October Data Digest: Spooky Stats

October Data Digest: Spooky Stats

Lore has it that vampires can only enter your home if invited in. Similarly, I can only scare you with spooky stats if you invite me into your inbox.

The only problem is that most of the stats I have aren't spooky this month. I mean, there's the alarming finding from a 2023 IDC Threat Report reported by EfficientIP that 90% of organizations have experienced DNS attacks, with each attack costing an average of $1.1 million. And scarier, perhaps, was that every organization suffers an average of 7.5 DNS attacks per year.

That's scary because most folks seem to sweep DNS under the rug, even though it's one of the most fundamental functions provided by application delivery. It's like we forgot about the early days of web applications when we had to prove that DNS significantly contributes to the user experience, especially as the number of components comprising a web "app" increase. Because you have to resolve those FQDNs, you know, and that adds latency to load time.

Remember that, because it's still relevant as we shift to conversational AI performance, which Agora notes is critical to keep under 275 milliseconds to maintain user satisfaction. Yes, that is faster than the blink of eye, but apparently delays beyond this threshold are noticeable.

And that really means that #API #performance is important, because a significant percentage of those conversational AI applications are enabled by APIs, just like industries that rely on #headless #architecture.

Now, calm down, headless architecture isn't like the headless horseman. It's a description of applications whose only interface is an API, allowing users of the application to build their own apps from those APIs. And it's not a minor thing, as the State of Headless 2024 discovered that 73% of all businesses are currently using headless web architecture, a nearly 40% increase from 2019.

So all that reliance on APIs might be a problem if you consider our latest finding that more than 30% of public-facing APIs are secured by ... nothing. No API Security, no HTTPS, nada. That's pretty frightening, isn't it?

But scarier (to me) is the lack of attention being paid to securing operational APIs. Yeah, you know, the ones that are used today to manage, oh, everything from network to storage to application delivery? Those APIs are important to #AIOps, which is really gaining notice in the market - especially for folks fed up with the complexity of managing all that infrastructure in their hybrid multicloud estate. Which is like 95% of them.

It really is growing - take a gander in my big old pot of data:

  • A growing number of organizations are adopting AIOps to enhance cloud and hybrid infrastructure management, with 82% of surveyed professionals planning to expand their automation tools for better orchestration in complex environments(Stonebranch ).
  • The use of generative AI in AIOps is accelerating, with 90% of professionals actively using or planning to use AI in automation. AI is being applied in tasks such as code writing, testing, and documentation to streamline automation processes(UiPath, Inc. )(EdgeVerve ).
  • 67% say using AI to help with network ops, specifically, to simplify operations, automate complex tasks, and accelerate remediation of performance issues. Extra bonus point: 51% of respondents planning to deploy AI-enabled endpoint recognition and policy management (Cisco 2024 Global Networking Trends)

So yeah, AIOps is real and it's going to be a huge shift in IT. But not that it's not just about generative AI. Cisco points out that within two years, 61% of respondents plan to simplify their data center network operations? with an AI-native platform approach that facilitates predictive operational insights to support more efficient and secure data center management of workloads and services across NetOps, DevOps, and CloudOps.

It's coming, and APIs are going to play a significant role in making it all work. So the reality that most folks aren't paying attention to the security of those APIs should really scare the pants off ya because unlike vampires, attackers don't wait to be invited in.

Until it's time for Turkey Day Data, have a great month, and stay safe out there!


Brad L.

Solution & Partner Architecture, Senior Director | GCP & AWS | Inframod | Datamod | Security | I help companies innovate and grow 3x faster with 3x fewer resources, with pragmatic solutions and strategic alliances.

3 周

Great content, as always, friend!

回复

要查看或添加评论,请登录

社区洞察

其他会员也浏览了