security

IT spending priorities point to cyber, cloud and data – TechTarget


Cybersecurity and cloud, unsurprisingly, rank as tech professionals’ top IT spending categories, but data management joins those perennial investment drivers on this year’s urgent to-do list.

TechTarget’s global 2023 “IT Priorities Survey” polled more than 1,600 respondents, about half of which work for North American companies. For the North American contingent, 63% cited cybersecurity as a broad technology initiative that has become more important over the past two years — making it the No. 1 choice out of two dozen categories. Cloud — including compute, storage and applications — ranked second on the list, with nearly half of respondents pointing to that technology. Ransomware protection, a subset of cybersecurity, placed third.

Data management and governance ranked fourth among the top-rated IT initiatives in North America and edged ransomware protection for third worldwide. In contrast, big data management ranked outside the top ten investment drivers in the 2020 “IT Priorities Survey.”

Graphic showing important IT initiatives
Cybersecurity and cloud top the list of key IT initiatives.

TechTarget’s poll included respondents in Asia Pacific (APAC); Europe, the Middle East and Africa (EMEA); Latin America (LATAM); and North America (NA).

Other survey findings include the following:

  • In cybersecurity, multifactor authentication (MFA) and zero-trust identity topped the list of identity-related initiatives scheduled for deployment in the next 12 months. In the information management discipline, data governance, data analytics/business intelligence (BI) and data quality were the top areas for near-term deployment.
  • Cybersecurity and cloud migration were the two functions for which respondents said they were most inclined to use third-party partners such as MSPs.
  • About half of the North American IT professionals polled expect technology budgets to increase in 2023 compared with last year. Less than 10% of those polled in North America and worldwide expect budgets to shrink this year.

Cyber and cloud top the charts

Cybersecurity and cloud are often mentioned in the same breath when it comes to key spending areas. In 2022, a survey conducted by TechTarget’s Enterprise Strategy Group (ESG) identified cybersecurity as the leading technology sector for increased investment, followed by public cloud applications. Those technologies also ranked first and second in ESG’s 2021 spending plans survey, but with cloud ahead of security.

The 2023 TechTarget “IT Priorities Survey” keeps that run going. Cybersecurity remains a pressing concern for IT managers and business leaders. Heightened legal exposure, as exemplified by the Uber data breach coverup, has made cybersecurity a board-level agenda item. The emergence of supply chain attacks and the increasing volume of reported vulnerabilities also help elevate cybersecurity as an IT investment.

Cloud’s endurance, meanwhile, reflects its role as the core technology of many enterprise IT strategies. Indeed, just over half of the survey respondents have adopted a cloud-first approach. Another push comes from digital transformation initiatives, which typically rely on the cloud platforms as change agents.

The nature of cloud projects, however, is shifting from mass migration to refinement and optimization.

Simplifying cloud architecture

Vishal Saxena, CTO at Canoe Intelligence, has seen this shift firsthand. When Saxena arrived at the New York-based company, it was already in the AWS cloud, but the architecture had evolved over time and needed an overhaul. Canoe, which provides AI technology for extracting data from investment documents, used a mix of AWS EC2, S3, RDS, MySQL, DynamoDB, Ansible, Elasticsearch and various configuration tools.

“We are talking about a number of components [and] a significant amount of operational overhead required to deploy new infrastructure,” Saxena said. “How do you rearchitect and optimize?

Canoe embarked on a project to simplify its architecture, removing redundant components and adopting infrastructure as code (IaC). As for IaC, Canoe uses HashiCorp’s Terraform, which automates cloud provisioning and management. Canoe’s pursuit of IaC makes it somewhat unusual. Only 11% of the North American IT professionals polled in TechTarget’s survey said they plan to implement that technology in the next 12 months — a bit below the global average of 13%.

Readers Also Like:  Board of Visitors discusses topics on research growth, campus ... - news.vt.edu

As a result of Canoe’s AWS reboot, the company’s developers can deploy cloud infrastructure and code changes within minutes versus hours — or, potentially, days, Saxena noted. Developers also can devote more time to feature development. And, as a financial kicker, the simplified architecture reduces Canoe’s monthly cloud infrastructure costs by 25%.

Deploying multi-cloud networking

Improving an existing cloud deployment was also the focus at Covetrus, an animal health technology company based in Portland, Maine. The company operates a born-in-the-cloud veterinary pharmacy business, distributes veterinary supplies and offers practice management software.

Stephen Crowley, CIO of global technology solutions at Covetrus, said the company’s cloud and e-commerce environment became increasingly complex as the company grew. “In the early days of our company, we encouraged developers to innovate and explore tools as they developed cloud-native applications in AWS, Google Cloud Platform and Microsoft Azure,” he said.

But Covetrus needed to interconnect the various apps with each other and with e-commerce systems.

“In that kind of petri dish environment, you quickly can get to chaos,” Crowley said. “We started connecting everything — multi-clouds, multi-commerce — with cloud networking tunnels. We became really complex to the point that we were brittle.”

We started connecting everything — multi-clouds, multi-commerce — with cloud networking tunnels. We became really complex to the point that we were brittle.
Stephen CrowleyCIO of global technology solutions, Covetrus

Covetrus deployed Aviatrix’s multi-cloud networking software, which made it possible for the company to move away from layers of individual cloud networking connectors. The approach takes “all the spaghetti out,” providing a single entry point for connecting the company’s cloud and commerce environments, Crowley said. Simplified networking makes it easier to diagnose and troubleshoot the company’s cloud ecosystem, while also facilitating product launches, including a new B2B commerce capability, he added.

The TechTarget survey suggested IT managers will be turning more frequently to multi-cloud networking software. That technology ranked third on the list of North American cloud, edge and application-centric networking initiatives slated for deployment within 12 months. Only software-defined WAN and edge networking were rated higher.

Data management emerges as priority

Data management’s emergence among the top-ranked IT priorities comes as AI and machine learning (ML) appear set to enter the mainstream. But the effective adoption of those technologies depends on data — a requisite that may explain the heightened interest reflected in the TechTarget survey.

“A lot of the time, when we talk about [AI/ML] products or services, what comes to mind is AI algorithms under the hood,” said Nurtekin Savas, head of enterprise data science at Capital One, which deploys ML for anomaly detection, among other use cases. “But what’s also critically, equally and sometimes even more important, is the data itself.”

In North America, data governance surfaced as the No. 1 information management technology scheduled for deployment in the next 12 months. Data governance sets standards and policies for managing the availability, usability and security of enterprise data. Data analytics/BI platforms and data quality rounded out the top three in TechTarget’s poll.

Graphic showing top information management initiatives
Data governance gains status as organizations prepare for AI/ML work.

Adopting best practices for ML data

“High-quality machine learning starts with clean data,” Savas said.

Accordingly, data cleansing and the quality of metadata — models need to know what data they’re using and why — rank among the best practices for developing AI/ML products, Savas noted. So, too, does standardization.

Readers Also Like:  Transcript: National Security Adviser Jake Sullivan on "Face the Nation," July 16, 2023 - CBS News

“Standardizing data elements is critical,” he said. “The more standardized it is, the faster and more efficiently we can use it.”

Standardization across different data sets means data scientists can more quickly join them together to create a bigger data set for use in ML models. Combining data sets lets models gather a more holistic understanding of the user, especially when used in deep learning architectures such as transformers, Savas said. “It’s one of those things that we’re focused on,” he added.

Other important practices include monitoring — an aspect of data governance — to watch for changes in the data that can stem from a shift in consumer trends, macroeconomic events or business process changes, Savas said. Monitoring can flag stale AI/ML models that need updating. When monitoring detects a change point — i.e., an abrupt variation in data — a developer can be alerted to retrain and redeploy the model.

Savas also emphasized discoverability as a key data tenet. The cleanest, most standardized data will do an organization little good if users can’t find it. Data security and discovery ranked fourth on the list of North American respondents’ information management priorities.

Identity management priorities: MFA and zero trust

Stolen credentials were among the top five data breach types in Verizon’s “2022 Data Breach Investigations Report.” Such attacks have increased interest in identity-related security measures. Nearly half of TechTarget’s North American survey respondents identified MFA as their top deployment priority in that security category. Zero-trust identity ranked second, with 39% of those polled citing that technology.

Graphic showing top identity-based security priorities
MFA and zero trust emerge as the top two categories for planned investment.

Pete Hoff, CISO and global vice president of security and managed services at Wursta, a technology advisory firm in Austin, Texas, said his company is enabling MFA for a large number of clients. Wursta, a Google premier partner, specializes in cloud and digital workspace design.

