The cloud will most commonly be used in a hybrid manner by 2020, according to a Gartner report, emphasizing that operating entirely off the cloud will largely disappear by the end of the decade.
Today, most provider technology innovation is cloud-centric, with the intent of retrofitting the technology to on-premises. "Aside from the fact that many organizations with a no-cloud policy actually have some under-the-radar or unavoidable cloud usage, we believe that this position will become increasingly untenable," said Jeffrey Mann, research vice president at Gartner. "Cloud will increasingly be the default option for software deployment. The same is true for custom software, which increasingly is designed for some variation of public or private cloud."
“By 2020, a corporate "no-cloud" policy will be as rare as a "no-internet" policy is today,” Gartner says. “Technology providers will increasingly be able to assume that their customers will be able to consume cloud capabilities.”
Gartner predicts that, by 2019, more than 30 percent of the 100 largest vendors' new software investments will have shifted from cloud-first to cloud-only.
The now well-established stance of cloud-first in software design and planning is gradually being augmented or replaced by cloud-only. This also applies to private and hybrid cloud scenarios.
The IT research and advisory company also foresees that, by 2020, more computing power will have been sold by IaaS and PaaS cloud providers than sold and deployed into enterprise data centers.
The Infrastructure as a Service market has been growing more than 40 percent in revenue per year since 2011, and it is projected to continue to grow more than 25 percent per year through 2019. By 2019, mostf virtual machines (VMs) will be delivered by IaaS providers. By 2020, the revenue for IaaS and Platform as a Service (PaaS) will exceed $55 billion — and likely surpass revenue for servers.
The new security paradigm
Cloud adoption and the widespread usage of hybrid infrastructures will bring unknown security challenges that CIOs have to prevent by adopting breakthrough technologies able to fight zero-day exploits, Advanced Persistent Threats, and other devastating types of cybercrime.
"Information security teams and infrastructure must adapt to support emerging digital business requirements, and simultaneously deal with the increasingly advanced threat environment," said Neil MacDonald, vice president and Gartner Fellow Emeritus, cited by Business Insights. "Security and risk leaders need to fully engage with the latest technology trends if they are to define, achieve and maintain effective security and risk management programs that simultaneously enable digital business opportunities and manage risk."
According to predictions published last December by Bitdefender’s CTO, Bogdan Dumitru, in 2016 the enterprise environment will see an increase of targeted attacks and strongly obfuscated bots, with a short lifespan and frequent updates. Most of these attacks will specialise in information theft. Attackers will be in and out of an organisation in a few days, maybe even hours. APT, which currently stands for Advanced Persistent Threats, should change to Advanced Penetration Threats, or even BA for Blitzkrieg Attacks, he saId. Bitdefender is the only security company that provides security at the ring-1 level and prevents your company from becoming the next victim.
Hybrid infrastructures have become the major common architecture in the enterprise environment, with the hypervisor now sitting as an intermediary between virtualized endpoints and physical hardware. But endpoint security has not, until now, experienced the same paradigm shift. Traditional network-level security may run as a virtual appliance, but still essentially performs inspection of network traffic just as it did before. Traditional security agents running in protected systems may offload scanning to a virtual appliance for performance, but are still constrained by technical limitations of running within the endpoint operating system.
Until now, the very concept of endpoint security was constrained to security agents running within a host OS on endpoints – the Windows and Linux servers and desktop operating systems upon which every modern organization depends – or as network devices, and attackers have been taking advantage.
Bitdefender has solved the technical challenges of creating a solution to the root problem, giving datacenter owners the ability to know what they don’t know, and act on information from below the operating system. With agentless protection running outside the host OS, this radical new approach redefines endpoint security. Citrix’s XenServer API facilitates virtual machine introspection from a security virtual appliance. Bitdefender built Hypervisor-based Introspection (HVI) to take advantage of the virtual machine introspection feature included in Citrix Xen Server.
Gartner states in its “Host-Based Controls for Server Workloads Ready for Hybrid IT” report published in April 2016:
“Platform, hypervisor and OS integrity checks are excellent controls for systems over which you have lost end-to-end control, such as in colocated systems. Additionally, this control can, to some extent, defend against certain high-impact malware. Furthermore, it is currently the only safeguard that can verify the integrity of a (formerly) trusted hypervisor. Thus, this control is most feasible for application architectures where the integrity of the hypervisor or of the hardware is of any concern (e.g., high-risk applications in colocated systems or, where supported, public clouds).”
“Hypervisor introspection is a giant leap towards revolutionizing security as we know it. Virtualization technology continues to evolve, with increased levels of automation and comprehensive frameworks for managing the virtualized environment more efficiently. In this context, the hypervisor-based introspection technology is a future-proof advancement with numerous applications in other fields and industries,” says Bitdefender’s Head of Antimalware and Antispam Labs, Viorel Canja.
Recent research from accountancy firm EY shows that CIOs are extremely concerned that cybercriminals can spend months inside organizations, storing away information for a future attack or piecing data together that will get them to the prize they are after. They will also create measures to protect themselves from detection. Sometimes they create diversionary tactics to draw your attention away from what they are doing and where they have succeeded, while these cyberattacks impact business decisions, mergers/acquisitions and competitive positions.