Skip to content
Advertisements

Posts from the ‘Amazon Web Services’ Category

The Truth About Privileged Access Security On AWS And Other Public Clouds

Bottom Line: Amazon’s Identity and Access Management (IAM) centralizes identity roles, policies and Config Rules yet doesn’t go far enough to provide a Zero Trust-based approach to Privileged Access Management (PAM) that enterprises need today.

AWS provides a baseline level of support for Identity and Access Management at no charge as part of their AWS instances, as do other public cloud providers. Designed to provide customers with the essentials to support IAM, the free version often doesn’t go far enough to support PAM at the enterprise level. To AWS’s credit, they continue to invest in IAM features while fine-tuning how Config Rules in their IAM can create alerts using AWS Lambda. AWS’s native IAM can also integrate at the API level to HR systems and corporate directories, and suspend users who violate access privileges.

In short, native IAM capabilities offered by AWS, Microsoft Azure, Google Cloud, and more provides enough functionality to help an organization get up and running to control access in their respective homogeneous cloud environments. Often they lack the scale to fully address the more challenging, complex areas of IAM and PAM in hybrid or multi-cloud environments.

The Truth about Privileged Access Security on Cloud Providers Like AWS

The essence of the Shared Responsibility Model is assigning responsibility for the security of the cloud itself including the infrastructure, hardware, software, and facilities to AWS and assign the securing of operating systems, platforms, and data to customers. The AWS version of the Shared Responsibility Model, shown below, illustrates how Amazon has defined securing the data itself, management of the platform, applications and how they’re accessed, and various configurations as the customers’ responsibility:

AWS provides basic IAM support that protects its customers against privileged credential abuse in a homogenous AWS-only environment. Forrester estimates that 80% of data breaches involve compromised privileged credentials, and a recent survey by Centrify found that 74% of all breaches involved privileged access abuse.

The following are the four truths about privileged access security on AWS (and, generally, other public cloud providers):

  1. Customers of AWS and other public cloud providers should not fall for the myth that cloud service providers can completely protect their customized and highly individualized cloud instances. As the Shared Responsibility Model above illustrates, AWS secures the core areas of their cloud platform, including infrastructure and hosting services. AWS customers are responsible for securing operating systems, platforms, and data and most importantly, privileged access credentials. Organizations need to consider the Shared Responsibility Model the starting point on creating an enterprise-wide security strategy with a Zero Trust Security framework being the long-term goal. AWS’s IAM is an interim solution to the long-term challenge of achieving Zero Trust Privilege across an enterprise ecosystem that is going to become more hybrid or multi-cloud as time goes on.
  2. Despite what many AWS integrators say, adopting a new cloud platform doesn’t require a new Privileged Access Security model. Many organizations who have adopted AWS and other cloud platforms are using the same Privileged Access Security Model they have in place for their existing on-premises systems. The truth is the same Privileged Access Security Model can be used for on-premises and IaaS implementations. Even AWS itself has stated that conventional security and compliance concepts still apply in the cloud. For an overview of the most valuable best practices for securing AWS instances, please see my previous post, 6 Best Practices For Increasing Security In AWS In A Zero Trust World.
  3. Hybrid cloud architectures that include AWS instances don’t need an entirely new identity infrastructure and can rely on advanced technologies, including Multi-Directory Brokering. Creating duplicate identities increases cost, risk, and overhead and the burden of requiring additional licenses. Existing directories (such as Active Directory) can be extended through various deployment options, each with their strengths and weaknesses. Centrify, for example, offers Multi-Directory Brokering to use whatever preferred directory already exists in an organization to authenticate users in hybrid and multi-cloud environments. And while AWS provides key pairs for access to Amazon Elastic Compute Cloud (Amazon EC2) instances, their security best practices recommend a holistic approach should be used across on-premises and multi-cloud environments, including Active Directory or LDAP in the security architecture.
  4. It’s possible to scale existing Privileged Access Management systems in use for on-premises systems today to hybrid cloud platforms that include AWS, Google Cloud, Microsoft Azure, and other platforms. There’s a tendency on the part of system integrators specializing in cloud security to oversell cloud service providers’ native IAM and PAM capabilities, saying that a hybrid cloud strategy requires separate systems. Look for system integrators and experienced security solutions providers who can use a common security model already in place to move workloads to new AWS instances.

Conclusion

The truth is that Identity and Access Management solutions built into public cloud offerings such as AWS, Microsoft Azure, and Google Cloud are stop-gap solutions to a long-term security challenge many organizations are facing today. Instead of relying only on a public cloud provider’s IAM and security solutions, every organization’s cloud security goals need to include a holistic approach to identity and access management and not create silos for each cloud environment they are using. While AWS continues to invest in their IAM solution, organizations need to prioritize protecting their privileged access credentials – the “keys to the kingdom” – that if ever compromised would allow hackers to walk in the front door of the most valuable systems an organization has. The four truths defined in this article are essential for building a Zero Trust roadmap for any organization that will scale with them as they grow. By taking a “never trust, always verify, enforce least privilege” strategy when it comes to their hybrid- and multi-cloud strategies, organizations can alleviate costly breaches that harm the long-term operations of any business.

Advertisements

AWS Certifications Increase Tech Pay Up To $12K A Year

AWS Certifications Increase Tech Pay Up To $12K A Year

  • AWS and Google certifications are among the most lucrative in North America, paying average salaries of $129,868 and $147,357 respectively.
  • Cross-certifying on AWS is providing a $12K salary bump to IT professionals who already have Citrix and Red Hat/Linux certifications today
  • Globally, four of the five top-paying certifications are in cloud computing.

These and many other insights of which certifications provide the highest salaries by region of the world are from the recently published Global Knowledge 2019 IT Skills and Salary ReportThe report is downloadable here (27 pp., PDF, free, opt-in). The methodology is based on 12,271 interviews across non-management IT staffs (29% of interviews), mid-level professionals including managers and team leads (43%), and senior-level and executive roles (28%) across four global regions. For additional details regarding the study’s methodology, please see page 24 of the report.

