Ultimately, this month's substantial Amazon outage will be seen as a watershed event in the evolution of the cloud. The outage itself was just the right kind -- due to its length, breadth, and visibility -- that will ensure it that will have substantial, long term ramifications for how businesses rely on a single cloud provider going forward. Yet it was also just one of a series of major realizations that many Chief Information Officers (CIOs) are having right now about the cloud and its overall role in the future of IT.
Not that the cloud isn't the end-game when it comes to most IT capabilities. Far from it. The cloud in all its various forms will certainly continue to be the leading model for IT service delivery. However, the concept of what the cloud actually consists of doesn't stand still either. Both the infrastructure-as-a-Service (IaaS) and Software-as-a-Service (SaaS) industries have both grown, matured, and become so central to an extent that some of their latent strategic challenges are becoming evident at last. Estimates vary, but most of IT will move to the cloud by 2030, somewhere between 90-95%. However, this cloud won't be the public clouds we've grown up together with so far. The cloud of the next decade will be more structured and controlled, yet far more nuanced, having most likely traveled through the crucible of the current set of underlying issues that have begun to accumulate and gain our attention.
Overcoming Today's Cloud Challenges to Unlock The Future of IT
For now though, a confluence of critical factors are converging to make the CIO tread with considerably more care when it comes to adopting cloud. Most of these factors aren't a major surprise by themselves. However, it's their growing urgency to address that collectively that is gaining the attention of top-level IT leaders. Here are the top issues with cloud in my conversations with IT executives over the last two years:
- The diaspora of enterprise data out to the cloud. SaaS is especially problematic in this regard, storing data in commercial and private clouds usually outside the control of IT and in often entirely uncertain locations. But far from gaining growing influence over enterprise data as hoped, the CIO is finding the cloud is greatly complicating master data strategies and other vital strategic efforts. These include creating a single view of the customer, developing seamless customer experiences across IT silos, and supporting analytics/artificial intelligence (AI) efforts, which are all fueled by ready open access to data, particularly across IT applications. Having APIs and microservices certainly helps, but they are still not consistently offered or readily amenable to many use cases. The reality is that cloud is still proliferating faster for most of IT departments than they can fully reach the data stored in it. CIOs are increasingly looking at platform-based solutions to this problem, most notably customer data platforms in the short term.
- Commercial clouds have evolved and proliferated beyond ready manageability. If one thing was apparent from Amazon's re:Invent confab this year, is that clouds are becoming highly sophisticated and complex in their overall offerings. In the attempt to provide all the major types of capabilities customers might want, the result has been that commercial clouds are offering 5-10 different types of database services, myriad analytics tools, and many flavors of machine learning (ML) capabilities in an attempt to be everything to the market. Amazon alone offers over 450 instance types for its popular EC2 compute service, for example. This complexity, which I've cited as the prime challenge for IT today, is exacerbated by cloud services that continue to add new capabilities without refactoring or reconciling them in some way. It's not even clear that simplifying commercial cloud services can be done, given the extent that customers depend on legacy cloud APIs/services. So we are now witnessing the first major accumulations of technical debt at the hyperscaler level. This will begin to favor new cloud entrants with cleaner, fresher product architectures.
- Big bets on a primary commercial cloud are creating lock-in, preventing differentiation, and creating fragility. Many organizations are still taking the primary vendor route, selecting one major cloud provider for much or most of their needs. The hope is this will make staff education, customer support, vendor accountability, and costs easier to manage. But in reality, what I'm hearing from CIOs is that this isn't helping them as much as they hoped. The strategy is also bringing with it equally challenging downsides, including overcommitting to one provider that isn't able to respond in kind. Another key factor is that many higher order cloud services have different strengths/weaknesses, so one cloud is not usually going to be the answer in the areas of the business with competitive impact. Thus the favored cloud vendor approach does not provide a differentiated edge against business competitors. It also contributes to creating an unhealthy monoculture of cloud vendors. Multicloud and cross-cloud have emerged has approaches to cope with the challenges of overreliance on single cloud vendors, and indeed, cloud proliferation of all kinds.
