverless infrastructure requires an overhaul of traditional development and production paradigm, meaning outsourcing the entire infrastructure to the cloud

In 2023 we’ll all be talking about…?

We will be talking about high-speed mobile internet, artificial intelligence, big data analytics, and cloud technology which are set to spearhead companies’ adoption of new technologies and they will look to machine learning and augmented and virtual reality for considerable business investment.

Which person in, or associated with, the industry would you most like to meet?

The person at CERN who one day thought ‘we haven’t got enough compute power, I know, let’s ask the world if we can borrow their unused processing capacity’, along with downloadable books, one of the first examples of an embryonic cloud.

What’s the most surprising thing you’ve learnt about the sector?

When I first entered the sector, certainly for the first 15 years, it was very conservative with the rate of change very slow. The rate of change over the last 5 years or so has increased exponentially and what is sure one day is no more the day after. 

You go to the bar at the Security IT Summit – what’s your tipple of choice?

A cold pint.

What’s the most exciting thing about your job?

Being at the forefront of change and forging trends.

And what’s the most challenging?

Change.

What’s the best piece of advice you’ve ever been given?

A quote from Ghandi which was along the lines of ‘live as if you were to die tomorrow. Learn as if you were to live forever.’

Peaky Blinders or Stranger Things?

Peaky Blinders, you can’t beat a bit of stylised gangsterism from the black country!

Security IT Summit

Secure your place at the eTailing Summit

960 640 Stuart O'Brien

There’s a free VIP place reserved for you at the eTailing Summit. Can you join us?

11 February 2020 – Hilton London Canary Wharf

This unique event is entirely FREE for you to attend – simply reserve your place here.

  • Source new innovative and budget-saving suppliers
  • Learn from inspirational seminar sessions hosted by industry thought-leaders
  • Network with like-minded ecommerce professionals who share your challenges
  • Enjoy complimentary lunch and refreshments

RSVP now to avoid disappointment!

Security IT Summit Summer 2020 – Secure your place!

960 640 Stuart O'Brien

Registration is now open for the summer 2020 Security IT Summit – don’t miss out on your free place!

Register for your complimentary guest place today.

Our Approach

Taking place on June 30th 2020 at the Hilton London Canary Wharf, the Security IT Summit allows senior professionals to share forward-thinking ideas, meet new partners and discover new ways to underpin their security strategies.

It’s entirely FREE for you to attend and your complimentary guest pass includes:

  • A bespoke itinerary of pre-arranged meetings with product and service providers who match your requirements and upcoming projects
  • Access to a series of seminars by industry thought-leaders
  • Networking with like-minded peers
  • Complimentary lunch and refreshments

How Do I Get Involved?

We have just 60 guest passes available, so register your free place today.

GUEST BLOG: Future proof with a cloud solution before it’s too late

960 640 Stuart O'Brien

Agile business models have never been more important – and for most MSPs the on-premises business is rapidly turning from predictable income stream to concerning business constraint. When it comes to cloud-based versus on-premises, the writing is on the wall – from the opex versus capex argument to better disaster recovery (DR) and enhanced security, most client businesses are heading into the cloud. So just how much longer can your business hold out, asks Mike Wardell, CEO, Giacom..

Cloud is Mainstream

When the majority of new software investment is Software as a Service (SaaS) based, any company still tethered to an on-premises only business model is radically limiting its market. And yes, while the existing client portfolio may still have a few years left to run with on-prem contracts, this is an inevitably dwindling revenue stream.

The fact is that most MSPs are coming under increasing pressure from clients for a cloud-based offering – and for good reason. SME CEOs and CFOs are increasingly aware that traditional on-prem solutions represent not only a financial compromise but also a significant business risk.

In the current uncertain economic situation, financial flexibility is essential. Given the lack of business confidence, capex is rarely an option; yet companies can also not afford to avoid investment essential to maximise new business opportunities. The opex SaaS model is compelling. Rather than the ‘just in case’ investment in storage or capacity or software licenses, the pay as you use cloud model enables SMEs to avoid wasted expenditure while providing the chance to rapidly scale up should business growth demand.

Business Protection

In addition to safeguarding company finances, many SMEs are also looking to the cloud to safeguard business operations. One in five small firms experienced a cyber-attack in the two years up to 2019 – that’s 10,000 attacks every day. From phishing to malware and ransomware, the speed with which the cyber-attack community evolves new threats is astonishing. SMEs simply do not have the resources in people, money or time, to adequately secure the business; nor can individual MSPs, however expert, safeguard clients’ on-prem business infrastructure.

The only way to combat this threat is to leverage the pooled knowledge of thousands of securityexperts operating collaboratively. From the use of artificial intelligence to identify unusual behaviour to email security products that can automatically remediate an identified threat by instantly removing it from every mailbox globally, cloud-based security solutions are leveraging the combined expertise of world leaders in a way that simply cannot be achieved with individual on-prem deployments.

