Widespread integration of AI into enterprise applications, predicted to grow as early as 2025, could further complicate the already difficult management of hybrid multi-cloud strategies in Australia and APAC regions and make them more unsustainable, application delivery and security firm F5 says .
Kara Sprague, executive vice president of F5, told TechRepublic Australia that the growth of AI applications will accelerate the complexity, cost and attacks associated with enterprise use of various environments, including cloud and on-premise systems.
To address these challenges, F5, which is intended to serve as the ultimate abstraction layer for enterprises, proposes two potential solutions:
- Simplify the environment: Businesses could streamline their operations by reducing the number of environments they use.
- Adopt an abstraction layer: Using the abstraction path could provide better control over different IT systems.
AI is expected to move into applications in 2025 and 2026
F5 expects that enterprises will begin to widely adopt AI services and models in 2025, and they will likely begin to appear en masse in enterprise applications.
“Artificial intelligence will be built in and facilitate the functionality of many existing IT solutions,” Sprague said.
Analyst firm IDC predicted in January 2024 that by 2026, half of all medium-sized enterprises in the Asia-Pacific region, excluding Japan, are expected to use generative applications based on artificial intelligence to automate and optimize their marketing and sales processes.
SEE: 9 Innovative AI Business Use Cases
“Every security player is building some sort of AI assistant or co-pilot into their consoles,” Sprague added. “In addition, you’ll also see many more use cases with new spending to support AI workloads.”
The Growing “Crisis” Driven by Artificial Intelligence
Integrating AI into enterprise applications could intensify the “crisis” that F5 says businesses have with managing “unsustainable” hybrid, multi-cloud strategies.
“It’s pouring gasoline on what we describe as a fireball,” Sprague said. “Where we are today, at the dawn of AI, nine out of 10 organizations end up with their applications and data not in one public cloud, but in as many as four different environments.”
These environments include public clouds, SaaS providers, colocation services, on-premise and edge. Artificial intelligence is expected to catalyze “a whole host of new modern AI-based applications” with a strong focus on the application programming interfaces that come before those applications.
“AI will drive the increasing distribution of applications and data across hybrid multi-cloud environments,” she explained. “So for every one of those things that have already happened over the last seven years in terms of the growing distribution of applications and data and the growing number of applications and APIs that have increased the threat surface, AI is simply going to accelerate all of that.”
Dive into potential solutions
To deal with this growing complexity, enterprises can either look to rationalize their existing footprints across hybrid multi-cloud environments or adopt an efficient abstraction layer to effectively manage their applications and underlying environments.
“These are basically the archetypes of available solutions,” Sprague said. “So you either reverse course and rationalize to a smaller number of environments, or you abstract environments in a way that you know makes logical sense to the business.”
Rationalization of the business environment
Enterprises can aggressively streamline the environments they support, Sprague said, and join the small number of companies that have managed to stick with one public cloud. But she said she could “count the number of companies that have done it on one hand.”
SEE: Cloud and cyber security drive IT spending in Australia in 2024
Sticking to one public cloud would “require an incredible amount of discipline,” Sprague said. This strategy could also lead to companies being limited to the innovation of a single cloud provider, which may not be prudent given that AI could lead to shifts in market share and profit between providers.
Select an abstraction layer to better manage multicloud
Enterprises can achieve greater control through an abstraction layer. One variation is hypervisor-level abstraction, similar to Red Hat OpenShift, which allows organizations to move OpenShift-based applications across any supporting environment.
Abstraction F5 is built on elements L4-L7 of the Open Systems Interconnection model. This approach can drive “all security and application delivery while remaining agnostic to the hypervisor or Kubernetes distribution all the way,” Sprague said.
Layer abstractions come in different stripes from different vendors
Few companies offer abstraction layers across all environments. For example, dominant cloud providers such as Microsoft, Google, and Amazon excel at securing, delivering, and optimizing applications in their own environments, but are less effective at extending these capabilities to other environments, including on-premise.
Other companies in the application delivery controller, content delivery network, or edge spaces may lack the ability to scale from on-premise to cloud environments or vice versa. This leaves a small group of organizations that abstract neutrally across a growing number of environments. F5 falls into this category.
“Over the past five years, we’ve completed a number of acquisitions to get to the point where today we can definitively say that we are the only solution provider that secures, delivers and optimizes any application, any API, anywhere,” said Sprague. .
API attacks are increasing rapidly
Attacks targeting APIs now account for more than 90% of the attacks F5 has seen on its infrastructure.
“Just a couple of quarters ago it was more like 70% or 75%,” Sprague said. “API security is an incredibly important element of security that is often poorly understood by businesses.”
AI will only increase this exposure. “The more distributed your applications and your data, the larger the threat area you have to cover,” explained Sprague. “And you combine that with cyber attackers powered by artificial intelligence and that’s a recipe for greater risk.”
Take a holistic approach to API discovery
F5 advises enterprises to think of API discovery for security as an iceberg.
“If you finally feel like you have your hands around where your applications are, the APIs are everything beneath the surface of those applications, so multiple paths and lenses of discovery are needed,” Sprague said.
This should include real-time traffic analysis offered by most API security players, static testing and analysis of application code, dynamic testing or code scanning, and external application threat modeling and assessment to provide an outside view of vulnerabilities that exist within the organization. publicly accessible web applications.
Sprague adds that it’s important to subsequently “close the loop” between discovering APIs and protecting those APIs through runtime enforcement. “We would argue for a very complex and holistic lens in discovery,” Sprague said.