As an industry, the tech sector tends to jump on keywords and terms – and sometimes reshapes their meaning and intention. “Sustainable” is one of those terms. Technology vendors are selling (allegedly!) “sustainable software/hardware/services/solutions” – in fact, the focus on “green” or “zero carbon” or “recycled” or “circular economy” is increasing exponentially at the moment. And that is good news – as I mentioned in my previous post, we need to significantly reduce greenhouse gas emissions if we want a future for our kids. But there is a significant disconnect between the way tech vendors use the word “sustainable” and the way it is used in boardrooms and senior management teams of their clients.
Defining Sustainability
For organisations, Sustainability is a broad business goal – in fact for many, it is the over-arching goal. A sustainable organisation operates in a way that balances economic, social, and environmental (ESG) considerations. Rather than focusing solely on profits, a sustainable organisation aims to meet the needs of the present without compromising the ability of future generations to meet their own needs.
This is what building a “Sustainable Organisation” typically involves:
Economic Sustainability. The organisation must be financially stable and operate in a manner that ensures long-term economic viability. It doesn’t just focus on short-term profits but invests in long-term growth and resilience.
Social Sustainability. This involves the organisation’s responsibility to its employees, stakeholders, and the wider community. A sustainable organisation will promote fair labour practices, invest in employee well-being, foster diversity and inclusion, and engage in ethical decision-making. It often involves community engagement and initiatives that support societal growth and well-being.
Environmental Sustainability. This facet includes the responsible use of natural resources and minimising negative impacts on the environment. A sustainable organisation seeks to reduce its carbon footprint, minimise waste, enhance energy efficiency, and often supports or initiates activities that promote environmental conservation.
Governance and Ethical Considerations. Sustainable organisations tend to have transparent and responsible governance. They follow ethical business practices, comply with laws and regulations, and foster a culture of integrity and accountability.
Security and Resilience. Sustainable organisations have the ability to thwart bad actors – and in the situation that they are breached, to recover from these breaches quickly and safely. Sustainable organisations can survive cybersecurity incidents and continue to operate when breaches occur, with the least impact.
Long-Term Focus. Sustainability often requires a long-term perspective. By looking beyond immediate gains and considering the long-term impact of decisions, a sustainable organisation can better align its strategies with broader societal goals.
Stakeholder Engagement. Understanding and addressing the needs and concerns of different stakeholders (including employees, customers, suppliers, communities, and shareholders) is key to sustainability. This includes open communication and collaboration with these groups to foster relationships based on trust and mutual benefit.
Adaptation and Innovation. The organisation is not static and recognises the need for continual improvement and adaptation. This might include innovation in products, services, or processes to meet evolving sustainability standards and societal expectations.
Alignment with the United Nations’ Sustainable Development Goals (UNSDGs). Many sustainable organisations align their strategies and operations with the UNSDGs which provide a global framework for addressing sustainability challenges.
Organisations Appreciate Precise Messaging
A sustainable organisation is one that integrates economic, social, and environmental considerations into all aspects of its operations. It goes beyond mere compliance with laws to actively pursue positive impacts on people and the planet, maintaining a balance that ensures long-term success and resilience.
These factors are all top of mind when business leaders, boards and government agencies use the word “sustainable”. Helping organisations meet their emission reduction targets is a good starting point – but it is a long way from all businesses need to become sustainable organisations.
Tech providers need to reconsider their use of the term “sustainable” – unless their solution or service is helping organisations meet all of the features outlined above. Using specific language would be favoured by most customers – telling them how the solution will help them reduce greenhouse gas emissions, meet compliance requirements for CO2 and/or waste reduction, and save money on electricity and/or management costs – these are all likely to get the sale over the line faster than a broad “sustainability” messaging will.

Public sector organisations are looking at 2021 as the year where they either hobble back to normalcy or implement their successful pilots (that were honed under tremendous pressure). Ecosystm research finds that 60% of government agencies are looking at 2021 as the year they make a recovery to normal – or the normal that finally emerges. The path to recovery will be technology-driven, and this time they will look at scalability and data-driven intelligence.
Ecosystm Advisors Alan Hesketh, Mike Zamora and Sash Mukherjee present the top 5 Ecosystm predictions for Cities of the Future in 2021. This is a summary of our Cities of the Future predictions – the full report (including the implications) is available to download for free on the Ecosystm platform here.
The Top 5 Cities of the Future Trends for 2021
#1 Cities Will Re-start Their Transformation Journey by Taking Stock
In 2021 the first thing that cities will do is introspect and reassess. There have been a lot of abrupt policy shifts, people changes, and technology deployments. Most have been ad-hoc, without the benefit of strategy planning, but many of the services that cities provide have been transformed completely. Government agencies in cities have seen rapid tech adoption, changes in their business processes and in the mindset of how their employees – many who were at the frontline of the crisis – provide citizen services.
Technology investments, in most cases, took on an unexpected trajectory and agencies will find that they have digressed from their technology and transformation roadmap. This also provides an opportunity, as many solutions would have gone through an initial ‘proof-of-concept’ without the formal rigours and protocols. Many of these will be adopted for longer term applications. In 2021, they will retain the same technology priorities as 2020, but consolidate and strengthen on their spend.
#2 Cities Will be Instrumented Using Intelligent Edge Devices
The capabilities of edge devices continue to increase dramatically, while costs decline. This reduces the barriers to entry for cities to collect and analyse significantly more data about the city and its people. Edge devices move computational power and data storage as close to the point of usage as possible to provide good performance. Devices range from battery powered IoT devices for data collection through to devices such as smart CCTV cameras with embedded pattern recognition software.
Cities will develop many use cases for intelligent edge devices. These uses will range from enhancing old assets using newer approaches to data collection – through to accelerating the speed and quality of the build of a new asset. The move to data-driven maintenance and decision-making will improve outcomes.
#3 COVID-19 Will Impact City Design
The world has received a powerful reminder of the vulnerability of densely populated cities, and the importance of planning and regulating public health. COVID-19 will continue to have an impact on city design in 2021.
A critical activity in controlling the pandemic in this environment is the test-and-trace capabilities of the local public health authorities. Technology to provide automated, accurate, contact tracing to replace manual efforts is now available. Scanning of QR codes at locations visited is proving to be the most widely adopted approach. The willingness of citizens to track their travels will be a crucial aid in managing the spread of COVID-19.
Early detection of new disease outbreaks, or other high-risk environmental events, is essential to minimise harm. Intelligent edge devices that detect the presence of viruses will become crucial tools in a city’s defence.
Intelligent edge devices will also play a role in managing building ventilation. Well-ventilated spaces are an important factor in controlling virus transmission. But a limited number of buildings have ventilation systems that are capable of meeting those requirements. Property owners will begin to refit their facilities to provide better air movement.
#4 Technology Vendors Will Emerge as the Conductors of Cities of the Future
The built environment comprises not only of the physical building, but also the space around the buildings and building operations. The real estate developer/investor owns the building – the urban fabric, the relationship of buildings to each other, the common space and the common services provided to the city, is owned by the City. The question is who will coordinate the players, e.g. business, citizens, government and the built environment. Ideally the government should be the conductor. However, they may not have sufficient experience or knowledge to properly implement this role. This means a capable and knowledgeable neutral consultant will at least initially fill this role. There is an opportunity for a technology vendor to fill that consulting role and impact the city fabric. This enhanced city environment will be requested by the Citizen, driven by the City, and guided by Technology Vendors. 2021 will see leading technology vendors working very closely with cities.
#5 Compliance Will be at the Core of Citizen Engagement Initiatives
Many Smart Cities have long focused on online services – over the last couple of years mobile apps have further improved citizen services. In 2020, the pandemic challenged government agencies to continue to provide services to citizens who were housebound and had become more digital savvy almost overnight. And many cities were able to scale up to fulfill citizen expectations.
However, in 2021 there will be a need to re-evaluate measures that were implemented this year – and one area that will be top priority for public sector agencies is compliance, security and privacy.
The key drivers for this renewed focus on security and privacy are:
- The need to temper the focus of ‘service delivery at any cost’ and further remind agencies and employees that security and privacy must comply with standard to allow the use of government data.
