The elephant in the room when talking about any trends for the coming year in North America will be incoming US president Joe Biden and the pandemic strategy.
The US, as well as its neighbours in Canada and Mexico, will continue to grapple with their coronavirus recovery plans next year. The virus has dictated 2020 and will continue to do so in 2021 but how much so remains to be seen while businesses hope for robust governmental support and keep their fingers crossed for a vaccine soon.
With the pandemic weighing on people’s minds, the way that we work will continue to evolve according to Mukesh Khare, vice president at IBM Research, overseeing hybrid cloud.
“2020 has been quite a year for the IT industry and despite all the issues with the pandemic, the IT industry has actually accelerated tremendously because we are all working from home and we're all still trying to be as productive as possible,” Khare said.
It has pushed more people to move to the cloud and ramp up digitisation, he said, but the impact of the mass exodus from the office forced many companies to make decisions they weren’t prepared for. In many cases, companies found themselves implementing two-year IT investment strategies in two months.
There is still a reluctance among some decision makers to move “mission critical” data to the cloud, he said, but he expects that this will progress further in 2021.
He said that still only around 20% of activities have moved to cloud but that will balloon next year, pointing to IBM’s hybrid cloud, a dual private and public cloud infrastructure as an on-ramp for companies.
Adoption
Stephen Manley, CTO of Druva, said that some companies can overdo it with their digital transformations, driven by the pressure of the pandemic, leading to mistakes.
“They either struggled to get the applications running or left themselves with security holes because they were so busy working on the application they didn't even think about the exposure or they left themselves exposed to pretty big costs,” Manley said. “They didn't realise the hidden costs you can have in running in cloud."
He compared this approach to cloud migration to going to the gym for the first time and immediately going for the biggest weights: “You have to work up to it”.
Organisations need to take a smarter, more incremental approach, he added, to avoid any gaping security holes and to maintain productivity.
“I think what we'll see next year is that people move as much as they can to SaaS apps, they're going to say I could move some of my core applications, my databases, things that run in VMs, maybe I'll move them up to a VMWare cloud in AWS. Maybe I'll lift and shift some of that into AWS proper but I'm not going to try to refactor everything from scratch. I'm just going to get them up to the cloud.”
Evolving cyber threat
Sam Rehman, chief information security office at EPAM, said that these shifts, coupled with working from home, bring with them a whole host of cybersecurity and data protection concerns.
“Our attack surface now is exponentially larger than where we were before. It makes it very difficult because imagine if you're protecting a house with 18 windows and four doors,” Rehman said.
“The attacker can come in through any one of those doors at any point in time. You have to take the extra measure to put in controls to protect all of those. What is your focus?” he said.
“The sad thing about cybersecurity is you always have some aspect of it playing catch up.”
Rehman anticipates that we will see more machine learning-assisted attacks in the coming year and organisations will need to be prepared for that.
EPAM provides training to its clients and staff to help respond to these evolving threats. One sector that has become more prominent of late is retail, especially with the growing shift to e-commerce, given its handling of financial transactions and customer IDs.
Businesses in the US, and more specifically California, had also been contending with the California Consumer Privacy Act (CCPA) a piece of state legislation that mirrored GDPR in many ways. On election day in November, voters backed amendments, altering the law to the California Privacy Rights Act that closes many loopholes in the CCPA predecessor.
The changes will not come into effect until 2023 but now will be the time for businesses to start preparing for the inevitable.
GDPR similarly gave companies a two-year window to get prepared but there was still a scramble to get ready come May 2018. The European law should provide some sort of template to follow in getting compliant ahead of 2023.
Accessibility
Druva’s Manley added that businesses often lack these templates for adapting to new technologies.
Artificial intelligence and automation for example hold great promise but to date, they’ve only been fully exploited by larger organisations that have the resources to learn and utilise them.
"We focus so much on the tooling and the tooling changes so quickly,” Manley said.
"I think that's still a big limiter even going into 2021. Will that stage be simplified enough and become general knowledge enough? I think in 2021 it will become a case of the haves and have-nots,” he said.
“Until those templates come out I think it's black magic to people.”
