Industry executives and experts share their predictions for 2019.  Read them in this 11th annual VMblog.com series exclusive.

Contributed by Doug Dooley, Chief Operating Officer, Data Theorem

The Future of Software, App Security and DevOps for 2019

In 2019, enterprises will start exploring how to support customers by collecting & storing less data. Data breaches will not be an outliner, but a "it happens" type of thing. Instead of pouring endless dollars on preventing breaches, organizations will start to explore how to minimize the impact when a data breach occurs.  Public pressure will continue to rise, possibly given the CSO a seat on the earnings call. Similar how CFOs talk about the financial health of a company, the CSO may be ask to join the call to discuss the security health of the company. Below are predictions for 2019 that apply to the future of software, application security, and DevOps.

• Serverless applications will surpass applications built in Docker containers. In 2017, Docker reached 24% adoption while Lambda reached 23.5% adoption among Amazon Web Services customers. Yet, the adoption rate of serverless and cost savings are dramatically better than what virtual containers can offer. Amazon, Google, and Microsoft are all pushing serverless because it's easier and cheaper for their customers. Also, once apps are built using serverless frameworks, there's a higher switch-over cost to go from one cloud to another. Brand loyalty is something every subscription service is hoping to achieve. Amazon, Google, and Microsoft are strengthening their offerings with serverless in the cloud.
• APIs will be one of best revenue enablers for both companies and hackers. Businesses are getting savvy about how to monetize their data. They are using their "big data investments" from past years to finally create to new revenue streams by anonymizing and selling their proprietary data to other business partners and third-parties. Securing APIs with authentication and encryption are the modern mechanisms to share data globally. However, in 2018, there were over a dozen big businesses making headlines from data breaches where their APIs were hacked and sensitive customer data was stolen. The trend of more APIs will continue to generate new revenue streams but also more headlines of data breaches.
• Mobile apps will finally overtake web app usage for Fortune 500 banking customers. Web browser apps have remained the primary way customers interact with financial services software. Big banks believed their customers and employees needed to work on larger screens to understand all the relevant financial information being presented. However, mobile application design and consumer preference have reached a level where the perceived value of desktop browsers is no longer necessary, even for important financial decisions. Further, with SSL Pinning, a banking application built on mobile can deliver better privacy and security than a traditional browser.
• Artificial Intelligence (AI) software won't have a clear use case in IT security. Despite the promise of artificial intelligence, we will have to wait a bit longer before there is a distinct use case in IT security where AI software is the clear winner.  Machine learning with human assistance has been augmenting a variety of processes in DevOps and IT security but a self-learning AI systems has yet to take hold of any use case in IT security. Many experts believe self-learning AI software for security is on the horizon but we aren't likely to see it in 2019.
• Security within DevOps will remain an afterthought for most businesses. The practices of Agile and DevOps are being adopted widely among mainstream businesses. Applications are being updated in production on a weekly and even daily basis where in the past it would happen only a few times annually. The most innovative companies have started to integrate security into their DevOps practices. However, the traditions of most IT security teams remain at odds with successful DevOps teams. As a result, we will have to wait before DevSecOps i.e. security integrated into DevOps is a common practice.
  

##

About the Author

Doug Dooley, Chief Operating Officer

Doug is the Chief Operating Officer of Data Theorem. He heads up product strategy, marketing, sales, and customer success teams. Before joining Data Theorem, Dooley worked in venture capital leading investments of cloud-centric security, machine-learning, and infrastructure startups for Venrock. While at Venrock, Dooley served on the boards of Evident.io (Palo Alto Networks), Niara (HPE), and VeloCloud (VMware). Prior to Venrock, Dooley spent almost two decades as an entrepreneur and technology executive at some of the most innovative and market dominant technology infrastructure companies - ranging from large corporations such as Cisco and Intel to security and virtualization startups such as Neoteris, NetScreen, and RingCube. Earlier in his career, he held various management, engineering, sales, and marketing roles at Juniper Networks, Inktomi, and Nortel Networks. Dooley earned a B.S. in Computer Engineering from Virginia Tech.