research Archives - Cyber Secure Forum | Forum Events Ltd
Posts Tagged :

research

IT Services will be largest recipient of CIO spending in 2024

960 640 Stuart O'Brien

Global IT spending is expected to total $5 trillion in 2024, an increase of 6.8% from 2023, down from the previous quarter’s forecast of 8% growth – and while generative AI (GenAI) had significant hype in 2023, it will not significantly change the growth of IT spending in the near-term.

That’s according to new analysis from Gartner, which predicts that IT Services will become largest segment of spending in this year.

“While GenAI will change everything, it won’t impact IT spending significantly, similar to IoT, blockchain and other big trends we have experienced,” said John-David Lovelock, Distinguished VP Analyst at Gartner. “2024 will be the year when organizations actually invest in planning for how to use GenAI, however IT spending will be driven by more traditional forces, such as profitability, labor, and dragged down by a continued wave of change fatigue.”

IT services will continue to see an increase in growth in 2024, becoming the largest segment of IT spending for the first time. Spending on IT services is expected to grow 8.7% in 2024, reaching $1.5 trillion (see Table 1). This is largely due to enterprises investing in organizational efficiency and optimization projects. These investments will be crucial during this period of economic uncertainty.

“Adoption rates among consumers for devices and communications services plateaued over a decade ago. Consumer spending levels are primarily driven by price changes and replacement cycles, leaving room for only incremental growths, so being surpassed by software and services was inevitable,” said Lovelock. “Enterprises continue to find more uses for technology – IT has moved out of the back office, through the front office and is now revenue producing, until there is a plateau for how and where technology can be used in an enterprise, there cannot be a plateau in enterprise IT spending.”

Table 1. Worldwide IT Spending Forecast (Millions of U.S. Dollars) 

  2023 Spending 2023 Growth (%) 2024 Spending 2024 Growth (%)
Data Center Systems 243,063 7.1 261,332 7.5
Software 699,791 -8.7 732,287 4.6
Devices 913,334 12.4 1,029,421 12.7
IT Services 1,381,832 5.8 1,501,365 8.7
Communications Services 1,440,827 1.5 1,473,314 2.3
Overall IT 4,678,847 3.3 4,997,718 6.8

Source: Gartner (January 2024)

The overall IT spending growth rate for 2023 was 3.3%, only a 0.3% increase from 2022. This was largely due to change fatigue among CIOs. Momentum will regain in 2024, with overall IT spending increasing 6.8%.

Even with the expected regained momentum in 2024, the broader IT spending environment remains slightly constrained by change fatigue. Change fatigue could manifest as change resistance — with CIOs hesitating to sign new contracts, commit to long-term initiatives or take on new technology partners. For the new initiatives that do get launched, CIOs require higher levels of risk mitigation and greater certainty of outcomes.

Threat Predictions for 2024: Chained AI and CaaS operations give attackers more ‘easy’ buttons 

960 640 mattd

With the growth of Cybercrime-as-a-Service (CaaS) operations and the advent of generative AI, threat actors have more “easy” buttons at their fingertips to assist with carrying out attacks than ever before. By relying on the growing capabilities in their respective toolboxes, adversaries will increase the sophistication of their activities. They’ll launch more targeted and stealthier hacks designed to evade robust security controls, as well as become more agile by making each tactic in the attack cycle more efficient.

In its 2024 threat predictions report, the FortiGuard Labs team looks at a new era of advanced cybercrime, examines how AI is changing the (attack) game, shares fresh threat trends to watch for this year and beyond, and offers advice on how organisations everywhere can enhance their collective resilience against an evolving threat landscape…

The Evolution of Old Favorites

We’ve been observing and discussing many fan-favorite attack tactics for years, and covered these topics in past reports. The “classics” aren’t going away—instead, they’re evolving and advancing as attackers gain access to new resources. For example, when it comes to advanced persistent cybercrime, we anticipate more activity among a growing number of Advanced Persistent Threat (APT) groups. In addition to the evolution of APT operations, we predict that cybercrime groups, in general, will diversify their targets and playbooks, focusing on more sophisticated and disruptive attacks, and setting their sights on denial of service and extortion.

