Emerging Technology Trends to Watch in 2019

Posted on

By Liz Young, Marketing Coordinator

I recently hit up one of our visionaries here at Evolving Solutions, our CTO, Michael Downs, to get his take on the technological trends we can expect to see in the coming year.  Michael evaluates emerging and disruptive technologies.  He brings together the real-world experience our team possesses to help our clients implement solutions that are agile, offering as much longevity as technology allows.

He offered some really great insight on some pretty cool emerging technologies and I had to share three of them because I think they are something to look forward to.


IT Automation is the trend that keeps coming back. We’ve been talking about IT automation for decades, but it has taken on increasing relevance with most infrastructure now able to be treated as code for deployment and changes. This has allowed developers to integrate the development automation they already created with deployment automation for infrastructure.

The rise of both containers and “server-less” application development models have made automation required. Managing a container that might only run for less than 30 seconds before it’s deleted simply can’t be managed with more traditional manual processes.


After several years of crypto currency hype and over-promise for solving every enterprise problem, some practical and realistic implementations are starting to emerge.

In spite of the reputation for Blockchain supporting interactions between completely untrusting, anonymous parties, the “permissioned Blockchain” model, where the participants are known is showing significant promise for enterprise use cases.

Deriving value from enterprise Blockchain implementations usually necessitates a consortium. We recommend you identify others in your industry or value chain who would also benefit from a shared ledger and work with them on use cases.

Quantum Computing

Undoubtedly the most futuristic and uncertain area of emerging technology. Tremendous energy and time is being spent on Quantum Computing research by companies with the resources, capabilities and interests to achieve breakthroughs. IBM (https://quantumexperience.ng.bluemix.net/qx/experience)  and Google (https://ai.google/research/teams/applied-science/quantum-ai/) both have significant efforts and are  enlisting developers to experiment with algorithms and programming models through their respective portals and cloud based offerings.

In addition to the technical challenges related to making a commercially viable Quantum Computer, use cases that truly take advantage of the unique computational paradigm of Quantum Computing are still being developed. Physical Chemistry, cryptography and certain artificial intelligence use cases seem the most promising, but until more people outside of research laboratories begin to understand the true nature of Quantum Computing, it’s potential will remain limited.

Automation, Blockchain and Quantum Computing are just a few of the technologies that should make 2019 interesting.   I know Evolving Solutions will be watching these technologies for their potential in helping our clients solve their organizational challenges so stay tuned to our blog and social media for more!

Liz Young - Evolving Solutions

Liz is the Marketing Coordinator and is responsible for the digital/social strategy, content creation and campaign execution for Evolving Solutions. She handles all online platforms including the Evolving Solutions website, blog, LinkedIn, Twitter, etc.

Liz works with the incredibly talented sales, consultant, and architect teams to ensure we offer the best support to our clients. From creating collateral, to planning world-class events, Liz works to ensure our best foot is always forward.

With more than 15 years of marketing experience, Liz is also pursuing a journalism degree at the University of Minnesota.

Like what you read? Follow Liz on LinkedIn.

Michael joined Evolving Solutions in 2014 to develop solutions for our clients across hardware and software, both on and off premise. He brings over 18 years of creating architectures to solve complex business problems including big data, high performance computing, integration, automation and end user computing.

His broad technology, business and industry experience provides valuable perspective to our clients working to implement innovative technologies to support their success.

Like what you read? Follow Michael on LinkedIn at https://www.linkedin.com/in/mldowns/

Cyber Resilience vs. Cybersecurity: Becoming a Cyber-Resilient Organization Part 3

Posted on

By Kaustubh Vazalwar, Group Manager: Global Resiliency, IBM 

With each new technological innovation, new vulnerabilities and attack surfaces emerge for hackers to exploit. Today’s IT infrastructures are increasingly hybrid ones, with multi-vendor enterprise models that deploy various types of hardware and software to keep businesses up and running. Regardless of a cloud-based environment’s construction, however, these are environments where virtual and cloud deployments form a significant majority, and they need appropriate focus in order to achieve cyber resiliency. 

What it means to be resilient differs when you compare a traditional on-premises setup with a hybrid cloud environment. Abstraction and virtualization come into focus when cloud applications or storage services are in use. Attack techniques such as virtual machine escape, hyperjacking (malicious control of the hypervisor or underlying hardware controlling virtual machines) and flawed device drivers can expose such environments to a range of data compromises. Exposures in Industrial Control Systems (ICS) or the Supervisory Control and Data Acquisition (SCADA) environments are even more harmful, as they can have a direct impact on human life and require strict controls. 

Cyber resiliency for hybrid IT 

When mitigating risks in a cloud environment, maintaining visibility into the flow of data and other information across all layers is critical, keeping in mind possible gaps like unnecessary services, vulnerable APIs and deficiencies in backup and disaster recovery solutions. 

Some of the most important defense techniques include: 

Evaluating, reducing and controlling your attack surfaces. Control and reduce your attack surface and overall exposure by applying principles of continuous review, defense in depth, controlling the number of trusted nodes in the system, multiple layers of countermeasures, reduction in the number of open ports and services and implementing least privilege. 

Early application of resiliency principles in the life cycle. Resiliency considerations should be integral to the scoping, design, build and testing phases in the Systems Development Life Cycle (SDLC). Early review and application of security and resiliency principles makes the overall approach proactive in nature and reduces the effort of securing the system long term. Working reactively to close vulnerabilities later is almost always more expensive. 

Key functional controls. Key functional controls — such as continuous application behavior review, technical and functional segmentation within the infrastructure, management of persistent data, identity and access management and establishing a clear trust criteria as a base for effective privilege management — are key to ensuring data is not compromised, especially in hybrid environments. 

Dependency analysis. Review and analyze configuration, as well as upstream and downstream data flow. This will help you determine potential single points of failure, vulnerable exploitation targets and possibilities of privilege escalation due to access so you can strengthen disaster recovery protocols, improve your backup environment and identify the critical human resources involved in the cyber event response chain. 

Community intelligence. In an era when technology is continuously changing and advanced persistent threats are always findings new ways to evade technical and nontechnical controls, including user controls, it’s important to keep a watch out for inputs from the industry to see which new trends and countermeasures are being deployed. 

Advancements in technology enable organizations to use automated and intelligent cross-platform tools that can significantly reduce the time and manual overhead of failover and failback. They can also help create golden images of data for efficient recovery after a cyberattack and provide continuous monitoring of the backup and disaster recovery environments. 

Becoming and staying a cyber resilient organization is not just an abstract IT or management function in isolation. Rather, it starts with people and their grasp of the IT environment in which they find themselves. Speed of response and a proactive, risk-based approach are key. Weighing cost, time and effort against business impact will help organizations choose the right defense measures that fit their needs. 

Every organization rightly has IT experts who are responsible for the day-to-day efforts of operating the hardware, software, facilities and devices that help drive an organization towards its business objectives. But to achieve cyber resiliency, everyone must have a stake in keeping their organization available, secure and productive. This is not a burden or distraction — I see it as a fantastic opportunity, and I hope all business leaders and teams will embrace it for the common good. 

Cyber Resilience vs. Cybersecurity: Becoming a Cyber-Resilient Organization Part 2

Posted on

By Kaustubh Vazalwar, Group Manager: Global Resiliency, IBM 

One of the fundamental questions most people have when they first learn about cyber resilience is, “How does being cyber resilient differ from cybersecurity?” To answer this, we need to understand how the principles of resiliency differ from those of security. 

The defining principles 

Security principles primarily focus on: 

  • Defense in depth — or creating multi-layer defenses within IT infrastructure. 
  • The principle of least privilege — or limiting access to IT systems to relevant parties. 
  • Identifying and isolating threat areas. 
  • Processes and measures for continuous protection of systems, networks and data. 

The principles of resiliency, on the other hand, look at enterprise-wide risk factors: 

  • Create simplicity in design and implementation. 
  • Continuously review critical assets, attack surfaces and evolving technical and nontechnical risks. 
  • Identify critical process and functional impacts, and implement redundancy and defense measures at each step. 
  • Focus on the technology and human aspects of end-to-end business continuity. 
  • Enterprise-level risk management and IT governance. 

Ensure business continuity 

While these principles are related in many ways, the overall goal of cyber resilience is to ensure continuity of business by being more proactive in an environment where advanced persistent threats are continuously maturing and evolving. 

Why is this differentiation so important to understand? Because it requires a fundamental change in mind-set to adopt a risk-based approach. Organizations have to look beyond firewalls, IP/IDS, security operations centers or anti-virus control to ask deeper, enterprise-wide questions, such as: 

  • Does our organization have senior management approval and a defined, long-term budget to address cyber resilience requirements at every level? 
  • Is there an enterprise risk management program in place, in conjunction with IT security and disaster recovery colleagues? Are the right resources defined to implement and manage that program? 
  • Has the organization identified all of our critical resources and the business impact of their potential downtime? Are regular risk reviews, tests of failure scenarios and contingency plans being conducted? 
  • Is the organization’s disaster recovery and backup plan fail-safe? Do these plans comply with recovery time objectives, recovery point objectives, service-level agreements and other regulatory requirements? 

In today’s global economy, things like international supply chains need cyber resilience plans to secure the IT environments that facilitate transactions, above and beyond standard IT security measures. Properly evaluating the potential risks, monitoring hardware and software across multiple vendors and geographies and ensuring transaction data privacy builds trust between buyers and sellers, elevates standards across the board and creates a more fair and productive marketplace for any industry. 

Cyber resilience represents a new way of doing things in the always-on era. When organizations consider every possibility and test for any contingency, they are doing a great service for themselves and their clients. Cyber resilience encourages new innovation, empowers employees to do their jobs with confidence and elevates an organization’s standing among clients and competitors.