Key insights from the report include the following:

  • Cross-certifying on AWS is providing a $12K salary bump to IT professionals who already have Citrix and Red Hat/Linux certifications. Citrix certifications pay an average salary of $109,546 and those earning an AWS certification see a $12,339 salary bump on average. Red Hat/Linux certification-based jobs pay an average of $113,165 and are seeing an average salary bump of $12,553.  Cisco-certified IT professionals who gain AWS certification increase their salaries on average from $101,533 to $111,869, gaining a 10.2% increase. The following chart compares the salary bump AWS certifications are providing to IT professionals with seven of the more popular certifications (please click on the graphic to expand for easier reading).

  • AWS and Google certifications are among the most lucrative in North America, paying average salaries of $129,868 and $147,357 while the most popular are cybersecurity, governance, compliance, and policy. 27% of all respondents to Global Knowledge’s survey have at least one certification in this category. Nearly 18% are ITIL certified. In North American, the most popular certification categories beyond cybersecurity are CompTIA, Microsoft, and Cisco. The following table from the report provides an overview of salary by certification category (please click on the graphic to expand for easier reading).

  • AWS Certified Solutions Architect – Associate is the most popular AWS certification today, with 72% of respondents having achieved its requirements. Certified Solutions Architect – Associate leads the top five most commonly held AWS certifications today according to the survey. AWS Certified Developer – Associate (33%), AWS Certified SysOps Administrator – Associate (24%), AWS Certified Solutions Architect – Professional (16%) and AWS Certified Cloud Practitioner round out the top five most common AWS certifications across the 12,271 global respondents to the Global Knowledge survey.

10 Charts That Will Change Your Perspective Of Amazon’s Patent Growth

10 Charts That Will Change Your Perspective Of Amazon's Patent Growth

  • Since 2010 Amazon has grown its patent portfolio from less than 1,000 active patents in 2010 to nearly 10,000 in 2019, a ten-fold increase in less than a decade.
  • Amazon heavily cites Microsoft, IBM, and Alphabet, with 39%, 32% and 28% of Amazon’s total Patent Asset Index
  • Amazon’s patent portfolio is dominated by Cloud Computing, with the majority of the patents contributing to AWS’ current and future services roadmap. AWS achieved 41% year-over-year revenue growth in the latest fiscal quarter, reaching $7.6B in revenue.

Patents are fascinating because they provide a glimpse into potential plans, and roadmaps tech companies are considering. Amazon has one of the most interesting patent portfolios today that encompass a wide spectrum of technologies, from aircraft technology, drones, cloud computing, to machine learning. Interested in learning more about Amazon’s unique patent portfolio, I contacted PatentSight, a LexisNexis company, one of the leading providers of patent analytics and provider of the PatentSight analytics platform used for creating the ten charts shown below.

  • Amazon patents grew at a Compound Annual Growth Rate (CAGR) of above 35% between 2010 and 2019. PatentSight’s analysis shows that Amazon’s patent portfolio has increased tenfold in the last decade, and is comprised entirely of organic patents with only a small percentage gained from acquisitions. PatentSight also finds that Amazon’s patents have a falling average quality as measured by their Competitive Impact score shown on the vertical axis of the chart below. As Amazon’s patent portfolio has grown, there has been a downward trend of quality. William Mansfield, Head of Consulting and Customer Success at LexisNexis PatentSight explains why. “To maintain a high quality when growing the portfolio is difficult, as each patent would need to be equally as good as or better than the previous,” he said. Mr. Mansfield’s analysis found that Amazon’s portfolio has an average Competitive Impact of 2 today, double the PatentSight database average of 1.

  • Amazon’s patent portfolio is unique in that 100% of it is protected in the U.S. “The protection strategy of Amazon is also uncommon. While it can be the case that US firms tend to be US-centric, Amazon is an extreme case,” said William Mansfield. It’s surprising how many Amazon patents are active only in the USA (86%) and invented in the USA and active only in the USA (81%). William explained that “one factor for this US-centricity could be the great acceptance of software patents in the USA, we do also see high US-only filing for other tech giants, but are a level of around 60% vs. Amazon’s 86%.”

  • PatentSight found that the majority of the Amazon portfolio falls in the 2nd decile of Competitive Impact (top 20% – 10%). Comparable technology-based organizations have a higher density of patents in the top 10% of Competitive Impact, which is another unusual aspect regarding Amazon’s patent growth. “This is unusual compared to other big tech companies which have more in the top 10%, it could be Amazon is holding onto more lower value assets than required,” William Mansfield remarked.

  • Amazon’s patent citations most often cite Microsoft, IBM, and Alphabet, with 39%, 32% and 28% of Amazon’s total Patent Asset Index. Interesting that PatentSight’s analysis finds the reciprocal is not the case. A much smaller percentage of companies cite Amazon in return. This can be attributed to a few other firms having the breadth and depth of patent development that Amazon does today.  PatentSight found that less than 10% of their respective portfolios even mention Amazon.  William Mansfield explains that “one factor here is the larger size of these companies, vs. Amazon. However, even in absolute terms, Microsoft and IBM cite Amazon much less than the other way round. However, citation value is close to equal in absolute terms between Amazon and Alphabet.”

  • Relying on patents to keep AWS’ rapid growth going appears to be Amazon’s high priority patent strategy today. As can be seen from the portfolio below, Cloud Computing patents dominate Amazon’s patent portfolio today. In the latest fiscal quarter ending March 31, 2019, AWS delivered $7.9B in revenue and$2.2B in operating income, growing 41% year-over-year. “Amazon’s ongoing developments in alternative delivery methods in Urban Logistics and Drones are noteworthy with Drones being one area of particular strength in the portfolio as seen from the high Competitive Impact, despite the smaller portfolio size,” notes William Mansfield.