Cybercrime “turf wars” continue, with multiple attack groups homing in on the same targets and deploying ransomware variants, often within 24 hours or less. In fact, we’ve observed such a rise in this type of activity that the FBI issued a warning to organizations about it earlier this year.

And let’s not forget about the evolution of generative AI. This weaponisation of AI is adding fuel to an already raging fire, giving attackers an easy means of enhancing many stages of their attacks. As we’ve predicted in the past, we’re seeing cybercriminals increasingly use AI to support malicious activities in new ways, ranging from thwarting the detection of social engineering to mimicking human behavior.

Fresh Threat Trends to Watch for in 2024 and Beyond

While cybercriminals will always rely on tried-and-true tactics and techniques to achieve a quick payday, today’s attackers now have a growing number of tools available to them to assist with attack execution. As cybercrime evolves, we anticipate seeing several fresh trends emerge in 2024 and beyond. Here’s a glimpse of what we expect.

Give me that big (playbook) energy: Over the past few years, ransomware attacks worldwide have skyrocketed, making every organisation, regardless of size or industry, a target. Yet, as an increasing number of cybercriminals launch ransomware attacks to attain a lucrative payday, cybercrime groups are quickly exhausting smaller, easier-to-hack targets. Looking ahead, we predict attackers will take a “go big or go home” approach, with adversaries turning their focus to critical industries—such as healthcare, finance, transportation, and utilities—that, if hacked, would have a sizeable adverse impact on society and make for a more substantial payday for the attacker. They’ll also expand their playbooks, making their activities more personal, aggressive, and destructive in nature.

It’s a new day for zero days: As organisations expand the number of platforms, applications, and technologies they rely on for daily business operations, cybercriminals have unique opportunities to uncover and exploit software vulnerabilities. We’ve observed a record number of zero-days and new Common Vulnerabilities and Exposures (CVEs) emerge in 2023, and that count is still rising. Given how valuable zero days can be for attackers, we expect to see zero-day brokers—cybercrime groups selling zero-days on the dark web to multiple buyers—emerge among the CaaS community. N-days will continue to pose significant risks for organizations as well.

Playing the inside game: Many organisations are leveling up their security controls and adopting new technologies and processes to strengthen their defenses. These enhanced controls make it more difficult for attackers to infiltrate a network externally, so cybercriminals must find new ways to reach their targets. Given this shift, we predict that attackers will continue to shift left with their tactics, reconnaissance, and weaponisation, with groups beginning to recruit from inside target organisations for initial access purposes.

Ushering in “we the people” attacks: Looking ahead, we expect to see attackers take advantage of more geopolitical happenings and event-driven opportunities, such as the 2024 U.S. elections and the Paris 2024 games. While adversaries have always targeted major events, cybercriminals now have new tools at their disposal—generative AI in particular—to support their activities.

Narrowing the TTP playing field: Attackers will inevitably continue to expand the collection of tactics, techniques, and procedures (TTPs) they use to compromise their targets. Yet defenders can gain an advantage by finding ways to disrupt those activities. While most of the day-to-day work done by cybersecurity defenders is related to blocking indicators of compromise, there’s great value in taking a closer look at the TTPs attackers regularly use, which will help narrow the playing field and find potential “choke points on the chess board.”

Making space for more 5G attacks: With access to an ever-increasing array of connected technologies, cybercriminals will inevitably find new opportunities for compromise. With more devices coming online every day, we anticipate that cybercriminals will take greater advantage of connected attacks in the future. A successful attack against 5G infrastructure could easily disrupt critical industries such as oil and gas, transportation, public safety, finance, and healthcare.

Navigating a New Era of Cybercrime

Cybercrime impacts everyone, and the ramifications of a breach are often far-reaching. However, threat actors don’t have to have the upper hand. Our security community can take many actions to better anticipate cybercriminals’ next moves and disrupt their activities: collaborating across the public and private sectors to share threat intelligence, adopting standardized measures for incident reporting, and more.

Organisations also have a vital role to play in disrupting cybercrime. This starts with creating a culture of cyber resilience—making cybersecurity everyone’s job—by implementing ongoing initiatives such as enterprise-wide cybersecurity education programs and more focused activities like tabletop exercises for executives. Finding ways to shrink the cybersecurity skills gap, such as tapping into new talent pools to fill open roles, can help enterprises navigate the combination of overworked IT and security staff as well as the growing threat landscape. And threat sharing will only become more important in the future, as this will help enable the quick mobilization of protections.

