AI applications complicate Australia's 'unsustainable' hybrid multi-cloud expansion

Applications of AI


The widespread integration of AI into enterprise applications, which is predicted to grow exponentially by 2025, could make the already challenging management of hybrid multi-cloud strategies in Australia and the Asia Pacific region more complex and even unsustainable, according to application delivery and security company F5.

Kara Sprague, executive vice president at F5, told Australia's TechRepublic that the rise of AI applications will accelerate the complexity, costs and attack surface that come with companies' use of multiple environments, including cloud and on-premise systems.

To address these challenges, F5, which aims to act as the ultimate abstraction layer for enterprises, proposes two solutions:

  • Streamline your environment: Businesses can operate more efficiently by using fewer environments.
  • Adopt an abstraction layer: Leveraging abstraction pathways allows for better control over diverse IT assets.

AI is expected to be applied from 2025 to 2026

F5 predicts that in 2025, enterprises will likely begin to widely adopt AI services and models and deploy them at scale in enterprise applications.

“AI will be embedded into and enhance many existing IT solutions,” Sprague said.

Analyst firm IDC predicted in January 2024 that by 2026, half of mid-sized businesses in Asia Pacific excluding Japan will be using generative AI-based applications to automate and optimize their marketing and sales processes.

Read: 9 Innovative Business Use Cases Powered by AI

“Every security player is building some kind of AI-type assistant or co-pilot into their console,” Sprague added, “and we're going to see more use cases where new spending is going into supporting AI workloads.”

The growing AI-driven “crisis”

Integrating AI into enterprise applications could exacerbate the “crisis” companies face in managing “unsustainable” hybrid multi-cloud strategies, F5 argues.

“This is like pouring gasoline on what we call a fireball,” Sprague said. “Today, in the early days of AI, nine in 10 companies have their applications and data spread across up to four different environments, rather than in one public cloud.”

These environments include public cloud, SaaS providers, colocation services, on-premise and at the edge. AI is expected to drive a “series of new AI-based modern applications” with a focus on the application programming interfaces in front of these applications.

“AI accelerates the distribution of applications and data across hybrid multicloud environments,” she explains. “So everything that's already happened over the last seven years, where apps and data are increasingly distributed, and apps and APIs are increasing the threat surface area, AI is going to accelerate that even more.”

Explore potential solutions

To address this growing complexity, enterprises can choose to either rationalize their existing footprint across hybrid multi-cloud environments or adopt effective abstraction layers to efficiently manage applications and the underlying environment.

“These are essentially archetypes of solutions that are available,” Sprague says, “so you can either pivot and reduce the number of environments or abstract the environments in a way that makes logical sense for the enterprise.”

Streamlining the enterprise environment

Companies can aggressively rationalize their support environments and join the small minority of companies that have stuck with one public cloud, Sprague said, though he noted that “you can count on one hand the number of companies that have been able to do that.”

See also: Cloud and cyber security will drive Australian IT spending in 2024

Sticking with one public cloud “will take incredible discipline,” Sprague said. The strategy could also lead to companies being limited to the innovation of a single cloud provider, which may be unwise given how AI could shift market shares and profit pools among providers.

Choose an abstraction layer to better manage your multicloud

Enterprises can achieve greater control through abstraction layers. One variation is abstraction at the hypervisor level, similar to Red Hat OpenShift, which allows organizations to move OpenShift-based applications to any supported environment.

F5's abstraction layers are built across the L4-L7 elements of the open systems interconnection model. This approach “allows us to manage all of our application security and delivery while remaining hypervisor and Kubernetes distribution agnostic across the entire stack,” Sprague said.

Abstraction layers come in different varieties depending on the vendor

Few companies offer a layer of abstraction across all environments. For example, major cloud providers like Microsoft, Google, and Amazon are great at securing, delivering, and optimizing apps in their own environments, but they're not as effective at extending these capabilities to other environments, including on-premise.

Other companies in the application delivery controller, content delivery network, and edge space may lack the ability to scale from on-premise to cloud environments and vice versa, leaving a handful of organisations to provide a neutral abstraction across the ever-growing number of environments. F5 falls into this category.

“We have completed a number of acquisitions over the last five years and can now confidently claim to be the only solutions provider that can secure, deliver and optimize any app, any API, anywhere,” Sprague said.

API attacks surge

Currently, over 90% of attacks across F5's infrastructure target APIs.

“Just a few quarters ago, it was more like 70% or 75%,” Sprague says. “API security is a very important component of security that companies often don't fully understand.”

AI only magnifies this risk. “The more distributed your applications and data are, the larger the threat surface you have to cover,” Sprague explains. “When you add AI-enabled cyber attackers to the mix, the risk increases even further.”

Take a holistic approach to API discovery

F5 recommends that companies treat API discovery for security like an iceberg.

“Once you finally feel like you understand where your application is, the APIs are everything beneath the surface of the application, so you have to explore through multiple avenues and lenses,” Sprague says.

This includes real-time traffic analysis offered by most API security players, static application code testing and analysis, dynamic testing or code scanning, and external application threat modeling and assessment that provides an outside perspective on vulnerabilities present in an organization's public-facing web applications.

Sprague adds that it's important to “close the loop” between discovering APIs and protecting those APIs through runtime enforcement. “We encourage a very comprehensive and holistic view on discovery,” Sprague said.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *