The extraordinary value of digital communications has never been more apparent than during the past year. As COVID-19 swept the planet, businesses and individuals switched almost overnight to remote working, relying more than ever before on digital channels to stay productive, informed, connected, and entertained. For communication service providers (CSPs), responding to the enormous and rapid change in usage patterns was an overriding priority. At the same time, the cyber threat landscape intensified, as malicious actors capitalized on disruption to launch attacks on distributed workplaces. This meant provisioning had to be balanced with maintaining security and resilience.
Now, more than a year since the onset of the pandemic, CSPs are analyzing the impact of the actions they took to meet surging demand and the broader range of locations they had to serve. They are adapting strategic investment plans to ongoing changes and identifying priorities for focus in the years ahead. At this critical point, A10 Networks surveyed more than 1,200 senior IT professionals, from a range of CSPs worldwide, to discover what lasting effects they are seeing on their subscribers and the enterprises they serve. The results reveal the extent to which “business-as-usual” is a thing of the past for global CSPs.
Changes in demand: immediate, universal, and here to stay
As billions turned to digital tools for news and to work productively, 99% of the service providers we surveyed saw a dramatic surge in demand, up by 55% on average. As a result, more than half of them scaled up infrastructure across their network, and 54% did so in specific high-demand locations. Faced with a much more distributed environment and a broader attack surface, 47% invested more heavily in security and 55% say this must be a priority for the future.
This is at least partly because the majority of service providers believe there has been a long-term change in how and where their customers expect employees to work. Two-thirds said that their customers will continue to operate with employees working from home post-pandemic. Consequently, relationships with customers have changed – 56% say customers are now demanding more self-serve options such as online portals, while just over half are seeing increasing customer concern about the resilience of their service provider and how it can underpin business continuity.
Certainly, awareness of the extent to which businesses and individuals rely on digital networks has grown exponentially in the past year, meaning service providers must focus on delivering highly reliable connectivity and minimizing any disruptive downtime. This was reflected in the investment priorities listed among the surveyed IT professionals: upgrading firewalls and security appliances, and adding DDoS protection and mitigation measures are all firmly in the roadmap for the coming year.
Overall, 52% of respondents plan to increase security investments over the next three years.
Enterprise customers face growing security challenges and are open to alternative providers as a result
CSPs are seeing customers striving to adapt to an escalating threat environment and a distributed network. Our survey respondents reported that many are pursuing better endpoint security, updating BYOD policies, and rolling out multi-factor authentication as they aim to mitigate growing cyberthreats.
Enterprise customers are also asking more rigorous questions of their service providers, requiring end-to-end security service level agreements in more than half of cases. Traditional CSPs must step up to this challenge and ensure that they can offer the protection and assurance customers need, because there is strong evidence that clients are prepared to look outside the conventional telco supplier list in a bid to enhance security. Three in five IT professionals surveyed said that enterprise customers are splitting workloads and traffic between traditional telcos and non-telco cloud platform suppliers to ensure resiliency. Correspondingly, half said that customers are now expanding their RFP list to include non-telco providers – a sign that this is a long-term strategy.
These changes to the customer purchasing strategy are significant and will see greater competition, with pressure on traditional telcos to offer more comprehensive services with uptime assurances that match rising customer demand.
5G and multi-cloud environments pose security concerns
The pandemic coincided with the rollout of 5G networks and precipitated a rapid shift to the cloud, giving service providers several fronts on which to manage major change. They anticipate a range of security challenges as the 5G shift progresses with the top concern being maintaining quality service and avoiding outages. One in five IT professionals said that unpredictable usage and changing traffic patterns were a top concern, while a similar number cited the growing threats of DDoS attacks on their now highly distributed network architecture.
Avoiding service outages was also a prime concern around managing subscribers across multi-cloud environments, together with compliance issues and ensuring a consistent subscriber experience.
It is evident from the concerns and priorities revealed by our research that service providers have customer experience and service resilience firmly at the top of their to-do lists as customer expectations, their purchasing strategies and the network environment undergo pandemic-accelerated change. A thread running through many responses was the threat posed by DDoS attacks, with almost half of service providers saying investment in DDoS mitigation across the network infrastructure was a priority, and the same number saying it is the top additional capability needed to protect against attacks that threaten network availability.
As service providers continue responding to the dramatic and widespread impacts of the pandemic, they will need to defend against non-telco competitors and deliver high availability and security assurance. Maximum uptime and data protection are paramount in the prevailing remote work environment, meaning investment in these areas will pay dividends. With a resurgence in DDoS attacks in the second half of 2020 – more than 12.5 million DDoS weapons were tracked by A10 researchers – this must be a critical area of focus.
About the Authors
Sanjai Gangadharan is the Area Vice President, South ASEAN, A10 Networks. In his role, Gangadharan leads multiple teams of sales and sales consulting professionals that are focused on delivering A10 Networks’ next-gen security solutions to customers. Under his role, he continues to build and evolve A10 Networks to drive scale and revenue growth in the SAARC region, accelerate time to market, accelerate distribution, increase the company’s market share across all product lines and solutions and ensure customer satisfaction across SAARC regions. Leading the Indian business for over four years, Gangadharan has been empowering the Indian business to emphasize on innovation, develop business in emerging technology areas and manage strategic relationships with various stakeholders.
Adrian Taylor, Regional VP, A10 Networks. Adrian is an established sales leader with over 25 years of experience in developing global and multinational accounts, across a wide range of emerging networking technologies. Joining A10 Networks in September 2018, Adrian is responsible for driving growth through direct customer engagements, as well as leveraging channel, service provider, and technology partnerships. Before moving into his new role, Adrian spent over three years leading software sales at Brocade, which was later acquired by Pulse Secure. Prior to this, he spent 13 years in senior positions at Cisco, where he first developed a strong understanding of cloud computing, while managing teams across EMEA and Russia, and driving a large proportion of channel and cloud sales for the business. Always one for a challenge, Adrian likes to push the limits within his role and explore new ways of driving A10 Networks’ product sales forward, while finding new and disruptive routes to market.
Views expressed in this article are personal. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same.