A diverse and complex cyber-threat landscape, twinned with an extensive migration of enterprise systems to the cloud, has presented businesses with the difficult balancing act of robustly defending critical infrastructure and ensuring the right issues are made security priorities.
This means that deploying and managing applications is more difficult than ever, with an increasing reliance on them set to be a prominent theme for businesses this year. The results of our third annual State of Application Delivery report highlight this, showing the average EMEA organisation plans to deploy 18 different app services over the next 12 months, compared to the global average of 11.
Leading with security
From Dyn to Lloyds Bank, cyber-attacks continue to bombard the world’s largest organisations, which are struggling to keep up with the rapidly evolving threat landscape. Business leaders, when responding to our survey, deemed speed and availability less important than overall application security for the first time, with 64 per cent highlighting the increased sophistication of cyber-attacks as their top security challenge.
To combat threats, such as automated botnets and new strains of malware, a new era of security vigilance is necessary, requiring security teams to expand beyond traditional firewalls and legacy enterprise perimeters and rethink security priorities. For example, organisations with a web application firewall (WAF) and DDoS mitigation services had the highest confidence in withstanding an application-level attack. Interestingly, cloud-first organisations had more confidence.
As the Internet of Things (IoT) and BYOD strategies exacerbate existing security challenges and increase the opportunities for hackers to infiltrate corporate infrastructure, bosses are realising their security priorities.
A cloudy outlook
It is true that security threats are evolving, which can be largely attributed to the widespread migration of business applications to the cloud. With organisations across EMEA expecting 76 per cent of apps to be hosted in the cloud this year, traditional defences must be adapted to cater to this trend.
Despite businesses showing concern that moving to the cloud can disrupt operations and have significant implications for security, the shift towards a multi-cloud world is gaining momentum. In fact, four out of five respondents indicated they are adopting hybrid cloud models. While this shows a growing recognition that agility and speed can be achieved without compromising security, managing a consistent security strategy across multiple environments will be key if this type of strategy is to be successful.
It’s not all about technology
The trends currently being exhibited by EMEA businesses are a clear indicator of priorities today, but they also have austere implications for the skills needed to succeed tomorrow. Some 32 per cent of respondents cited a lack of IT security skills or training with their company as one of their greatest security challenges. It will take government investment, enhanced recruitment strategies and an altered focus in education from the grass roots up to solve this prevailing problem.
Beyond recruiting and developing employees with the appropriate skills, educating existing employees is vital so that they can work efficiently and securely in technology-oriented organisations. After increasingly sophisticated cyber-attacks, respondents were most concerned about employees understanding the impact of not following security policy (53 per cent). With a startling proportion of cyber-attacks due to human error, organisations must take responsibility to educate the workforce.
Despite these challenges, there is no sign that security breaches are slowing digital transformation. Our report shows, however, that as the demands of customer satisfaction and data protection compete, security is emerging as a leader of digital strategies, rather than being bolted on as an afterthought.
Keiron Shepherd is senior security specialist at F5 Networks