- Cloud is the vector for most cybersecurity attacks. Because it connects companies to the rest of the world, the public cloud is the source of most concerted cyberattacks, and so IT leaders are now starting to question their relatively open connection to the Internet in some cases. Companies are beginning to address this more systematically with strategies like zero trust, but the fact remains that the fast growing costs of dealing with cybersecurity and ransomware are largely due to the cloud. A reckoning is coming, and most organizations will be more carefully, deliberately, and purposefully connected to the cloud in the near future. This will limit some of the cloud's value creation potential and the pace of adoption/transformation, but make it safer to use.
- With edge, cloud is sprawling everywhere. One of the hottest trends in cloud is the current focus on edge networks, edge computing, and associated value-add services. With edge, the cloud can be put wherever it needs to be, avoiding the disadvantages of being overly centralized whenever it makes sense. But edge will also be the most varied and heterogenous part of the cloud. This is anathema when it comes to the seamless, homogenous fabric that is often touted as one of the cloud's signature advantages. The edge is bringing back proprietary hardware, local devices, new stacks, and very differnt techniques, most notably including having customers deploying their own hardware. While cloud providers are trying to preserve the pay-as-you-go nature of cloud in their edge offerings, the model will inevitably blur and look more like on-premises again. Put simply, the edge is significantly complicating how the CIO manages their cloud footprint, even as it offers more choice. This is creating demand for ever more specialized, and therefore rarified, skills within IT that can successfully architect, design, and operate cloud solutions with edge-based elements, further straining already very limited cloud talent availability.
- Subscription costs are painful as they grow as an overall share of IT. One of the complaints about the cloud I hear most often from CIOs is that fact that subscription costs are so much higher than paying traditional maintenance fees. "It feels like I'm paying for everything all over again every year", is the common refrain I hear, even as this view neglects the reality of shedding most capital expenditures in the calculus. This year's cloud spend consumed an average of 10% of enterprise IT budgets, and will grow to 15% or more by the middle of the decade. However, with some estimates putting current cloud prices at 10-12 times what it costs for a cloud provider to deliver the service if IT moved it on-premises, there is growing pressure from all quarters, from the CFO to the end-customer, to reduce ever-expanding cloud costs, often with hybrid cloud or tier 2 cloud service providers (CSPs.) There are many indications that discount cloud providers are gaining in populariy for non-critical use cases.
- Geopolitical issues with cloud providers loom. With China actively blocking many overseas cloud endpoints and Europe experimenting with Gaia-X with mixed success with own region-centric offering, many governments and a number of overseas CIOs I talk with are nervous about having all their eggs in one specific commercial basket. The provisions of the Cloud Act in the United States are also quite problematic for many global cloud customers, making regional tier-2 cloud service providers an attractive prospect in my experience. Although many organizations would prefer access to the richer tools and services of the leading hyperscalers -- which are also making their runtimes and SDKs more cloud-neutral all the time anyway -- in practice they are rarely adopting a significant percentage of them. But the fundamental issue is that cloud has become a key source of supply chain risk today. This means true, real-time multi-cloud management is now necessary, as well as ensuring compliance with various regional regulations and governing rules. The key takeaway: All it takes to change the cloud landscape quite quickly is the stroke of a government pen, geopolitical shifts in the wind, or a sudden industry push for more regulation-friendly clouds, regionally-sourced cloud services, or cloud providers that are more compliant with important corporate social responsibility measures, like sustainability. CIOs must prepare themselves for rapid switching to new cloud providers.
Taken together, cloud is becoming a top-level challenge to manage, evolve, and readily cope with incoming turbulence in the operating environment. This is true even as commercial clouds -- public, private, hybrid, and edge -- continue to offer an ever-wider range of virtually impossible benefits to ignore, including agility, scale, elasticity, and reduction in capital expenditure, along with the architectural and application development models of the future.
Preparing for the Next Strategic Revolutions in Cloud
Just as CIOs are getting their IT portfolio adjusted for the coming post-pandemic era, there is the wave of cloud innovations that are about come, beyond today's leading topics of multicloud, edge, and cloud-native, and which no one knows with certainty but are likely given the developments above:
- Industry clouds. So far industry-specific cloud formulations have had less impact than hoped, but mostly because the right offerings have been slow to arrive. Yet industry-focused clouds now stand to be on the big growth stories of the decade in bringing vertical-ready solutions to accelerate digital transformation. While clouds for specific industries used to be more talk than realization, major advances are now being made, with a solid example being the Microsoft and SAP partnership to deliver SAP supply chain solutions through Microsoft Cloud for Manufacturing. Industry clouds are bringing ready-to-run, pay-as-you-go solutions much closer to the average business in an impactful way, and will become a much larger part of the cloud market in the coming decade.
