60 Data Protection Predictions from 30 Experts for 2021
We polled 30 experts and received 60 data protection predictions for 2021.
As part of the second annual Solutions Review #BUDRInsightJam, we called for the industry’s best and brightest to share their data protection predictions for 2021. The experts featured here represent the top data protection solution providers with experience in this niche. Data protection predictions have been vetted for relevance and ability to add business value as well. These are the 60 best predictions from the dozens we received. We believe these are actionable and may impact a number of verticals, regions, and organization sizes.
Note: Predictions are listed in no particular order.
Jon Toor, CMO of Cloudian
Cyber Insurers Will Demand More Robust Data Protection
Although cyber insurance will back enterprises up if a breach occurs, insurers will expect their customers to do everything possible to protect against one to minimize risk. It will be critical for enterprises to implement data storage with the right set of security protections to be eligible for cyber insurance and receive the best rates in 2021.
Ransom Will Be Taken Out of Ransomware in 2021
As remote work and learning continue into 2021, ransomware attacks will become more manageable as enterprises will opt for immutable backup data repositories on top of perimeter security solutions. This ensures they can restore a clean copy of data in the event of an attack without needing to pay the ransom. Ransomware will no longer be a potential catastrophe, causing downtime rather than an existential threat of data being held hostage for exorbitant sums.
Self-Managing Storage in Data Centers Will Become Mainstream
Automation will expand as a critical component of storage systems to replicate data for disaster recovery, manage immutable copies of data, monitor hardware for potential failures, and proactively initiate replacement tickets. Enterprises will increasingly rely on automation to reduce outages and disruptions with predictive maintenance – ultimately saving costs, enhancing security, and adapting to evolving workload needs.
Organizations Look for New Ways to Use Object Storage and Kubernetes Together
In an increasingly cloud-native world, modern applications will increasingly be deployed in capacity-intensive workloads. Object storage provides the scalable infrastructure to support these large workloads. Organizations will look for new tools and approaches that make it easier to use object storage and Kubernetes together for massive cloud-native workloads.
Kubernetes Will Migrate to On-Prem as the Next Wave of Virtualization Gives Way
Kubernetes will see rising on-prem adoption, with VMware leading the trend. During the next year, VMware will introduce more products and partnerships to drive Kubernetes on-premises further and make the technology available to a whole new mainstream audience. Until recently, the major public cloud providers dominated the conversation around Kubernetes, arguing that almost everything, especially Kubernetes deployments, should be located in the public cloud. However, more and more enterprises have begun to realize that Kubernetes-based workloads (and many workloads in general) are a better fit on-prem, depending on their specific business needs.
Flash Vendors Will Try to Improve Scalability, but Will Struggle to Re-Architect Their Platforms in the Process
Organizations will increasingly use flash storage to support performance-intensive workloads such as artificial intelligence, machine learning, and data analytics. However, these organizations will struggle mightily to re-architect their platforms as they try to scale up their flash storage platforms to accommodate the growing data volumes associated with these workloads.
Object Storage Shatters the Myth That It’s Only Used for Archive
Although object storage is best known as a backup and archive storage solution, three trends will expand that perception in 2021. First, flash-based object storage will gain favor in data analytics workloads that also have high capacity requirements. Second, S3-compatible storage will simplify Kubernetes deployments, making it a logical choice for modern applications. Third, cloud-native applications will be increasingly be deployed on-prem, driving the need for on-prem S3-compatible storage to enhance application portability. As a result, more organizations will use object storage to support compute-heavy use cases, such as AI, ML, and data analytics, shattering the “cheap and deep” myth once and for all.
David Farajun, CEO of Asigra
Ransomware Attacks on Kubernetes Containers
The deployment of Kubernetes-based containers is growing rapidly as it allows software to run consistently between computing environments, making it highly portable, productive, and ideal for digital transformation. Along with these advantages comes the generation of massive data volumes, making these new environments prime targets for new ransomware variants. Mitigating these attacks will require an industry-wide approach to ensuring the viability of these environments before, during, and after such attacks.
Cyber-Targeting of SaaS-Based Applications
With the increase in distributed enterprise operations and remote work environments, there will be continued adoption of SaaS-based applications. Beyond the flexible use of these applications, they offer cost, time, and scalability advantages in many cases. However, they also create a new data source that is vulnerable to ransomware and must be protected.
AI-Driven Cyber-Attacks
Artificial intelligence and the technologies that enable it are becoming more advanced. The resulting new capabilities are allowing criminal organizations to conduct more complex and targeted attacks. To counter these more intelligent attacks, organizational defenses must also evolve.
