Networking
2020 will be a watershed year for businesses leveraging technology to transform and personalize experiences, deliver improved business outcomes, and drive hyper-efficient operations at the network edge. The explosive growth of IoT devices has established new edge-to-cloud architectures to support where the majority of the world’s data is now being created. This expansion will drive the need for advanced network visibility and control to mitigate the incremental risk caused by an expanding attack surface.
Additionally, automation and orchestration will become increasingly important in order to enhance the effectiveness of corporate security arsenals, improve enterprise-wide network and application availability, and simplify IT operations. AI-powered analytics will increasingly become a natural extension of automation.
– Keerti Melkote, President of Intelligent Edge for HPE and Founder of Aruba Networks
Going forward, forward-thinking enterprises will realize that WAN transformation can unleash the full potential of their investments in SaaS, cloud, digital transformation and IoT initiatives. In 2020 and beyond, enterprises will prioritize WAN transformation based on the returns from accelerating these strategic business investments and initiatives, eradicating productivity losses associated with inconsistent user experiences when utilizing cloud-based services.
When people think of SD-WAN, they typically think of networking together branch offices, retail stores or factories and warehouses. And, we often think of the benefits of SD-WAN in terms of employee productivity gains. However, there are a number of emerging use cases where the SD-WAN edge is being deployed beyond the traditional branch to ships, trains, emergency vehicles or even first-responder backpacks. Whether it’s digital transformation or IoT, there will be an array of business initiatives that will require high-quality, always-on cloud connectivity. This will drive growing awareness of the importance of reliable and high-performance machine-to-machine communications, in parallel with consistent human user-experience. In 2020, this trend will drive WAN transformation beyond the traditional branch into every facet of the new digital enterprise.
Enterprises will continue to retire traditional branch routers in favor of a centrally managed new WAN edge that fully addresses virtually all branch router use cases. In 2020, legacy routers will no longer be required in branch locations, driving the traditional branch router market into decline as enterprises architect and build a new WAN edge based on commodity hardware. Those insisting on going down the path of teaching an old dog new tricks by re-imaging legacy routers with new software will grow increasingly frustrated by deployment and integration challenges.
– David Hughes, Founder and CEO of Silver Peak
AI & ML
In 2020, AI-based, increasingly autonomous security technologies will become more prominent as emerging technologies such as IoT and edge computing applications consume security practitioners who will require a more efficient way to secure their organizations.
AI-powered automation, heightened programmability and the ability to take action based on insights are all attributes of a modern, self-validating network. In 2020, we’ll see continued advancements in the areas of data analysis and security, among others, which will enable the process of network management to go from proactive to predictive, easing the burden on network managers and allowing them to focus their efforts on business-impacting issues.
This will enable IT teams to not only take a proactive stance, but will allow systems to predict when issues will occur based on nuanced patterns, behavior monitoring and network health, easing the pressure on IT resources even more.
– Larry Lunetta, Vice President of Security and Wireless LAN Marketing at Aruba
2020 will be the year research & investment in ethics and bias in AI significantly increases. Today, business insights in enterprises are generated by AI and machine learning algorithms. However, due to these algorithms being built using models and data bases, bias can creep in from those that train the AI. This results in gender or racial bias be it for mortgage applications or forecasting health problems. With increased awareness of bias in data, business leaders will demand to know how AI reaches the recommendations it does to avoid making biased decisions as a business in the future.
– Rana Gupta, APAC Vice President for Cloud Protection and Licensing activity at Thales
Everyone wants a hand in AI, and many emerging businesses have been guilty of “AI-washing” rather than delivering true self-learning and operating smart technology. In 2020, the true AI providers will distinguish themselves from the imposters through capital investments and purchases. As more large telecom companies and enterprises look to utilize advanced AI capabilities for streamlined network operations and connectivity, we will see a spike in M&A deals targeting smaller AI startups in 2020.
– Sally Bament, VP of Service Provider Marketing, Juniper Networks
The next wave of AI, which I expect to start gaining traction in 2020, is empathetic AI. Here, emotional intelligence is injected into AI, personalising interactions and making the subject of the interactions feel important, listened to or respected. If your customers and employees feel heard and understood, your firm has an advantage. The powerful thing about empathetic AI is that it can
deliver unique, customised experiences to a virtually unlimited number of individuals.
