Written by BOCA Clients
BOCA is proud to work with some of the brightest minds and most innovative thinkers. As we close the door on 2022, we look ahead to 2023 and all that it will bring. We asked a few of our BOCA clients to share their predictions for the new year. Read on to hear what they had to say…
Mohan Kompella, VP of Product Marketing
- Due to the current economic climate and an increasing number of tech and IT layoffs, in 2023, the risk of IT outages will inherently increase as enterprises are forced to do more with less. These outages will lead to longer, more frequent business disruptions that impact customer experiences and cost organizations upwards of $12k/minute when an outage occurs. Enterprises will have to take a close look at existing observability and network management tools, their value – or the lack thereof – and any redundancies to create more efficient processes – at a lower cost.
- Very similar to what we saw at the start of the pandemic, the 2023 recession environment will force organizations to figure out how to scale through technology like automation and AIOps and not through head count. As companies implement hiring freezes and are forced to work with flat budgets, in addition to cutting staff, companies must identify ways to support existing employees and create a less stressful work environment for their IT, SRE and DevOps teams to avoid employee burnout. Effective, automated solutions that address these challenges will become a must-have.
Chris Bowen, CISO and founder
It’s never too late for policy to evolve; in 2023, it finally might
- As biometric and AI-driven healthcare technologies become more pervasive, we will need a federal policy that governs how personal data is collected, managed, and used. It’s unsettling that mobile app creators can collect health-related data that does not have federal data protection. The current administration has announced new guidelines, though many of these policy updates are incremental steps that don’t go far enough in protecting data. The policy must evolve at the same rate technology, and cyber threats do. With that in mind, any CISO will tell you it’s never too late to mature the current approaches since the next threat or attack is around the corner.
- Senator Warner’s latest call for policy inputs focuses on cybersecurity monitoring and reporting in healthcare. This emphasis is necessary. Another vision should include scalable, systematized detection, threat pattern analysis, and response. Policies will shift to incent a focus on good operational hygiene, like vulnerability management, end-of-life software management, patching, robust identity management, and enforcing the principles of least privilege.
- As ransomware continues to ravage the healthcare sector, federal law enforcement will get more aggressive in its efforts to thwart attacks. In the same spirit, they will begin to make examples of those who attack health systems.
Budgets may be cut, but not for healthcare cybersecurity.
- There is a common assumption that the healthcare industry is recession-proof. In 2023, the same will be valid for cybersecurity in healthcare. With the introduction of every new healthcare app or technology, the attack surface multiplies, and the need increases to secure the environment. Patients will demand it, attorneys general and the OCR will investigate it, and class action lawyers will continue to profit from it. To meet these demands, healthcare organizations will increase cybersecurity budgets – in some cases by more than 15% compared to 2022.
Stephen Chin, VP of Developer Relations
The Emergence of More Open Source Program Offices in 2023
- Currently associated with the office of the CTO, the primary focus of open source program offices (OSPOs) has been compliance. With the increased focus on software supply chain security, there is added importance on someone overseeing a program and managing the secure use of open source software that is consumed by the organization. Today, a bulk of the curation process is performed by DevOps or security teams. Stephen Chin, VP of Developer Relations at JFrog, believes there will be a greater focus of OSPOs to take ownership of the curation of open source libraries and packages in 2023.
Asanka Abeysinghe, Chief Technology Evangelist
Middleware Disappears Further into Code and Infrastructure
- In 2023, we can expect to see middleware disappear further into code and infrastructure. We are already experiencing this trend with modern, open-source programming languages. For example, Go and Kotlin have introduced capabilities for cloud native development. Meanwhile, the open-source cloud native Ballerina programming language goes a step further by embedding middleware capabilities inside the language itself. Network interactions, data types, and constructs like services and APIs are first-level citizens in Ballerina, creating a new cloud native programming model in which middleware capabilities are used while coding.
- Another trend is mega clouds that provide infrastructure as a service (IaaS)-enabled middleware capabilities via APIs, which have become the new dynamic link libraries (DLLs). So, for example, message queues, storage and security policies are open for developers to consume in applications running on the IaaS. But these are vendor-specific services. Kubernetes addresses the issue of cloud lock-in by bringing an open standard to the cloud native world, and it enables basic middleware capabilities as components.