- The rise of cyberattacks that target not only essential infrastructure, but also individual citizens and small and medium enterprises (SMEs).
- The rise of app adoption by city agencies – many that have been developed by third parties. It will become essential to evaluate their compliance to security and privacy requirements.

IBM announced its intention to spin off its infrastructure services business as a separate public company, allowing Big Blue to focus on hybrid cloud and AI. The newly formed entity, temporarily named NewCo, will offer project and outsourcing services that currently fall under its GTS business unit. NewCo will have a staff of around 90,000 employees and is expected to earn revenue of about $19B. While GTS has experienced declining revenue for some time now, IBM believes that the split will unlock growth and put it on a path to recovery.
Once the Red Hat acquisition closed last year and the tag team of Jim Whitehurst and Arvind Krishna were announced, it became clear that IBM was gearing up to become a leaner, more agile leader in the hybrid cloud space. One of two possible courses seemed apparent – either wither away for years until IBM was small enough to become nimble, or take bold action. IBM has opted for the latter and is likely to be rewarded for it. The new IBM will have revenue of around $59B, well short of its peak at over $100B, but sacrificing turnover for margin and growth gives it a more positive long-term outlook.
Stripping back IBM to become smaller, faster growing, and more profitable, will help solve many of its greatest challenges. Significant investment into growth segments will become more palatable without the financial burden of the declining infrastructure services unit. The well-needed cultural change and drive to think like a start-up will become more practical in the new IBM.
NewCo to Build New Cloud Partnerships
IBM’s infrastructure services unit has had some great success in larger, complex, hybrid cloud deals recently – but at the lower end of the market there have been many head winds. Public cloud providers have eroded what was once a lucrative compute and storage services market. At the same time, application service providers, like Accenture, TCS, and HCL have been pivoting towards infrastructure. Untethering infrastructure services makes a turnaround story more likely, giving NewCo greater flexibility and speed, which clients have been crying out for.
The greatest benefit to NewCo will be the ability to freely partner with other cloud providers, like AWS, Microsoft, and Google. Although IBM has made noises about being willing to embrace its competitors, this was not necessarily implemented on the ground nor was it reciprocated.
It is no secret that GTS and GBS have had a rocky relationship since day one. The split will reassure clients that each of them is agnostic and relieve any internal pressure to partner unless it is best for the client. While elements of this decision look like the unfolding of a long-term strategy that began under Ginni Rometty, it does, however, leave open the question of why GTS and GBS were more closely integrated over the last few years. This also means IBM is moving in the opposite direction to its competitors, who are shifting towards offerings that cover the full stack of services from infrastructure up to applications.
What Lies Ahead for IBM
One detail that is not immediately certain is the fate of IBM security services, which could be integrated with security software at IBM, spun out with the rest of infrastructure services, or even split into consulting and delivery. An important differentiator for IBM has been its ability to build in security at the beginning of transformation projects making final placement a difficult decision.
It might be tempting to predict that next IBM would couple its Systems unit and Support Services to be spun off or sold although Mr. Krishna ruled that out. Over the long term, these are both financially underperforming units but there is an advantage to building the core infrastructure that critical workloads are run on.
Each new IBM CEO has had a make or break moment and Mr. Krishna has decided that his will come early. For the company to thrive for another 100 years it needed to place a big bet and it could not have come soon enough.

Earlier this month, Telefónica Germany announced it will use Amazon Web Services (AWS) to virtualise its 5G core for a proof of concept (POC) in an industrial use case and plans to move to commercial deployment in 2021. Part of the POC process is to ensure compliance with all applicable data protection guidelines and certifying them according to relevant industry standards.
“With the virtualisation of our 5G core network, we are laying the foundation for the digital transformation of the German economy. This collaboration with AWS is an important part of our strategy for building industrial 5G networks”, said Markus Haas, CEO of Telefónica Germany.
