StorageOS is looking to enable self-service, automated deployment, and scalability of software-defined storage (SDS) in a cloud-native approach.
Insight
-
-
Hyperconverged infrastructure (HCI) continues to be a growth area for many businesses and business lines. This is largely due to the simplified approach for driving and deploying new digital business initiatives. In fact, HCI can often be a simpler way to kick off new initiatives with no impact to core IT organizations within the business. For this reason, HCI deployments are seeing growth that enables business units to rapidly stand up new projects without impacting IT.Looking in to 2021 and beyond, our research shows that overall IT industry trends include increasing numbers of new initiatives that focus on:
- Digital transformation.
- Shifting from on-premises to cloud adoption.
- Application modernization and security.
Across the technology industry, these three areas are where business is facing new challenges. The global economy continues to move toward digital transformation, while the delivery of products and services is evolving based on this direction. Those businesses that stay in the traditional product and services arena will likely not survive into the 2020s.
These larger trends are playing into how HCI is trending. Let’s take a look at where HCI has been and my top 5 predictions about where it is going in 2021…and beyond.
The Future Is Now
In September 2018, I wrote a Forbes article, titled Modernized HCI Data Protection Practices Lead To Digital Transformation. When writing this article, I was focusing on future trends and predictions, without the prescience of knowing that a pandemic would further accelerate these efforts. In the past three years, the HCI market has rapidly grown in the direction I described then, and the future shows no sign of stopping.
Specifically, the Forbes article focused on the following:
- Migrate existing workloads
- Understand the impact of migrating your existing hypervisor
- Leverage native file and block services
- Expand the data center to the edge
- Set up native cloud disaster recovery
As we continue to drive hypercomputing infrastructure into 2020, many of the points covered then are valid today and, in some cases, the direction is even more rapidly accelerating from 2018.
- Digital Transformation (still) Starts with Hyperconverged Infrastructure
In 2020, increasing numbers of digital business transformation initiatives amplified the direction just described (and covered in further detail in my 2018 article). This accelerated pace of adoption drove enterprise agility and is largely from these kinds of digital initiatives combined with the ability to quickly migrate workloads to HCI as well as to the cloud. According to ESG Research on Converged and Hyperconverged Infrastructure Trends, 87% of IT managers said that HCI made IT more agile, with 25% stating HCI makes IT significantly more agile.
Migrating existing workloads is the direction for future HCI adoption. The reason is that HCI reduces the requirement for server and storage management resources and expertise, making migration to the platform easier than traditional deployments. HCI and software-defined storage (SDS) are the foundation for digital transformation initiatives and provide rapid time to value, without requiring more expertise.
- Public Cloud Services Are an Option to On-premises Storage Infrastructure
Leveraging the cloud and native HCI platform file services allows your digital initiatives to optimize workloads, leverage data storage services, migrate away from silos, and create unified infrastructure–all residing on the same, high-performance platform. Cloud storage and strategies are no different, which is why public cloud infrastructure is gaining popularity.
This point is validated in a 2019 ESG in-depth survey of IT and data storage professionals responsible for evaluating, purchasing, and managing data storage technology products and services. The survey respondents indicated that at least twice as many IT professionals are as likely to consider public cloud storage infrastructure as better than on-premises alternatives when it comes to total cost of ownership, ease of purchase, automation, and ease of evaluation. And this includes using HCI for on-premises and cloud-based deployments.
- Edge Is Increasing in Priority to Digital Businesses
The increase in a remote workforce has accelerated edge adoption. IT organization investments are increasing based on this new business model, which also applies to edge-based resources. This trend will drive cloud adoption for these types of deployments to enable rapid responses to evolving business models, enabling the business to dynamically scale with no impact to the core business.
