An April Assortment of Data
Well, it's hailing outside right now because, April. And like the weather in Wisconsin, which is basically all four seasons in the space of twenty-four hours, this month's assortment of data is basically a potluck of research. I've got API security, AI and data, connectivity, multi-cloud, and observability and a whole lot of snark.
No, I don't have anything on generative AI specifically because honestly, the space is moving so fast that whatever data point I shared would be obsolete before the first packet hit a peering point. But I am watching, and was nearly giddy when I saw the introduction of AutoGPT and AgentGPT because THIS is the use of AI you didn't know you were waiting for. Well, I did, but most folks didn't. Trust me - this is going to be awesome to see.
In the meantime, I'm going to throw some data at you, in no particular order because this is a Midwest potluck and we just toss our dishes wherever there's room.
Grab a plate and dig in!
API Security
First up is Salt Security's State of API Security Report Q1 2023 . Nothing in here should be surprising if you've been paying attention. Nearly 8 in 10 (78%) of attacks come from seemingly legitimate users, but are actually attackers who have maliciously achieved the proper authentication. Yeah. Credential stuffing remains a thing, most of us could use the dark web as a password manager, and the most popular password in 2023 is apparently 123456, which takes ::checks notes:: a five year old about 4 seconds to crack. I did find the discussion around orphaned APIs interesting, mostly because it felt like deja vu. Like, didn't we have this talk back when orphaned accounts was the problem du jour? Yeah. Asset management sucks, but when your assets are digital and exposed, you best get on that. Now.
Multi-Cloud
Nutanix 5th Annual Enterprise Cloud Index? brought me all sorts of stats that were basically saying, "Lori, you are right." That makes me happy, of course. Like nearly half (46%) of respondents plan to repatriate some apps to on-premises datacenters. And then there's the majority of respondents (86%) that identified running high-performance workloads like data analytics, AI, and ML, as a challenge with their current infrastructure. Yup. And then there's this nugget: 94%?of respondents say they'd benefit from having a single, unified place to manage applications and data across their diverse environments. Did I hear someone say supercloud? Yeah, I thought I did.
Observability
I grabbed the StackState Observability Innovation Report 2023? cause it mentioned OpenTelemetry and I'm a huge fan of OTEL. So is the market: adoption is significant with 32% of respondents indicating it is required and 50% indicating it is very important in vendor products. Slightly more than one-third (36%) of respondents use OpenTelemetry within their organization.?But here was the data point I loved, because I absolutely adore statistics that let me challenge the status quo belief about who the target persona is for certain technologies. The persona who is primarily responsible for observability is - drum roll please - IT Operations (41%). You know where developers were on that list? THEY WEREN'T. Okay. Nuff said. Let's move on.
领英推荐
Connectivity
I'm not sure why this is called the connectivity benchmark when it's really about APIs and integration, but not my report, not my decision, right? Regardless, the MuleSoft 2023 Connectivity Benchmark? is chock full of all the goodness I've come to expect from this strangely-named report. There's encouraging stats on infrastructure progress. This year only half say it’s difficult to make changes (54%) or introduce new technology (54%), compared to 74% and 70% last year respectively. RPA adoption is increasing, up 20% from two years ago. Now go back and read that bit about generative AI in the intro. Go ahead, I'll wait... Also, MuleSoft claims that enterprise are, on average, using 1061 different applications. Sorry, I disbelieve. I know there are a lot of applications in every organization, but that's so large a number that I call shenanigans. I don't ask this kind of question in my research because I don't believe you can trust the answers. Like, did you go count them all? Where's the list?? Didn't think so.
Data and AI
So this is really a report about how much we still need to do to take advantage of data and AI, and it's from MIT - Building a high performance data and AI organization . So guess what folks said the number one challenge to delivering on their data strategies was? Nope. No again. Not that either. If you said the lack of a central place to store and discover ML models?along with 55% of respondents to the MIT survey, you'd be right. One of the things we seem to be ignoring or perhaps we just haven't realized yet is that ML models are code and data. They need to be treated like it, with a well-defined pipeline and processes and a place to store them. Goodness, if folks are struggling with siloed data today - and they are according to that MuleSoft report I just referenced - imagine the mess when they add one hundred and twenty-three ML models to the mix.
Oooh, that alliteration worked really well, didn't it?
What's Next
I'd like to say that May will bring a more rational approach to the data I'm sharing, but I can't. I've got my fingers in API Security, OpenTelemetry, Zero Trust, Digital Transformation, and, of course, all the AI I can absorb. Have I missed any buzzwords? Because I feel like I missed one or two.
I also feel a shift coming to a focus on Zero Trust as a holistic approach rather than a bottoms-up "let's rely on the network" approach that I see far too many folks proposing. Because seriously, attackers are coming in the API windows, people, not the L2/3 doors. It's all important, of course, but there is not enough talk about Zero Trust and the upper layers of the stack.
But we'll see what May brings, because like the market right now, my to do list is CHAOS.
Until next month, take care out there!