Cyber protection: the hot new shared space of business data continuity
Dev and ops. Containers and cloud computing. Some things just go great together.
We’re on the cusp of another great combination, as the tectonic forces of market dynamics and modern threats are fusing together two well-established information technology sectors — data protection and cybersecurity — into a bigger, broader category of solutions called cyber protection.
What is driving this sea-change in how we protect our entire IT estate — including data, applications and infrastructure — from critical threats and interruptions that can bring the entire business to a halt? What are the implications of cyber protection for the enterprise?
Data and security teams and silos coming together
Not long ago, any midsized to large enterprise would have data wranglers working to archive, replicate and promote data redundancy and recovery in their own management silos, while a security team would be off in the security operations center, scanning for vulnerabilities and preventing threats in their own sets of tools. There was little need for these two teams to collaborate.
Now as enterprises move applications and data to hybrid IT environments, including multiple cloud infrastructure options, mobile and “internet of things” devices and edge computing resources, there’s far more threat surface and many more data exploits for these once-separate teams to deal with.
Existential risk is creating a phenomenon of market consolidation around cyber protection, a category we could express as a boolean of the two overlapping spaces of cybersecurity and data protection using our Intellyx Market Mindmap™ diagram (pictured).
Don’t let the fact that these two market sectors are considered mature and contain many familiar-looking solutions fool you. An incredible amount of innovation and investment is being pushed into this new combined space by competitive vendors, as keeping up with malware threats and vulnerabilities has become an increasingly difficult endeavor for business customers.
Market development and consolidation
In a word, we’d rate the cyber protection market as frothy. We are seeing new specialized tool vendors emerging into this market from both sides, whether for cloud-native data backup or for IoT device-level security management.
In addition, several leading vendors have made big moves in this space, both in terms of further organic software development and replatforming for software-as-a-service and cloud use cases, and strategic partnerships and acquisitions. (* Disclosure below.)
Some recent moves of note:
- Acronis acquired DeviceLock to add endpoint data loss prevention to its suite of data protection and cybersecurity tools.
- Arcserve expanded its partnership with Sophos to add ransomware protection to its cloud backup service offerings.
- Datto acquired BitDam to give managed service providers a combined cloud application suite security and data protection solution.
- ESET partnered with Xopero to give security customers global backup and disaster recovery options.
- Cloud data protection vendor Druva integrated with FireEye for advanced threat detection and data breach response capabilities.
- Cyber resilience firm OpenText acquired Webroot and Carbonite for threat detection and data protection, after Carbonite acquired Mozy from Dell Technologies.
- Veeam acquired Kasten to combine cloud-native backup and data protection for microservices workloads.
All of this cross-platform cyber protection activity isn’t even scratching the surface of similar footprint growth efforts for both security and data protection product suites in major technology platform vendors such as IBM, Broadcom, Microsoft and VMware, and within leading cloud infrastructure-as-a-services providers such as Amazon Web Services Inc., Microsoft Azure and Google Cloud.
Three novel trends driving the need for cyber protection
Ransomware. While technology markets naturally expand and merge, the increased frequency of ransomware attacks, especially the WannaCry attack of 2017, forms much of the origin story of this current conflagration.
Both state actors and opportunistic cybercriminals are now using dark web exploits and coming after data itself — not just to exfiltrate intellectual property or steal account information to resell for nefarious purposes, but to encrypt data stores and lock them away from use. These data-nappers demand bitcoin, or less traceable cryptocurrencies such as Monero, to ransom the unlocked data back to its original owner.
Although most companies refused to pay the hackers, given the dishonorable nature of such a contract, such extortion became a lucrative enough enterprise to demand an industrial-strength response. The best minds in cyberattack prevention and data protection and recovery are coming together to fight ransomware.
Cloud and hybrid IT development. The presence of elastic cloud infrastructure led to workloads running ephemeral containers, with REST application programming interface calls and event-based services to support applications. Now, we’re seeing new decoupled microservices architectures with Kubernetes clusters and serverless functions that are designed to operate in a “stateless” mode.
The problem? Even a cleverly constructed application that separates process from state means that all of the real-time secrets passed between services — and their resulting transactional data — must still be stored in both “hot” data queues and “warm” or “cold” systems of record somewhere.
The reduced cost of archival data, data lakes and grids across on-premises data centers and multiple cloud services means companies are finding clever ways to optimize cost, improve responsiveness and reduce latency in how data assets are routed and accessed. This complexity also greatly expands the ability for “lost data” that gets improperly routed or stored and increases the threat surface of potential data attack vectors.
Service provider expertise. Consultancies that want to differentiate themselves and add strategic value for their clients want to get ahead of this market by building cyber protection practices as repeatable centers of excellence.
In many cases, system integrator partners can bridge the gap between established data and security organizational silos for their clients, as they are often engaged in auditing IT practices for data compliance, modernizing legacy systems and building new applications atop systems of record that rely on both data integrity and security.
At the same time, service providers are well-positioned with expertise to help companies negotiate finding the best-of-breed cyber protection solutions for the job, rather than simply leaving this mission-critical task up to the default selections offered by the enterprise’s incumbent platform and cloud providers.
The Intellyx take
Where does cyber protection go from here?
Cyber protection is more than just the blending of two established technology sectors, so it’s a safe bet that we’ll see accelerated development budgets and acquisition activity among data protection vendors, cybersecurity firms and new players flowing into this space for the next three to five years.
IT operations management, IT service management and incident management companies will soon be seeking to add data layer visibility to their dashboards, as the industry demand for a single view of data operations and data risk will become important for compliance reviews.
DevSecOps teams with a mandate to deliver new application functionality to market in hybrid IT infrastructure will seek to “shift security left,” or earlier in the application development process, and embed safer and more resilient data structures underneath resilient applications that can progressively roll out and roll back and recover in an instant if something goes wrong at deployment time.
And don’t get me started on the proliferation of high-speed 5G networks, IoT devices and edge infrastructure. With data streaming from billions of unique sensors, cameras and sources, and coexisting with compute workloads on server clusters atop every telephone pole and inside every office closet, the future requirements of this space are limitless.
Jason English is principal analyst and chief marketing officer at Intellyx LLC, an analyst firm that advises enterprises on their digital transformation initiatives, and publishes the weekly Cortex and BrainCandy newsletters. (* Disclosure: Acronis and IBM are Intellyx clients, and Broadcom and Microsoft are former customers. Intellyx retains editorial control over the content of this report.)
Image: Jason English
A message from John Furrier, co-founder of SiliconANGLE:
Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.
We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.