Making multi-cloud secure and successful in the AI era

The future is up in the air, literally. With the rapid ascent of AI, traditional on-premises data centres are simply unable to handle such advanced workloads. Consequently, many businesses are turning to multi-cloud deployment for a more scalable and secure solution — and they are doing so in droves. Almost 90% of enterprises globally currently deploy apps and application programming interfaces (APIs) across multiple sites, according to F5’s latest State of Application Strategy (SOAS) report. This trend is also being echoed in Asia-Pacific, China, and Japan (APCJ), where cloud-based spending is expected to reach US$26.5 billion this year.

While this shift to hybrid and multi-cloud environments has brought about certain benefits, including scalability, flexibility, and control, it is not without its challenges. Enterprises striving to deliver modern, app-based digital experiences must now contend with an alarming “ball of fire” — a convoluted collection of cloud environments, on-premises data centres, and edge sites across which thousands of API-connected applications need to be managed.

In this new hybrid and multi-cloud reality, how can APCJ organisations keep this daunting complexity and its accompanying risks in check?

Rising heat from a growing “ball of fire”

As the “ball of fire” heats up, the first challenge APCJ organisations need to contend with is an increasing lack of visibility. This makes it difficult to assess and determine the root cause of application problems, putting enterprises in a dangerous position where performance, service availability, and customer experience could be compromised. While visibility issues are already common among enterprises with traditional on-premises deployments, distributing a greater number of applications across a growing number of diverse IT environments will only exacerbate this further.

The continuous growth of the “ball of fire” also brings about cybersecurity risks; enterprises expanding operations across multiple environments in turn allow cybercriminals to leverage multiple fronts of attack. These ecosystems, connected by a growing network of APIs, are increasingly targeted by cybercriminals seeking to infiltrate cloud infrastructures. This is reflected in the uptick of API attacks F5 recently witnessed — from October to December 2023, 92% of the attacks mitigated were aimed at APIs, an increase from 73% in the previous quarter.

Adding AI to the mix: Golden goose or Trojan horse?

The rise of AI also adds fuel to the already intense “ball of fire.” Data-rich AI applications make for lucrative targets, and the cost of their compromise is much higher for businesses. At the same time, AI has fueled the growth of applications, which are highly distributed with a mix of data sources, models, and services spread across hybrid and multi-cloud environments. With APIs being the gateway to these applications, APCJ organisations must find ways to secure them against a rapidly changing threat landscape as they deploy more AI services.

While APCJ organisations actively look to reap the benefits of AI, so are cybercriminals. By leveraging AI, cybercriminals have drastically increased the speed, scale, and sophistication of attacks. This makes it easy for them to exploit vulnerabilities in existing defences, for instance by utilising intelligent evasion techniques or overwhelming systems with automated botnets. The only way for enterprises to stay ahead of AI-driven threats is by tapping into AI-powered cybersecurity solutions to rapidly identify and respond to vulnerabilities and attacks. Organisations now find themselves locked in a cat-and-mouse game with attackers — it is a matter of who can build their defences faster than attacks.

Taming the “ball of fire” for success in the AI era

The complex “ball of fire” of multi-cloud deployment presents both opportunities and risks; the key is being able to deliver and secure all applications and APIs across every hybrid and multi-cloud environment. To do so, organisations must invest in comprehensive API security solutions that can protect against a spectrum of threats, from API-targeted cyberattacks to AI-driven vulnerabilities. By leveraging AI technologies themselves, organisations can bolster their defences and stay ahead of sophisticated attacks in this dynamic AI era.

Ultimately, success in this environment hinges on simplifying the management and security of applications and APIs across hybrid and multi-cloud environments. By partnering with experts in API security and embracing AI-driven cybersecurity solutions, APCJ organisations can harness the full potential of AI applications while mitigating the risks associated with an increasingly complex IT ecosystem. This proactive approach will not only safeguard enterprises from potential threats but also position them to thrive in the AI era.