Sentiment about cloud – especially public cloud – has been on a slight roller-coaster ride since they emerged back in the “noughties”: From initial reluctance to reluctant acceptance – to customer driven enthusiasm to scaling back and migrating back data and apps to on-premises data centres or private clouds to a more recent acceptance, that most enterprise resources may work best in a hybrid or public cloud environment.
Still, the viewpoint of many is still that core resources for the most part belong on-premises – especially if they are essential for the running of the business or involves sensitive data.
It is in this light that the Telefónica Germany announcement is interesting. On the face of it, it may appear that this is a possible major validation of public cloud as a platform for core systems and sensitive data. Although the core network components will remain on a different platform delivered by Ericsson, there is clearly an element of that.
Perception on Public Cloud
Many organisations remain sceptical with regards to public cloud. Ecosystm data shows that almost 40% have private cloud as their primary cloud deployment model (Figure 1); roughly a third have gone for a hybrid model and only around one quarter have chosen a public cloud model.

Most cloud deployment strategies ultimately come down to an evaluation of cost vs. risk and this evaluation is clearly demonstrated in Ecosystm data. Close to 80% of those choosing an on-premises private cloud model mention security and compliance as a main reason whereas cost considerations are the main reason for those opting for a public cloud model (Figure 2). What our data also shows is that public cloud providers are not necessarily winning the argument of cost savings among users.

For many organisations today, security and compliance concerns are still a valid point against public cloud as a primary deployment model. However, as we see more and more initiatives like Telefónica Germany, this argument diminishes – and it will become harder for IT organisations to convince senior management that this is still the way to go.
The Edge Complements the Cloud
The other noteworthy take-away from the Telefónica Germany initiative is how cloud-enabled edge computing is being embraced by the network design to ensure lower latencies for those who need it. The company states, “If companies use 5G network functions based on the cloud-based 5G core network of Telefónica Germany / O2 in the future, they will no longer need a physical core network infrastructure at their logistics and production sites, for example, but only a 5G radio network (RAN) with corresponding antennas.”
As I’m sure that you are an avid reader of Ecosystm Predicts every year, this should not come as a surprise as we wrote about something like this in the Top 5 Cloud Trends for 2020. Although some are touting Edge computing as the ultimate replacement of Cloud, we then believed – and still do – that it will be complimentary rather than competing technology. Cloud-based setups can benefit from pushing computing heavy workloads to the Edge in much the same way as IoT and provides a great platform for managing the Edge computing endpoints.
But to go back to the private cloud bit – while private cloud is not going away in the foreseeable future, we may be starting to see its demise in the more distant future.
To paraphrase a famous Brit: Now this is not the end. It is not even the beginning of the end. But it is, perhaps, the end of the beginning for private cloud.
Identifying emerging cloud computing trends can help you drive digital business decision making, vendor and technology platform selection and investment strategies.Gain access to more insights from the Ecosystm Cloud Study.

The COVID-19 crisis has forced countries to implement work from home policies and lockdowns. Since the crisis hit, uptake of cloud communication and collaboration solutions have seen a dramatic increase. Video conferencing provider, Zoom has emerged as a key player in the market, with a rapid increase in user base from 10 million daily active participants in December 2019 to 200 million in March 2020 – a growth in the number of users of nearly 200%!
Security Concerns around Zoom
The rapid increase in user base and the surge in traffic has required Zoom to re-evaluate its offerings and capacity. The platform was primarily built for enterprises and now is seeing unprecedented usage in conducting team meetings, webinars, virtual conferences, e-learning, and social events.
The one area where they were impacted most is security. In his report, Cybersecurity Considerations in the COVID-19 Era, Ecosystm Principal Advisor Andrew Milroy says, “The extraordinary growth of Zoom has made it a target for attackers. It has had to work remarkably hard to plug the security gaps, identified by numerous breaches. Many security vulnerabilities have been discovered with Zoom such as, a vulnerability to UNC path injection in the client chat feature, which allows hackers to steal Windows credentials, keeping decryption keys in the cloud which can potentially be accessed by hackers and the ability for trolls to ‘Zoombomb’ open and unprotected meetings.”
“Zoom largely responded to these disclosures quickly and transparently, and it has already patched many of the weaknesses highlighted by the security community. But it continues to receive rigorous stress testing by hackers, exposing more vulnerabilities.”
