Tiho Saric, Senior Sales Director Gigamon, stellt vier Top-Trends für 2025 vor und wirft die Frage auf, ob Cloud First out ist. | Tiho Saric, Senior Sales Director at Gigamon, presents four top trends for 2025 and asks if cloud first is out. |
Während das vergangene Jahr von komplexen IT-Umgebungen geprägt war, in denen die Gefahr von Blind Spots besonders hoch ist, stechen für 2025 vor allem vier Trends und Herausforderungen hervor. So ist Cloud First für viele Unternehmen nicht mehr zwangsläufig das erstrebenswerteste Netzwerkmodell, kritische Infrastrukturen rücken 2025 in den Fokus der IT-Sicherheit und die Überwachung von KI-Daten wird immer wichtiger.
Steht das Ende der Cloud-First-Strategien bevor? Unternehmen werden einen nicht unerheblichen Teil ihrer Workloads wieder stärker in Richtung On-Premises verlagern. Sie werden jedoch nicht vollständig zurück migrieren, sondern die Cloud parallel zu lokal gehosteten Anwendungen und Daten nutzen. Der Grund für diesen offensichtlichen Sinneswandel ist einfach: Kosten. Aufgrund unternehmensweiter Kosteneinsparungen rechnen viele CIO/CISO auch in ihrer Abteilung mit einem niedrigen Budget – wenn nicht sogar mit Kürzungen. Leider ist der Betrieb einiger Workloads in der Cloud recht kostspielig, vor allem wenn ein großes Datenvolumen und/oder hoher Traffic involviert sind. Diese erweisen sich oftmals als günstiger, wenn sie on-prem laufen. Daher werden Unternehmen verstärkt abwägen, welche Workloads sie wo betreiben. Zwangsläufig wird sich dadurch im kommenden Jahr das Hybrid- und Multi-Cloud-Modell als präferierte Umgebung durchsetzen.
Bei allen vier Trends stellt sich für Entscheider automatisch die Frage: Wie können wir in den jeweiligen Szenarien für Sicherheit sorgen? In allen Fällen läuft es auf die gleiche Antwort hinaus: umfassende Sichtbarkeit bis auf Netzwerkebene (Deep Observability). Ohne sie:
Daher wird Deep Observability im kommenden Jahr eine noch größere Rolle spielen als bisher. Ein entsprechender Ansatz sorgt unabhängig von Umgebung und Quellen für den vollen Durchblick und gleichzeitig für mehr Sicherheit. |
While the past year has been characterized by complex IT environments where the risk of blind spots is particularly high, four trends and challenges stand out for 2025. Cloud first may no longer be the most desirable network model for many organizations, critical infrastructure will be the focus of IT security in 2025, and monitoring AI data will become increasingly important.
Is the end of cloud-first strategies imminent? Enterprises will move a significant portion of their workloads back to on-premises. However, they will not migrate back completely, but will use the cloud in parallel with locally hosted applications and data. The reason for this apparent change of heart is simple: cost.
Due to company-wide cost-cutting, many CIO/CISOs are expecting their department’s budget to be low, if not cut. Unfortunately, some workloads are quite expensive to run in the cloud, especially if they involve large amounts of data and/or traffic. These workloads are often cheaper to run on-premises.
As a result, organizations will increasingly evaluate which workloads to run and where. Inevitably, the hybrid and multi-cloud model will become the preferred environment in the coming year.
Next March, tens of thousands of German companies should mark their calendars in red. This is because the NIS 2 Implementation Act is very likely to come into force that month. The EU-wide directive is intended to strengthen both cybersecurity and resilience in the member states, with a focus on critical infrastructure operators (KRITIS). Among other things, NIS 2 requires companies to conduct a comprehensive risk assessment and manage vulnerabilities with appropriate measure
All companies with at least 50 employees, a turnover of at least ten million euros or operating in the 18 defined sectors will have to comply.
As ambitious as this plan is, the imminent implementation of the law could be a reason for cyber actors to really push the envelope in the coming months. There is an increased risk of KRITIS companies – especially in the healthcare, financial, energy and water supply sectors – falling victim to ransomware attacks, for example.
Operational technology (OT) is often neglected when it comes to security. Yet OT environments, with their growing complexity and connectivity, represent a particularly attractive cyber attack surface: Industrial companies are constantly adding new systems, components, processes, and data streams to their operations. These typically share a network infrastructure, increasing the risk that cybercriminals can hit multiple targets with a single attack. At the same time, the boundaries between OT and IT systems are becoming increasingly blurred. As a result, attacks on IT can quickly spread to the OT environment.
This trend will continue in the coming year. It is therefore high time for industrial companies to take action to protect the complex network surrounding OT. However, this does not mean that IT security precautions can be applied to OT environments. For example, a zero-trust architecture and effective identity and access management are sensible solutions. But they require complete visibility into all network devices, access rights, and data flows. A comprehensive visibility approach enables real-time monitoring, uncovers security gaps, and protects against unauthorized access to IT and OT systems.
Many organizations jumped on the AI bandwagon relatively early, eager to reap the benefits. However, the issue of security often received little attention during (and after) implementation. Organizations must now catch up. They need to implement a comprehensive security strategy for AI-based applications and urgently create more transparency for already integrated AI solutions.
For example, it is now clear that AI solutions depend on (real-time) data streams from many different sources. Otherwise their results will be rather poor. They typically access different systems via APIs. However, many companies do not know exactly which data the AI consumes and which it spits out. This uncertainty is what makes monitoring AI data so important in 2025-especially when companies generally lack visibility into data traffic.
With all four trends, the question for decision-makers automatically arises: How can we ensure security in each scenario? In all cases, the answer is the same: comprehensive visibility down to the network level (deep observability).
Without it: – Organizations lack visibility across workloads that span multiple environments and network boundaries. Few security tools work both on-premises and in the cloud. – Organizations cannot perform full risk assessment or comprehensive vulnerability management. – They cannot fully monitor AI data streams.
Deep observability will play an even greater role in the coming year. A deep observability approach will ensure complete visibility and greater security, regardless of the environment or source. |
Dr. Jakob Jung ist Chefredakteur Security Storage und Channel Germany. Er ist seit mehr als 20 Jahren im IT-Journalismus tätig. Zu seinen beruflichen Stationen gehören Computer Reseller News, Heise Resale, Informationweek, Techtarget (Storage und Datacenter) sowie ChannelBiz. Darüber hinaus ist er für zahlreiche IT-Publikationen freiberuflich tätig, darunter Computerwoche, Channelpartner, IT-Business, Storage-Insider und ZDnet. Seine Themenschwerpunkte sind Channel, Storage, Security, Datacenter, ERP und CRM.
Dr. Jakob Jung is Editor-in-Chief of Security Storage and Channel Germany. He has been working in IT journalism for more than 20 years. His career includes Computer Reseller News, Heise Resale, Informationweek, Techtarget (storage and data center) and ChannelBiz. He also freelances for numerous IT publications, including Computerwoche, Channelpartner, IT-Business, Storage-Insider and ZDnet. His main topics are channel, storage, security, data center, ERP and CRM.
Kontakt – Contact via Mail: jakob.jung@security-storage-und-channel-germany.de