Threat Predictions for 2024: Chained AI and CaaS operations give attackers more ‘easy’ buttons 

960 640 Guest Post

With the growth of Cybercrime-as-a-Service (CaaS) operations and the advent of generative AI, threat actors have more “easy” buttons at their fingertips to assist with carrying out attacks than ever before. By relying on the growing capabilities in their respective toolboxes, adversaries will increase the sophistication of their activities. They’ll launch more targeted and stealthier hacks designed to evade robust security controls, as well as become more agile by making each tactic in the attack cycle more efficient.

In its 2024 threat predictions report, the FortiGuard Labs team looks at a new era of advanced cybercrime, examines how AI is changing the (attack) game, shares fresh threat trends to watch for this year and beyond, and offers advice on how organisations everywhere can enhance their collective resilience against an evolving threat landscape…

The Evolution of Old Favorites

We’ve been observing and discussing many fan-favorite attack tactics for years, and covered these topics in past reports. The “classics” aren’t going away—instead, they’re evolving and advancing as attackers gain access to new resources. For example, when it comes to advanced persistent cybercrime, we anticipate more activity among a growing number of Advanced Persistent Threat (APT) groups. In addition to the evolution of APT operations, we predict that cybercrime groups, in general, will diversify their targets and playbooks, focusing on more sophisticated and disruptive attacks, and setting their sights on denial of service and extortion.

Cybercrime “turf wars” continue, with multiple attack groups homing in on the same targets and deploying ransomware variants, often within 24 hours or less. In fact, we’ve observed such a rise in this type of activity that the FBI issued a warning to organizations about it earlier this year.

And let’s not forget about the evolution of generative AI. This weaponisation of AI is adding fuel to an already raging fire, giving attackers an easy means of enhancing many stages of their attacks. As we’ve predicted in the past, we’re seeing cybercriminals increasingly use AI to support malicious activities in new ways, ranging from thwarting the detection of social engineering to mimicking human behavior.

Fresh Threat Trends to Watch for in 2024 and Beyond

While cybercriminals will always rely on tried-and-true tactics and techniques to achieve a quick payday, today’s attackers now have a growing number of tools available to them to assist with attack execution. As cybercrime evolves, we anticipate seeing several fresh trends emerge in 2024 and beyond. Here’s a glimpse of what we expect.

Give me that big (playbook) energy: Over the past few years, ransomware attacks worldwide have skyrocketed, making every organisation, regardless of size or industry, a target. Yet, as an increasing number of cybercriminals launch ransomware attacks to attain a lucrative payday, cybercrime groups are quickly exhausting smaller, easier-to-hack targets. Looking ahead, we predict attackers will take a “go big or go home” approach, with adversaries turning their focus to critical industries—such as healthcare, finance, transportation, and utilities—that, if hacked, would have a sizeable adverse impact on society and make for a more substantial payday for the attacker. They’ll also expand their playbooks, making their activities more personal, aggressive, and destructive in nature.

It’s a new day for zero days: As organisations expand the number of platforms, applications, and technologies they rely on for daily business operations, cybercriminals have unique opportunities to uncover and exploit software vulnerabilities. We’ve observed a record number of zero-days and new Common Vulnerabilities and Exposures (CVEs) emerge in 2023, and that count is still rising. Given how valuable zero days can be for attackers, we expect to see zero-day brokers—cybercrime groups selling zero-days on the dark web to multiple buyers—emerge among the CaaS community. N-days will continue to pose significant risks for organizations as well.

Playing the inside game: Many organisations are leveling up their security controls and adopting new technologies and processes to strengthen their defenses. These enhanced controls make it more difficult for attackers to infiltrate a network externally, so cybercriminals must find new ways to reach their targets. Given this shift, we predict that attackers will continue to shift left with their tactics, reconnaissance, and weaponisation, with groups beginning to recruit from inside target organisations for initial access purposes.

