Article by Sanjai Gangadharan, Regional Director, SAARC, A10 Networks & Adrian Taylor, Regional VP, A10 Networks for SMEStreet.
The extraordinary value of digital communications has never been more apparent than during the past year. As COVID-19 swept the planet, businesses and individuals switched almost overnight to remote working, relying more than ever before on digital channels to stay productive, informed, connected, and entertained. For communication service providers (CSPs), responding to the enormous and rapid change in usage patterns was an overriding priority. At the same time, the cyber threat landscape intensified, as malicious actors capitalised on disruption to launch attacks on distributed workplaces. This meant provisioning had to be balanced with maintaining security and resilience.
Now, more than a year since the onset of the pandemic, CSPs are analysing the impact of the actions they took to meet surging demand and the broader range of locations they had to serve. They are adapting strategic investment plans to ongoing changes and identifying priorities for focus in the years ahead. At this critical point, A10 Networks has surveyed more than 1200 senior IT professionals, from a range of CSPs worldwide, to discover what lasting effects they are seeing on their subscribers and the enterprises they serve. The results reveal the extent to which “business-as-usual” is a thing of the past for global CSPs.
Changes in demand: immediate, universal, and here to stay
As billions turned to digital tools for news and to stay working productively, 99% of the service providers we surveyed saw a dramatic surge in demand, up by 55% on average. As a result, more than half of them scaled up infrastructure across their network, and 54% did so in specific high-demand locations. Faced with a much more distributed environment and a broader attack surface, 47% invested more heavily in security and 55% say this must be a priority for the future.
This is at least partly because the majority of service providers believe there has been a long-term change in how and where their customers expect employees to work. Two-thirds said that their customers will continue to operate with employees working from home post-pandemic. Consequently, relationships with customers have changed – 56% say customers are now demanding more self-serve options such as online portals, while just over half are seeing increasing customer concern about the resilience of their service provider and how it can underpin business continuity.
Certainly, awareness of the extent to which businesses and individuals rely on digital networks has grown exponentially in the past year, meaning service providers must focus on delivering highly reliable connectivity and minimising any disruptive downtime. This was reflected in the investment priorities listed among the surveyed IT professionals: upgrading firewalls and security appliances, and adding DDoS protection and mitigation measures are all firmly in the roadmap for the coming year.
Overall, 52% of respondents plan to increase security investments over the next three years.
Enterprise customers face growing security challenges and are open to alternative providers as a result
CSPs are seeing customers striving to adapt to an escalating threat environment and a distributed network. Our survey respondents reported that many are pursuing better endpoint security, updating BYOD policies, and rolling out multi-factor authentication as they aim to mitigate growing cyberthreats.
Enterprise customers are also asking more rigorous questions of their service providers, requiring end-to-end security service level agreements in more than half of cases. Traditional CSPs must step up to this challenge and ensure that they can offer the protection and assurance customers need, because there is strong evidence that clients are prepared to look outside the conventional telco supplier list in a bid to enhance security. Three in five IT professionals surveyed said that enterprise customers are splitting workloads and traffic between traditional telcos and non-telco cloud platform suppliers to ensure resiliency. Correspondingly, half said that customers are now expanding their RFP list to include non-telco providers – a sign that this is a long-term strategy.
These changes to the customer purchasing strategy are significant and will see greater competition, with pressure on traditional telcos to offer more comprehensive services with uptime assurances that match rising customer demand.
5G and multi-cloud environments pose security concerns
The pandemic coincided with the rollout of 5G networks and precipitated a rapid shift to the cloud, giving service providers several fronts on which to manage major change. They anticipate a range of security challenges as the 5G shift progresses with the top concern being maintaining a quality service and avoiding outages. One in five IT professionals said that unpredictable usage and changing traffic patterns were a top concern, while a similar number cited the growing threats of DDoS attacks on their now highly distributed network architecture.
Avoiding service outages was also a prime concern around managing subscribers across multi-cloud environments, together with compliance issues and ensuring a consistent subscriber experience.
It is evident from the concerns and priorities revealed by our research that service providers have customer experience and service resilience firmly at the top of their to-do list as customer expectations, their purchasing strategies and the network environment undergo pandemic-accelerated change. A thread running through many responses was the threat posed by DDoS attacks, with almost half of service providers saying investment in DDoS mitigation across the network infrastructure was a priority and the same number saying it is the top additional capability needed to protect against attacks that threaten network availability.
As service providers continue responding to the dramatic and widespread impacts of the pandemic, they will need to defend against non-telco competitors and deliver high availability and security assurance. Maximum uptime and data protection are paramount in the prevailing remote work environment, meaning investment in these areas will pay dividends. With a resurgence in DDoS attacks in the second half of 2020 – more than 12.5 million DDoS weapons were tracked by A10 researchers – this must be a critical area of focus.