  • Amazon’s prioritization of cloud computing, AI, and machine learning patents is evident when 18 years of patent history is compared. The proliferation of AI and machine learning-based services on the AWS platform is apparent in the trend line starting in 2014. The success of Amazon’s SageMaker machine learning platform is a case in point. Amazon SageMaker enables developers and data scientists to quickly and easily build, train, and deploy machine learning models at scale.

  • Amazon is already one of the top 10 patent holders in Drone technology, just behind Alphabet and Toyota Motors. PatentSight defines Drone technology as encompassing aviation, autonomous robots, and autonomous driving. Amazon’s rapid ascent in this area is attributable to the logistics and supply chain efficiencies possible when Drones and their related technologies are applied to their supply chain’s more complex challenges.

  • PatentSight finds that FinTech is an area of long-standing strength in the Amazon patent portfolio, attribute to their payment systems being the backbone of their e-commerce business. Reflecting how diverse their business model has become, Amazon is now one of the top 15 patent holders in this area due to cloud computing, AI, and machine learning taking precedence. “FinTech is a highly competitive field with many established players, and while Amazon is not in the top 10, but top 15 players, it’s still an impressive achievement,” said William Mansfield.

  • Amazon’s patent portfolio in speech recognition encompasses Alexa, its related patents, and Amazon Lex, an AWS service used for creating conversational interfaces for applications. Alphabet, Apple, Microsoft, and Samsung are patent leaders, according to PatentSight’s analysis. The fact that Amazon is in the top 10 speaks to the level of activity and patent production going on in the Alexa research and development and product teams.

  • Amazon’s patent strategy is eclectic yet always anchored to cloud computing to make AWS the platform of choice. The following selected patens reflect how broad the Amazon patent portfolio is. What each share in common is a reliance on AWS as the platform to ensure service consistency, reliability, and scale. An example of this is their patents Video Game Streaming.

CIO’s Guide To Stopping Privileged Access Abuse – Part I

CIOs face the paradox of having to protect their businesses while at the same time streamlining access to the information and systems their companies need to grow. The threatscape they’re facing requires an approach to security that is adaptive to the risk context of each access attempt across any threat surface, anytime. Using risk scores to differentiate between privileged users attempting to access secured systems in a riskier context than normal versus privileged credential abuse by attackers has proven to be an effective approach for thwarting credential-based breaches.

Privileged credential abuse is one of the most popular breach strategies organized crime and state-sponsored cybercrime organizations use. They’d rather walk in the front door of enterprise systems than hack in. 74% of IT decision makers surveyed whose organizations have been breached in the past say it involved privileged access credential abuse, yet just 48% have a password vault. Just 21% have multi-factor authentication (MFA) implemented for privileged administrative access. These and many other insights are from Centrify’s recent survey, Privileged Access Management in the Modern Threatscape.

How CIOs Are Solving the Paradox of Privileged Credential Abuse

The challenge to every CIO’s security strategy is to adapt to risk contexts in real-time, accurately assessing every access attempt across every threat surface, risk-scoring each in milliseconds. By taking a “never trust, always verify, enforce least privilege” approach to security, CIOs can provide an adaptive, contextually accurate Zero Trust-based approach to verifying privileged credentials. Zero Trust Privilege is emerging as a proven framework for thwarting privileged credential abuse by verifying who is requesting access, the context of the request, and the risk of the access environment.

By taking a least privilege access approach, organizations can minimize attack surfaces, improve audit and compliance visibility, and reduce risk, complexity, and the costs of operating a modern, hybrid enterprise. CIOs are solving the paradox of privileged credential abuse by knowing that even if a privileged user has entered the right credentials but the request comes in with risky context, then stronger verification is needed to permit access.

Strategies For Stopping Privileged Credential Abuse

The following are five strategies CIOs need to concentrate on to stop privileged credential abuse. Starting with an inventory of privileged accounts and progressing through finding the gaps in IT infrastructure that create opportunities for privileged credential abuse, CIOs and their teams need to take preemptive action now to avert potential breaches in the future.

In Part 1 of a CIO’s Guide to Stopping Privileged Access Abuse, below are the steps they can take to get started:

  1. Discover and inventory all privileged accounts and their credentials to define who is accountable for managing their security and use. According to a survey by Gartner, more than 65% of enterprises are allowing shared use of privileged accounts with no accountability for their use. CIOs realize that a lack of consistent governance policies creates many opportunities for privileged credential abuse. They’re also finding orphaned accounts, multiple owners for privileged credentials and the majority of system administrators having super user or root user access rights for the majority of enterprise systems.
  2. Vault your cloud platforms’ Root Accounts and federate access to AWS, Google Cloud Platform, Microsoft Azure and other public cloud consoles. Root passwords on each of the cloud platforms your business relies on are the “keys to the kingdom” and provide bad actors from inside and outside the company to exfiltrate data with ease. The recent news of how a fired employee deleted his former employer’s 23 AWS servers is a cautionary tale of what happens when a Zero Trust approach to privileged credentials isn’t adopted. Centrify’s survey found that 63% or organizations take more than a day to shut off privilege access for an employee after leaving the company. Given how AWS root user accounts have the privilege to delete all instances immediately, it’s imperative for organizations to have a password vault where AWS root account credentials are stored. Instead of local AWS IAM accounts and access keys, use centralized identities (e.g., Active Directory) and enable federated login. By doing so, you obviate the need for long-lived access keys.
  3. Audit privileged sessions and analyze patterns to find potentially privileged credential sharing or abuse not immediately obvious from audits. Audit and log authorized and unauthorized user sessions across all enterprise systems, especially focusing on root password use across all platforms. Taking this step is essential for assigning accountability for each privileged credential in use. It will also tell you if privileged credentials are being shared widely across the organization. Taking a Zero Trust approach to securing privileged credentials will quickly find areas where there could be potential lapses or gaps that invite breaches. For AWS accounts, be sure to use AWS CloudTrail and Amazon CloudWatch to monitor all API activity across all AWS instances and your AWS account.
  4. Enforce least privilege access now within your existing infrastructure as much as possible, defining a security roadmap based on the foundations of Zero Trust as your future direction. Using the inventory of all privileged accounts as the baseline, update least privilege access on each credential now and implement a process for privilege elevation that will lower the overall risk and ability for attackers to move laterally and extract data. The days of “trust but verify” are over. CIOs from insurance and financial services companies recently spoken with point out that their new business models, all of them heavily reliant on secured Internet connectivity, are making Zero Trust the cornerstone of their future services strategies. They’re all moving beyond “trust but verify” to adopt a more adaptive approach to knowing the risk context by threat surface in real-time.
  5. Adopt multi-factor authentication (MFA) across all threat surfaces that can adapt and flex to the risk context of every request for resources. The CIOs running a series of insurance and financial services firms, a few of them former MBA students of mine, say multi-factor authentication is a must-have today for preventing privileged credential abuse. Their take on it is that adding in an authentication layer that queries users with something they know (user name, password, PIN or security question) with something they have (smartphone, one-time password token or smart card), something they are (biometric identification like fingerprint) and something they’ve done (contextual pattern matching of what they normally do where) has helped thwart privileged credential abuse exponentially since they adopted it. This is low-hanging fruit: adaptive MFA has made the productivity impact of this additional validation practically moot.