– Andy Watson, SVP and GM, SAP Concur Asia Pacific Japan and Greater China
In Von Neumann architecture, memory and processor are separate and the computation requires data to be moved back and forth. With the rapid development of data-driven AI algorithms in recent years, it has come to a point where the hardware becomes the bottleneck in the explorations of more advanced algorithms. In Processing-in-Memory (PIM) architecture, in contrast to the Von Neumann architecture, memory and processor are fused together and computations are performed where data is stored with minimal data movement. As such, computation parallelism and power efficiency can be significantly improved. We believe the innovations on PIM architecture are the tickets to next-generation AI.
Artificial intelligence has reached or surpassed humans in the areas of perceptual intelligence such as speech to text, natural language processing, video understanding etc; but in the field of cognitive intelligence that requires external knowledge, logical reasoning, or domain migration, it is still in its infancy. Cognitive intelligence will draw inspiration from cognitive psychology, brain science, and human social history, combined with techniques such as cross domain knowledge graph, causality inference, and continuous learning to establish effective mechanisms for stable acquisition and expression of knowledge.
– Alibaba DAMO Academy
Cybersecurity
Organizations will keep a close eye on how the regulator will respond to those big cyber incidents following the go live of the General Data Protection Regulation (GDPR). Harsh punishments and penalties will prompt Asia-Pacific companies to get an understanding of their GDPR readiness posture.
China’s Cybersecurity Law comes with an overlay of a specifically Chinese nature, with implications that most Western companies would take time to be familiar with. In addition, China’s legislative and enforcement style – which is written in Chinese, principles-based and involves elements of judgment in its application – means Cybersecurity Law could be complicated for and easily misunderstood by Western companies. The Law requires far reaching change and businesses need to assess their exposure now and begin the complex transition.
– Richard Watson, EY Asia-Pacific Cybersecurity Risk Advisory Leader
Over the past year, those in Asia Pacific have seen a dramatic increase in phishing attacks over SMS, WhatsApp or Facebook messenger — with the messages claiming to be from local banks, telcos and even supermarkets. Hackers have proven to be very capable of evolving to get around increased cybersecurity awareness, and phishing will continue to focus more on SMS and personal messaging services. Phishing attacks by SMS (“SMishing”) will increase by more than 100% in 2020, and we’ll see the first successful spearphishing by video, as hackers leverage new tools like “deep fake” technology to look and sound like a trusted person (ex. a Facetime with an attacker posing as the CEO).
Asia Pacific is poised to become the global leader in IoT spending in 2019 — accounting for 35.7% of worldwide spend. Compounded with an ever-evolving enterprise threatscape, that includes automation, this means that machine identities will become the largest cybersecurity exposure point in 2020, overtaking humans. However, automation, if done correctly by humans, could mitigate much of the risk, and employees will remain the biggest weakness for organizations.
A 2019 Centrify study revealed that 60% of organizations don’t understand the shared responsibility model when it comes to who secures workloads in the cloud. This is an even greater risk in Asia Pacific — where 70% of security decision-makers in large enterprises believe that security provided by cloud providers is enough to protect them from cloud-based threats. This will create a false sense of security in cloud security providers by their customers, as the latter are responsible for securing privileged access to their cloud administration accounts and workloads.
– Daniel Mountstephen, the Regional Vice President of Centrify in Asia Pacific & Japan
Tough enterprise ransomware is not new, attacks that were once the domain of consumers whilst on decline in number have spawned new monetization schemes. As such, ransomware will continue to be a huge issue in 2020. Attackers have realized that business and governments have more valuable information to target, more money for ransom payments and poor cyber hygiene, which indicates 2020 will see an escalation in targeted enterprise ransomware. The Ryuk ransomware alone impacted hundreds of schools, and attackers globally have seen the level of damage they can inflict and the ransom payments to recover are massive! As ransom requests are getting bigger and attackers globally are watching, cyber criminals have moved away from the spray and pray method to become more globally organized from an operations standpoint, securing larger and larger payouts.
The balkanization of the Internet in 2020 will continue due to technological, political, economic and nationalistic agendas. Internet balkanisation refers to the segmentation of one global open Internet into multiple smaller Internets, potentially aligned against geopolitical boundaries. 2020 will see more government efforts to reclaim the Internet with China, Russia and Iran continuing to take technical control over the Internet. Additionally, we will see more balkanization of technology domains to protect national interest and infrastructure. With some countries banning technology from certain Chinese and Russian companies (and the increase in risk from nation-state cyberattacks), we expect to see greater balkanization of the Internet and technology domains.