Wursta’s SMB clients may need some encouragement to use MFA. “The vast majority of customers tell us they are concerned with implementing the solution,” he said. “They think it is difficult.”

But, in the Google ecosystem, implementation is simple, Hoff said. With Google Workspace, for instance, MFA is an option that can be switched on from the admin console. He recommends MFA enforcement as well as enablement. An enforcement option, which prevents access to Workspace without MFA, can be activated immediately or scheduled for activation after an initial MFA-optional period.

Hoff also suggested organizations follow up on MFA with a zero-trust offering such as Google’s BeyondCorp Enterprise (BCE). Huff said this technology provides user access context across three levels: the user, the device and the sensitivity of the data to be accessed. BCE lets organizations break out those levels separately and create access rules for each, based on context, Hoff noted. The zero-trust product supports clouds such as AWS and Azure, as well as Google.

Service providers plug cyber, cloud gaps

As organizations pursue their IT priorities, they often do so with staffing constraints. External partners, however, play a staff augmentation role. The IT professionals TechTarget surveyed identified cybersecurity as the No. 1 technology investment that would likely involve a managed service or other third-party provider, with about a third of the respondents citing cybersecurity as where they might need outside help. Cloud management/migration was No. 2 on the help-wanted list.

Graphic showing technology investments involving managed services
Organizations are most likely to use managed services in cybersecurity and cloud migration.

IT departments frequently lack technical depth in cybersecurity and also face a dearth of cloud skills, making outsourcing a common remedy.

Readers Also Like:  Apple announces powerful new privacy and security features - Apple

In the case of Canoe’s cloud architecture redesign, the company hired ClearScale, an AWS consulting partner based in San Francisco, for assistance. ClearScale performed an audit of Canoe’s AWS environment and started the company down the IaC track.

Saxena said Canoe had some in-house expertise to take on the reimagining of its AWS cloud. But the overhaul would have taken a year, based strictly on Canoe’s resources. Additional capacity from ClearScale cut that timeline in half. And ClearScale’s background in cloud migration and optimization minimized the project’s risk, he added.

“We increased the chances of success by leveraging someone who had done modernization before,” Saxena said.

For Covetrus, working with Aviatrix established a partnership that got its multi-cloud networking initiative quickly underway.

“Within 30 days, we had mapped out an architecture, working together, that we all felt would work,” Crowley said.

He said Aviatrix focused on collaboration, rather than only focusing on nailing down contractual terms

“It wasn’t about a professional services deal,” Crowley said. “It was about how do you work together. We did get to an agreement, but that wasn’t the first order of business.”

Half of IT pros cite budget increases

A business’s ability to realize its IT priorities depends on available funding. TechTarget’s tech budget outlook reveals that about half of the survey respondents, globally, expect their funding to increase in 2023. The EMEA and Latin American results showed some regional variations. In EMEA, 44% of the respondents predicted an increase in IT spending, while 12% expected a decrease and 31% anticipated no budget change this year. The Russia-Ukraine war and inflation have put European IT budgets under pressure.

LATAM is also a budget outlier: Sixty-three percent of respondents expect an IT budget increase and 26% forecast spending growth in excess of 20%. Caution should be used with the LATAM results, as the survey sample was the smallest in the TechTarget survey and the region encompasses an economically diverse set of more than two dozen countries. For example, among the largest regional economies, inflation rates vary from 5.6% in Brazil and 7.76% in Mexico to 11.9% in Chile and more than 100% in Argentina.

Graphic show IT budget trends worldwide
The IT budget outlook varies somewhat by region.

With such high inflation rates, “companies may be increasing their budget just to buy essential technologies,” said Lizzette Pérez Arbesú, TechTarget’s executive editor for Mexico and LATAM.

On the other hand, cloud newcomers could help explain the budget growth projections. SMBs, for example, might be investing more in cloud and digitalization technologies, she said. Businesses budgeting for the cloud this year, starting from a base limited previous investment, could contribute to a spike in spending.

Marco Santos, CEO Americas at GFT, a digital transformation company with operations in Brazil, Costa Rica and Mexico, said consumers — and their digital habits — are the biggest factor influencing LATAM’s IT spending. The majority of consumers in that region, he said, “are quick to embrace any modern, digital technology that is introduced to them.”

The expected budget growth reflects LATAM companies’ shift to larger scale digital transformation projects, from AI to open banking, as consumers demand new digital experiences, Santos added.



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.