Conclusion

Every CIO I know is now expected to be a business strategist first, and a technologist second. At the top of many of their list of priorities is securing the business so it can achieve uninterrupted growth. The CIOs I regularly speak with running insurance and financial services companies often speak of how security is as much a part of their new business strategies as the financial products their product design teams are developing. The bottom line is that the more adaptive and able to assess the context of risks for each privilege access attempt a company’s access management posture can become, the more responsive they can be to employees and customers alike, fueling future growth.

The State Of Cloud Business Intelligence, 2019

  • An all-time high 48% of organizations say cloud BI is either “critical” or “very important” to their operations in 2019.
  • Marketing & Sales place the greatest importance on cloud BI in 2019.
  • Small organizations of 100 employees or less are the most enthusiastic, perennial adopters and supporters of cloud BI.
  • The most preferred cloud BI providers are Amazon Web Services and Microsoft Azure.

These and other insights are from Dresner Advisory Services’ 2019 Cloud Computing and Business Intelligence Market Study. The 8th annual report focuses on end-user deployment trends and attitudes toward cloud computing and business intelligence (BI), defined as the technologies, tools, and solutions that rely on one or more cloud deployment models. What makes the study noteworthy is the depth of focus around the perceived benefits and barriers for cloud BI, the importance of cloud BI, and current and planned usage.

“We began tracking and analyzing the cloud BI market dynamic in 2012 when adoption was nascent. Since that time, deployments of public cloud BI applications are increasing, with organizations citing substantial benefits versus traditional on-premises implementations,” said Howard Dresner, founder, and chief research officer at Dresner Advisory Services. Please see page 10 of the study for specifics on the methodology.

Key insights gained from the report include the following:

  • An all-time high 48% of organizations say cloud BI is either “critical” or “very important” to their operations in 2019. Organizations have more confidence in cloud BI than ever before, according to the study’s results. 2019 is seeing a sharp upturn in cloud BI’s importance, driven by the trust and credibility organizations have for accessing, analyzing and storing sensitive company data on cloud platforms running BI applications.

  • Marketing & Sales place the greatest importance on cloud BI in 2019. Business Intelligence Competency Centers (BICC) and IT departments have an above-average interest in cloud BI as well, with their combined critical and very important scores being over 50%. Dresner’s research team found that Operations had the greatest duality of scores, with critical and not important being reported at comparable levels for this functional area. Dresner’s analysis indicates Operations departments often rely on cloud BI to benchmark and improve existing processes while re-engineering legacy process areas.

  • Small organizations of 100 employees or less are the most enthusiastic, perennial adopters and supporters of cloud BI. As has been the case in previous years’ studies, small organizations are leading all others in adopting cloud BI systems and platforms.  Perceived importance declines only slightly in mid-sized organizations (101-1,000 employees) and some large organizations (1,001-5,000 employees), where minimum scores of important offset declines in critical.

  • The retail/wholesale industry considers cloud BI the most important, followed by technology and advertising industries. Organizations competing in the retail/wholesale industry see the greatest value in adopting cloud BI to gain insights into improving their customer experiences and streamlining supply chains. Technology and advertising industries are industries that also see cloud BI as very important to their operations. Just over 30% of respondents in the education industry see cloud BI as very important.

  • R&D departments are the most prolific users of cloud BI systems today, followed by Marketing & Sales. The study highlights that R&D leading all other departments in existing cloud BI use reflects broader potential use cases being evaluated in 2019. Marketing & Sales is the next most prolific department using cloud BI systems.

  • Finance leads all others in their adoption of private cloud BI platforms, rivaling IT in their lack of adoption for public clouds. R&D departments are the next most likely to be relying on private clouds currently. Marketing and Sales are the most likely to take a balanced approach to private and public cloud adoption, equally adopting private and public cloud BI.

  • Advanced visualization, support for ad-hoc queries, personalized dashboards, and data integration/data quality tools/ETL tools are the four most popular cloud BI requirements in 2019. Dresner’s research team found the lowest-ranked cloud BI feature priorities in 2019 are social media analysis, complex event processing, big data, text analytics, and natural language analytics. This years’ analysis of most and least popular cloud BI requirements closely mirror traditional BI feature requirements.

  • Marketing and Sales have the greatest interest in several of the most-required features including personalized dashboards, data discovery, data catalog, collaborative support, and natural language analytics. Marketing & Sales also have the highest level of interest in the ability to write to transactional applications. R&D leads interest in ad-hoc query, big data, text analytics, and social media analytics.