New Emerging Trends – Modernization with Intelligence
- Application modernization will force CIOs to look for opportunities to move to next-generation digital platforms that leverage HCI and cloud-native approaches that modernize infrastructure and applications. This modernization delivers dynamic functionality and supports rapid development of new products, processes and services to enhance the customer experience. As part of this approach, DevOps will need to include the ability to leverage the container and the orchestration layers to provide burst capabilities to keep pace with increasing digital experience demands.
- Other IT trends that will be leveraging HCI platforms are artificial intelligence and machine learning. Forward-thinking businesses will customize their digital experiences to focus on the personalization of customer profiles. The product, service, and process will (or soon will) have the capability to dynamically adjust based on the customer persona and adapt in real time to how the customer is interacting with the business. This direction is gaining traction in all aspects of the digital experience platforms and applies to hyperconverged infrastructure deployments as well.
How Will These Trends Impact Your Organization?
Technology is evolving faster and is now able to process data in ways that were unheard just a few years ago. The lines between technology and the intersection with people and process that are using the platforms are blurring. The adoption of HCI platforms, whether on-prem or in the cloud or a hybrid approach, is less important than the transparency of information provided from these platforms. The future is about driving experiences regardless of where the information lives. How ready is your organization?
-
In my continuing video blog series on Modern Email Security, I have had the opportunity to talk with many of the leading innovators tackling some of the toughest challenges in email security. The email threat landscape has been quite volatile over the past year, with so many criminals leveraging the human fear associated with the pandemic to fool unsuspecting users into handing over credentials and sensitive data.With the almost overnight migration from on-prem email solutions to cloud-delivered email, many of the early-stage email security companies have been focused on the opportunity to strengthen the native email security controls offered by the CSPs. These same companies are tackling some of the more sophisticated, multi-stage email attacks involving phishing and other impersonation techniques.
However, while a majority of organizations are now depending on cloud-delivered email as their preferred email solution, we can’t take our eye off of on-prem email deployments. The recent Microsoft Exchange Server attack highlights the number of organizations still depending on on-prem email solutions. In my most recent ESG email security research, 60% of organizations reported the use of both cloud-delivered and on-prem email, so while most are depending on cloud-delivered email as their primary email application, pockets of on-prem Exchange usage continue to have a long tail. This means that email security teams need to not only maintain both environments, but also need to ensure that both are capable of defending against the highly dynamic, email threat landscape.
I’ve been impressed with the progress that many of the email security vendors have been making in stopping attacks involving phishing, often leading to more sophisticated and targeted threats. However, I worry that the long tail Exchange users may be getting left behind. And given that socially engineered attacks often leverage phishing across multiple communication mechanisms (SMS, collaboration tools, social media apps, and more), email security is only part of the larger defense platform required. Maybe we need to consider on-prem email as simply another communication channel that needs to get figured into the broader solution?
Check out my modern email security video series to learn more about how the innovators are tackling this and many other important email security issues.
-
This Master Survey Results presentation focuses on the extension of EDR, NDR, and other security analytics solutions in support of broad threat detection and response programs via emerging XDR technology solutions.
-
Almost exactly a year ago I wrote about Veeam’s V10 and how it was positioning the company to better compete in the very contested enterprise space. It was a strong release and a turning point. V11 is the release that places Veeam more squarely in the coveted enterprise space. The product team has executed on their strategy and roadmap (although there is always more work ahead) to beef up the platform in several areas: snapshots, backup, replication, and continuous data protection.
-
Beyond threat detection and response, CISOs should think of XDR as a catalyst for modernizing the SOC, automating processes, and improving staff productivity.According to Enterprise Strategy Group research, enterprise organizations claim that improving detection of advanced cyber-threats is their highest priority for security operations. As a result, 83% of organizations will increase threat detection and response spending over the next 12 to 18 months.
This is no surprise—threat detection and response is always a high priority. Unfortunately, the data reveals something else. Despite spending millions of dollars on cybersecurity technology over the past few years, most organizations still can’t detect or respond to cyber-attacks in a reasonable timeframe. It’s also fair to say that things are getting worse—just ask any organization using SolarWinds for network monitoring.