However, Milroy does not think that this issue is unique to Zoom. “Collaboration platforms tend to tread a fine line between performance and security. Too much security can cause performance and usability to be impacted negatively. Too little security, as we have seen, allows hackers to find vulnerabilities. If data privacy is critical for a meeting, then perhaps collaboration platforms should not be used, or organisations should not share critical information on them.”
Zoom to increase Capacity and Scalability
Zoom is aware that it has to increase its service capacity and scalability of its offerings, if it has to successfully leverage its current market presence, beyond the COVID-19 crisis. Last week Zoom announced that that it had selected Oracle as its cloud Infrastructure provider. One of the reasons cited for the choice is Oracle’s “industry-leading security”. It has been reported that Zoom is transferring more than 7 PB of data through Oracle Cloud Infrastructure servers daily.
In addition to growing their data centres, Zoom has been using AWS and Microsoft Azure as its hosting providers. Milroy says, “It makes sense for Zoom to use another supplier rather than putting ‘all its eggs in one or two baskets’. Zoom has not shared the commercial details, but it is likely that Oracle has offered more predictable pricing. Also, the security offered by the Oracle Cloud Infrastructure deal is likely to have impacted the choice and it is likely that Oracle has also priced its security features very competitively.”
“It must also be borne in mind that Google, Microsoft and Amazon are all competing directly with Zoom. They all offer video collaboration platforms and like Zoom, are seeing huge growth in demand. Zoom may not wish to contribute to the growth of its competitors any more than it needs to.”
Milroy sees another benefit to using Oracle. “Oracle is known to have a presence in the government sector – especially in the US. Working with Oracle might make it easier for Zoom to win large government contracts, to consolidate its market presence.”
Gain access to more insights from the Ecosystm Cloud Study

The next phase of a post-COVID world will be one of reduced physical contact, tighter regulations, and new habits and hygiene practices. This will translate into significant process changes which will be deeply enabled by mobile technology. All mobile form factors will be more integrated into how we interact. Interactional changes will be found in our homes, offices, public spaces and services.
In this blog post I address two fundamental questions as a technologist on the underpinnings of this shift:
- How can enterprises find ways of rebuilding and cementing trusted relationships using mobile technology?
- How does our infrastructural foundations support mobile technology for contactless transactions? (privacy, two-factor authentication, data quality and so on)
Situational shift to mobile
Given the rapid shifts in the last six months in how we can interact with each other, enterprises will have to be agile and flexible in process design going forward to optimize opportunities for customer engagements.
We will continue to have further disruptions on how we live and work in the next 12 to 18 months and potentially beyond. Some of the shifts towards mobile have been expected for a while, yet this crisis has pushed the timeline ahead as to how we engage.
Use cases in the “new normal”
Here are some use case examples in this next phase of business where mobile enables the transaction between consumer and environment:
Education. The reskilling and training certification that will be necessary to address unemployment, will be on Mobile First. Because of bandwidth, learner attention span, and form factor, there will be retooling of educational programs to be bite-sized and more media oriented.
Retail. Retail and delivery businesses shifting to remote first, with drop-off points that use mobile for contactless signatory and payment.
Healthcare. Telemedicine primarily by mobile devices (phone, laptop, phablet). Personal medical data sharing over mobile will require enhanced data encryption and two-factor authentication, which needs addressing via encryption and authentication.
Entrepreneurship. More side hustles that are mobile-based and mobile administered. Any authorization and transaction-oriented activities will be driven by mobile.
Government. Requests for document renewal or identity authentication for approval or submission of materials, with one-touch request.
Supply chain. Visibility and tracking of inbound and outbound materials. One-click reordering, and contactless payment verification.
Workplace. Contactless engagement with mobile as authentication of actions (coffee machine payment, copier usage, keyless office, meeting room allocation).
Facilities management. Hygiene controls with personnel health detail tracking (who cleans what room when). Deep cleaning management tools for audit trails, liability.
Role of mobile in creating engagement
Building trust
As we filter through the level of rubbish coming at us via social media, websites and our email, most of us are looking for a trusted information source. Our mobile is our window to the world, and many are applying appropriate filtration to make that world a bit more manageable.
The reason that people did previously download an app was partly based on what information had to be handed over in terms of permissions. The app builder needs to build a trusted relationship on benefit, not on what can be leveraged from the consumer.
To build that trust and create a closer engagement – albeit driven by situational need vs. consumer want – app developers need to consider these consumer needs:
- Level of trust in quality of information provided (e.g. weather info vs something more critical)
- Trust in app data usage and functionality (does it work?)
- Privacy of data being used and being held (statements and auditability)
- Location of data (on whose device: client or server)
- Speed and reaction time (Is there edge computing or the use of IoT to help push mobile information quickly?)
- Loss of data or loss of device and the impact on app access (More than lost passwords, lost processes and lost data)
Technological foundations for mobile usage
Network and bandwidth
We have all experienced bandwidth issues in the last few months, either sharing bandwidth with loved ones in lockdown to peak periods of video conferencing activity across geographic regions. Entertainment content providers such as Netflix and Disney+ were asked to lower the quality of the data streaming.
But then what online activity will take priority? Will we start to see pricing differentials for guarantees of availability? What about subscription models with platinum, gold and silver memberships (as in frequent flyer programmes) as to the network bandwidth you or your activity is allocated? Will things be done over VPN not only for privacy but for priority? I also see VPN as a possible solution towards issues like Zoom bombing and other intrusions to daily business operations.
We come to the role of a pandemic in 5G investment, which is similar to the role of investment in R&D during an economic downturn. Clearly, the world needs better bandwidth with more agility and future-proofed for functionality. You cannot drive a fast car on a bumpy road with potholes.
But for countries losing thousands of citizens to a virus with critical infrastructure at risk, where is the priority of a better telecom infrastructure? My colleague Shamir Amanullah wrote a report prior to the pandemic about the Race for 5G in Southeast Asia which is a good barometer for other regions. There is a good CNBC article from Todd Wassermann on the US situation, and a rather excellent survey on consumer sentiment on 5G from February 2020 by Politico.
Role of data quality and its security
Going back to my previous statement about rubbish and social media, the validation and quality of data exchange is part of the value proposition of using mobile technology.
What aspects of our current IT infrastructure create that ‘data value add’?
IoT and Edge Computing. Most of us are not going to be comfortable in crowds going forward. If I can reserve a space, or I can use a sensor to see how full an environment currently is, it will impact my decision to go somewhere. The faster that real-time information is processed and available, the better the outcome.
Blockchain technology is functioning enough to address the challenge of how to secure the data and prevent malicious cyber-attacks. This includes medical data hacking, supply chain theft, and other data-oriented safety issues on hygiene and product providence that we are experiencing now.
Final thoughts
At Ecosystm, we highlight how and where enterprises plan to invest and adopt technology while adding insights and expertise on to the use cases and trends. We are also able to reflect upon the agility of the same enterprises to make that technology investment count towards the next phase of their business model. In a post-COVID situation we see inventive ways enterprises are using technology. This is not only for societal benefit, but to make a difference in the marketplace. And mobile plays a key role in this next phase of engagements.
Simply put, cybersecurity is the protection of computer systems from cyber-attacks. This is made possible with multiple layers of security across the system, individual devices, enterprises and even nations against unauthorised access and exploitation.
Cybersecurity is a constant battle
Preventing cyberattacks is a challenging task for security professionals and to accomplish that, cybersecurity experts should stay ahead of cyber attackers and cybercriminals. A range of effective methods and technologies have been devised to strengthen cybersecurity. One important aspect of cybersecurity is identity and access management (IDAM). IDAM allows various defined levels of access on the basis of individual roles, administrator levels and even at a system level. The common IDAM methods include single sign-on systems, multi-factor authentication, privileged access management (PAM), biometrics, voice or facial recognition, and other distinctive physical attributes to verify and identify individuals. IDAM procedures are being implemented at all levels of businesses, enterprises and even for national-level security with the growth of eGovernment systems.