Ransomware Payments to Become Illegal
The US government has expressed intentions to align the payment of cyber ransoms with the support of terrorist organizations and will likely make these payments illegal. It is expected that other nations will enact such laws as well, especially to defend against possible nation-state sponsored actors. Without the ability to retrieve criminally encrypted data or recover properly, ransomware attacks will become business ending events.
Managed Security Service Provider Registration with the Government
The US government will move to require MSPs/MSSPs that provide cybersecurity services to register their organizations with the government, adding more regulations as the ransomware trend continues to accelerate.
Flint Brenton, CEO of Centrify
Nearly every business will be cloud reliant, leveraging multiple cloud providers. When COVID-19 hit, many organizations moved their workloads into the cloud for better resource availability and business continuity. In fact, a recent Centrify study revealed the remote work shift rapidly accelerated half of companies’ cloud transformation plans. For those who were not cloud-first, the pandemic revealed a glaring reality: businesses must embrace the cloud as a necessity in the modern tech landscape rather than view it as an option.
Looking to 2021 and beyond, almost all businesses will rely on cloud storage, infrastructure, and workloads to survive. Mid-size, large, and global enterprises will look to leverage multiple cloud providers to meet a range of requirements for both centralized and per-business-unit priorities. Utilizing an approach centered around increased efficiency, agility, and security, businesses can be better equipped for this inevitably multi-cloud focused future.
Carl D’Halluin, CTO of Datadobi
Cloud consumption is going to accelerate, creating a wider need for organizations to embrace hybrid storage setups. Organizations will need software to manage their unstructured data in this decentralized storage world. Businesses in every industry are wondering about the practicality of their on-premise storage gear now that their employees, customers, and other stakeholders are all working from home. As cloud file systems continue to mature, cloud vendors will see higher adoption rates as they add features and prove stability. As a result, at some point in the next year, customers will wonder if they should spend money on a fully duplicated on-premise file server infrastructure or if they should redirect that money to the cloud to enable global data availability, data protection, and data archival.
As organizations move away from a single-vendor on-premise storage infrastructure and look to a fully comprehensive storage plan that likely includes an increase in cloud, they will begin to buy from more than one vendor for a comprehensive storage solution. In this multi-vendor world, customers will need software to manage their unstructured data — no matter the placement. In the new hybrid setups, most organizations will have in 2021 and beyond, it is important that data sets are moved, copied, or archived to the optimal locations. By utilizing software created for unstructured data management, IT administrators can see an overview of their data and, as a result, set up policies, satisfy compliance regulation, protect against threats, and optimize costs for their storage.
Michael Jack, VP of Global Sales and Co-Founder of Datadobi
In 2021, organizations that understand unstructured data management are going to be the winners. On a global scale, unstructured data is growing at such a rapid pace that the sheer amount of it is out of control. This makes it difficult for organizations to make informed decisions when staring into such a muddled abyss. Having a strategy to manage unstructured data is now essential and will put space between the leaders and those forced to play catch up. But, devising a strategy for such a complex environment isn’t innate to most enterprise-scale organizations–they’ll need help.
Vendors that understand management of unstructured data will be the differentiating factor that most organizations are looking for. Experienced vendors can provide knowledgeable insights to optimize unstructured storage environments. More and more, important business decisions will revolve around migrating data into the cloud and then about how to protect it, move it around, and archive it. In the year ahead, businesses that have ballooning quantities of unstructured data will need guidance on how to make use of it, what insights can be gleaned from it, and how to make informed decisions based on it.
Steve Leeper, Office of the CTO at Datadobi
In 2021 visibility and management of massive datasets will be the name of the game. Enterprise IT professionals will be seeking solutions that give them valuable insights into the datasets for which they are responsible. Beyond getting insights into the data, they will need innovative technology that allows them to take action and manage the data in a reliable and automated fashion. The story does not end there; however, as these same professionals will want world-class service and support to ensure the solution meets all the needs of their organization. They will be looking to their trusted channel advisors (VARs, SIs, and distributors) for a relationship that doesn’t end at the loading dock. IT professionals will be seeking a true partner that is able to help them to navigate the entire data movement process, in a highly predictable manner — from identifying the right data to move, to helping them to move it as quickly, accurately, securely, and cost-effectively as possible — all while maintaining critical capabilities, such as chain of custody tracking and integrity reporting.
Robert Van der Meulen, Global Product Strategy Lead at Leaseweb Global
Expanding enterprises can start quickly if they design their infrastructure in a flexible way with hybrid cloud. With IT spending under scrutiny in the midst of the current economic climate, enterprises and SMBs alike are going to be eager to move out of the public cloud. Public cloud is satisfactory if you need a lot of scalability in the short term, but costs greatly increase for this flexibility. Companies are going to be more risk averse, cost effective and grow in dependence upon connectivity as the remote work trend increases in all industries. The drive for connectivity and bandwidth will lead enterprises to move to areas that have prioritized connectivity, such as China and other Asian-Pacific countries and certain parts of Europe.
Hybrid cloud will be a key tool for expanding enterprises and allows companies to procure flexible capacity and experience easy growth start-up when developing in a new region. Once revenue begins to come in they can work with infrastructure providers to move to more effective solutions such as colocation, bare metal servers or content delivery networks depending on the need. Infrastructure providers who specialize in hybrid solutions can evaluate your business needs and workloads to match the right type of technology to your requirements. With the right hybrid infrastructure in place, organizations can rest assured that their expansion will start off on the right foot.
Charles Burger, Global Director of Assureon Solutions at Nexsan
Historically, data migration, data replication, and data synchronization have been complicated endeavors that result in creating obstacles, instead of delivering the strategic business value, IT benefits, and budgetary advantages for which they were intended. Consequently in 2021, data mobility will climb the priority list of virtually all data center professionals – especially, as they accelerate their integration of multiple cloud providers, alongside existing infrastructure. It will therefore be critical that they employ strategies and solutions that enable seamless movement of data across heterogeneous on-premises, remote, and cloud environments.
Cassius Rhue, VP of Customer Experience at SIOS Technology
Business Continuity and Disaster Recovery Will Drive Adoption of Hybrid Cloud and Multi-Cloud Configurations
As Cloud adoption takes center stage in IT infrastructure configurations, companies will begin using more hybrid and multi-cloud configurations to solve long-standing challenges to business continuity and disaster recovery. Companies will increasingly use the cloud to enable geographically separated offsite replication or failover for disaster protection. They will look to extend failover clustering not only across cloud availability zones but across different cloud vendors. The expansion of private cloud usage brought on by the growth of the increasing availability needs of the applications required for monitoring this new, broad class of IoT devices.
Companies Will Look to Use Backup and HA Data for DevOps
Companies will look to get more value from replicated data ‘at rest’ to use it for more than simply disaster recovery. Companies will tap stored data for a variety of testing, including DevOps testing, and availability and failover testing.
Storage Agnostic HA/DR Protection Will Be Required
Companies are no longer tethered to their SAN or NFS storage. All manner of storage solutions are being used in the cloud and on premises. Protecting all of that data and enabling the flexibility to implement hybrid cloud environments will mean a greater need for high availability solutions that work equally well with all types of storage.
Expectations for Automation and Ease of Use Set by Machine Learning, Artificial Intelligence, will Extend to More IT Infrastructure purchasing
Enterprises will find new applications for machine learning technologies that automate manual processes and enhance monitoring capabilities. Companies will look for products that deliver deeper monitoring, more automation and value-added information across their IT spend. For example, availability solutions that provide application-aware monitoring and automation of configuration and management tasks would be prioritized over traditional failover solutions. New innovations in HA will emerge to handle the increasing complexity of failures and disasters brought on by IoT devices and their dependencies.
Jason Schmitt, General Manager at Synopsys
As profound an impact as DevOps has had on application security programs and practices in the past few years, the acceleration of cloud adoption during the pandemic is shifting the software security landscape even more dramatically. To get ahead of this cloud transformation, software security will evolve again into a risk-based vulnerability management service. Security teams will arm developers with “point of capture” tools to eliminate vulnerabilities during development and provide policy guardrails for enabling speed. We’ll see increased demand for API security, cloud application security, application security orchestration services and consolidated risk-based vulnerability management approaches to software risk reduction.
Craig Theriac, VP of Product Management at Scale Computing
Hyper Convergence Will Drive the BUDR Market
Technology leaders ultimately want less tools to do more things and are under greater pressure to reduce their IT overhead in order to prioritize ‘change the business’ initiatives. The trend of hyperconverged infrastructure in which storage, network, and compute are unified within a single tool will continue to drive innovation in the BUDR market as it allows time and resource-strapped IT teams to improve their operational efficiency
Ransomware Attacks Become More Targeted in 2021
While 2020 wasn’t a particularly good year for most people, it was a pretty great year for ransomware operators who have had tremendous success encrypting and leaking the sensitive data of their victims. We expect that ransomware gangs will rely less on the ‘cast a wide’ net approach of the past and spend more time up front cherry picking their victims based in part on the perceived value of the data that they house. In response, IT and security teams will need to equally prioritize their ability to quickly rebuild their systems as they do with keeping attackers from infiltrating the network.
Solution Providers Will Embrace DRaaS
The managed service provider market continues to be one of the fastest growing segments in the IT channel and consequently, it remains one of the most competitive which is why we believe the rapidly maturing DRaaS market represents a key opportunity for managed service and solution providers to differentiate their solution portfolio in an increasingly crowded marketplace.