  • The Retail/Wholesale industry leads interest in several features including ad-hoc query, dashboards, data integration, data discovery, production reporting, search interface, data catalog, and ability to write to transactional systems. Technology organizations give the highest score to advanced visualization and end-user self-service. Healthcare respondents prioritize data mining, end-user data blending, and location analytics, the latter likely for asset tracking purposes. In-memory support scores highest with Financial Services respondent organizations.

  • Marketing & Sales rely on a broader base of third party data connectors to get greater value from their cloud BI systems than their peers. The greater the scale, scope and depth of third-party connectors and integrations, the more valuable marketing and sales data becomes. Relying on connectors for greater insights into sales productivity & performance, social media, online marketing, online data storage, and simple productivity improvements are common in Marketing & Sales. Finance requiring integration to Salesforce reflects the CRM applications’ success transcending customer relationships into advanced accounting and financial reporting.

  • Subscription models are now the most preferred licensing strategy for cloud BI and have progressed over the last several years due to lower risk, lower entry costs, and lower carrying costs. Dresner’s research team found that subscription license and free trial (including trial and buy, which may also lead to subscription) are the two most preferred licensing strategies by cloud BI customers in 2019. Dresner Advisory Services predicts new engagements will be earned using subscription models, which is now seen as, at a minimum, important to approximately 90% of the base of respondents.

  • 60% of organizations adopting cloud BI rank Amazon Web Services first, and 85% rank AWS first or second. 43% choose Microsoft Azure first and 69% pick Azure first or second. Google Cloud closely trails Azure as the first choice among users but trails more widely after that. IBM Bluemix is the first choice of 12% of organizations responding in 2019.

Public Cloud Soaring To $331B By 2022 According To Gartner

Gartner is predicting the worldwide public cloud services market will grow from $182.4B in 2018 to $214.3B in 2019, a 17.5% jump in just a year. Photo credit: Getty

  • Gartner predicts the worldwide public cloud service market will grow from $182.4B in 2018 to $331.2B in 2022, attaining a compound annual growth rate (CAGR) of 12.6%.
  • Spending on Infrastructure-as-a-Service (IaaS) is predicted to increase from $30.5B in 2018 to $38.9B in 2019, growing 27.5% in a year.
  • Platform-as-a-Service (PaaS) spending is predicted to grow from $15.6B in 2018 to $19B in 2019, growing 21.8% in a year.
  • Business Intelligence, Supply Chain Management, Project and Portfolio Management and Enterprise Resource Planning (ERP) will see the fastest growth in end-user spending on SaaS applications through 2022.

Gartner’s annual forecast of worldwide public cloud service revenue was published last week, and it includes many interesting insights into how the research firm sees the current and future landscape of public cloud computing. Gartner is predicting the worldwide public cloud services market will grow from $182.4B in 2018 to $214.3B in 2019, a 17.5% jump in just a year. By the end of 2019, more than 30% of technology providers’ new software investments will shift from cloud-first to cloud-only, further reducing license-based software spending and increasing subscription-based cloud revenue.

The following graphic compares worldwide public cloud service revenue by segment from 2018 to 2022. Please click on the graphic to expand for easier reading.

Comparing Compound Annual Growth Rates (CAGRs) of worldwide public cloud service revenue segments from 2018 to 2022 reflects IaaS’ anticipated rapid growth. Please click on the graphic to expand for easier reading.

Gartner provided the following data table this week as part of their announcement:

  • Business Intelligence, Supply Chain Management, Project and Portfolio Management and Enterprise Resource Planning (ERP) will see the fastest growth in end-user spending on SaaS applications through 2022.  Gartner is predicting end-user spending on Business Intelligence SaaS applications will grow by 23.3% between 2017 and 2022.  Spending on SaaS-based Supply Chain Management applications will grow by 21.2% between 2017 and 2022. Project and Portfolio Management SaaS-based applications will grow by 20.9% between 2017 and 2022. End-user spending on SaaS ERP systems will grow by 19.2% between 2017 and 2022.

Sources: Gartner Forecasts Worldwide Public Cloud Revenue to Grow 17.5 Percent in 2019 and Forecast: Public Cloud Services, Worldwide, 2016-2022, 4Q18 Update (Gartner client access)

2018 Roundup Of Cloud Computing Forecasts And Market Estimates

Cloud computing platforms and applications are proliferating across enterprises today, serving as the IT infrastructure driving new digital businesses. The following roundup of cloud computing forecasts and market estimates reflect a maturing global market for cloud services, with proven scale, speed and security to support new business models.

CIOs who are creating compelling business cases that rely on cloud platforms as a growth catalyst is the architects enabling these new business initiatives to succeed. The era of CIO strategist has arrived. Key takeaways include the following:

  • Amazon Web Services (AWS) accounted for 55% of the company’s operating profit in Q2, 2018, despite contributing only 12% to the company’s net sales. In Q1, 2018 services accounted for 40% of Amazon’s revenue, up from 26% three years earlier. Source: Cloud Business Drives Amazon’s Profits, Statista, July 27, 2018.

  • 80% of enterprises are both running apps on or experimenting with Amazon Web Services (AWS) as their preferred cloud platform. 67% of enterprises are running apps on (45%) and experimenting on (22%) the Microsoft Azure platform. 18% of enterprises are using Google’s Cloud Platform for applications today, with 23% evaluating the platform for future use. RightScale’s 2018 survey was included in the original data set Statista used to create the comparison. Source: Statista, Current and planned usage of public cloud platform services running applications worldwide in 2018. Please click on the graphic to expand for easier viewing.

  • Enterprise adoption of Microsoft Azure increased significantly from 43% to 58% attaining a 35% CAGR while AWS adoption increased from 59% to 68%. Enterprise respondents with future projects (the combination of experimenting and planning to use) show the most interest in Google (41%). Source: RightScale 2018 State of the Cloud Report. Please click on the graphic to expand for easier viewing.