The estimated £4.5 billion cost of these security attacks has also intensified SME awareness of the need for better Business Continuity and Disaster Recovery (BCDR). Typically such strategies have focused on the difficult issue of data backup and restore, and the time it can take to provide employees with access to vital information required to service customers.

Cloud completely changes the focus: cloud-based backup solutions enable vast data resources to be backed up in seconds and restored immediately. Organisations can instead begin to focus on the relocation of the workforce and the way dispersed teams could work together in the event of a disaster. Indeed, the adoption of cloud-based productivity and collaboration tools not only enable a far more flexible BCDR plan, they will also deliver significant day to day benefits, including flexible working policies.

Business Expansion

For MSPs, the growing SME awareness of the benefits of cloud computing is changing the business outlook. When new services and solutions can be provisioned within hours, organisations are less and less willing to incur the cost and upheaval associated with months of on-premises deployment. Add in the importance of flexible financial models and better business protection and the writing is on the wall: most clients will want some, if not all, services to be provisioned through the cloud.

Of course, for MSPs, the change is significant: from commercial models to technical and sales skills, moving to a recurring revenue based model requires both investment and a shift in thinking. But it’s essential for MSPs to recognise the cloud as an opportunity, not a threat. Yes, there is a very real risk that customers will be lost if an MSP cannot offer a cloud solution. But this is not just about meeting a client’s immediate cloud needs.

Working with the right CSP will also enable an MSP to add valuable options to the portfolio, like adding cloud security to existing security audit services, enhancing BCDR solutions or adding collaboration tools. The cloud offers a chance not only to retain existing customers but also significant opportunities to extend the business model, adding much needed new revenue streams.

Shining a spotlight on UK cyber security standards

960 640 Stuart O'Brien

Public sector organisations in the UK are in the midst of changing cyber security regulations. In mid-2018, the Government, in collaboration the NCSC, published a minimum set of cyber security standards. These standards are now mandated, along with a focus on continually “raising the bar”. The standards set minimum requirements for organisations to protect sensitive information and key operational services, which – given the way in which these services are increasingly dispersed – is driving significant changes in public sector network architecture and security.  

In addition to setting today’s ‘minimum’ standards, however, the guidance also sets a target date of 2023 by which public sector organisations will be expected to have adopted a ‘gold-standard’ cyber security profile.

Matt Cable, VP Solutions Architect and MD Europe, Certes Networks, outlines the essential considerations that will help organisations select an encryption solution provider that can easily integrate into any network infrastructure as they migrate from Legacy MPLS to SDN or SD-WAN network architectures...

The Principles

For both public and private sector organisations, customer experience is key. From finance and utilities, to local authorities and smart cities, customer touchpoints are increasingly dispersed, remote and application-driven, necessitating a move from Legacy MPLS to SDN or SD-WAN. However, under the Government’s new minimum cyber security standards framework, ensuring sensitive information and key services are protected is a critical consideration. 

The UK’s National Cyber Security Centre (NCSC) has therefore issued principles for cyber secure enterprise technology to organisations, including guidance on deploying and buying network encryption, with the aim of reducing risks to the UK by securing public and private sector networks. This guidance bears parallels with the US National Institute of Standard and Technology’s (NIST) Cybersecurity Framework and therefore applies equally to US and other federal organisations in a similar scenario. 

Similar to the NIST framework, the NCSC guidance shares the same principle that networks should not be trusted. It recommends that to keep sensitive information protected, encryption should be used between devices, the applications on them, and the services being accessed. IPsec is the recommended method for protecting all data travelling between two points on a network to provide an understood level of security, with further guidance outlining a specific ‘gold-standard’ cipher suite profile known as PRIME.

The guidance is based on the network vendor being CAS(T) certified (CESG (Communications Electronics Security Group) Assured Services (Telecommunications)), which involves an independent assessment focused on the key security areas of service availability, insider attack, unauthorised access to the network and physical attack.

However, there are challenges.

Challenge #1 – Public Sector Adherence to CAS(T)

Many public sector organisations are no longer mandating CAS(T) based services and therefore the risk appetite is expected to be lowered, mainly to support the emergence of internet and SD-WAN suppliers network solutions. This is key as the current NCSC recommendation Foundation standards for IPsec will expire in 2023, and users are being encouraged to move quickly off legacy platforms. 

Challenge #2 – Impact to Cloud Service Providers and Bearer Networks

This guidance, such as the protection of information flows on dedicated links between organisations, also applies to cloud service providers, or in the inter-data-centre connections in such providers’ networks.

The underlying bearer network is assumed not to provide any security or resilience. This means that any bearer network (such as the Internet, Wi-Fi 4/5G, or a commercial MPLS network) can be used. The choice of bearer network(s) will have an impact on the availability that an encrypted service can provide.

Challenge #3 – Partner Collaboration

NCSC explicitly states in its guidance that establishing trustworthy encrypted network links is not just about technology. It is also important that the management of these networks links is carried out by appropriate individuals, performing their assigned management activities in a competent and trusted fashion, from a management system that protects the overall integrity of the system. Thus, for encryption solution providers, the partner’s service credentials impact how the end user may use the technology. 

The Solution

IPsec helps protect the confidentiality and integrity of information as it travels across less-trusted networks, by implementing network-based encryption to establish Virtual Private Networks (VPNs). 

Under PRIME principles, devices which implement cryptographic protection of information using IPsec should:

  • Be managed by a competent authority in a manner that does not undermine the protection they provide, from a suitable management platform
  • Be configured to provide effective cryptographic protection
  • Use certificates as a means of identifying and trusting other devices, using a suitable PKI
  • Be independently assured to Foundation Grade, and operated in accordance with published Security Procedures
  • Be initially deployed in a manner that ensures their future trustworthiness
  • Be disposed of securely

Keeping the network design simple is one of the most effective ways to ensure the network provides the expected security and performance. The use of certificates generated in a cryptographically secure manner allows VPN gateways and clients to successfully identify themselves to each other while helping to mitigate brute force attacks.

Conclusion

There are many encryption solutions to help agencies and federal governments who want to move from Legacy MPLS to SDN or SD-WAN.  Layer 4 encryption, for example, can integrate easily into any network and encrypt data in transit without disrupting performance or replacing the current network architecture.

Selecting a provider that can offer a PRIME compliant solution – such as Layer 4 encryption – is key in conforming to both today and tomorrow’s cyber security standards. And with NCSC starting to treat all networks as untrusted networks (especially those agencies using internet), PRIME is becoming the gold standard for which NCSC will measure regulatory compliance.

Therefore, it is important to consider a vendor that can offer a security solution that is not only compliant but is simple and uncomplicated, minimising disruption, resources and costs.

Do you specialise in Network Security Management? We want to hear from you!

960 640 Stuart O'Brien

Each month on IT Security Briefing we’re shining the spotlight on a different part of the cyber security market – and in December we’re focussing on Network Security Management.

It’s all part of our ‘Recommended’ editorial feature, designed to help IT security buyers find the best products and services available today.

So, if you’re a Network Security Management solutions specialist and would like to be included as part of this exciting new shop window, we’d love to hear from you – for more info, contact Chris Cannon on c.cannon@forumevents.co.uk.

Security IT Summit – Register now for free

960 640 Stuart O'Brien

Registration is now open for the summer 2020 Security IT Summit – don’t miss out on your free place!

Register for your complimentary guest place today.

Our Approach

Taking place on June 30th 2020 at the Hilton London Canary Wharf, the Security IT Summit allows senior professionals to share forward-thinking ideas, meet new partners and discover new ways to underpin their security strategies.

It’s entirely FREE for you to attend and your complimentary guest pass includes:

  • A bespoke itinerary of pre-arranged meetings with product and service providers who match your requirements and upcoming projects
  • Access to a series of seminars by industry thought-leaders
  • Networking with like-minded peers
  • Complimentary lunch and refreshments

How Do I Get Involved?

We have just 60 guest passes available, so register your free place today.

Security IT Summit

Smarter Payments Summit: Registration open!

960 640 Stuart O'Brien

Following an ultra successful debut this year, the Smarter Payments Summit will return in 2020.

Registration is now open for you to book your complimentary guest pass.

Book your FREE place here.

The Summit allows senior payment transaction professionals to share forward-thinking ideas, meet new partners and discover new ways to underpin their strategies.

Date: 8th September 2020

Venue: Hilton London Canary Wharf

It’s entirely FREE for you to attend and your complimentary guest pass includes:

• A bespoke itinerary of pre-arranged meetings with product and service providers who match your requirements and upcoming projects
• Access to a series of seminars by industry thought-leaders
• Networking with like-minded peers
• Complimentary lunch and refreshments
Secure your complimentary pass

We have just 60 guest passes available, so register your free place today.

Global IT security market to hit $151bn in 2023

960 640 Stuart O'Brien

The size of the information security technology market could reach $151.2 billion in 2023, driven by the banking and telecoms sectors.

That’s according to a report from PreciseSecurity.com, which predicts spending in the security technology market will reach $106.6 billion this year. 

The report asserts that information security technology spending continues to move forward with large investments from different companies and organisations around the world, with the whole market growing by 57% 2018 and 2023 from $96.3 billion to $151.2 billion. 

The banking industry is one of the sectors that is expected to invest the largest amount of funds in this market.

“Considering there have been many attempts for hackers to acquire funds from banks, the banking industry is expected to spend the most on security solutions,” say the authors.

The report shows that the industries that will experience the fastest spending growth include government, telecommunications, and resources. They will be growing at a CAGR of 12.5%, 11.9% and 11.0% Compound Annual Growth Rate (CAGR), respectively. 

Although the growth in investment from companies and organizations in the security information technology market is expected to increase, the firms stresses its estimates could be conservative estimations. 

Justinas Baltrusaitis, the editor at PreciseSecurity.com, said: “Increasing investment in security products and services is a natural response to the growing number of various hacks and attacks companies experienced. In my opinion, this projection could be certainly realistic but I am not closed to think this number could be even higher.”