Ushering in “we the people” attacks: Looking ahead, we expect to see attackers take advantage of more geopolitical happenings and event-driven opportunities, such as the 2024 U.S. elections and the Paris 2024 games. While adversaries have always targeted major events, cybercriminals now have new tools at their disposal—generative AI in particular—to support their activities.

Narrowing the TTP playing field: Attackers will inevitably continue to expand the collection of tactics, techniques, and procedures (TTPs) they use to compromise their targets. Yet defenders can gain an advantage by finding ways to disrupt those activities. While most of the day-to-day work done by cybersecurity defenders is related to blocking indicators of compromise, there’s great value in taking a closer look at the TTPs attackers regularly use, which will help narrow the playing field and find potential “choke points on the chess board.”

Making space for more 5G attacks: With access to an ever-increasing array of connected technologies, cybercriminals will inevitably find new opportunities for compromise. With more devices coming online every day, we anticipate that cybercriminals will take greater advantage of connected attacks in the future. A successful attack against 5G infrastructure could easily disrupt critical industries such as oil and gas, transportation, public safety, finance, and healthcare.

Navigating a New Era of Cybercrime

Cybercrime impacts everyone, and the ramifications of a breach are often far-reaching. However, threat actors don’t have to have the upper hand. Our security community can take many actions to better anticipate cybercriminals’ next moves and disrupt their activities: collaborating across the public and private sectors to share threat intelligence, adopting standardized measures for incident reporting, and more.

Organisations also have a vital role to play in disrupting cybercrime. This starts with creating a culture of cyber resilience—making cybersecurity everyone’s job—by implementing ongoing initiatives such as enterprise-wide cybersecurity education programs and more focused activities like tabletop exercises for executives. Finding ways to shrink the cybersecurity skills gap, such as tapping into new talent pools to fill open roles, can help enterprises navigate the combination of overworked IT and security staff as well as the growing threat landscape. And threat sharing will only become more important in the future, as this will help enable the quick mobilization of protections.

Nearly half of EMEA CIOs are shifting to co-owning digital leadership with their CxO peers

960 640 Stuart O'Brien
Forty-six per cent of CIOs in Europe, the Middle East and Africa (EMEA) are partnering with their CxO peers to bring IT and business area staff together to co-own digital delivery on an enterprise-wide scale.

That’s according to Gartner’s annual global survey of CIOs and technology executives, which has found that CIO’s relationship with their CxO peers is ‘reaching a different level’.

Daniel Sanchez-Reina, VP Analyst at Gartner, said: “CIOs who co-own efforts with their CxO peers to place the design, management and delivery of digital capabilities with teams closest to the point where value is created, are most effective at maximising digital investments.”

In this CIO-CxO co-ownership, also called democratization of digital delivery, the CIO acts as a franchiser of technology within their organization.

Gartner analysts presented the survey findings during Gartner IT Symposium/Xpo, taking place here through Thursday. The 2024 Gartner CIO and Technology Executive Survey gathered data from 2,457 CIO respondents in 84 countries and all major industries, representing approximately $12.5 trillion in revenue/public-sector budgets and $163 billion in IT spending. In EMEA, 917 CIOs participated in the survey, representing nearly $3.9 trillion in revenue and $66 billion in IT spending.

“Consciously or unconsciously, CIOs have already been laying the foundation for democratized digital delivery with technologies such as low-code platforms,” said Sanchez-Reina. In EMEA, 66% of CIOs said they have deployed or plan to deploy low-code platforms in the next 24 months. Artificial intelligence (AI), which 72% of EMEA CIOs say will be a game-changing technology in the next three years (29% for generative AI), will also rapidly advance the democratization of digital delivery beyond the IT function.

The survey revealed that CIOs’ top areas for investment in 2024 include cybersecurity, data analytics and AI (see Figure 1).

Figure 1. EMEA CIOs’ Expected Change in Technology Investments in 2024

Source: Gartner (November 2023)

CIOs who franchise IT ‘by design’, which is through co-leading, co-delivering and co-governing digital initiatives with their CxO peers, perform significantly better at general IT management activities, such as executive leadership development and digital business strategy.

