According to program supply and security firm F5, the widespread integration of AI into enterprise applications, which is predicted to increase as soon as 2025, may aggravate and make the previously difficult management of hybrid multicloud strategies in the Australian and APAC regions even more untenable.
The rise of AI applications, according to executive vice president at F5, will make the difficulty, charge, and assault area more difficult for businesses to manage, including cloud and on-premise systems, according to Kara Sprague, executive vice president at F5.
To solve these problems, F5, which aims to serve as an ultimate abstraction level for companies, suggests two possible solutions:
- Rationalize environments: Businesses was optimize their functions by reducing the number of surroundings they employ.
- Use an abstraction road to gain better control over various IT estates: choose an abstraction coating.
Through 2025 and 2026, AI is anticipated to enter the application space.
In 2025, according to F5, businesses will start embracing Artificial services and models frequently, with the majority starting to appear in enterprise applications.
” AI will become embedded and will make a lot of existing IT answers work,” said Sprague.
Analyst firm IDC predicted in January 2024 that, by 2026, quarter of all medium-sized companies in the Asia-Pacific area, excluding Japan, are expected to be using conceptual AI-based software to manage and optimise their marketing and sales operations.
SEE: 9 Innovative Business Use Cases for AI
Every security player is incorporating some sort of AI-like assistant or copilot into their consoles, Sprague continued. ” In addition, you’re also going to see a lot more use cases with new spend going to supporting AI workloads”.
The growing AI-driven’ crisis’
The integration of AI into enterprise applications could intensify the” crisis” that F5 argues enterprises are having with managing “unsustainable” hybrid, multicloud strategies.
” It’s pouring gasoline on what we’re describing as the ball of fire”, Sprague said. Nine out of ten organizations have ended up with their applications and data in up to four different environments since the dawn of AI, according to the report.
These environments include public clouds, SaaS providers, colocation services, on premise and the edge. AI is expected to catalyse” a whole bunch of new, AI-based, modern applications” that are heavily focused on the application programming interfaces that are fronting those applications.
” AI will drive an increasing distribution of applications and data across hybrid, multicloud environments”, she explained. AI is simply going to accelerate all of those things that have already happened over the past seven years in terms of the growing number of apps and APIs and the growing distribution of data that have increased the threat surface area.
Diving into potential solutions
Businesses can either try to rationalize their existing footprints across hybrid multicloud environments or adopt an effective abstraction layer to effectively manage their applications and underlying environments to navigate this growing complexity.
” Those are basically the archetypes of the solutions available”, Sprague said. So, it’s either you reverse course and reduce the number of environments to a smaller number, or you abstract the environments so that you can make sense of them.
Rationalising enterprise environments
Enterprises can aggressively rationalize the environments they support, according to Sprague, and join the small group of businesses who have managed to maintain a single public cloud. She did, however, claim that she has the ability to” count the number of companies that have done that on one hand.”
SEE: In Australia, 2024, Cloud and Cyber Security Will Drive IT Spending.
Sticking to one public cloud would “require an incredible amount of discipline”, Sprague said. This approach may also result in businesses restricting themselves to the innovations of a single cloud provider, which may not be wise given that AI could cause shifts in market share and profit margins between providers.
Choose an abstraction layer to better manage multiple clouds.
Through an abstraction layer, enterprises can have greater control. One variant is abstraction at the hypervisor level, similar to Red Hat OpenShift, which allows organisations to move OpenShift-based applications across any supporting environment.
The abstraction layer of F5 is constructed across the L4-L7 components of the Open Systems Interconnection model. This approach, according to Sprague, allows for” all the application security and delivery, while remaining agnostic to the hypervisor or the Kubernetes distribution all the way down the stack.”
Abstraction layers are available at various vendors in a variety of colors.
Few companies offer abstraction layers across all environments. For example, dominant cloud providers like Microsoft, Google and Amazon excel at securing, delivering and optimising apps in their own environments but are less effective at extending these capabilities to other environments, including on premise.
Other businesses in the content delivery network, application delivery controller, and edge spaces may not have any extensions from on-premises to cloud environments, or the other way around. This results in a small group of organizations that are becoming increasingly abstract across a growing number of environments. F5 puts itself in this category.
Over the past five years, we’ve completed a number of acquisitions to make it clear that we are the only solution provider that secures, delivers, and optimises any app, any API, anywhere, according to Sprague.
API attacks are rapidly rising
API targeted attacks now make up over 90 % of the attacks F5 has seen across its infrastructure.
” Just a couple quarters ago, it was more like 70 % or 75 %”, Sprague said. ” AP I security is a incredibly important aspect of security that businesses frequently do n’t understand well enough.”
AI will only expand this exposure. The larger the threat surface area is that you have to cover, Sprague said,” The more distributed your applications and your data ends up. And when you combine that with the cyber attackers who are AI-armed, you have a recipe for greater risk.
Take holistic approach to API discovery
F5 advises businesses to view API discovery for security as an iceberg.
The APIs are everything below the surface of those applications, so multiple avenues and lenses of discovery are required, according to Sprague.” If you finally feel like you have your arms around where your applications are, you are.
This should include the real-time traffic analysis offered by most API security players, static application code testing and analysis, dynamic testing or code scanning, and external application threat modeling and assessment, which provide an outside perspective on the vulnerabilities that exist in an organisation’s publicly accessible web applications.
Sprague continues, adding that it is crucial to then” close the loop” between runtime enforcement and the protection of those APIs. We would advocate for a very broad and holistic perspective on discovery, according to Sprague.