Recognizing the need for better mousetraps, the security technology industry is proposing eXtended Detection and Response (XDR) as a possible solution. I posted a blog about XDR last June where I defined the term and speculated on how the market would develop. As I suspected at the time, XDR innovation has steadily progressed, and I expect big things from the supply side for the remainder of the year.
To be clear, XDR is still an emerging technology, not a panacea. Nevertheless, there’s a lot of industry innovation and investment going into XDR, and it may help organizations bolster security analytics efficacy, streamline security operations, and anchor their SOCs with a tightly integrated security operations and analytics platform architecture (SOAPA).
Given its potential, organizations should have a game plan for XDR in 2021. I suggest that CISOs do the following:
- Cast a wide net with lots of upfront research. Only 24% of security professionals claim they are “very familiar” with XDR, which is understandable due to new technology and lots of confusing marketing. Given this knowledge gap, the first thing organizations should do is learn about all types of XDR: Platform-based (i.e., multiple controls with analytics and a control plane), software only (i.e., a software layer on top of existing controls), open XDR, etc. This will help the SOC team decide on a strategy where XDR can supplement or replace existing tools and processes. As a consolidation architecture, it’s likely that many existing and trusted vendors will be pitching XDR as an outgrowth of their EDR, NDR, or security analytics technology. At this early stage, CISOs should invite strategic security technology partners in to educate the security team on XDR and outline their product roadmaps. This should get the team up to speed and help them start to craft an XDR strategy.
- Identify organizational weaknesses and blind spots. Before moving forward with yet another threat detection and response technology, it’s worth digging into existing tools and processes to see what’s working and what’s not. Is the SOC team fully utilizing EDR, NDR, and SIEM or is there a skills or resource gap? Are there process bottlenecks that slow mean time to detect/mean time to respond to threats that have nothing to do with technology? If either of these things are true, SOAR and professional services may make more sense than another analytics tool. Since modern cyber-threats move laterally across networks, it’s also worth investigating if the organization has any weaknesses or blind spots when it comes to security monitoring. For example, ESG research pointed to security monitoring weaknesses related to public cloud infrastructure. In cases like this, XDR should start by improving cloud security visibility and integrating cloud security analytics with existing EDR, NDR, threat intelligence, etc.
- Pick a starting point for project planning. XDR is an architecture, not a product, so it may take a few years to fully deploy and configure XDR. That said, you must start somewhere. Based on the previous point, it’s not surprising that 43% of survey respondents speculated that their organization would start a project by implementing an XDR solution with threat detection and response capabilities for cloud-based workloads and SaaS. This is a reasonable starting point, but XDR technology can evolve from tactical to strategic coverage. Regardless of where an organization starts an XDR deployment, the security team must look forward, identify points of integration, map out engineering projects, and define a set of metrics it will use to measure XDR and project effectiveness.
- Use XDR to establish security operations best practices. Security operations are haphazard at many organizations, featuring many manual process and constant firefighting. Some SOC teams use SOAR to help them out of this mess, but SOAR platforms require staff resources and skills to create playbooks and code orchestration routines. XDR will likely act as a poor man’s SOAR by “canning” a lot of common security processes, which should be fine for most organizations. Some XDR platforms can also help organizations operationalize the MITRE ATT&CK framework—a big step forward. In selecting an XDR solution, CISOs should evaluate how each vendor supports and promotes security operations best practices and how well their organization can adapt to these changes.
- Get the IT operations team involved. Incident response requires strong collaboration and cooperation between security and IT teams. To support and improve the team effort, XDR platforms should adapt to existing process handoffs and integrate with existing security operations tools like ServiceNow, Jira, Microsoft OMS, etc. In other words, XDR projects should improve rather than disrupt existing data analysis, case management, incident prioritization, and mitigation efforts.
Cybersecurity tends to suffer from what I call “shiny object syndrome.” A new technology comes along, and the industry goes gaga. When organizations flock to these new tools, however, they don’t take the time to fully learn the technologies or modify security operations to achieve the maximum benefit. XDR is an architecture that will take months or years to fully deploy, giving organizations time to do things right. Therefore, CISOs should amalgamate XDR into formal projects and future strategies. In this way, XDR can act as a cybersecurity force multiplier, not just the next buzzworthy topic at RSA and Black Hat.
BTW: I’m excited about our new XDR research, so look for more blogs on this topic soon.
-
Did you know: 71% of technology decision makers use research-based thought leadership materials to vet a company’s capabilities?
I actually used to be one of those decision-makers before recently joining Enterprise Strategy Group as a senior analyst, but before I get ahead of myself, let me step back and introduce myself.
When I look back, it seems like everything I have done in my career has led up to this moment. I have spent the past 25 years in the tech industry developing go-to-market strategies, identifying new routes to market, and creating and expanding partner ecosystems (three things we do in spades for our clients here at ESG).
I’ve held executive, product management/marketing, and partner alliances roles in corporations large and small. I worked in household name companies (Dell EMC, NetApp, VMware, IBM, Emerson) as well as mid-sized vendors (Progress Software, Kentico) and smaller startups such as DataCore, Unitrends, and HYCU.
Most recently, I led marketing strategy and execution for the search, recommendation, and digital experience platform offerings at AmericanEagle.com. Exciting and challenging at the same time.
My technology interests and experience range across digital experience platforms, content management & application integration, data protection, hyperconverged infrastructure, virtualization and infrastructure modernization (on-premises, hybrid, or cloud-native). At ESG, I’ll be calling on those experiences to help expand our Infrastructure Modernization and Application Modernization coverage.
Simply put, in my new role as an analyst, I’m looking forward to taking all that I’ve learned across all of these areas in all my prior roles to help ESG clients make better decisions and achieve better business outcomes.
Transition from Practitioner to Analyst
I thoroughly enjoyed my career in the vendor space and could continue pursuing this direction, but it was always in the back of my mind that an analyst role would be my sweet spot. As an analyst, I could give back to the professional community and help elevate the tech industry in some small way. I believe, as an analyst, my previous experience, my intellectual curiosity, and my respect for research and data, combined with my ability to synthesize it to extract helpful insights is what I hope to bring forward to ESG and our clients.
For example, in ESG’s 2021 Technology Spending Intentions Survey, we found that a key focus for businesses in the coming year is to continue to leverage cloud technologies to accelerate their digital transformation initiatives. In fact, cloud applications and infrastructure are at this point a de facto prerequisite for successful transformation projects. For vendors, communicating the “what and why” of this message to the business community is key to helping drive well-informed strategy decisions. My role at ESG will help drive additional discussions and research in this area about how infrastructure and application modernization trends will drive business results over the next five years.
Expanding Horizons!
The fact that ESG is now a part of TechTarget is also very exciting to me, not only from the development and creation of building assets, messaging, and materials to support our client’s go-to-market activities, but in conjunction with TechTarget, ESG now has the ability to build powerful content, drive complete marketing campaigns, and leverage the BrightTALK platform for delivering these messages.
It is awesome to be part of this journey with ESG and I look forward to working with all of you as well to continue the conversations and discussions on how we can make your companies grow and exceed your business targets!
-
The global pandemic significantly impacted organizations last year in many different ways. The biggest was undoubtedly the swift transition to work-from-home programs and the need to stand up technology to enable this shift. As a result, many organizations reported that these efforts had dramatically accelerated their company’s digital transformation efforts. ESG research validates this acceleration and highlights that some of the top goals of organizations’ digital transformation initiatives are to drive greater operational efficiencies and deliver differentiated customer experiences. Therefore, it shouldn’t be a surprise that technology vendors are also accelerating their efforts to deliver solutions to enable greater operational efficiency to address the increasing complexity arising from a highly distributed IT environment. A great example of this vendor transformation can be seen in the steps taken by Juniper Networks.
-
As organizations embrace digital transformation initiatives, business outcomes become inexorably linked to technology areas like application development, cloud computing, and IoT devices. Therefore, these technology assets must be protected to ensure continuity of business operations. The link between cybersecurity and the business has led to an industry declaration that, “Cybersecurity is a boardroom issue.” This statement is true yet simplistic. Executives and corporate directors have a fiduciary responsibility to shareholders and/or owners, so they are ultimately responsible for everything that drives the business, including managing cyber-risk and safeguarding business-critical technology assets. That said, cybersecurity can be a highly technical discipline. This brings up a few questions: Do executives really understand cybersecurity and its role in the business? And as technology further dominates the business landscape, are they investing appropriately in cybersecurity and driving a cybersecurity culture throughout their organizations?
To explore the answers to these and other questions, ESG surveyed 365 senior business, cybersecurity, and IT professionals at organizations in North America (US and Canada) and Western Europe (UK, France, and Germany) working at midmarket (i.e., 100 to 999 employees) and enterprise-class (i.e., more than 1,000 employees) organizations
-
The broad adoption of public cloud services demands a retooling of identity and access management programs. Perimeter security must evolve from a traditional castle and moat model to one that focuses on cloud identities inclusive of service accounts, as well as individual users and the data they access. To protect sensitive cloud-resident data, cybersecurity and IT operations teams need to work with their line-of-business teams on strengthening identity programs with both the user experience and risk in mind.
In order to gain insight into these trends, ESG surveyed 379 IT and cybersecurity professionals at organizations in North America (US and Canada) personally responsible for evaluating or purchasing identity and access management and cloud security technology products and services. This research aimed to understand the problem space, organizational responsibilities, compliance implications, and plans for securing user access to a wide portfolio of cloud services. The study also looked at the current and planned use of various authentication methods, privileged access management, device profiling, unified directories, user activity analytics, and service account protection.
-
Tape is back on the forefront with new use cases and possibilities. The need for unlimited and cost-conscious storage for long-term retention has never been stronger, particularly for “cold” layers of storage in public and private clouds. Hardware, software, and product usability evolutions make tape solutions an attractive option for long-term archiving, ransomware remediation, and massive storage for media or media-like applications.
In order to gain insight into these trends, ESG surveyed 303 IT professionals at organizations in North America (US and Canada) personally responsible for or familiar with their organization’s data protection environment and strategy, including tape technology. The respondents’ organizations had to be current users of tape technology. This research aimed to understand the current state of enterprise tape deployments, uncover specific use cases (including vertical-specific ones), identify gaps, and highlight future expectations. Special attention was also paid to cloud use cases such as the usage of tape for long-term retention by hyperscalers, leveraging cloud-like services that use tape as a replacement for on-premises solutions and migration of tape to cloud.
-
ESG’s Master Survey Results provide the complete output of syndicated research surveys in graphical format. In addition to the data, these documents provide background information on the survey, including respondent profiles at an individual and organizational level. It is important to note that these documents do not contain analysis of the data.
This Master Survey Results presentation focuses on 2020 IT trends for the existing and emerging technology influencing tape usage, buying intentions of IT teams, existing challenges and drivers influencing buying decisions, and buyer preferences for changing tape topologies.
Hyperconverged infrastructure (HCI) continues to be a growth area for many businesses and business lines. This is largely due to the simplified approach for driving and deploying new digital business initiatives. In fact, HCI can often be a simpler way to kick off new initiatives with no impact to core IT organizations within the business. For this reason, HCI deployments are seeing growth that enables business units to rapidly stand up new projects without impacting IT.
In my continuing video blog series on 
Almost exactly a year ago I wrote about Veeam’s V10 and how it was positioning the company to better compete in the very contested enterprise space. It was a strong release and a turning point. 
Beyond threat detection and response, CISOs should think of XDR as a catalyst for modernizing the SOC, automating processes, and improving staff productivity.