Technology budgets remain stable in 2016 and are likely to remain strong through 2017, Denial-of-Service takes center stage, and Internet-of-Things is a double-edged sword.

Executive Summary

Technology budgets remains stable heading into the fourth quarter of 2016 and are likely to remain so in 2017, Denial-of-Service attacks take center stage due to the October attack on leading DNS provider Dyn, and the growth of Internet-of-Things has its pros and cons.

These are among the key findings from Fortium Partners’ October survey Technology Pulse, a long-term study of the essential financial, risk and innovation trends among the world’s foremost technology leaders.

The Technology Pulse includes a brief series of information-dense questions to C-level technology strategists who deliver answers according to the current state of their business. The three key categories - Financial, Risk and Innovation - have the greatest long-term impact on the success of the application and management of technology in business.

The Technology Pulse provides an inside look at the biggest trends in technology for today’s businesses and corporate leaders globally can gain valuable insights into the behaviors and drivers of CIO and CTO behavior in the existing and near-term market.

Financial

Our respondents are nothing if not consistent in the Financial section. On average, more than half are On Plan with their spending in all three expense categories (Operating, Capital and Personnel) for the past three months. October saw a reversal of September’s gains for On Plan by retreating to just less than half of respondents reporting On Plan in all three categories. Operating Expense surged more than 20% (more than plan) while Capital and Personnel expense fell (less than plan) by similar margins.  Overall, more companies are On Plan than not, and for those that are not On Plan, more are spending Less than Plan.

2017 Preview

As we near Budget season, we asked respondents this month to speculate on the likelihood that next year’s budget will increase, remain flat or decrease. Most companies (44%) expect next year’s budgets to remain flat and almost as much (42%) expect an increase. Only 14% expect budgets to decrease. When 86% of technology leaders expect their budgets to increase or stay the same next year, that’s good news for the technology industry and the economy!

Risk

Our Pulse survey respondents did not get a break from business-impacting events in the month of October. The top five incidents impacting technology leaders are:

  1. Phishing/Spear Phishing (62%)

  2. Ransomware (29%)

  3. Significant Production Outage (24%)

  4. Denial-of-Service Attack (20%)

  5. Physical Theft/Loss (16%)

We discussed Phishing in our September edition and Ransomware in our August edition of the Technology Pulse. The third and fourth places on our list (Significant Production Outage and Denial-of-Service Attack, respectively) take the spotlight in this month’s Pulse report as it is likely that both are related to a single incident that happened on October 21st - the Dyn DNS Distributed Denial-of-Service attack.

A Denial-of-Service attack, according to Wikipedia, is “a cyber-attack where the perpetrator seeks to make a machine or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. It is analogous to a group of people crowding the entry door or gate to a shop or business, and not letting legitimate parties enter into the shop or business, disrupting normal operations. Criminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Motives of revenge, blackmail or activism can be behind attacks.”

Dyn, an internet infrastructure company headquarters in New Hampshire, provides Domain Name Service (DNS) to many of the internet’s marquee brands including Netflix, Paypal, Twitter, Spotify and many other well-known brands. Starting at 7 a.m. ET on Friday, October 21 the first of three waves of attacks from tens of millions of IP addresses began to deny service to Dyn’s customers. While each of the attacks were eventually defeated, Dyn described the attack as a “very sophisticated and complex attack." And an attack on a DNS provider is particularly strategic because they are the very first link between you and the site you want to reach.  

Attacks such as this denial of service highlight the fragility of the web’s infrastructure and the necessity of strategies such as Distributed Denial-of-Service mitigation processes and having a Secondary DNS strategy with another provider in the event the first provider is attacked. Fortium’s Partners rely on the firm’s security practice and assessment methodologies which uncover process deficiencies that can lead to higher vulnerability. Please contact us if you need help.

Innovation

In a twist made for great stories, October’s Risk and Innovation sections contain an ironic connection. But first, let’s reveal the top five innovations that top technology leaders are watching:

  1. Software-as-a-Service

  2. Cloud

  3. Software-Defined Infrastructure

  4. Internet-of-Things

  5. Desktop-as-a-Service

We wrote about the dominance of Software-as-a-Service in the September Pulse ("SaaS is King") and you can see it still reigns at the top of the list. This month we spotlight our fourth innovation: Internet-of-Things (IoT). Wikipedia explains IoT as: “the internetworking of physical devices, vehicles (also referred to as "connected devices" and "smart devices"), buildings and other items—embedded with electronics, software, sensors, actuators, and network connectivity that enable these objects to collect and exchange data.”

Ubiquitous wireless communication, real-time analytics, machine learning (6th on our Innovation list), commodity sensors and embedded systems have combined to produce an explosion of IoT devices (estimates say 50 billion devices by 2020) collecting and forwarding a startling amount of continuous information about our lives and the environment around us. The amount of data gathered by IoT is, itself, driving more SaaS/Cloud innovations such as Cognitive Computing (#3 of our “Watching” list, just behind IoT) as more sophisticated services are required to keep up with, and make sense of, all the data.

But at #4, Internet-of-Things (IoT), shares an interesting connection with the #4 item in our Risk category - Denial-of-Service (DOS) attacks.  As a DOS attack needs millions of points of presence on the Internet to do its dirty work, it turns out that IoT is an all-too-willing accomplice.  When IoT devices are compromised and controlled by malware they can be used to perpetrate a DOS attack by their temporary owners.  It turns out a particular brand of malware, the Mirai botnet,  was particularly active in the Dyn DNS attacks in October - driving much, but not necessarily all, of the traffic in the attacks.

If you’re not sure how to take advantage of IoT or protect against it being abused by others, reach out for a conversation with Fortium.

Finally, we mentioned that we’d be adding an up-and-coming innovation, Robotic Process Automation (RPA), to our list of tracked innovations this month. RPA started off at #8 overall on the list which says it is relevant but not quite ready for the spotlight. We’ll keep you updated on RPA and we’ll be adding SAP HANA to next month’s list based on several indicators of growing interest.

About Fortium Partners and Technology Pulse

Fortium’s Technology Pulse report monitors technology trends impacting businesses now and in the future. We combine the insights of thousands of world-class technology leaders with analysis and commentary from its growing roster of partners – CIOs and CTOs on the forefront of delivering Technology Leadership as a Service to clients of all sizes and industries. For more information, visit FortiumPartners.com.

Comment