
Industry executives and experts share their predictions for 2019. Read them in this 11th annual VMblog.com series exclusive.
Contributed by Doug Dooley, Chief Operating Officer, Data Theorem
The Future of Software, App Security and DevOps for 2019
In 2019, enterprises will start exploring how to support
customers by collecting & storing less data. Data breaches will not be an
outliner, but a "it happens" type of thing. Instead of pouring endless dollars
on preventing breaches, organizations will start to explore how to minimize the
impact when a data breach occurs. Public pressure will continue to rise,
possibly given the CSO a seat on the earnings call. Similar how CFOs talk about
the financial health of a company, the CSO may be ask to join the call to
discuss the security health of the company. Below are predictions for 2019 that
apply to the future of software, application security, and DevOps.
- Serverless applications
will surpass applications built in Docker containers. In 2017, Docker
reached 24% adoption while Lambda reached 23.5% adoption among Amazon Web
Services customers. Yet, the adoption rate of serverless and cost savings
are dramatically better than what virtual containers can offer. Amazon,
Google, and Microsoft are all pushing serverless because it's easier and
cheaper for their customers. Also, once apps are built using serverless
frameworks, there's a higher switch-over cost to go from one cloud to
another. Brand loyalty is something every subscription service is hoping
to achieve. Amazon, Google, and Microsoft are strengthening their
offerings with serverless in the cloud.
- APIs will be one of best
revenue enablers for both companies and hackers. Businesses are getting
savvy about how to monetize their data. They are using their "big data
investments" from past years to finally create to new revenue streams by
anonymizing and selling their proprietary data to other business partners
and third-parties. Securing APIs with authentication and encryption are
the modern mechanisms to share data globally. However, in 2018, there were
over a dozen big businesses making headlines from data breaches where
their APIs were hacked and sensitive customer data was stolen. The trend
of more APIs will continue to generate new revenue streams but also more
headlines of data breaches.
- Mobile apps will finally
overtake web app usage for Fortune 500 banking customers. Web browser apps have
remained the primary way customers interact with financial services
software. Big banks believed their customers and employees needed to work
on larger screens to understand all the relevant financial information
being presented. However, mobile application design and consumer
preference have reached a level where the perceived value of desktop
browsers is no longer necessary, even for important financial decisions.
Further, with SSL Pinning, a banking application built on mobile can
deliver better privacy and security than a traditional browser.
- Artificial Intelligence
(AI) software won't have a clear use case in IT security. Despite the promise of
artificial intelligence, we will have to wait a bit longer before there is
a distinct use case in IT security where AI software is the clear
winner. Machine learning with human assistance has been augmenting a
variety of processes in DevOps and IT security but a self-learning AI
systems has yet to take hold of any use case in IT security. Many experts
believe self-learning AI software for security is on the horizon but we
aren't likely to see it in 2019.
- Security within DevOps will remain an afterthought for
most businesses. The practices of Agile and DevOps are being
adopted widely among mainstream businesses. Applications are being updated in
production on a weekly and even daily basis where in the past it would happen
only a few times annually. The most innovative companies have started to
integrate security into their DevOps practices. However, the traditions of most
IT security teams remain at odds with successful DevOps teams. As a result, we
will have to wait before DevSecOps i.e. security integrated into DevOps is a
common practice.
##
About the Author

Doug Dooley, Chief Operating Officer
Doug is the Chief Operating Officer of Data Theorem. He heads up product strategy,
marketing, sales, and customer success teams. Before joining Data Theorem,
Dooley worked in venture capital leading investments of cloud-centric security,
machine-learning, and infrastructure startups for Venrock. While at Venrock,
Dooley served on the boards of Evident.io (Palo Alto Networks), Niara (HPE),
and VeloCloud (VMware). Prior to Venrock, Dooley spent almost two decades as an
entrepreneur and technology executive at some of the most innovative and market
dominant technology infrastructure companies - ranging from large corporations
such as Cisco and Intel to security and virtualization startups such as Neoteris,
NetScreen, and RingCube. Earlier in his career, he held various management,
engineering, sales, and marketing roles at Juniper Networks, Inktomi, and
Nortel Networks. Dooley earned a B.S. in Computer Engineering from Virginia
Tech.