- Cloud coalitions. Similar to industry clouds, many cloud companies are themselves increasingly partnering to create offerings they could not themselves offer alone. The IBM spinoff of Kyndrl is currently pursuing a form of this strategy for example, with Microsoft and VMWare. Non-competitive tier-2 cloud providers are also building colaations to take on hyperscalers in emerging niches for example, including streaming, hyperlocal compute/storage, gaming, and crypto/DeFi.
- Cloud/edge brokers. The sheer scale of providers of regional cloud and edge services is overwhelming and inherently hard to serve well by the hyperscaler cloud firms. Demand for more distributed cloud services/providers is leading to an emergence of new solutions such as Edgevana, which can provide centralized, convenient, and efficient access to highly decentralized providers of data centers and edge presence.
- Sustainable clouds. Corporate social responsibility policies and governance in general is going to further partiion cloud offerings into additional categories of those that can meet the requirements, and those that can't. While not always entire new vendors or offerings, cloud providers will increasingly be asked to provide classes of cloud service that fully comply with their Environmental, Social, and Governance (ESG) mandates in distinct ways that will open competition to new entrants.
- Geo-clouds. By the end of the decade, it's possible that future geopolitical events will require that commercial clouds be more sharply defined by the physical boundaries of where they are allowed to provide service. Global instability and regional events of major significant between nation states may meaningfully disconnect many organizations from their historical cloud providers of choice. In addition, new laws, regulations, and/or other practical factors may require organizations to procure cloud service within specific national/regional boundaries or with pre-certified providers. CIOs must be prepared for this evenuality, and thus investment in robust muliticloud management capabilities in coming years will go a long way towards mitigating this risk
- Metaverses. The rise of cloud-centric virtual worlds with their own currencies, economies, digital assets, and communities is going to entail major commercial investment in unique individual market offerings that combines the necessary compute, digital experiences, data, blockchains, and payments into compelling virtual worlds. These will be distinct clouds in their own right, with identities, capabilities, and differentiation that will exist in the form of digital autonomous organizations and other structures, even if they are often new offshoots of existing cloud estates from the major vendors in practice.
As usual in the tech industry, the changes ahead of us over the next decade will be greater than what we've already experienced in the last several. In many cases we are still working at the fundamentals. Most organizations are simply having a difficult time matching their tech velocity with the cloud, which is still evolving more rapidly. The CIO must now develop effective cloud strategies with matching capabilities (talent and resources) that can map out a changing path forward while effectively managing and hedging the much more contractual as-a-service model. Just managing cloud contracts today can require as much support from the legal team as from IT staff. Developed an overarching and integrated cloud strategy is vital in a time with so many external providers (IaaS, PaaS, and SaaS), combined with all the other factors above. For many IT leaders, genuine cloud agnosticism will become a core strategy across cloud operations, management, and automation. Data must be relentlessly drawn back into the positive control of organizations, with the recognition that some low criticality data may never be reachable.
However, perhaps most of all, the CIO in 2022 will need to better develop their plans around strategic concepts like price arbitrage, complexity management, lightweight innovation/pathfinding, integrated operations, disaster recovery, and vendor dependencies in a way they've never quite had to before. In a healthy rebalancing, it's quite likely that hybrid cloud will be become more important than in the recent past for some organizations that now realize they have more mission critical elements running in the public cloud than they would now like. So too will the long neglected topic of workload versaility rise in importance. Containerization and adoption of serverless where possible will also become even more vital to cloud strategy next year, as the ability to move workloads among commercial clouds will finally get the attention it's long deserved.
Many CIOs next year will now manage their cloud estates in a more portfolio-like manner, while driving unnecessary dependencies and vendor commitments out of the mix whenever possible. This will result in a more resilient and vibrant cloud ecosystem for most organizations. It will also increase competition among cloud vendors while increasing choice for customers. Or at least that is the direction that cloud in the enterprise should be headed.
Additional Reading
A Blueprint for a Post-Pandemic CIO Playbook
Observability Lessons Learned From the AWS East-1 Outage
Is Anthos the edge Google needs in enterprise cloud? | ZDNet