AT&T Cybersecurity is committed to providing thought leadership to help you strategically plan for an evolving cybersecurity landscape. Our 2023 AT&T Cybersecurity Insights Report: Edge Ecosystem is now available.
It describes the common characteristics of an edge computing environment, the top use cases and security trends, and key recommendations for strategic planning.
This is the 12th edition of our vendor-neutral and forward-looking report. During the last four years, the annual AT&T Cybersecurity Insights Report has focused on edge migration. Past reports have documented how we
This year’s report reveals how the edge ecosystem is maturing along with our guidance on adapting and managing this new era of computing.
Watch the webcast to hear more about our findings.
The robust quantitative field survey reached 1,418 professionals in security, IT, application development, and line of business from around the world. The qualitative research tapped subject matter experts across the cybersecurity industry.
At the onset of our research, we set out to find the following:
- Momentum of edge computing in the market.
- Collaboration approaches to connecting and securing the edge ecosystem.
- Perceived risk and benefit of the common use cases in each industry surveyed.
The results focus on common edge use cases in seven vertical industries – healthcare, retail, finance, manufacturing, energy and utilities, transportation, and U.S. SLED and delivers actionable advice for securing and connecting an edge ecosystem – including external trusted advisors. Finally, it examines cybersecurity and the broader edge ecosystem of networking, service providers, and top use cases.
As with any piece of primary research, we found some surprising and some not-so-surprising answers to these three broad questions.
Edge Computing Has Expanded, Creating a New Ecosystem
Because our survey focused on leaders who are using edge to solve business problems, the research revealed a set of common characteristics that respondents agreed define edge computing.
- A distributed model of management, intelligence, and networks.
- Applications, workloads, and hosting closer to users and digital assets that are generating or consuming the data, which can be on-premises and/or in the cloud.
- Software-defined (which can mean the dominant use of private, public, or hybrid cloud environments; however, this does not rule out on-premises environments).
Understanding these common characteristics are essential as we move to an even further democratized version of computing with an abundance of connected IoT devices that will process and deliver data with velocity, volume, and variety, unlike anything we’ve previously seen.
Business is Embracing the Value of Edge Deployments
The primary use case of industries we surveyed evolved from the previous year. This shows that businesses are seeing positive outcomes and continue to invest in new models enabled by edge computing.
|Industry||2022 Primary Use Case||2023 Primary Use Case|
|Healthcare||Consumer Virtual Care||Tele-emergency Medical Services|
|Manufacturing||Video-based Inspection||Smart Warehousing|
|Retail||Lost Prevention||Real-time Inventory Management|
|Energy/Utilities||Remote Control Ops||Intelligent Grid Management|
|Finance||Concierge Services||Real-time Fraud Protection|
|U.S. SLED||Public Safety, Enforcement||Building Management|
A full 57% of survey respondents are in proof of concept, partial, or full implementation phases with their edge computing use cases.
One of the most pleasantly surprising findings is how organizations are investing in security for edge. We asked survey participants how they were allocating their budgets for the primary edge use cases across four areas – strategy and planning, network, security, and applications.
The results show that security is clearly an integral part of edge computing. This balanced investment strategy shows that the much-needed security for ephemeral edge applications is part of the broader plan.
Edge project budgets are notably nearly balanced across four key areas:
- Network – 30%
- Overall strategy and planning – 23%
- Security – 22%
- Applications – 22%
A Robust Partner Ecosystem Supports Edge Complexity
Across all industries, external trusted advisors are being called upon as critical extensions of the team. During the edge project planning phase, 64% are using an external partner. During the production phase, that same number increases to 71%. These findings demonstrate that organizations are seeking help because the complexity of edge demands more than a do-it-yourself approach.
A surprise finding comes in the form of the changing attack surface and changing attack sophistication. Our data shows that DDoS (Distributed Denial of Service) attacks are now the top concern (when examining the data in the aggregate vs. by industry). Surprisingly, ransomware dropped to eighth place out of eight in attack type.
The qualitative analysis points to an abundance of organizational spending on ransomware prevention over the past 24 months and enthusiasm for ransomware containment. However, ransomware criminals and their attacks are relentless. Additional qualitative analysis suggests cyber adversaries may be cycling different types of attacks. This is a worthwhile issue to discuss in your organization. What types of attacks concern your team the most?
Building Resilience is Critical for Successful Edge Integration
Resilience is about adapting quickly to a changing situation. Together, resilience and security address risk, support business needs, and drive operational efficiency at each stage of the journey. As use cases evolve, resilience gains importance, and the competitive advantage that edge applications provide can be fine-tuned. Future evolution will involve more IoT devices, faster connectivity and networks, and holistic security tailored to hybrid environments.
Our research finds that organizations are fortifying and future-proofing their edge architectures and adding cyber resilience as a core pillar. Empirically, our research shows that as the number of edge use cases in production grows, there is a strong need and desire to increase protection for endpoints and data. For example, the use of endpoint detection and response grows by 12% as use cases go from ideation to full implementation.
Maturity in understanding edge use cases and what it takes to protect actively is a journey that every organization will undertake.
You may not realize you’ve already encountered edge computing – whether it is through a tele-medicine experience, finding available parking places in a public structure, or working in a smart building. Edge is bringing us to a digital-first world, rich with new and exciting possibilities.
By embracing edge computing, you’ll help your organization gain important, and often competitive business advantages. This report is designed to help you start and further the conversation. Use it to develop a strategic plan that includes these key development areas.
- Start developing your edge computing profile. Work with internal line-of-business teams to understand use cases. Include key business partners and vendors to identify initiatives that impact security.
- Develop an investment strategy. Bundle security investments with use case development. Evaluate investment allocation. The increased business opportunity of edge use cases should include a security budget.
- Align resources with emerging security priorities. Use collaboration to expand expertise and lower resource costs. Consider creating edge computing use case experts who help the security team stay on top of emerging use cases.
- Prepare for ongoing, dynamic response. Edge use cases rapidly evolve once they show value. Use cases require high-speed, low-latency networks as network functions and cybersecurity controls converge.
A report of this scope and magnitude comes together through a collaborative effort of leaders in the cybersecurity market.
Author Theresa Lanowitz is head of Evangelism at AT&T Business - Cybersecurity. Read more AT&T Cybersecurity blogs here. Regularly contributed guest blogs are part of MSSP Alert’s sponsorship program.