  • Wikibon projects the True Private Cloud (TPC) worldwide market will experience a compound annual growth rate of 29.2%, reaching $262.4B by 2027. The firm predicts TPC growth will far outpace the infrastructure-as-a-service (IaaS) growth of 15.2% over the same period. A true private cloud is distinguished from a private cloud by the completeness of the integration of all aspects of the offering, including performance characteristics such as price, agility, and service breadth. Please see the source link for additional details on TPC. Source: Wikibon’s 2018 True Private Cloud Forecast and Market Shares. Please click on the graphic to expand for easier viewing.

  • Quality Control, Computer-Aided Engineering, and Manufacturing Execution Systems (MES) are the three most widely adopted systems in the cloud by discrete and process The survey also found that 60% of discrete and process manufacturers say their end users prefer the cloud over on-premise. Source: Amazon Web Services & IDC: Industrial Customers Are Ready For The Cloud – Now (PDF, 13 pp., no opt-in, sponsored by AWS). Please click on the graphic to expand for easier viewing.

  • The Worldwide Public Cloud Services Market is projected to grow by 17.3 3% in 2019 to total $206.2B, up from $175.8B in 2018 according to Gartner. In 2018 the market will grow a healthy 21% up from $145.3B in 2017 according to the research and advisory firm. Infrastructure-as-a-Service (IaaS) will be the fastest-growing segment of the market, forecasted to grow by 27.6% in 2019 to reach $39.5B, up from $31B in 2018. By 2022, Gartner expects that 90% of enterprises purchasing public cloud IaaS will do so from an integrated IaaS and Platform-as-a-Service (PaaS), and will use both the IaaS and PaaS capabilities from that provider. Source: Gartner Forecasts Worldwide Public Cloud Revenue to Grow 17.3 Percent in 2019.

  • More than $1.3T in IT spending will be directly or indirectly affected by the shift to cloud by 2022. 28% of spending within key enterprise IT markets will shift to the cloud by 2022, up from 19% in 2018. The largest cloud shift before 2018 occurred in application software, particularly driven by customer relationship management (CRM) software, with Salesforce dominating as the market leader. CRM has already reached a tipping point where a higher proportion of spending occurs in the cloud than in traditional software. Source: Gartner Says 28 Percent of Spending in Key IT Segments Will Shift to the Cloud by 2022.

  • IDC predicts worldwide Public Cloud Services Spending will reach $180B in 2018, an increase of 23.7% over 2017. According to IDC, the market is expected to achieve a five-year compound annual growth rate (CAGR) of 21.9% with public cloud services spending totaling $277B in 2021. The industries that are forecast to spend the most on public cloud services in 2018 are discrete manufacturing ($19.7B), professional services ($18.1B), and banking ($16.7B). The process manufacturing and retail industries are also expected to spend more than $10B each on public cloud services in 2018. These five industries will remain at the top in 2021 due to their continued investment in public cloud solutions. The industries that will see the fastest spending growth over the five-year forecast period are professional services (24.4% CAGR), telecom (23.3% CAGR), and banking (23.0% CAGR). Source: Worldwide Public Cloud Services Spending Forecast to Reach $160 Billion This Year, According to IDC.
  • Discrete Manufacturing is predicted to lead all industries on public cloud spending of $19.7B in 2018 according to IDC. Additional industries forecast to spend the most on public cloud services this year include Professional Services at $18.1B and Banking at $16.7B. The process manufacturing and retail industries are also expected to spend more than $10B each on public cloud services in 2018. According to IDC, these five industries will remain at the top in 2021 due to their continued investment in public cloud solutions. The industries that will see the fastest spending growth over the five-year forecast period are Professional Services with a 24.4% CAGR, Telecommunications with a 23.3% CAGR, and banking with a 23% CAGR. Source: Worldwide Public Cloud Services Spending Forecast to Reach $160 Billion This Year, According to IDC.

Additional Resources:

Machine Learning’s Greatest Potential Is Driving Revenue In The Enterprise

  • Enterprise investments in machine learning will nearly double over the next three years, reaching 64% adoption by 2020.
  • International Data Corporation (IDC) is forecasting spending on artificial intelligence (AI) and machine learning will grow from $8B in 2016 to $47B by 2020.
  • 89% of CIOs are either planning to use or are using machine learning in their organizations today.
  • 53% of CIOs say machine learning is one of their core priorities as their role expands from traditional IT operations management to business strategists.
  • CIOs are struggling to find the skills they need to build their machine learning models today, especially in financial services.

These and many other insights are from the recently published study, Global CIO Point of View. The entire report is downloadable here (PDF, 24 pp., no opt-in). ServiceNow and Oxford Economics collaborated on this survey of 500 CIOs in 11 countries on three continents, spanning 25 industries. In addition to the CIO interviews, leading experts in machine learning and its impact on enterprise performance contributed to the study. For additional details on the methodology, please see page 4 of the study and an online description of the CIO Survey Methodology here.

Digital transformation is a cornerstone of machine learning adoption. 72% of CIOs have responsibility for digital transformation initiatives that drive machine learning adoption. The survey found that the greater the level of digital transformation success, the more likely machine learning-based programs and strategies would succeed. IDC predicts that 40% of digital transformation initiatives will be supported by machine learning and artificial intelligence by 2019.

Key takeaways from the study include the following:

  • 90% of CIOs championing machine learning in their organizations today expect improved decision support that drives greater topline revenue growth. CIOs who are early adopters are most likely to pilot, evaluate and integrate machine learning into their enterprises when there is a clear connection to driving business results. Many CIO compensation plans now include business growth and revenue goals, making the revenue potential of new technologies a high priority.
  • 89% of CIOs are either planning to use or using machine learning in their organizations today. The majority, 40%, are in the research and planning phases of deployment, with an additional 26% piloting machine learning. 20% are using machine learning in some areas of their business, and 3% have successfully deployed enterprise-wide. The following graphic shows the percentage of respondents by stage of their machine learning journey.