“Franchiser CIOs are breaking down the barriers of IT, allowing other business units to produce IT beyond using it,” said Sanchez-Reina. “Those business units participate in the IT delivery responsibility and are accountable for the success of their own IT applications and systems they produce. Such participation in technology production goes from managing to implementing and building technology initiatives.

“This shows that the distinction between what is “IT” and what is “business” is becoming virtually impossible.”

There is no one pattern for franchised digital delivery. Several factors such as the enterprise culture and CEO sponsorship will influence the design and inner workings of the franchise model and the ways in which CIOs and their CxO peers engage. Above all, the CIO must coach their business partners on the journey, offering advice and frameworks, and brokering the internal and external connections they need to successfully co-own digital delivery.

“The payoff of modeling CxO-CIO partnerships for digital delivery on a franchise model is substantial,” said Sanchez-Reina. “CxOs who embrace this franchise model are twice as likely to meet or exceed expectations from digital investments, compared with those who don’t embrace it.”

Photo by ThisisEngineering RAEng on Unsplash

The crucial role of audio solutions in IT security for hybrid work models

960 640 Charles

Shure partnered with global market research giant, IDC, to delve deep into the challenges IT security departments may face as they integrate hybrid work models. Drawing from insights of over 600 respondents from a range of countries, including the UK, the study sheds light on IT security concerns surrounding the quality of audio systems and its potential implications for secure and effective communication.

One of the paramount findings was that, while organisations in the UK are spearheading the adoption of hybrid work structures in Europe, they appear to be underestimating the security aspects linked to high-caliber audio solutions. The gaps in audio quality not only hinder effective communication but could also pose potential security risks, especially when critical information is misheard or misunderstood.

It was evident from the study that poor communication and reduced engagement during virtual meetings were key issues businesses were grappling with. Many IT security professionals highlighted that subpar audio equipment is not only a challenge for clear communication but also a potential security vulnerability, especially if employees resort to non-secure means of communication due to poor audio quality.

Globally, 72% of thriving organisations understand the importance of investing in professional-grade audio gear not just for clear communication, but also from a security standpoint. However, the UK seems to lag in this realisation, signifying an urgent call-to-action for IT security teams.

The IDC research underscores that top-tier audio isn’t merely about sound clarity; it’s also about creating a secure communication environment in the era of hybrid work. Quality audio solutions can prevent miscommunications, reduce the need for repeated information transfer, and thus limit exposure to potential security threats.

Key insights from the research with relevance to IT security are:

  • Team Dynamics: 94% of respondents acknowledge that technology which mimics the essence of face-to-face interactions can positively influence team dynamics and motivation.
  • Operational Efficiency: 90% believe robust audio solutions promote inclusive meetings and foster more efficient and secure work sessions.
  • Employee Trust: 90% perceive such investments as an indication of the company’s commitment to their well-being and security.
  • Organisational Reputation: 89% feel it impacts how both staff and external stakeholders perceive the company’s commitment to security.
  • Employee Confidence: 73% believe that quality audio solutions boost their confidence in the organisation’s dedication to secure and clear communication.
  • Decision-Making: 49% recognise its role in facilitating better-informed, and thus more secure, decision-making processes.

For a comprehensive understanding of the study and more in-depth insights, access the IDC Infobrief sponsored by Shure: : https://effortless.shure.com/content-hub/posts/idc-infobrief

Global IT spending set to hit $4.7 trillion in 2023, driven by automation

960 640 Stuart O'Brien

Global IT spending is projected to grow by 4.3% this year to reach $4.7 trillion, with CIOs continuing to lose the competition for IT talent, leading to a shift in spending towards technologies that enable automation and efficiency to drive growth with fewer employees.

“Digital business transformations are beginning to morph,” said John-David Lovelock, Distinguished VP Analyst at Gartner. “IT projects are shifting from a focus on external facing deliverables such as revenue and customer experience, to more inward facing efforts focused on optimization.”

The software segment will see double-digit growth in 2023 as organizations increase utilization and reallocate spending to core applications and platforms that support efficiency gains, such as enterprise resource planning (ERP) and customer relationship management (CRM) applications. Vendor price increases will also continue to bolster software spending through this year.

While the overall outlook for enterprise IT spending is positive, devices spending will decline 8.6% in 2023 due to the ongoing impact of inflation on consumer purchasing power (see Table 1).