– Michael Sentonas, VP for Technology Strategy, CrowdStrike
There’s a great lack of trust for digital services in Asia Pacific — with only 31% of consumers believing that their personal data will be handled in a trustworthy manner. Add to that the dramatic increase in cybersecurity breaches spanning across industries (including Toyota, Singapore’s Ministry of Health and Sephora, just to name a few), companies will be looking for new ways to bolster trust among customers and investors, and improve their cybersecurity defences.
Bug bounty programmes will become key to boost consumer trust in digital services, and will see an accelerating uptake in 2020 as a tried-and-tested way to evaluate digital initiatives and assess risks, while establishing trust among stakeholders. In fact, we have already seen instances of start-ups who have been able to boost investor confidence and secure bigger deals through their bug bounty programmes.
In 2020, DevOps and agile security will take centre stage, as traditional security testing struggles to keep pace with fast turnarounds and development cycles required to go to market. To add salt to the wound, the world is facing a severe shortage of cybersecurity skills, with Asia Pacific leading this gap — 2.14 million positions, at last count.
– YesWeHack
While preventative security testing is now becoming a standard part of the DevOps pipeline, organisations will be looking at how they can prepare a quick and effective response in the event that security is breached. Teams will start adopting a proactive response to security breaches, ensuring that they can control further damage, rollback their systems, and restore corrupted data. We will see this type of testing becoming increasingly incorporated into DevOps pipelines and embedded into continuous testing processes, to minimise the impact and cost of a breach.
– Stephen McNulty, President Asia Pacific and Japan at Micro Focus
Healthcare organisations will continue to be hot targets for threat actors, given the sensitivity of the data held by these organisations. As Singapore continues on the journey of digitalising the healthcare sector, there will be more threat actors attempting to find loopholes in the system in order to steal data. Earlier cases of data leaks such as the records of HIV patients as well as the mishandled personal data of blood donors by the Health Sciences Authority (HSA) did not result in data landing in the hands of hackers. However, we may not be as lucky next time. Healthcare is currently the seventh-most targeted industry by cybercriminals according to data from Malwarebytes, and this highlights the growing threat and reason for increased concern about healthcare security as we move into 2020.
We will see an increased use of DeepFake technology for malicious purposes. For example, scammers and malware authors will attempt to sabotage electoral candidates or politicians by spreading falsehoods. There may be more incidents like the controversial video of a Malaysian Minister or even the use of such technology to make women the victims of digital sexual crimes, as DeepFake tech will either be incredibly subtle or incredibly convincing to the point where it would require a lot of digging to determine whether it was fake. Regardless of the tactics for scamming, the real threat will be the attacks on our hearts and minds through social media and media manipulation.
Web skimmers will broaden their impact by going after more e-commerce platforms. Looking at web skimming activity, we see that there is no target too big to take on and that no platform will be spared. As long as there is data to be stolen, criminals will put the effort to either compromise online merchants directly or indirectly, as seen from the Uniqlo breach and Sephora breach earlier this year that saw over 460,000 and 3.7 million leaked records respectively. Although the majority of them silently lurk at the checkout form where customers enter their payment data, we are starting to see skimmers impersonating payment processors and attempting to phish information. As such, we can expect skimmers to use novel attack techniques in future.
– Jeff Hurmuses, Area Vice President and Managing Director, Asia Pacific at Malwarebytes
Cloud jacking and subsequent island hopping will become a more common practice and attackers will look to leverage an organization’s infrastructure and brand against itself. Bluetooth low energy attacks (BLE) will also become more commonplace as hackers look to take advantage of the fact that many IoT devices are dependent on this transmission layer. Access mining-as-a-service will grow as criminals see the utility in purchasing access to compromised environments.
– Tom Kellermann, Cybersecurity Strategist at VMware Carbon Black
Steganography, the process of hiding files in a different format, will grow in popularity as online blogs make it possible for threat actors to grasp the technique. Recent BlackBerry research found malicious payloads residing in WAV audio files, which have been utilized for decades and categorized as benign. Businesses will begin to recalibrate how legacy software is defined and treated and effectively invest in operational security around them. Companies will look for ways to secure less commonly weaponized file formats, like JPEG, PNG, GIF, etc. without hindering users as they navigate the modern computing platforms.