Another common security measure is Security Information and Event Management (SIEM) software and services. The term combines security information management (SIM) and security event management (SEM) and is provided by vendors as software or appliance. SIEM works by collecting log data and delivering real-time insights and generates security alerts using a range of techniques. SIEM is used by enterprises where compliance to a set, or sets, of rules is a strong factor. In addition, it also prevents interferences from individual attackers, organised crime groups, or other actors.
SIEM systems comprise three major components:
- Data collection. SIEM system collects logs and data from system activity, access, firewalls, application monitors, operating system layers and network traffic and generates an event every time activity happens.
- Data analysis. The SIEM system is tasked with correlating and analysing data in a format. The analysis is performed in various ways: log management and retention, event correlation, user activity monitoring, and predictive and forensic analysis.
- Another major step is reporting in the form of real-time alerts, dashboards, email and SMS notifications of events, analytical reporting, auditing and governance, and compliance.
The global Ecosystm Cybersecurity Study covers various cybersecurity solutions such as Crisis Communication solutions; Security Operations & Incident Response, IDAM and more. The study shows that organisations are primarily focusing more on Application, Data and Network level security, whereas, the other cybersecurity fields such as Crisis communication, Fraud transaction, IDAM, Threat Analysis and Reporting are looked down.
National Cybersecurity and Safety
Countries across the globe are accelerating their cybersecurity efforts to address risks, enhance public safety, protect communications, safeguard mission-critical applications and prevent threats. Cybersecurity is important to governments, where it is increasingly seen as an area of international conflict. Most countries have now setup their dedicated national cybersecurity centres, drawing on the capabilities of private industry, government and academic specialists in the area.
As cybersecurity threats have proliferated and computer technology has advanced, government data security compliance has become increasingly complex. The governments of various nations have set up compliances with a wave of new privacy regulations.
Security is an ongoing and constant effort which should be adopted at an individual, business, organisation, enterprise and national level. To strengthen cybersecurity there are many excellent solutions, a range of comprehensive suites and products. However, malicious parties and criminals are constantly employing new techniques and technologies. It is a new arms race, and there is no one size fits all solution.
Cybersecurity will remain an important topic of discussion on the world forum. 2020 is predicted to see an increasing number of state-sponsored cyber-attacks especially on utilities and public infrastructure. In addition, the number of AI based devices will increase which will receive specific attention from regulators for data and cybersecurity. Finally, there will be opportunities for mergers and acquisitions and investments in established cybersecurity providers to remain innovative and growing.
Here are the Top 5 Cybersecurity Trends for 2020, that we believe, will impact both businesses and consumers in 2020.
The Top 5 Cybersecurity Trends for 2020
The Top 5 Cybersecurity Trends for 2020 are drawn from the findings of the global Ecosystm Cybersecurity Study and is also based on qualitative research by Ecosystm Principal Advisors Alex Woerndle, Carl Woerndle and Claus Mortensen.
-
API Vulnerabilities will Become a Main Hacker Target
APIs grant access and provide transparency for developers – providing access and insights from both internal and external data. But they are inherently insecure. We have already seen several high-profile API breaches and announced API bugs. For example, in October 2018, Google had to shut down Google+ after an API bug exposed details for over 500,000 users.
We believe the problem will get significantly worse in 2020, with API attacks quickly becoming one of – if not the most – frequent target for hackers.
-
Operational Technology Security will Continue to Lag in 2020
Operational Technology (OT) refers to the hardware and software used to monitor and manage how devices that run on an organisation’s infrastructure perform. These devices have become smarter, remotely accessible and increasingly connected to networks. However, they were never designed with this in mind.
With organisations continuing to focus on data breaches – the investment in OT security will continue to lag. This will create a ‘security debt’ over coming years for those that do not invest in preventative controls now.
-
AI Training will Receive Attention from Regulators and the Public as a Possible Infringement of Privacy
News that Amazon’s Alexa was eavesdropping on its users, and that Apple’s Siri and Google’s Assistant, also kept recordings to help train their AI raised many concerns about how data to train AI is collected and stored. Apart from the initial consternation in the press and on social media, nothing much seems to have happened from a regulatory perspective.
2020 will be the year when AI training relying on consumer data will start to become regulated.
-
Major GDPR Fines in 2020 will Force MNCs to Invest in Security Compliance
GDPR came into effect in May 2018, but we still have not seen huge amounts of fines being issued in the EU. Only two fines were issued in 2018, while at least 17 were known to be issued in the first half of 2019, totalling about EUR 52 million. In the third quarter of 2019, at least 12 fines were issued totalling about EUR 328 million.
The trend is clear: Expect to see a magnitude of companies across EU be penalised in 2020. We also expect several fines above EUR 100 million and GDPR impacting countries outside the EU.
-
Mergers & Acquisitions will Ratchet up Significantly in 2020
The fragmented global security market consists of thousands of vendors and consultancies. Every day a swathe of new start-ups announces their ground-breaking new technology. Coupled with significant investments in tertiary education and industry certifications for a growing workforce, the next generation of cybersecurity entrepreneurs are entering with force.
We believe that this creates both threats and opportunities for established cybersecurity providers that need to remain innovative and growing. Similarly, this presents smaller or more niche cybersecurity start-ups with an avenue for funding or acquisition.
Ecosystm in partnership with SGInnovate, the government-backed organisation that promotes Deep Tech in Singapore, released a series of four reports covering areas of mutual interest: Cybersecurity, Artificial Intelligence, Cities of the Future and Healthtech. ‘Ecosystm Predicts: The Top 5 Cybersecurity Trends for 2020’ report is a part of this collaboration and is available for download from Ecosystm and SGInnovate websites.
Download Report: The top 5 Cybersecurity trends for 2020
The full findings and implications of the report ‘Ecosystm Predicts: The Top 5 Cybersecurity Trends for 2020’ are available for download from the Ecosystm platform. Signup for Free to download the report and gain insight into ‘the top 5 Cybersecurity trends for 2020’, implications for tech buyers, implications for tech vendors, insights, and more resources. Download Link Below ?

Global Telco Security Alliance formed by Singtel, Etisalat, Softbank, and Telefónica. The alliance which was formed last year in April 2018 in a pact to amalgamate the capabilities of telecommunications operators on security aspects and fight collectively against cyber attacks.
AT&T became the first North American operator to join the ranks of theAT&T joined as an equal member with other founding members of the group. Over the past few years, AT&T has been building its cybersecurity capabilities and has recently acquired AlienVault– a commercial and open source developer – to offer a platform that integrates and automates point security products to manage cyber attacks. AlienVault has been rebranded as AT&T Cybersecurity, and includes consulting and managed security services. Similarly, at the end of 2018, Singtel revealed the brand ‘Trustwave’ that combines the capabilities of partners such as Optus and NCS, to provide a comprehensive security suite and services to help organisations fight cybercrime.
With the rising risks of cyber-attacks, these initiatives are providing a synergistic front and helping organisations to analyse and act faster against cyber threats. The alliance plans to expand its global footprint and span across APAC, Europe, MEA and America.
Speaking about the alliance, Alex Woerndle, Principal Analyst Cybersecurity, Ecosystm says that, “Similar collaborations exists within other industries already – most commonly they use regular information-sharing sessions with the collective security teams to discuss what each is experiencing, what strategies and tactics have worked or failed, and provide details on the type and nature of attacks. The telcos – at a minimum – should be collaborating at that level. But given the global nature of this alliance, they will need to consider how they can aggregate threat information and share it in a more agile way on a day to day, hour to hour and minute to minute basis.”
The alliance accounts for a significant percentage of the overall traffic and is a tangible example of companies taking steps to fight cyber attacks. “As the threat landscape continues to expand there is an opportunity to broaden the intelligence – sharing what they collectively gather and analyse, to strengthen the defences of the broader market not just in their local geographies, and to impact globally”, says Woerndle. “Think of the immense opportunities to share intelligence gathered collectively by all the major telcos, to proactively prevent attacks on their clients – from other enterprises down to small/medium businesses and consumers. Law enforcement could benefit from the global telco collaboration, also”