Table 1. Worldwide IT Spending Forecast (Millions of U.S. Dollars)

  2022 Spending 2022 Growth (%) 2023 Spending 2023 Growth (%) 2024 Spending 2024 Growth (%)
Data Center Systems 221,223 16.6 217,880 -1.5 235,530 8.1
Devices 766,279 -6.3 700,023 -8.6 748,150 6.9
Software 803,335 10.3 911,663 13.5 1,039,175 14.0
IT Services 1,305,699 7.5 1,420,905 8.8 1,585,373 11.6
Communications Services 1,423,075 -1.9 1,461,662 2.7 1,517,877 3.8
Overall IT 4,519,610 2.7 4,712,133 4.3 5,126,105 8.8

Source: Gartner (July 2023)

“The devices segment is experiencing one of its worst growth years on record,” said Lovelock. “Even as inflation eases slightly in some regions, macroeconomic factors are still negatively impacting discretionary spending and lengthening device refresh cycles. Devices spending is not expected to recover to 2021 levels until at least 2026.”

While generative artificial intelligence (AI) is top of mind for many business and IT leaders, it is not yet significantly impacting IT spending levels. In the longer-term, generative AI will primarily be incorporated into enterprises through existing spending.

“Generative AI’s best channel to market is through the software, hardware and services that organizations are already using,” said Lovelock. “Every year, new features are added to tech products and services as add-ons or upgrades. Most enterprises will incorporate generative AI in a slow and controlled manner through upgrades to tools that are already built into IT budgets.”

“When it comes to AI this year, organizations can thrive without having AI in production but they cannot be without a story and a strategy,” added Lovelock.

‘Overwhelmed’ cyber analysts fear their organisation could already be breached

960 640 Stuart O'Brien

97% of cyber analysts are worried they will miss security events, with 71% admitting their organisation may have been compromised and they don’t know about it yet.

That’s according to a study by Vectra AI, which details how analysts are being overwhelmed, as they receive 4,484 alerts on average per day, but can’t cope with 67% of them.

This is pushing analysts out the door, as two thirds (67%) of SecOps (Security Operations) analysts are considering or actively leaving their jobs.

The survey of over 2,000 IT security analysts found the size of their organisation’s attack surface (63%), and the number of security tools (70%) and alerts (66%) they manage, has significantly increased in the past three years. This is creating a “spiral of more” which threatens to overwhelm their ability to respond quickly to alerts and manage breaches and is causing analysts to consider leaving their jobs.

What’s more, sifting through false alerts is costing organisations approximately $3.3bn annually in the US alone, and using up analysts time to spot and respond to potentially serious breaches. Other key findings from the research include:

  • 39% say there’s so much noise, it’s only a matter of time until they miss something.
  • 39% agree the security tools they work with increase their workload rather than reduce it.
  • 41% agree that security vendors flood analysts with pointless alerts because they are afraid of not flagging a breach.
  • The most common reason analysts gave for leaving or considering leaving their role was spending too much time sifting through poor quality alerts (39%).
  • Other reasons given included constant stress (35%), burnout (34%), and feeling “mind-numbingly bored” (32%).

“As enterprises shift to hybrid and multi-cloud environments, security teams are continually faced with more – more attack surface, more attacker methods that evade defenses, more noise, more complexity, and more hybrid attacks,” said Kevin Kennedy, senior vice president of products Vectra AI. “The current approach to threat detection is broken, and the findings of this report prove that the surplus of disparate, siloed tools has created too much detection noise for SOC analysts to successfully manage and instead fosters a noisy environment that’s ideal for attackers to invade. As an industry, we cannot continue to feed the spiral, and it’s time to hold security vendors accountable for the efficacy of their signal. The more effective the threat signal, the more cyber resilient and effective the SOC becomes.”

Image by Ahmed from Pixabay

Amazon drives IaaS market to new highs

960 640 Stuart O'Brien

The worldwide infrastructure as a service (IaaS) market grew 29.7% in 2022, to total $120.3 billion, up from $92.8 billion in 2021, according to new data.

Analysis by Gartner indicates Amazon retained the No. 1 position in the IaaS market in 2022, followed by Microsoft, Alibaba, Google and Huawei.

Cloud has been elevated from a technology disruptor to a business disruptor,” said Sid Nag, VP Analyst at Gartner. “IaaS is driving software-as-a-service (SaaS) and platform-as-a-service (PaaS) growth as buyers to continue to add more applications to the cloud and modernize existing ones.”

“IaaS growth in 2022 was stronger than expected, despite a slight softening in the fourth quarter as customers focused on using their previously committed capacity to its fullest potential,” added Nag. “This is expected to continue until mid-2023 and is a natural outcome of the market’s maturity. We expect an acceleration in 2024, as there is still room for plenty of additional future growth.”

In 2022, the top five IaaS providers accounted for over 80% of the market. Amazon continued to lead the worldwide IaaS market with revenue of $48.1 billion and 40% market share (see Table 1).

Table 1. Worldwide IaaS Public Cloud Services Market Share, 2021-2022 (Millions of U.S. Dollars)

Company 2022
Revenue
2022 Market
Share (%)
2021
Revenue
2021 Market
Share (%)
2021-2022
Growth (%)
Amazon 48,126 40.0 35,380 38.1 36.0
Microsoft 25,858 21.5 19,153 20.6 35.0
Alibaba Group 9,281 7.7 9,060 9.8 2.4
Google 9,072 7.5 6,433 6.9 41.0
Huawei 5,249 4.4 4,190 4.5 25.3
Others 22,746 18.9 18,565 20.0 22.5
Total 120,333 100 92,782 100 29.7

Source: Gartner (July 2023)

Microsoft followed in the No. 2 position with 21.5% share, reaching over $25 billion in IaaS public cloud revenue in 2022. Microsoft’s software-first strategy continued to support its IaaS growth as customers required more cloud capacity to support automation, advanced analytics and digital workplace capabilities.

Alibaba Group again held the No. 3 position with 7.7% market share, although with modest 2.4% year over year growth. While Alibaba continued to lead the IaaS market in China, its limited potential for expansion across global markets has slowed growth, driving its recent decision to spin off its Alibaba Cloud business into a separate entity.

Google saw the highest growth rate of the top five IaaS vendors, growing 41% in 2022 to reach over $9 billion in revenue. Google’s increased investment in sovereign cloud and expanded sales and marketing partner programs helped to broaden its customer base and drive additional IaaS revenue.

Huawei rounded out the top five IaaS vendors with 4.4% market share and $5.2 billion in revenue for 2022. Since its 2020 pivot to an increased focus on cloud, Huawei has been steadily growing its IaaS revenue in China and emerging markets.

Generative AI will continue to drive the cloud market forward, particularly as hyperscalers look to support offerings beyond the existing, democratized generative AI solutions,” said Nag. “As enterprises integrate generative AI into their technology portfolio, new markets and opportunities for cloud hyperscalers will emerge related to sovereignty, ethics, privacy and sustainability.”

Image by ananitit from Pixabay

Banking and investment sector IT spending to hit $652bn this year

960 640 Stuart O'Brien

Worldwide banking and investment services IT spending is forecast to total $652.1 billion in 2023, an increase of 8.1% from 2022, with software experiencing the largest growth with an increase of 13.5%.

“Current economic headwinds have changed the context for technology investments in banking and investment services this year,” said Debbie Buckland, Director Analyst at Gartner. “Rather than cutting IT budgets, organizations are spending more on the types of technologies that generate significantly higher business outcomes. Spending on software, for example, is shifting away from building it in-house, in favor of buying solutions that generate value from investments more rapidly.”

According to the Gartner 2023 CIO and Technology Executive Survey, banking and investment services CIOs will spend the largest amount of new or additional funding in 2023 on cybersecurity, data and analytics, integration technologies and cloud.

More than half plan to increase investments in cloud, while reducing IT spending in their own data centers. This is reflected by slower growth in data center systems spending from 13.2% in 2022 to 5.7% in 2023 (see Table 1). Banks are disengaging from tangible assets and capital expenditure (capex) in favor of adopting services and operating expenditure (opex), to meet evolving customer and market expectations.

Table 1. Worldwide Banking and Investment Services IT Spending Forecast (Millions of U.S. Dollars)

  2022 Spending 2022
Growth (%)
2023 Spending 2023
Growth (%)
Data Center Systems 34,467 13.2 36,433 5.7
Devices 37,961 -9.9 37,149 -2.1
Internal Services 52,933 -2.2 55,156 4.2
IT Services 246,698 5.2 269,735 9.3
Software 153,268 11.2 174,014 13.5
Telecom Services 77,736 -2.9 79,599 2.4
Total 603,063 4.1 652,086 8.1

Source: Gartner (June 2023)

“To deal with the current economic climate, banking and investment services CIOs are now prioritizing more conservative objectives that support resilient and sustainable growth, such as a better customer experience (CX) and more efficient operations,” said Pete Redshaw, VP Analyst at Gartner. “This is a change from previous years when outright growth – new territories, new customers, new lines of business – was the primary objective of banking CEOs.”

Driven by the increased use of consulting services and infrastructure as a service (IaaS), IT services will be the largest spending category, forecast to reach almost $270 billion in 2023. This is an increase of 9.3% over 2022, reflecting the increasingly important role IT service providers play in helping banking and investment services organizations navigate emerging opportunities and challenges.

“Economic uncertainty is leading organizations to break down long-term contracts into multiple shorter projects,” said Buckland. “They’re also reluctant to sign new contracts, commit to long-term initiatives or take on new technology partners, which is driving an increase in the use of IT consulting services.”

With the global talent shortage impacting banking and investment services organizations, spending on internal services will increase by 4.2% in 2023 to support the increased costs of hiring and retaining talent.

“Even after the recent widespread redundancies at many of the technology giants, banks are no longer seen automatically by top talent as the most desirable, rewarding or stimulating destinations,” said Redshaw. “More innovative solutions are needed, such as dropping the requirement for university education and adding benefits such as lifetime retraining, hybrid teams, agile methods and fintech partnerships.”

AI and edge computing taking video surveillance in to new phase of growth

960 640 Stuart O'Brien

New advancements in Artificial Intelligence (AI) and edge computing for video analytics are energising the video surveillance market, with these trends driving the global installed base of cameras to 1.2 billion in 2030.

“By harnessing new advancements in AI and edge computing, all areas of a business can consider surveillance cameras as intelligent Internet of Things (IoT) devices that can gather data and issue alerts without human intervention,” says Lizzie Stokes, IoT Hardware & Devices and IoT Networks & Services Analyst at ABI Research. “The surveillance cameras on the market today are smarter and more powerful than their predecessors, prompting more companies to view cameras as accurate sensors that can predict human behavior.”

Lines of business such as marketing and HR are investing in video analytics solutions and smart cameras to bolster company profits and improve operational efficiency. These expanded use cases are increasing the business value of video surveillance cameras, once considered customary tools reserved for security and monitoring teams. Business units use AI-equipped surveillance solutions to track customer spending and satisfaction and monitor employee health and safety.

Verticals like manufacturing use smart cameras to spot defective products on the factory floor, and municipalities use video surveillance solutions to improve public safety and optimize traffic patterns. New use cases for AI video analytics are transforming the industry as more customers shift investments toward services that mine surveillance footage for operational insights. Video surveillance vendors will continue to evolve their business models and product offerings to meet new demand from verticals and lines of business. Evolutions in camera connectivity technology have introduced new form factors, like advanced body cameras for law enforcement and cellular trail cameras for hunters. These new form factors and use cases will invigorate a market experiencing lower shipment growth.

Most surveillance camera manufacturers today provide AI-equipped cameras, and these smart devices have been essential catalysts in moving cameras beyond their traditional uses in security. Key video surveillance companies include Axis Communications, Honeywell, and Bosch. Motorola has also become an important player in the market after acquiring several popular video surveillance brands, some featuring cloud product portfolios. Chinese manufacturers Hikvision and Dahua continue to be the largest and most controversial companies in the video surveillance market, as more Western governments ban or remove their products from governmental buildings out of concerns for national security.

“The video surveillance industry experienced higher growth a decade ago and has since grappled with international disagreements, privacy concerns, and the threat of increased regulation. Though the market is maturing now, it has the potential to be transformed by new, value-adding use cases and form factors,” Stokes concluded.