As all sectors increasingly rely on smart technology to operate and function, the gap between the cyber and physical will officially converge. This is evident given the recent software bug in an Ohio power plant that impact hospitals, police departments, subway systems and more in both the U.S. and Canada. Attacks on IoT devices will have a domino effect and leaders will be challenged to think of unified cyber-physical security in a hybrid threat landscape. Cybersecurity will begin to be built into advanced technologies by design to keep pace with the speed of IoT convergence and the vulnerabilities that come with it.
– Josh Lemos, Vice President of Research and Intelligence, BlackBerry Cylance
Privacy
The way the regulatory landscape will evolve in APAC will be especially interesting, given the diversity of the region. If you zoom into the traditional financial sector, for instance, will tighter regulations benefit one billion of the unbanked population? Probably not. If financial institutions can’t use personal data to reach out to these consumers, how will they ever get into the system? In short, the regulatory frameworks like GDPR will simply halt financial inclusion in certain markets. Some countries in the APAC region will need to strike a balance and develop a regulatory framework that benefits the consumers across all socio-economic groups.
– Ben Elliott, Chief Executive Officer, Experian Asia Pacific
As an independent function, with a separate budget to existing IT security and IT management, the Privacy Office plays a critical role in helping organisations navigate the complex regulatory landscape, mitigate risks, and build credibility as advocates of data protection. The Chief Privacy Officer role might even be mandatory for organisations that work with large amounts of consumer data, given the proliferation of high-profile data breaches across public and private sectors in recent years. The good news is privacy program solution suites are becoming increasingly comprehensive and accessible, which will help ease the load for organisations looking to invest in their Privacy Office.
– Stephen McNulty, President Asia Pacific and Japan at Micro Focus
Quantum Computing
2020 will see more data breaches in anticipation of cracking the data when quantum computing becomes cheap and more affordable down the road. With potential breakthroughs like Google’s this year, it’s only a matter of time before more quantum computing power is achieved. When this happens, the encryption techniques used to sign messages and protect encryption keys will be rendered obsolete. In anticipation of that, the year will see an increase in the encrypted communications and encrypted data stolen by hackers as they stockpile information waiting for the tools to unlock it. So, in effect, quantum breaches will have already happened, long before the computing power comes to fruition.
– Rana Gupta, APAC Vice President for Cloud Protection and Licensing activity at Thales
Quantum computers will be able to solve economically important problems next year. This will kick off a new era of investment in accelerating quantum computing development based on the demonstration of practical benefits.
The advanced computing power could prove irresistible to cyber criminals. A survey of IT decision-makers found that 55 percent consider quantum computing an “extremely large” or “somewhat large” threat today. The industry must strengthen encryption algorithms to keep up.
The National Institute of Standards and Technology (NIST) will have standardized a post-quantum cryptography (PQC) algorithm by 2022-2024, kicking off a global effort to deploy it. Companies that have inventoried their cryptographic systems and emphasized cryptographic agility will have a relatively easy time deploying it; others, not so much.
– Tim Hollebeek, Industry and Standards Technical Strategist at DigiCert
Big Data
In the coming years, we’ll see financial institutions investing more time and resources into developing the right data strategies, encompassing three elements: developing the right analytics methodologies that will help classify the data to be used; developing the right modelling techniques and utilizing deployment platforms to test the usability of collected data.
Promised business benefits saw many buying into the big-data dram only to find that they still can’t unlock the value of the information they possess. In 2020, we’ll see a top-down mandate to break down the data logjam and develop cohesive strategies that will help organizations harness massive amounts of information better, through advanced methodology, orchestration and modelling techniques.
– Ben Elliott, Chief Executive Officer, Experian Asia Pacific
5G
The race for next generation 5G wireless technology is getting every day more intense, and 2020 will see incredible progress in its deployment. Telcos around the world will continue to rollout proof-of-concepts, in anticipation of the 5G launches in 2021. We see this increasingly in Asia, with several already launched in Seoul and China, and soon to be in Singapore.
5G brings complexity for network management, introducing a new set of architecture and technologies: SDN, NFV, SDDC, SD-WAN. This increased complexity means that service providers will need to turn to smart DDI solutions to simplify the network management and manage scalability.
A comprehensive, integrated view across platforms will bring enterprises a long way in managing their resources in the network. In the same way, DNS-DHCP-IPAM (DDI) will need to be integrated to automation processes for managing resources and devices across the network. In the age of consolidation, an integrated DDI will go some way towards helping telecom providers achieve their goal of “Zero Touch” operations.
