[ad_1]
The widespread integration of artificial intelligence into enterprise applications, expected to surge by 2025, could further complicate the management of already challenging hybrid multi-cloud strategies in Australia and Asia Pacific and make them even less sustainable, application delivery and security company F5 said.
F5 executive vice president Kara Sprague told TechRepublic Australia that the growth of AI applications will accelerate the complexity, cost and attack surface of enterprises using multiple environments, including cloud and on-premises systems.
To address these challenges, F5, which aims to be the ultimate abstraction layer for the enterprise, has proposed two potential solutions:
- Rationalized environment: Enterprises can simplify their operations by reducing the number of environments they use.
- Using abstraction layer: Leveraging an abstract approach allows for better control over disparate IT assets.
AI is expected to enter the application field in 2025 and 2026
F5 expects that enterprises will begin to widely adopt AI services and models in 2025, and they may begin to appear in large numbers in enterprise applications.
“AI will be embedded in and enhance the capabilities of many existing IT solutions,” Sprague said.
Analyst firm IDC predicted in January 2024 that by 2026, half of midsize companies in Asia Pacific (excluding Japan) will Generative AI-based applications are expected to be used Automate and optimize their marketing and sales processes.
look: 9 innovative business use cases for artificial intelligence
“Every security company has some sort of AI assistant or co-pilot embedded in their console,” Sprague added. “You’re also going to see more use cases and new spending to support AI workloads.”
The “crisis” caused by artificial intelligence is becoming increasingly serious
F5 believes that the incorporation of artificial intelligence into enterprise applications could exacerbate the “crisis” that companies face in managing “unsustainable” hybrid multi-cloud strategies.
“That’s like adding fuel to a fire,” Sprague said. “Today, at the dawn of AI, 90% of organizations end up with their applications and data in not one public cloud, but up to four different environments.”
These environments include public clouds, SaaS providers, colocation services, on-premises, and edge. AI is expected to spawn “a host of new modern AI-based applications” that will focus primarily on the application programming interfaces (APIs) that target these applications.
“AI will drive the continued distribution of applications and data across hybrid, multi-cloud environments,” she explained. “So the increased distribution of applications and data, the increased number of applications and APIs over the last seven years, all of which have increased the threat surface, is only going to be accelerated by AI.”
Diving deeper into potential solutions
To combat this growing complexity, enterprises can either seek to rationalize their existing footprint across hybrid multi-cloud environments or adopt effective abstraction layers to efficiently manage their applications and underlying environments.
“These are basically prototypes of existing solutions,” Sprague said. “So you either have to change your mindset and rationalize the number of environments or abstract the environments in a way that makes sense for the business.”
Rationalize the corporate environment
Sprague said companies can actively rationalize the environments they support and join A few companies stick with a single public cloudBut she said there were “only a handful of companies that could do that”.
look: Cloud computing and cybersecurity to drive IT spending in Australia through 2024
Sticking with a single public cloud “requires a great deal of discipline,” Sprague said. Such a strategy could also cause companies to limit themselves to innovation with a single cloud provider, which might not be wise since AI could drive shifts in market share and profit pools among providers.
Choose an abstraction layer to better manage multi-cloud
Enterprises can achieve greater control through abstraction layers. One variation is hypervisor-level abstraction, similar to Red Hat OpenShift, which allows organizations to move OpenShift-based applications across any supported environment.
F5’s abstraction layer is built on the L4-L7 elements of the open systems interconnection model. Sprague said this approach manages “security and delivery of all applications while being agnostic to the hypervisor or Kubernetes distribution across the stack.”
Different vendors have different types of abstraction layers
Few companies can provide abstraction layers across all environments. For example, major cloud providers such as Microsoft, Google, and Amazon are good at securing, delivering, and optimizing applications within their own environments, but are less effective at extending these capabilities to other environments, including on-premises.
Other companies in the application delivery controller, content delivery network, or edge space may lack the ability to scale from on-premises to cloud environments and vice versa. This enables a small group of organizations to maintain neutral abstractions across a growing number of environments. F5 falls into this category.
“We’ve completed a number of acquisitions over the past five years, and now we can definitively say we are the only solution provider that can secure, deliver and optimize any application, any API, anywhere,” Sprague said.
API attacks are increasing rapidly
Currently, attacks targeting APIs account for more than 90% of attacks encountered on F5 infrastructure.
“Just a few quarters ago, that number was 70 or 75 percent,” Sprague said. “API security is a very important element of security, but enterprises often don’t understand it well enough.”
AI will only amplify that risk. “The more distributed your applications and data are, the larger the threat surface you need to cover,” Sprague explained. “Add AI-driven cyber attackers to the mix, and the risk is even greater.”
Take a holistic approach to API discovery
F5 recommends that enterprises view security API discovery as just the tip of the iceberg.
“If you ultimately feel like you understand where the applications are, the APIs are everything beneath the surface of those applications, so multiple avenues and lenses of discovery are needed,” Sprague said.
This should include real-time traffic analysis, static application code testing and analysis, dynamic testing or code scanning, and external application threat modeling and assessments offered by most API security players, which all provide an external perspective on the vulnerabilities that exist in an organization’s publicly accessible web applications.
Sprague added that it is important to “close the loop” between discovery of APIs and protection of those APIs through runtime enforcement. “We advocate for a very comprehensive and holistic view when it comes to discovery,” Sprague said.
[ad_2]
Source link