Patrick Doherty, Chief Revenue Officer at Flexential
Many businesses are keeping employees remote for the foreseeable future. This means maintaining an accessible, secure data infrastructure is key to keeping operations protected and “always on” during what has become a protracted work-from home time. There is no tolerance for downtime with high numbers of employees in remote offices. While IT budgets may be tight in the New Year, I expect IT departments to double down on their business resiliency investments. I anticipate the adoption of Disaster Recovery as a Service (DRaaS) will continue to grow. DRaaS provides faster implementation, increased business continuity and potential cost reduction compared to traditional in-house DR infrastructure. In some cases, these reductions can be as much as 50%. This potential cost savings can be a significant driver for the consideration and adoption of DRaaS, especially when IT leaders are looking to improve DR capabilities with limited investments.
To effectively carry out their disaster recovery strategy, organizations will also put a renewed focus on employee user education, including cybersecurity awareness. For employees to understand the risk of downtime and data loss, they must know what could happen if they don’t use the corporate VPN, a secure router, update their passwords, or click on a suspicious email.
George Coregudo, CTO of Redpoint Global
In the New Year, organizations will be hyper focused on securing their cybersecurity perimeter to alleviate potential data risks. With the digital shift resulting from the pandemic, companies are having to maintain a more personalized web experience to keep consumers interested and avoid fast click-through rates. In order to deliver such a personalized experience, though, they must bring more customer data to the organization’s perimeter. This influx of data exposes brands to potential breaches. Malicious actors know this and are ready to pounce, making security and data encryption paramount in 2021.
Beyond the perimeter, organizations in the New Year will work to deliver personalization in a hyper-respectful way, putting added protections around the gathering of consumer data, including the reduction of reliance on third party platforms. Lastly, given the global impetus behind a new level of security and privacy standards, including GDPR and CPRA, brands will have to prove that they’ve forgotten consumer data, and show everything that’s happened to it since the initial encounter. These elements, when combined, will ensure that companies remain both secure and compliant, ultimately inspiring stronger consumer loyalty.
Jamie Zajac, VP of Product Management at Carbonite
2021 will bring more SaaS applications and thus the increased need to secure them. 2FA must be a minimum requirement along with antivirus protection and cloud-based backup recovery to ensure data and business continuation.
Vulnerable industries like hospitality and travel are starting to use more remote access platforms (square, etc.), giving sometimes an alarming amount of control to a third party. To keep secure in 2021 and beyond, companies in these industries will need to make sure that data is protected uniformly on their end and keep a close eye on what data is shared/collected by third parties.
Looking back to BUDR predictions from 2020, no one could have anticipated the overwhelming challenges we’d face this year. Many 2020 BUDR trends evolved as a response to the pandemic and will persist into 2021 as organizations continue to be challenged by the growth in information volume parallel to our new WFH environments. This quantity of data is difficult to index, understand, and secure, making it likely that data leak attacks and information exfiltration will occur at an ever-increasing rate. In 2021, the ability to secure access to data based on content rather than security controls will become crucially important for the remote workforce. IT teams will need to invest in tools that provide secure access to data as BUDR becomes a growing priority.
Joe Jaroch, VP of Endpoint Solutions Engineering at Webroot
Organizations will continue to be challenged by the growth in information volume. This quantity of data is difficult to index, understand, and secure. Because of users working remotely, it’s likely that data leak attacks and information exfiltration will occur at an ever-increasing rate, in addition to the risks posed in data which fall outside standard backup protocols. In 2021 and beyond, the ability to secure access to data based on its content rather than assume that security controls are sufficient will become crucially important in a fully remote workforce.
Briana Butler, Engineering Services Manager at Webroot
Automation has been one of the hottest topics of 2020 and it is showing no sign of slowing down as we approach the New Year. Cybersecurity, like many other industries, is becoming increasingly automated and the days of needing to manually set up and deploy security solutions, especially BUDR solutions, is quickly coming to an end. In 2021, organizations will need to upskill of their cybersecurity workforce to analyze complex data, develop algorithms, and understand machine learning techniques in order to effectively synthesize vast amounts of data and derive actionable value from it. 2020 has expedited the growth in IT complexities as a result of our new WFH environments, and these news skills are essential to making BUDR more effective in the future.
Stephen Manley, CTO of Druva
As the pandemic shifted daily life online and data became the lifeblood of organizations, Druva sought to measure the change in value of data as a business asset. Our survey of 700 IT leaders in the US and UK discovered that 33% of IT leaders believe the value of data has increased permanently since March 2020, however the creation of data silos is limiting accessibility. Even as 73% of IT decision makers rely more on data to make business decisions, 41% say that the data collected is not readily available when needed for decision making.
Most surprisingly, 62% saw the need to advance their organizations ability to better assess and assign value to data and the same 62% was concerned about potential future liability for not measuring or having an inaccurate valuation of data. In the year ahead, we’ll see increased pressure on IT teams to further maximize managing growing volumes of data on lean IT budgets. To address the issue, our survey found that 37% of respondents plan to apply artificial intelligence and machine learning technologies. Meanwhile, C-level executives and legal teams will be increasingly focused on accurately assessing the value of data to both avoid liabilities and maximize business benefits.
Drew Daniels, CIO and CISO of Druva
Cyber-criminals have strategically used this period of digital transition to perfect ransomware tactics, conduct extensive research on targets and take advantage of the most critical business asset: data. However, now with many organizations operating almost exclusively online, loss of data is even more dangerous. According to a new research from Druva of 700 IT leaders in the US & UK, nearly half (47%) of IT leaders say their organization can only go up to four hours without access to data before causing serious harm to their business. 73% of IT leaders are more concerned now with protecting their organizational data from ransomware than prior to the pandemic.
Since March 2020, 43% of survey respondents reported an increase in data outages and 40% reported human error tampering data. As we enter the holiday shopping season, when data’s #1 priority is optimizing the customer experience, cyber-criminals locking up data will have even greater disastrous consequences. Organizations will need to double down on data protection to ensure business continuity.
What industry is most vulnerable to ransomware attacks?
While all organizations remain at risk in part due to the work from home, I believe healthcare will be the most targeted industry in the next year. In 2021, ransomware will target healthcare even more so than in 2020. As R&D organizations scramble to find a vaccine for the COVID-19 pandemic, ransomware threat actors will similarly be scrambling to make a profit even more so than before. Threat actors will be targeting medical research laboratories, big pharma, biotechnology companies and any third party companies that healthcare works with, as these organizations will likely be storing the patient data being analyzed in order to create a vaccine. Biotechnology, pharma and medical organizations will have to step up their cybersecurity posture in order to keep up with the wave of new attacks. It will no longer be an option, especially given the pressure for coming up with a vaccine that is tested and safe.
In 2020, threat groups perfected ransomware tactics while in 2021, the focus will be extorting stolen and sensitive patient data in order to gain the largest profit possible.
Everyone will need to focus on data recovery, but the threat surface will be dynamic. Protection and recovery must be included in any strategy because successful attackers are taking multiple approaches, while also threatening to expose data they’ve exfiltrated. A strong data protection architecture will be key to ensure endpoints aren’t cluttered unnecessarily with sensitive or confidential data like PII. Instead, the focus should be on backing up such data, and then restoring it temporarily at a future time, if and when required. you back up the data and if you need it down the road you can restore it temporarily. Additionally, organizations should think about more aggressive reminders or maybe even penalties for not following data lifecycles, which will be important to minimize exposure risks.
Research suggests that ransomware attacks show no sign of slowing down.
As studies have shown, ransomware is big money. With cryptocurrencies flourishing and their traceability questionable, coupled with continued payments from victims (despite all warnings otherwise) the attackers and bad actors will continue their assault and likely try even harder to get to the data. Unfortunately as data’s value continues to rise so does the profit in exploiting, exfiltrating and stealing this data.
Extortionware is on the rise, though there is a big dilemma in the US as the Treasury Department warned the organizations that opt to pay ransomware demands will be fined. What does this mean for ransomware operators?
We will inevitably continue to see ransomware into 2021 and beyond. People and organizations that are willing to circumvent the system, and feel their data is more important than others, will find a way. Payments that are clandestine using cryptocurrency are hard to track and only fuels the cycle for more attacks and payments by others in the same situation. The Treasury Department can only do so much, and even if they manage to clamp down on this anymore than we (as security leaders) have already done, the unfortunate truth is: where there’s a will, there’s a way. This is the same reason why despite the continued insistence not to pay ransoms, ransomware has only grown. Because the reality is people pay and that only in turn encourages more bad behavior.
Borya Shakhnovich, CEO of airSlate
I expect enterprise focus on compliance to grow substantially in the new year. Knowing that data regulations like GDPR and the recently approved CRPA are increasing and require significant investment, I expect to see more market players purchasing automation solutions from experienced third-party providers who already meet all necessary requirements, rather than building their own solutions from the ground up. Third party providers will help to better maintain organization’s data compliance and security efforts across their digital infrastructure.
Joe Gaska, CEO of GRAX
Backup Data Will Evolve from Insurance Policy to Revenue Driver
Backup has always been seen as a one-trick pony: an insurance policy for disaster/data recovery. Companies back up their data ‘just in case,’ and never touch it again unless there’s an outage or data loss. But as more companies rely on SaaS applications for business-critical CRM, ERP, ecommerce, and more, they will realize that leaving data to essentially die in storage is doing a huge disservice to their business. SaaS backup data will be seen as a strategically valuable historical change data set. There will be an increase in the need to fully tap the value of that backup data for compliance, customer trend analyses, market expansion planning, and revenue acceleration.
Businesses Will Push Hard for SaaS Data Ownership
Most SaaS vendors store their customers’ data in their own apps and lease back limited access to that data to their customers. This practice will become increasingly untenable for their customers . Businesses will continue to push to take back ownership and control of sensitive data stored in third-party SaaS/cloud applications. They will use this data for everything from regulatory compliance, privacy and security (ensuring they have complete audit trails of changes to customer data; mitigating the potential affects of ransomware) to customer retention and growth (easy access to historical data for trends analyses and more). They will do this by snapshotting, replicating or otherwise ‘backing up’ all their SaaS data to their own organization’s cloud environments.
RPO will Continue to Shrink to Zero
Organizations will have a much lower tolerance for data loss as SLAs tighten and storage costs continue to drop. More than half will want to have RPO (recovery point objective) inside of 15 minutes and more than a quarter will want to have zero data loss – meaning they will want to capture every single change in data in near real-time. This will cause complications for the many businesses who use SaaS applications, where data isn’t under their direct control, and will put tremendous pressure on traditional backup providers to re-architect their solutions in order to not only capture every single change but also make it all readily accessible to their customers.
Laurel Burton, VP of Product and Marketing at Otava
In March 2020, the first full month of the pandemic in the U.S., ransomware attacks were up 148% over those reported in the previous month. And attacks have continued to rise throughout the pandemic with spikes correlating to world events. Because the distributed workforce poses unique security challenges, in 2021 we expect that organizations will quickly move to change and evolve data protection strategies to defend against these looming threats. Added protection will be needed to shore up endpoints and across the entire landscape.
Terry Walby, CEO of Blue Prism Cloud
Whilst COVID-19 has put enormous pressure on organizations to adapt at speed to massive disruption and ongoing uncertainty, it has also accelerated their willingness to shift gears in their operational models. A surge in demand for cloud is a direct response to an increased focus on resilience, flexibility, and the ability to absorb sharp spikes and drops in demand. Equally strong is the trend towards embedding software-based digital workers to manage processes and workloads across the business in order to increase efficiency and improve responsiveness to customer needs.
Put these two trends together and it underpins the acceleration of adoption of fully flexible intelligent digital workers available on demand in a SaaS model. I predict this acceleration continuing and this approach becoming the norm in less than five years. Equipped with their new digital resources, organizations will also have a radically different cost model, allowing them to disrupt markets, launch new products and services and rapidly innovate. It’s hard to see how companies who don’t follow this approach will keep pace with the competition.
Murli Thirumale, GM of Cloud Native Business at Pure Storage
In 2020 we saw startups and enterprises alike race to develop products which could aid in the fight against COVID-19. Contact tracing apps, online resource libraries and virtual healthcare tools saw widespread adoption, but these tools created mountains of personal medical records and patient data – a nightmare for any data management platform. In 2021, I predict companies will play catchup and adopt stricter data protection and security protocols when handling medical data, using platforms like Kubernetes to meet the scale needed to manage an explosion of patient data and applications, with taking advantage of automation to ensure security, data protection, and compliance.
The traditional market leaders of the data protection industry will wake up and realize that they need a Kubernetes strategy. In the VM-era, Veeam was allowed to grow as a VMware-focused solution long enough that when other incumbents realized what was happening, they had lost market share that couldn’t be regained. While data protection leaders won’t want this to happen again, the distributed nature of Kubernetes will require significant investments to modernize solutions designed to protect servers, and not applications.
As digital experiences become personalized so will data protection. It will no longer be sufficient to protect terabytes and petabytes of data as a single unit, when it is micro segments of that data that enable key customer experiences like telemedicine and financial services. Data protection must evolve up from an infrastructure-level concern, to an application and individual-level security concern. Microservice platforms like Kubernetes will be a key driver in this evolution.
Fredrik Forslund, VP of Cloud and Data Center Erasure at Blancco
Data Privacy Fines are Not Going Away, Despite Current Conditions
Companies globally are working in a new and unfamiliar distributed working environment, which brings new data privacy challenges. Now is the time to be cautious. Data privacy regulation, alongside the threat of fines and reputational damage, will continue to drive businesses to act on data privacy in 2021. Organizations must ensure their data management policy is adapted to fit the “new normal”. This means ensuring that all IT assets handling sensitive data are tracked and dealt with securely upon end of life.
As enterprises shift from private to public data centers, a heightened focus on secure data management will emerge
Spending on public data center infrastructure jumped 25% year on year to nearly $17 billion in the second quarter of 2020. Enterprises have slowed private data center investment due to the pandemic, but cloud providers have naturally continued to support remote working as businesses migrated their operations in droves. The mass migration to the cloud that we’ve seen this year is set to continue into 2021. However, with the benefits come risks. By failing to review data ahead of a migration, keep what’s needed and remove what is not – and crucially, ensure that data is properly sanitized – enterprises will unnecessarily expose sensitive material. What’s more, this is exacerbated when the process is accelerated, which has been the case during the pandemic. Rushing to the cloud inevitably causes data security issues. The role of Data Protection Officers will rise in popularity – and we’ll see a new demand for tools which enable data management in remote environments. We do expect that cloud services generally will support this global shift, investing in more security to continue fueling cloud growth and to avoid increased risk of exposure.
Nick Harris, CEO of Lightmatter
The world will continue to experience a shift in data center infrastructure
As data processing and AI compute continue to grow exponentially, the companies that have the most capital have been able to control the world’s largest data centers. Progress in nearly all areas of human endeavor is inextricably linked to improvements in computers—but it is also connected to the size of your pocketbook. While transistors, the workhorse of traditional computers, continue to get smaller and faster they’re getting too hot. Extreme energy consumption data centers are inevitable along the path of computational progress. Over the next few years, we will see the rise of alternative computing paradigms including quantum computing, photonic computing, and analog computing. This paradigm shift will enable the power currently concentrated in datacenters to be dispersed among companies with lesser budgets. The AI world will begin to embrace dramatically faster, more energy efficient computing technologies.
Anthony Cusimano, Cloud Solutions Marketing Manager at Veritas Technologies
We saw a huge acceleration in digital transformation strategies in 2020. Enterprise IT organizations were forced to shift to remote work environments due to the pandemic and the vision of edge to core to cloud became a reality for many. Because of this we have and will continue to see a huge uptick in the adoption of new technology stacks like Kubernetes and serverless computing both in cloud and on premises. Companies will seek to optimize for their Hybrid IT futures and make numerous changes, forced by remote restrictions or downsizing of IT staff and budget. Unfortunately, these changes may also open them up for new risks and potential attacks.
Ransomware attacks grew in 2020 as businesses shifted in response to the pandemic and cyber-criminals sought to take advantage of employees working from home. A recent study by Veritas found that ransomware attacks are currently being experienced by 43% of companies with mostly on-premise infrastructures, 33% of those with mixed infrastructures and 43% of companies that primarily leverage a cloud infrastructure. Things will only get worse in 2021 as IT infrastructures get more complex, giving cyber-criminals larger surfaces to attack. Services like Kubernetes and the shift to from virtual machines containers will greatly optimize application performance but will also add a new layer of complexity to enterprise IT operations, and businesses with more apps and clouds will take longer to recover and be more likely to pay ransoms when they occur.
Ranga Rajagopalan, VP of Product at Commvault
It Is a SaaS World — We Are Just Living In It
While C-Suite executives increasingly see their organization’s digital services as essential to their organization’s success, most of them now also see purchasing and managing on-premises IT infrastructure and applications as non-revenue generating activities outside of their core competency. As a result, these days whether you are a CIO at a global financial firm, IT leader at a mid-size company, or just managing IT for a small business, chances are that you have or are trying to find a SaaS solution for Human Resources, Enterprise Resource Planning or other business applications that are not critical differentiators for your company. Expect to see strong growth continue for SaaS solutions – including data management – that can address general business needs, and free the solution’s customers to focus on the digital services core to their business. 2021 will demonstrate once and for all that it is a SaaS world, and we are all just living in it.
More Companies Will Seek to Shine a Light on Their Dark Data
For years companies have been building up vast amounts of “Dark Data” – data backed up or archived for retention or compliance purposes that otherwise sits silent, unused, and sometimes completely forgotten. However, as markets get more crowded and companies find themselves needing to further differentiate themselves from their competition, more companies in 2020 will seek to shine a light on this Dark Data for insights that can improve business outcomes. Whether they are simply indexing this data or running analytics or AI tools on it, companies will try to use Dark Data to generate insights – ranging from as how to lower their operating costs by optimizing the storage of this Dark Data, to how to develop more compelling digital services for their customers — that offer them a competitive advantage.
Param Kumarasamy, VP of Product Management at Commvault
Organizations Will Search for Ways To Optimize Their Cloud Spend
COVID-19 accelerated many companies’ cloud migration efforts, and given growing C-level executive demand to minimize data center and other on premises infrastructure footprints, this move to the cloud will only continue. However, as rising cloud service expenses increasingly bite into organizations’ IT budgets, expect in 2021 to see IT departments scramble to find ways to optimize their cloud costs. These efforts are likely to include cloud arbitrage – meaning companies will try to find the lowest cost cloud provider able to deliver the SLAs and other performance capabilities they need for a particular workload.
Cloud arbitrage will in turn increase interest in solutions that allow companies to easily move data between different clouds. In addition, companies will adopt intelligent data management solutions that allow them to analyze and monitor the data they have stored across multiple clouds with a fine-toothed comb. With the insights provided by these solutions, these companies will be able to move less critical or used data to lower cost cloud storage tiers or just delete the data if it is not needed, allowing them to reduce their cloud service expenses.
Manoj Nair, General Manager of Metallic
Companies Will Race to Solve a New Data Gravity Problem – Employees Working from Home
COVID-19, and the massive shift it has caused in the number of employees working from home, has exacerbated companies existing data gravity challenges. Even if (and hopefully when) the pandemic subsides a much more distributed workforce is here to stay – and with a more distributed workforce comes more distributed data. This difficulty compounds companies existing data gravity problem with their on-premises infrastructure These companies want to move their applications and workloads to the public cloud, but the gravity of data on existing on-premises infrastructure makes this difficult, hindering these companies digital transformation initiatives. Expect to see in 2021 a surge of corporate investment in technologies and services that allow them to address this data gravity challenge. For example, enterprise demand will help drive the growth of new wired 10G technologies and wireless 5G technologies that allow companies to ensure the connection between their edge data and their clouds is fast, responsive, reliable, and secure.
In addition, expect to see greater adoption of Backup as a Service (BaaS) and other intelligent data management solutions that enable companies to move much of the on-premises data and the data found on employee laptops to the cloud, while also providing them with the ability to secure, protect, govern, and otherwise control the distributed data that remains at the edge. Companies will also invest in training and other change management services that will enable them to build a cloud-based culture for their distributed workforces. Companies that confront this data gravity problem head-on can keep their increasingly distributed data environments from slowing their move to the cloud — a move they must make if they hope gain the flexibility, scalability and agility they need to foster innovative in today’s digital economy.
The Growing Ransomware Threat Will Increase Demand for Built-In Security and Data Backup
At the start of 2020, cyberattacks were already on the upswing. With the onset of the COVID-19 pandemic, things have only gotten worse – in April the FBI’s Cyber Division cited a 400% increase in cyber-attack complaints from pre-coronavirus levels, with as many as 4,000 occurring a day. This increase in attacks should come as no surprise. In this environment, with companies rapidly moving on-premises applications to the cloud, and many employees now working from home on insecure networks, enterprises have exposed the soft belly of their security systems to cyber criminals. To counter this threat, expect to see enterprises move to quickly put in place Defense-In-Depth strategies that use a combination of attack detection, data security, and data backup to fend off and (in the worst case) rapidly recover from a growing number of sophisticated ransomware and other cyber-attacks. Firewalls and other standalone security technologies are an essential to any Defense-in-Depth strategy, but they are not enough.
Businesses must also ensure that security is built into their applications. This built-in security both provides another layer of security and also moves security technologies closer to the data it is designed to protect. In addition, companies will increase their adoption of new Backup as a Service (BaaS) solutions that allow them to quickly recover data if an attack does find a way through their standalone security solutions and their applications’ built-in security. With these BaaS solutions companies can back up their cloud, on-premises, and endpoint primary data to an air-gapped cloud service. This additional layer of protection provides companies with a pristine secondary copy of their primary data that they can restore if a cyber-attack does find a chink in their cyber-attack detection and data security armor. With these three elements of a Defense in Depth strategy in place and working together – threat detection, data security and data backup – enterprises can emerge unscathed from this perfect storm of cybersecurity threats.
Lucas Moody, VP and CISO of Rubrik, Inc.
California becomes a bellwether in data privacy — for the world: A lot of factors have been impacting data privacy in the past year, but with the state recently passing Prop 24, California will shift from being a fast follower to a leader in shaping data privacy policies for both businesses and consumers. Prop 24, which legislates broader consumer protection, will have a significant impact on Silicon Valley and beyond and we’ll see other countries and states turning to California to develop the next wave of privacy regulations.
2021 will see louder clamoring for ransomware payments to be banned: The pandemic has seen a huge increase in ransomware attacks, which has increased ransomware education and elevated the importance of security across the board. Moving into next year, security leaders will explore banning ransomware payments to avoid paying bad actors in the underground market: the more payments are made the larger the market becomes (and the more sinister the attacks), and we may even see the government step in beyond the ransomware advisories they have already issued.
The AI arms race continues — in cybersecurity: The cybersecurity arms race between defenders and bad actors has always existed, and we’ll see AI push this race to the next level. While AI has been prevalent in cybersecurity over the past several years, we’ll see continued evolution for both sides. Defenders need to develop an “adversarial mindset” and apply AI to better protect assets, and bad actors will learn to deploy AI in more nefarious ways. The back and forth in attacks and prevention will continue, and in the year ahead it will increasingly shift to an AI battleground.