– Nick Itta, Vice President APAC, EfficientIP
The benefits of deploying IoT, edge, 5G and cloud technologies are exemplified in the case of smart cities. With edge computing, a connected traffic light can analyze the data collected by sensors to determine real-time traffic flow. It can then quickly transmit that information to other traffic lights and autonomous cars in the vicinity via 5G and cloud to coordinate the flow of traffic – such as changing the duration of the green light or suggesting a different route to the car – to ease congestion. As more Asian cities ramp up their smart city efforts and organizations become more connected, we are excited to see many other use cases for edge computing (supported by 5G and cloud) in time to come.
– Sandeep Bhargava, Managing Director of Asia Pacific/Japan, Rackspace
When it comes to rolling out 5G services, there isn’t a “one-size-fits-all” approach. As we’ve seen in recent months, many of the top service providers are doing things differently. While some have launched 5G networks using high-band spectrum to deliver high speeds to targeted areas, others have compromised speed with a low band spectrum in order to service a wider coverage area or is betting on the mid-band spectrum. Over the next five years, service providers will have multiple ‘layers’ of 5G coverage, depending on spectrum re-farming and allocations, each with their own benefits and drawbacks. In addition, Dynamic Spectrum Sharing (DSS) will begin to roll out in 2020 and, if successful, will accelerate wider 5G coverage (and allow LTE to remain a workhorse), especially for SPs without low/mid-band spectrum available. One thing is certain: all of these methods will be welcome.
– Sally Bament, VP of Service Provider Marketing, Juniper Networks
Cloud
In 2020, organisations will need to become more mature in their approach to cloud data strategy than ever before. Companies that may have been racing to move a majority of their applications and data to the cloud until now are rightly moving more slowly and strategically, even shifting workloads back to their on-premise data centers. Businesses across geographies and industries are re-evaluating which environment effectively balances their business objectives and workload requirements; realising not every workload needs to go to the cloud, while still enjoying the flexibility and cost value available.
Into 2020 and beyond, developing an overarching cloud data strategy will increasingly become a requirement to continue to be competitive for organisations across Asia Pacific. To optimise their cloud journeys, companies taking the first steps require better insight into their data in order to achieve maximum benefit from cloud deployment.
– Gary Lim, Director, System Engineering, Commvault
Multi-cloud will become the preferred IT foundation for more organizations as they seek to become more agile to keep up with digital disruption. In fact, over 65 percent of enterprises in Asia Pacific (excluding Japan) is expected to use multiple cloud services and platforms by 2021.
For multi-cloud to deliver value, it needs to be integrated, support DevOps, and scale services to meet variable workload demands. Recognizing this, some cloud giants have introduced solutions – such as AWS Outpost, Azure Arc, and Google Anthos – that can ensure consistent development and operations experience across on-premise, private and public clouds. As the competition among cloud hyperscalers to become the provider of choice heats up, we believe that more of such unified, hybrid/multi-cloud tools will be rolled out next year. Those solutions will leverage Kubernetes to provide the scalability and portability needed to effectively support the digital enterprise.
– Sandeep Bhargava, Managing Director of Asia Pacific/Japan, Rackspace
2019 has seen too many cases of enterprises that have moved their data to the cloud, failed to adopt standardised controls and have accidentally left the gate open to malign intruders. According to a study by Cisco, many security teams in the Asia Pacific region are also unaware of the number of vendors or products that exist in their environment. The Philippines and Malaysia lead
the region with the highest percentages of organisations that do not know how many products they use, while Vietnam has the highest percentage that do not know how many vendors they use.
Cloud storage providers, such as Amazon, are improving how they interact with customers – by helping them identify any weaknesses in the configuration of S3 buckets, for example. However, it is likely that failures in compliance and certifications will continue to lead to cyber breaches in 2020. Neither moving to the cloud, nor staying away from the cloud, will necessarily help
companies with their data security. In 2020, enterprises will be better off moving to the cloud in a secure and conscious fashion, making clear decisions about what data they are sending to the cloud and what they want to do with it, rather than just moving information wholesale. Companies should make very conscious decisions about what controls they will be using and what protection is offered by the upstream cloud service provider.
– Jeff Costlow, Deputy Chief Information Security Officer, ExtraHop