  • Machine learning is a key supporting technology leading the majority Finance, Sales & Marketing, and Operations Management decisions today. Human intervention is still required across the spectrum of decision-making areas including Security Operations, Customer Management, Call Center Management, Operations Management, Finance and Sales & Marketing. The study predicts that by 2020, machine learning apps will have automated 70% of Security Operations queries and 30% of Customer Management ones.

  • Automation of repetitive tasks (68%), making complex decisions (54%) and recognizing data patterns (40%) are the top three most important capabilities CIOs of machine learning CIOs are most interested in.  Establishing links between events and supervised learning (both 32%), making predictions (31%) and assisting in making basic decisions (18%) are additional capabilities CIOs are looking for machine learning to accelerate. In financial services, machine learning apps are reviewing loan documents, sorting applications to broad parameters, and approving loans faster than had been possible before.

  • Machine learning adoption and confidence by CIOs varies by region, with North America in the lead (72%) followed by Asia-Pacific (61%). Just over half of European CIOs (58%) expect value from machine learning and decision automation to their company’s overall strategy. North American CIOs are more likely than others to expect value from machine learning and decision automation across a range of business areas, including overall strategy (72%, vs. 61% in Asia Pacific and 58% in Europe). North American CIOs also expect greater results from sales and marketing (63%, vs. 47% Asia-Pacific and 38% in Europe); procurement (50%, vs. 34% in Asia-Pacific and 34% in Europe); and product development (48%, vs. 29% in Asia-Pacific and 29% in Europe).
  • CIOs challenging the status quo of their organization’s analytics direction are more likely to rely on roadmaps for defining and selling their vision of machine learning’s revenue contributions. More than 70% of early adopter CIOs have developed a roadmap for future business process changes compared with just 33% of average CIOs. Of the CIOs and senior management teams in financial services, the majority are looking at how machine learning can increase customer satisfaction, lifetime customer value, improving revenue growth. 53% of CIOs from our survey say machine learning is one of their core priorities as their role expands from traditional IT operations to business-wide strategy.

Sources: CIOs Cutting Through the Hype and Delivering Real Value from Machine Learning, Survey Shows

By 2020 83% Of Enterprise Workloads Will Be In The Cloud

  • Digitally transforming enterprises (63%) is the leading factor driving greater public cloud engagement or adoption today.
  • 66% of IT professionals say security is their most significant concern in adopting an enterprise cloud computing strategy.
  • 50% of IT professionals believe artificial intelligence and machine learning are playing a role in cloud computing adoption today, growing to 67% by 2020.
  • Artificial Intelligence (AI) and Machine Learning will be the leading catalyst driving greater cloud computing adoption by 2020.

These insights and findings are from LogicMonitor’s Cloud Vision 2020: The Future of the Cloud Study (PDF, free, opt-in, 9 pp.). The survey is based on interviews with approximately 300 influencers LogicMonitor interviewed in November 2017. Respondents include Amazon Web Services AWS re:Invent 2017 attendees, industry analysts, media, consultants and vendor strategists. The study’s primary goal is to explore the landscape for cloud services in 2020. While the study’s findings are not statistically significant, they do provide a fascinating glimpse into current and future enterprise cloud computing strategies.

Key takeaways include the following:

  • 83% Of Enterprise Workloads Will Be In The Cloud By 2020. LogicMonitor’s survey is predicting that 41% of enterprise workloads will be run on public cloud platforms (Amazon AWSGoogle Cloud PlatformIBM CloudMicrosoft Azure and others) by 2020. An additional 20% are predicted to be private-cloud-based followed by another 22% running on hybrid cloud platforms by 2020. On-premise workloads are predicted to shrink from 37% today to 27% of all workloads by 2020.

  • Digitally transforming enterprises (63%) is the leading factor driving greater public cloud engagement or adoption followed by the pursuit of IT agility (62%). LogicMonitor’s survey found that the many challenges enterprises face in digitally transforming their business models are the leading contributing factor to cloud computing adoption. Attaining IT agility (62%), excelling at DevOps (58%), mobility (55%), Artificial Intelligence (AI) and Machine Learning (50%) and the Internet of Things (IoT) adoption (45%) are the top six factors driving cloud adoption today. Artifical Intelligence (AI) and Machine Learning are predicted to be the leading factors driving greater cloud computing adoption by 2020.

  • 66% of IT professionals say security is their greatest concern in adopting an enterprise cloud computing strategy. Cloud platform and service providers will go on a buying spree in 2018 to strengthen and harden their platforms in this area. Verizon (NYSE:VZ) acquiring Niddel this week is just the beginning. Niddel’s Magnet software is a machine learning-based threat-hunting system that will be integrated into Verizon’s enterprise-class cloud services and systems. Additional concerns include attaining governance and compliance goals on cloud-based platforms (60%), overcoming the challenges of having staff that lacks cloud experience (58%), Privacy (57%) and vendor lock-in (47%).

  • Just 27% of respondents predict that by 2022, 95% of all workloads will run in the cloud. One in five respondents believes it will take ten years to reach that level of workload migration. 13% of respondents don’t see this level of workload shift ever occurring. Based on conversations with CIOs and CEOs in manufacturing and financial services industries there will be a mix of workloads between on-premise and cloud for the foreseeable future. C-level executives evaluate shifting workloads based on each systems’ contribution to new business models, cost, and revenue goals in addition to accelerating time-to-market.

  • Microsoft Azure and Google Cloud Platform are predicted to gain market share versus Amazon AWS in the next three years, with AWS staying the clear market leader. The study found 42% of respondents are predicting Microsoft Azure will gain more market share by 2020. Google Cloud Platform is predicted to also gain ground according to 35% of the respondent base. AWS is predicted to extend its market dominance with 52% market share by 2020.

Roundup Of Cloud Computing Forecasts, 2017

  • Cloud computing is projected to increase from $67B in 2015 to $162B in 2020 attaining a compound annual growth rate (CAGR) of 19%.
  • Gartner predicts the worldwide public cloud services market will grow 18% in 2017 to $246.8B, up from $209.2B in 2016.
  • 74% of Tech Chief Financial Officers (CFOs) say cloud computing will have the most measurable impact on their business in 2017.

Cloud platforms are enabling new, complex business models and orchestrating more globally-based integration networks in 2017 than many analyst and advisory firms predicted. Combined with Cloud Services adoption increasing in the mid-tier and small & medium businesses (SMB), leading researchers including Forrester are adjusting their forecasts upward. The best check of any forecast is revenue.  Amazon’s latest quarterly results released two days ago show Amazon Web Services (AWS) attained 43% year-over-year growth, contributing 10% of consolidated revenue and 89% of consolidated operating income.

Additional key takeaways from the roundup include the following:

  • Wikibon is predicting enterprise cloud spending is growing at a 16% compound annual growth (CAGR) run rate between 2016 and 2026. The research firm also predicts that by 2022, Amazon Web Services (AWS) will reach $43B in revenue, and be 8.2% of all cloud spending. Source: Wikibon report preview: How big can Amazon Web Services get?
Wikibon Worldwide Enterprise IT Projection By Vendor Revenue

Wikibon Worldwide Enterprise IT Projection By Vendor Revenue

Rapid Growth of Cloud Computing, 2015–2020

Rapid Growth of Cloud Computing, 2015–2020

Worldwide Public Cloud Services Forecast (Millions of Dollars)

Worldwide Public Cloud Services Forecast (Millions of Dollars)

  • By the end of 2018, spending on IT-as-a-Service for data centers, software and services will be $547B. Deloitte Global predicts that procurement of IT technologies will accelerate in the next 2.5 years from $361B to $547B. At this pace, IT-as-a-Service will represent more than half of IT spending by the 2021/2022 timeframe. Source: Deloitte Technology, Media and Telecommunications Predictions, 2017 (PDF, 80 pp., no opt-in).
Deloitte IT-as-a-Service Forecast

Deloitte IT-as-a-Service Forecast

  • Total spending on IT infrastructure products (server, enterprise storage, and Ethernet switches) for deployment in cloud environments will increase 15.3% year over year in 2017 to $41.7B. IDC predicts that public cloud data centers will account for the majority of this spending ( 60.5%) while off-premises private cloud environments will represent 14.9% of spending. On-premises private clouds will account for 62.3% of spending on private cloud IT infrastructure and will grow 13.1% year over year in 2017. Source: Spending on IT Infrastructure for Public Cloud Deployments Will Return to Double-Digit Growth in 2017, According to IDC.
Worldwide Cloud IT Infrastructure Market Forecast

Worldwide Cloud IT Infrastructure Market Forecast

  • Platform-as-a-Service (PaaS) adoption is predicted to be the fastest-growing sector of cloud platforms according to KPMG, growing from 32% in 2017 to 56% adoption in 2020. Results from the 2016 Harvey Nash / KPMG CIO Survey indicate that cloud adoption is now mainstream and accelerating as enterprises shift data-intensive operations to the cloud.  Source: Journey to the Cloud, The Creative CIO Agenda, KPMG (PDF, no opt-in, 14 pp.)
Cloud investment by type today and in three years

Cloud investment by type today and in three years

AWS Segment Financial Comparison

AWS Segment Financial Comparison

  • In Q1, 2017 AWS generated 10% of consolidated revenue and 89% of consolidated operating income. Net sales increased 23% to $35.7 billion in the first quarter, compared with $29.1 billion in first quarter 2016. Source: Cloud Business Drives Amazon’s Profits.
Comparing AWS' Revenue and Income Contributions

Comparing AWS’ Revenue and Income Contributions

  • RightScale’s 2017 survey found that Microsoft Azure adoption surged from 26% to 43% with AWS adoption increasing from 56% to 59%. Overall Azure adoption grew from 20% to 34% percent of respondents to reduce the AWS lead, with Azure now reaching 60% of the market penetration of AWS. Google also increased adoption from 10% to 15%. AWS continues to lead in public cloud adoption (57% of respondents currently run applications in AWS), this number has stayed flat since both 2016 and 2015. Source: RightScale 2017 State of the Cloud Report (PDF, 38 pp., no opt-in)
Public Cloud Adoption, 2017 versus 2016

Public Cloud Adoption, 2017 versus 2016

  • Global Cloud IT market revenue is predicted to increase from $180B in 2015 to $390B in 2020, attaining a Compound Annual Growth Rate (CAGR) of 17%. In the same period, SaaS-based apps are predicted to grow at an 18% CAGR, and IaaS/PaaS is predicted to increase at a 27% CAGR. Source: Bain & Company research brief The Changing Faces of the Cloud (PDF, no opt-in).
60% of IT Market Growth Is Being Driven By The Cloud

60% of IT Market Growth Is Being Driven By The Cloud

  • 74% of Tech Chief Financial Officers (CFOs) say cloud computing will have the most measurable impact on their business in 2017. Additional technologies that will have a significant financial impact in 2017 include the Internet of Things, Artificial Intelligence (AI) (16%) and 3D printing and virtual reality (14% each). Source: 2017 BDO Technology Outlook Survey (PDF), no opt-in).
CFOs say cloud investments deliver the greatest measurable impact

CFOs say cloud investments deliver the greatest measurable impact

Cloud investments are fueling new job throughout Canada

Cloud investments are fueling new job throughout Canada

  • APIs are enabling persona-based user experiences in a diverse base of cloud enterprise As of today there are 17,422 APIs listed on the Programmable Web, with many enterprise cloud apps concentrating on subscription, distributed order management, and pricing workflows.  Sources: Bessemer Venture Partners State of the Cloud 2017 and 2017 Is Quickly Becoming The Year Of The API Economy. The following graphic from the latest Bessemer Venture Partners report illustrates how APIs are now the background of enterprise software.
APIs are fueling a revolution in cloud enterprise apps

APIs are fueling a revolution in cloud enterprise apps

Additional Resources:

%d bloggers like this: