Tag: ITS

Services Industry Growth is Bottoming Out, but How Much Does It Matter? | Blog

The latest Forces & Foresight™ research by Everest Group highlights the beginning of a turnaround in the services industry’s growth. However, the significance of this recovery is unexciting, as balancing forces exist that both impede and support industry growth. How a service provider aligns with the right set of forces will become key to competitive success. Read on to learn about the necessitating strategic foresight and tailored approaches for industry players to thrive in the post-downturn landscape.

In my last blog, Driving Factors for IT Services Recovery in 2024: Insights from Everest Group’s Forces & Foresight™ Research, I highlighted three forces fueling our services industry growth turnaround foresight. We are seeing more points of evidence validating those. Let’s revisit these forces and their progression:

  1. Stabilizing base – We spoke about seeing a pause in deteriorating demand trends. The turnaround in growth (see Exhibit 1) and forward-looking views of service providers validate this thesis
  1. Fixing revenue leakage – We noted signs of stabilization in leakage, such as bookings not commensurate with revenue. While the differential still exists, we are seeing more confidence in service providers. Almost all the growth guidance estimates are dependent on the booked business translating to revenue over the next 12 months
  1. Pockets of additional growth – As previously highlighted, cybersecurity, ER&D, and data and analytics continue to thrive. For instance, cyber security players like Zscaler have surpassed expectations, leading to upward revenue projections

Slide1 1

Turnaround is a given, but does it really matter so much?

As we outline our growth outlook in the next Forces & Foresight edition, we roll forward our forecasts to the next 12 months (ending March 2025). From this analysis, we have narrowed down two convictions:

  1. The IT services industry will see a turnaround in growth
  2. In the absence of an extraordinary event, we expect the magnitude and speed of this turnaround to be “unexciting” (unlike comebacks in previous downturns)

 

The reason for this unexciting recovery is that the magnitudes of industry forces, supporting and impeding the industry growth, are roughly equal, as portrayed in Exhibit 2.

Exhibit 2

Forces impeding services industry growth Forces supporting services industry growth
Over-influence of macro sentiments on services spend

Spend cautiousness will impact quick and big pickup in major segments like BFSI despite any signs of turnaround

Enterprise confidence levels are still far from promising pickup in discretionary spend

Elongated durations of large contracts don’t allow for high ACV contributions

 

North America is showing recovery, driven by a notable turnaround in Hi-Tech spend resilience in the public sector and energy

Less matured geos are playing a strong role in the industry growth contribution

The new wave of productivity demand is providing better avenues vs. strict cost-cutting on volume and pricing

Newer revenue streams are playing out (e.g., net expansion in GIC-generated revenue)

Our inference from the balance of these forces is that, while the positives will outdo the negatives, the latter are sticky and emerge from a somewhat changing psychology of demand – a topic we are consciously tracking. This stickiness negates a euphoric pickup in services industry growth, which was observed in previous downturns (we presented these in our previous blog).

As we mentioned, the industry will be an interesting mix of performance of segments and providers based on their portfolios and part of trajectories. Simply put, segments and providers that could be at a higher risk of longer recovery cycles are the ones with heavier exposures to (a) discretionary revenue, (b) negative geo-specific dynamics, and (c) non-flexible delivery and commercial models.

Things are not so straightforward

The devil lies in details. Every segment has its own set of near-term palpable possibilities as well as challenges. Take the example of banking, financial services, and insurance (BFSI). On the one hand, it is the most severely impacted segment (Exhibit 3), with the future seemingly still tied to economic events like rate cuts. On the other hand, we are seeing signs of tech spend pickups by banks. For example, tech and comms spend by major banks is on the rise, and small deals are picking up in BFSI, as evidenced by small service providers’ performances in this segment. See Exhibits 4 and 5.

In our Forces and Foresight research, we are conducting a detailed analysis on each of the major geo and vertical segments with the aim of uncovering the not-so-obvious aspects that contribute significantly to their forward-looking direction of growth. We are also linking those to segment and industry-wide forecasts.

Slide2 1

Slide3 1

Slide4

Implications for market participants

One would need to work harder to earn their position coming out of this downturn, as industry forces will be less kind than in previous downturns.

A (somewhat) naïve implication for service providers would be to put focus on high-growth potential areas of services. We call it naïve because portfolio changes and decisions can’t be made overnight, leave apart the actual portfolio change. Coming out of this downturn, a well-defined playbook will be instrumental in navigating these changes. A simplistic model could include steps such as:

  1. Classification of parts of portfolios (verticals, capabilities, geos, customer size, and type of deals) by demand recovery cycles
  2. Sales focus on the quick recovery segments and immediate results-generating areas (like GICs)
  3. Having account-specific playbooks – mining vs. new accounts
  4. Investment focus on longer-term (but promising) recovery areas

 

Such playbooks have been the reason why every downturn creates a distinct separation between the new set of winners and the rest of the industry. And with the unique set of challenges associated with this downturn, the winners will need to work much harder than before. Learn more about Forces & Foresight™, or reach out to Prashant Shukla to discuss further at [email protected].

Sustainability Enablement Technology Services PEAK Matrix® Assessment 2024

Sustainability Enablement Technology Services

In today’s business environment, sustainability has evolved from a mere buzzword to a vital imperative for enterprises across diverse industries. This shift is driven by escalating concerns over climate change, resource scarcity, and social disparities, compelling businesses to lessen their environmental footprint and actively contribute to societal well-being. To address these challenges, sustainability enablement technology and services have become indispensable tools, providing instrumental solutions to navigate the complexities of sustainability initiatives. These technologies encompass various applications, including renewable energy, supply chain optimization, and waste reduction strategies.

Despite the growing recognition of sustainability’s significance, enterprises face significant hurdles in integrating sustainable practices into their operations. The lack of tangible market proof points, coupled with the ongoing evolution of standards and best practices, presents a formidable challenge to decision-making. Enterprises struggle to identify partners that can meet their immediate sustainability needs while aligning with long-term strategic goals. Successfully navigating this complex landscape requires careful deliberation and informed decision-making. Enterprises must select partners that provide innovative solutions and demonstrate a dedication to sustainability principles and values. By doing so, businesses can effectively navigate sustainability challenges while driving positive environmental and social impact.

Sustainability Enablement Technology Services

What is in this PEAK Matrix® Report

In this report, we explore the current state of the sustainability enablement technology services market, examining the trends and key drivers shaping demand-supply dynamics. The report also provides a detailed analysis of the sustainability-enabling capabilities of 24 providers based on their service focus, key Intellectual Property (IP) / solutions, domain investments, and demonstrated market proof points.


Contents: 

In this report, we:

  • Explore the sustainability enablement technology services market
  • Examine the key factors and technologies shaping the sustainability enablement technology services market
  • Outline our perspective on buyer adoption trends and explore 24 sustainability enablement technology service providers’ capabilities

Scope:

  • All industries and geographies
  • This assessment is based on Everest Group’s annual RFI process for the calendar year 2024, interactions with leading sustainability enablement technology service providers, client reference checks, and an ongoing analysis of the sustainability services market

Related PEAK Matrix® Assessments

Sustainability Enablement Technology Services
PEAK Matrix®

Sustainability Enablement Technology Services PEAK Matrix® Assessment 2024

Task Mining
PEAK Matrix®

Task Mining Products PEAK Matrix® Assessment 2023

Net Zero Consulting
Media

Net Zero Consulting Services PEAK Matrix® Assessment 2023

Identity and Access Management
Media

Identity and Access Management (IAM) Services PEAK Matrix® Assessment 2023

Our Latest Thinking

Call to Action for GBS Leaders to Unlock More Value from Their ESG Initiatives
Market Insights™

Call to Action for GBS Leaders to Unlock More Value from Their ESG Initiatives

How Sustainable Engineering is Shaping a Responsible Future - 1200x628
Events

How Sustainable Engineering is Shaping a Responsible Future

Designing Agile Procurement Operating Models for Maximum Value and Innovation
Events

Designing Agile Procurement Operating Models for Maximum Value and Innovation

Olympics image
Blog

Greening the Games: Sustainability at the Paris Olympics 2024

What is the PEAK Matrix®?

The PEAK Matrix® provides an objective, data-driven assessment of service and technology providers based on their overall capability and market impact across different global services markets, classifying them into three categories: Leaders, Major Contenders, and Aspirants.

LEARN MORE ABOUT Top Service Providers

The State of Generative AI in the Retail and CPG Industry | Webinar

on-demand webinar

The State of Generative AI in the Retail and CPG Industry

In today’s competitive retail and CPG landscape, businesses face pressing challenges, from fluctuating consumer preferences to operational complexities. Generative AI (gen AI) presents a crucial solution, enabling rapid product innovation and enhanced operational efficiency. Adopting gen AI is now essential for companies aiming to stay ahead, and the conversation has shifted from “where can gen AI work” to “where is gen AI working?”

This webinar offered buyers and service providers valuable insights into real-world use cases where pilots progress to full production, key challenges, and the enterprise playbook around AI governance.

What questions has the webinar answered for the participants?

  • What are the use cases in the industry where gen AI adoption is moving from pilot to production?
  • What is the impact realized from the adoption of gen AI?
  • What are common challenges while scaling gen AI adoption?
  • What are the key business, technology, and sourcing implications of different regulations in North America and Europe around gen AI?

Who should attend?

  • CIOs, CTOs
  • IT/BPO strategy and department heads
  • Heads of outsourcing
  • Procurement managers
  • Global sourcing mangers
  • Vendor managers
  • Senior marketing executives
Partner
Mundra Abhishek 1
Practice Director

The Rise of AI Developers – How Devin and other Autonomous AI Agents will Reshape Software Development | Blog

Cognition AI’s Devin and other autonomous AI agents are poised to revolutionize software development. Read on to explore Devin’s features and benefits, the impact of AI developers on IT services delivery, and the challenges that accome with moving into the age of intelligent software development. Reach out to learn more about this topic.

The world of software development is on the cusp of a paradigm shift. Cognition AI’s launch of Devin, the first fully autonomous AI software engineer, marks a significant leap forward in AI capabilities. Devin and other AI agents promise to transform how software is built and profoundly impact the IT services industry. Let’s explore this further.

What can Devin do?

Devin is different from your average coding assistant. This AI agent can independently plan, execute, and complete complex software engineering tasks. For example, if Devin were given a problem statement to build a website with specific functionalities, it would:

Craft a step-by-step plan: Break the project down into manageable tasks, considering factors like technology stack, user interface design, and API integrations.

Develop the software: Write code, handle errors, and build the core functionality using tools familiar to human engineers, such as code editors and debuggers.

Deploy the solution: Deploy the website it built on a server and ensure user accessibility.

This level of autonomy is groundbreaking. While Devin might still require human oversight for complex projects or strategic decisions, its ability to handle entire workflows independently opens a new frontier in software development.

What does it mean for software development?

The advent of Devin AI marks a significant leap in the software development process. This transformative technology heralds a future where AI can undertake intricate coding tasks, driving numerous benefits.

Below are some potential benefits of AI developers:

Increased Productivity: Repetitive tasks like coding basic functionalities or fixing bugs can be automated, freeing human developers for more creative and strategic work.

Reduced Development Time: AI handling of routine tasks can significantly shorten development cycles, allowing companies to bring products to market faster.

Democratization of Development: AI tools could empower non-programmers to build basic applications, fostering innovation and citizen development.

Picture1 5

Concerns with AI developers

However, it is important to remember that Devin AI doesn’t have all the answers yet, and many unknowns must be addressed. Below are a few concerns surrounding Devin AI:

Infrastructure Requirements: The infrastructure required to run Devin may prove to be a limiting factor for its adoption.

Security and Compliance: Security, governance, and regulatory compliance factors can significantly influence the applicability of Devin across use cases.

Pricing Uncertainty: Cognition has not released any information about the potential price points for Devin AI.

What does it mean for the IT services industry?

The rise of AI developers presents both challenges and opportunities for the IT services industry that will affect the following dimensions:

Shifting Skillsets: Demand for traditional coding skills may decrease as AI handles routine tasks. However, the need for skilled professionals who can manage AI tools, design complex systems, and ensure security will rise.

Evolving Service Offerings: IT service providers must adapt their offerings to leverage AI development tools. This could involve offering AI-powered development platforms, AI integration services, and expertise in managing human-AI collaboration.

Focus on Consulting and Strategy: As the technical aspects become less labor-intensive, IT service providers can focus on higher-value services like consulting, project management, and providing strategic guidance on AI adoption.

Picture2 5

The road ahead

Devin’s arrival is just the beginning. As AI capabilities continue to advance, even more sophisticated development tools and agents will emerge. Leading IT services providers that embrace this change, invest in workforce reskilling, and leverage AI effectively will be well-positioned to thrive in the age of intelligent software development.

This shift will not be without its challenges. Ethical considerations about AI bias and potential job displacement need to be addressed. However, the potential benefits of AI development are undeniable. As we move forward, embracing collaboration and fostering a human-AI partnership will be crucial to unlocking the full potential of this exciting new frontier.

To share your thoughts and discuss our research on the future of software development and the rise of AI developers, please contact [email protected] or [email protected].

Watch the webinar, AI-driven Sourcing: Discover the Best-in-Class Features in Autonomous Sourcing Tools, for insights into the complex technology landscape of autonomous sourcing tools and the various functionalities autonomous sourcing tools offer across the sourcing workflow.

Boosting Project Readiness in Technology Talent: A Comprehensive Framework for Developing Project-Ready Workforce | Blog

To combat the technology talent shortage and improve project readiness, technology firms are investing in comprehensive initiatives across the talent management value chain, including learning and development platforms, niche partnerships, and other strategies. Explore how Everest Group’s 3A framework can help firms assess, acquire, and activate project-ready talent at scale. Reach out to speak with us further on this topic.

With rapid technological advancements and an acute specialized talent shortage, IT firms increasingly recognize the importance of developing technology talent internally. As a result, they have accelerated developing comprehensive learning and development (L&D) frameworks backed by robust tech-driven learning solutions to upskill/reskill technology talent. These strategic investments are aimed at ensuring future readiness and resilience to technology disruptions.

However, even after these focused L&D investments, organizations still struggle to build a sustainable pool of project-ready resources. According to the Talent Readiness for Next-generation IT Services PEAK Matrix® Assessment 2023, IT service providers reported the lack of project-ready resources as a critical barrier in building a future-ready workforce.

Picture1 4

Recent excessive hiring by technology firms has resulted in large benches with lower-quality talent unprepared to be deployed in client projects. Firms continuously train their benches on emerging and in-demand technologies while optimizing talent-sourcing strategies to improve project readiness, particularly in the entry-level talent pool. However, they still face several key bottlenecks in enhancing the project-readiness quotient, as illustrated below:

Picture2 4

Solving the project-readiness puzzle: The 3A framework focused on Assess-Acquire-Activate.

Picture3

  • Assess – Effectively assessing project readiness is as critical as embedding it in the L&D journey. Most technology firms lack a dedicated project readiness assessment framework. Developing a robust framework to evaluate and identify gaps in workforce project readiness is crucial.

The framework must be holistic and able to evaluate granular-level details specific to a particular role, project, and service line. It must include all skill types, including technical skills, domain expertise, cognitive and interpersonal skills, and related attributes such as proficiency level and experience.

Additionally, it’s critical to move beyond the conventional metrics of gauging project readiness, such as certifications and skill tags to digital readiness quotient.

We have invested in an in-house tool designed for conducting technical assessments of trainees. Customized assessments are created in the tool based on the skill matrix, and trainees are evaluated using these assessments to assess their level of upskilling. The assessments include scenario-based and coding questions to evaluate conceptual and hands-on expertise of candidates.” – Leading IT service provider

  • Acquire – Leading organizations are strategically shifting their focus on developing technology talent at early stages. By adopting a train-hire-deploy talent acquisition model, companies aim to build project-ready pipelines. Here are some initiatives top firms are using to acquire project-ready resources:
    • Forming in-depth alliances with academic institutions to focus on building talent from the ground up through tailored learning content, internships, apprenticeships, dedicated courses, or degree programs targeted at industry-relevant and in-demand skills
    • Creating pre-onboarding programs with learning content and hands-on practice modules in simulated environments to prepare freshers for a streamlined transition and integration
    • Partnering with training firms to acquire specialized talent equipped with niche or next-generation skills

We have an exclusive job program for individuals looking for full-time jobs after high school, thereby making them financially independent. This is a hybrid training program focusing on the overall education and personality grooming of students to make them job-ready.” – Leading Indian IT service provider

We currently have seven master’s programs running across six premier institutes in India to channelize the talent generation in the IT industry. We have handstitched the curriculum interventions and provide internship opportunities to students, which eventually leads to conversion to FTE.” – Leading global system integrator

  • Activate – In addition to traditional learning interventions, firms should promote on-the-job learning opportunities such as peer learning forums, collaboration and knowledge-sharing platforms, and sessions to exchange expertise on niche topics, projects, accounts, and roles.

Further, firms can explore strategic partnerships with specialized technology providers to build and integrate tailored learning exercises into their L&D ecosystem. This may include hands-on projects that mimic real-world scenarios, customized simulated environments, and labs specific to particular use cases or industries.

We partner with multiple providers of advanced-level technology programs who design and deliver training in boot camps as well as virtual instructor-led training (ILT) mode for training in higher order competencies. They also provide cloud labs along with the program, apart from personalized subject matter expert (SME) guidance. In fiscal year 2023, 33% of our deep-skilled learners were deployed in projects where they could use their new skills” – Leading Indian IT service provider

Following are some examples of the partnerships leveraged:

Technology Talent

Future outlook

The sharp decline in the project-readiness quotient of the workforce in recent times and the ever-evolving client expectations have led technology firms to take holistic measures to ensure they have sustainable pipelines of ready-to-deploy talent.

To effectively tackle the issue, firms must continue adopting proactive measures to enhance the project-readiness quotient. These approaches can include comprehensive assessment frameworks, optimized talent sourcing strategies, and establishing a balanced L&D ecosystem.

Firms with robust workforce strategies that strongly emphasize project readiness will   be better positioned to build and sustain scalable project-ready pipelines – giving them a competitive edge in the talent crisis.

To gain further insights into how leading service providers are transforming their workforce strategies to extensively focus on enhancing project readiness and technology talent, contact Arpita Dwivedi [email protected], Amit Anand [email protected], and Abhigyan Kumar [email protected].

Watch the webinar, Locations and Workforce Strategy 2024: Insights, Trends, and Key Priorities, for trends shaping 2024’s workforce and locations strategies.

Analyzing the EU AI Act Impact for Global Businesses | Webinar

ON-DEMAND WEBINAR

Analyzing the EU AI Act Impact for Global Businesses

Regulation in the AI space is about to change significantly with the introduction of the EU AI Act. How will this new legislation affect enterprises in the EU and beyond?

This webinar, hosted by Everest Group Partners Anil Vijayan and Nitish Mittal alongside Mark Lewis, Senior Consultant at Stephenson Harwood LLP, delved into this first-of-its-kind regulation and its implications for enterprises, tech providers, and tech service providers. They discussed how to prepare for the legislation’s effects, including its extraterritorial impact, as the introduction of this comprehensive AI-focused legislation affected other global locations.

Watch this event and gain insights into the potential repercussions of this legislation, with advice for best practices and key considerations to make when implementing AI tools in light of this new Act.

What questions did the webinar answer for the participants?

  • What is the state of the global regulatory environment with regards to AI?
  • What is the anticipated impact of the EU AI act for various stakeholders?
  • How can enterprises prepare for the Act coming into effect?

Who should attend?

  • CIOs
  • CEOs
  • CTOs
  • CSOs
  • COOs
  • ITS/BPS strategy heads 
  • CXOs
  • BU heads
Senior Consultant
Stephenson Harwood LLP
Partner
Everest Group
Partner
Everest Group

Evolving with AI: The Rise of Next-Generation Digital Adoption Platforms | Webinar

Webinar

Evolving with AI: The Rise of Next-Generation Digital Adoption PlatformS

April 30, 2024
8:00 AM PT | 11:00 AM ET

Join Everest Group Vice President, Sharath Hari in an upcoming webinar that assesses AI’s impact on business. This webinar will explore insights from Everest Group’s latest report, showcasing how Digital Adoption Platforms (DAPs) are transcending their traditional functions to play a pivotal role in driving enterprises towards hyper productivity. The expert panel will discuss:

  • The evolution of DAPs and their critical role in the age of AI  
  • Emerging use cases of next-gen DAPs
  • The advanced capabilities & benefits of AI-powered DAPs
Sharath Hari
Vice President, Everest Group
Liya Spiegel
Senior Director of Product Management, Walkme

Gen AI Unhyped: Where is it Working and How to Plan for Success | LinkedIn Live

Linkedin Live

Gen AI Unhyped: Where is it Working and How to Plan for Success

View the event on LinkedIn, which was delivered live on Tuesday, April 3, 2024.

While generative AI (gen AI) seems to be the predominant theme of the time, there is still a lack of clarity regarding where the technology works best and where the primary developments are occurring. 🧠💻

Watch this LinkedIn Live where our expert’s explored tangible, real-world gen AI applications, addressed challenges for practical implementation, and discovered key insights to assist in staying ahead in harnessing the potential of gen AI for your business. 🚀

During this session, we addressed the following questions:

✅ What is the current on-the-ground adoption of gen AI among enterprises?
✅ Which enterprise areas and functions are seeing the highest level of gen AI activity and interest?
✅ What are the key challenges and risks associated with gen AI, and what are the potential solutions to overcome them?
✅ How can organizations become gen AI-ready across talent, culture, and technology?

Gupta Vishal
Partner
Everest Group
Sehdev Ashish gray square
Vice President
Everest Group
ketan headshot
Ketan Singh
Staff Software Engineer (Tech Lead)
Meta
Aniruddha edited

Exploring the Importance of Post-quantum Cryptography: An Unbreakable Vault to Protect Enterprises Against Advanced Cyberattacks, Part 2 | Blog

Post-quantum cryptography (PQC) has become essential for enterprises to protect against future quantum-enabled attacks and secure digital assets and sensitive data. Read on to discover providers’ crucial role in preparing enterprises for PQC. Reach out to explore this topic further.

As discussed in our previous blog, the emergence of quantum computing poses a significant threat to current public key cryptographic methods. When run on quantum computers – or more specifically, Cryptographically Relevant Quantum Computers (CRQCs) – some algorithms such as Shor’s can potentially break widely used methods like RSA, DSA, ECDSA, EdDSA, and DHKE, among others.

The advancement of quantum computers can seriously threaten data security and privacy for various enterprises, affecting fundamental principles such as confidentiality, integrity, and authentication. This makes it essential to reassess the security of these cryptographic methods.

The early and widespread use of quantum computers could wreak havoc, enabling new advanced cyberattacks that are impossible using classical computers. Post-quantum cryptography (PQC) is the solution to this problem. Let’s explore this further.

What is post-quantum cryptography?

In the quantum computing era, PQC is vital in ensuring the long-term security of digital communication and data protection. PQC focuses on researching and adopting cryptographic algorithms that are ready for this era.

These algorithms are designed to be secure against both quantum and classical computers. Furthermore, they are expected to be deployable and integrable without significant modifications to current protocols and networks.

With extensive ongoing research in this field, researchers have proposed several mathematical schemes that meet the requirements for being potential candidates for quantum-safe cryptographic algorithms. These include lattice-based, multivariate polynomial, code-based, hash-based, and isogeny-based cryptography.

The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) launched a program in 2016 to create standardized quantum-safe cryptographic algorithms.

After a rigorous six-year evaluation involving global experts, it announced four finalists for quantum-safe cryptographic standards. The following algorithms selected by NIST address general encryption and digital signatures that are crucial for securing data exchanges and identity authentication:

PQC algorithm Cryptographic scheme Purpose
CRYSTALS-Kyber Lattice-based cryptography Key encapsulation method (KEM)
CRYSTALS-Dilithium Lattice-based cryptography Digital signature
FALCON Lattice-based cryptography Small digital signature
SPHINCS+ Hash-based cryptography Digital signature

Several other developments related to PQC have occurred recently. The notable ones are highlighted below:

Timeline final

Common cryptographic pitfalls

The complexity of cryptographic fields makes it difficult for enterprises to navigate data security. With numerous algorithms, protocols, and standards, enterprises often struggle to understand and implement robust cryptographic solutions.

Enterprises may encounter several common cryptographic pitfalls, including:

  • Lack of awareness about cryptographic algorithms used for data protection
  • Dependency on long-life data secured by cryptographic schemes not suitable for the quantum computing era
  • High costs and efforts required to update cryptography across systems and applications manually
  • Use of outdated cryptographic algorithms
  • Challenges in ensuring interoperability between different cryptographic systems and protocols, especially in hybrid IT environments
  • Limited resources, including security budget and expertise, hindering effective cryptography implementation and management
  • Risk of vulnerabilities and security breaches due to incorrect implementation of cryptographic protocols or algorithms

Enterprise considerations for embracing PQC

Considering the current challenges with cryptography, enterprises would face far more significant difficulties if they do not strategically plan for PQC. To prevent this, cybersecurity leaders globally must proactively prepare and initiate early plans to migrate to post-quantum cryptographic standards.

Taking a proactive stance is crucial since transitioning to new quantum-safe algorithms will be discontinuous, considering the inherent disparities in key size, error-handling properties, and other complexities.

Hence, enterprises should give themselves enough time to start small, experiment, learn from positive impacts and challenges, and explore ways to reduce technology transition costs.

Steps to establishing a quantum readiness roadmap

Staying abreast of advancements in quantum computing and quantum-safe solutions is paramount. Enterprises must establish a comprehensive quantum readiness roadmap following these five steps:

  • Inventory quantum-vulnerable systems: To kickstart readiness efforts, enterprises should conduct a thorough inventory of quantum-vulnerable systems across both information technology (IT) and operational technology (OT) environments, covering all cryptographic assets, including keys, certificates, protocols, libraries, and algorithms. Understanding cryptographic assets and algorithms, locations, and purposes is a fundamental best practice, especially when preparing for post-quantum cryptography. It is also crucial to identify where long-life data resides, comprehend data flows, and understand the types of cryptography used to protect it.
  • Conduct an internal risk assessment: This can help identify and prioritize assets most impacted by a quantum computer cryptographically, thus exposing the organization to greater risk. Chief Information Security Officers (CISOs) and Chief Revenue Officers (CROs) must ensure that quantum risk mitigation is integrated into existing risk management strategies.
  • Engage with technology vendors: Partner with supply chain providers to understand their quantum readiness roadmaps and migration strategies to facilitate a smooth transition that aligns with enterprise goals and timelines.

Streamline the current cryptographic infrastructure: Enterprises can initiate modernization efforts by streamlining their current cryptographic infrastructure, including consolidating or replacing vendors to enable a managed migration process. The CFO should collaborate with other executives to prioritize PQC investments based on the risk appetite and strategic objectives and adopt a fully crypto-agile approach. Establishing a governance structure with clearly defined roles and responsibilities to adopt PQC effectively is also recommended.

  • Adopt PQC algorithms: Enterprises eventually should integrate PQC algorithms into browsers, applications, public key infrastructure (PKI), files, and data systems, wherever quantum-vulnerable cryptography is employed. CIOs must collaborate closely with CISOs and other stakeholders to assess the compatibility of current systems with PQC solutions.

There is an ongoing debate over some adversaries already gathering encrypted foreign communications, anticipating the future ability of quantum computers to decrypt such systems, and aiming to extract valuable secrets from the data collected. This threat, known as “harvest now, decrypt later,” highlights the urgency of making cryptographic changes rather than waiting.

How can service providers help enterprises navigate the PQC era effectively and efficiently?

As quantum computing advances, the demand for comprehensive quantum-resistant cryptographic solutions will only increase, favoring a ripe market for cybersecurity service providers to capitalize on.

PQC offers a significant opportunity for providers to position themselves as vital partners in ensuring the security and resilience of enterprises’ digital assets against the evolving quantum computing threats.

Leaders may need help understanding the advanced mathematical concepts and algorithms involved in PQC. The complexity of these cryptographic methods may need to be clarified for enterprises trying to grasp the intricacies of quantum-resistant solutions.

With all the latest discussions about quantum computers, service providers should take this time to develop a perspective on how PQC would impact enterprises from various industry verticals.

Providers should play an educational role, creating awareness about the risks posed by quantum computing and guiding enterprises on the importance of proactively transitioning to quantum-resistant solutions.

Service providers should develop strategies to hire, train, and upskill talent in PQC and quantum computing concepts. Additionally, they can invest in R&D initiatives to explore new approaches and solutions in the PQC field. By collaborating with relevant technology vendors, research institutions, and other organizations paving the way for PQC, service providers can foster innovation and help their clients stay at the forefront of technological advancements.

Cybersecurity service providers can offer specialized consultation and assessment services to help enterprises evaluate and inventory their current cryptographic infrastructure, prioritize components based on risk, identify vulnerabilities to quantum attacks, and recommend appropriate post-quantum cryptographic solutions.

Moreover, they can engage with enterprises on initial levels to develop comprehensive strategies for implementing and managing these solutions effectively, ensuring seamless integration with existing security frameworks and compatibility with legacy systems.

Unlocking potential: Exploring use cases with PQC

Service providers should prioritize PQC to address the threat quantum computing poses to traditional cryptographic systems. By embracing PQC, service providers can safeguard their clients’ data and infrastructure against potential quantum attacks.

Additionally, they can explore new use cases for PQC to unlock innovative solutions and stay ahead of the curve in the rapidly evolving quantum landscape. These new use cases may include:

  • Quantum-safe communication (use cases for cloud computing, data centers, 5G networks, secure private communication links, )
  • Security in the banking sector, securing ATM and online credit card transactions, as well as customer data stored in bank data centers
  • Quantum-safe VPN and SD-WAN
  • Quantum-safe cybersecurity for automotive systems
  • PQC in Internet of Things (IoT) and Mobile Edge Computing (MEC) domains for protection of data transmitted between connected devices and central data processor/edge servers
  • Quantum-safe blockchain
  • Safeguarding the storage, transmission, and processing of sensitive patient data in healthcare (including that collected by biosensors in wearable devices)
  • Quantum-safe PKI for OT environments
  • PQC in Zero Trust Architecture (ZTA)

Envisioning the future

PQC is no longer a theoretical concept but a reality. Multiple applications of PQC have emerged. In their latest release, OpenSSL has fully enabled PQC for digital signatures and fundamental establishment mechanisms. The Signal Protocol, an essential constituent of Signal, Google RCS, and WhatsApp messengers, has also announced support for the PQXDH protocol, becoming the first to introduce PQC for the initial key establishment. Apple has introduced a fresh encryption protocol named PQ3 for iMessage, offering advanced post-quantum security measures for instant messaging.

PQC is rapidly gaining traction for quantum-safe digital signatures, encryption, and fundamental exchange mechanisms. Its widespread adoption seems inevitable as the risks of quantum supremacy proliferate.

The standardized algorithms aren’t battle-tested yet, and exploitable weaknesses could be uncovered, leading to adjustments in their functioning or the development of entirely new algorithms.

We anticipate PQC becoming the cornerstone of cybersecurity strategies in the coming years. Moreover, the security standards are expected to recommend or mandate PQC.

PQC has become a crucial element of enterprise security, safeguarding against quantum-enabled attacks and ensuring the integrity and confidentiality of sensitive data.

Enterprises must start planning to migrate from a secure lock to an unbreakable vault: post-quantum cryptography! Service providers play a crucial role in guiding and supporting enterprises every step of the way.

To discuss post-quantum cryptography further, please contact Prabhjyot Kaur, Kumar Avijit, and Ronak Doshi.

Driving Factors for IT Services Recovery in 2024: Insights from Everest Group’s Forces & Foresight™ Research | Blog

Our inaugural Forces & Foresight research uncovers three factors we predict will drive a gradual recovery in tech services this calendar year. Continue reading to understand the projected path for the IT services industry’s rebound and implications for providers.

Learn more about Forces & Foresight™.

After the global financial crisis in 2008 and the COVID-19 pandemic in 2020, the IT services industry took five to eight quarters to recover. Both recessions had specific catalysts, and the IT services growth rebound after each downturn was fueled by weak comparisons and a release of significant pent-up demand (as illustrated in Exhibit 1).

Let’s explore whether the current economic decline will follow a similar trajectory based on Forces & Foresight research that dives deep into comprehensive dynamics to understand the industry implications.

Forces Foresight Exhibit 1

Over the past year, the contrasts between past recessions and ongoing macro challenges have been well-researched and discussed. More importantly, the industry is now facing multiple forecasts – pulling in different directions – on how the broader macroeconomic outlook will impact IT services growth.

The following three factors are fueling our foresight:

  1. Stabilizing base

Despite the uncertainty that has impacted enterprise decision-making for the past several quarters, we now see signs of spending stability. The fundamental need to leverage technology for growth or cost is keeping enterprise IT budgets green.

Some examples of various factors that give us confidence the demand downtrend has at least stabilized include:

    • Enterprises: Everest Group’s Key Issues Study of enterprise priorities captured that over 60% of enterprises (from a sample of 200-plus) plan to increase technology budgets in 2024
    • IT Providers: A notable trend for technology platform players’ performance and outlook is that SaaS/PaaS players are not only reporting double-digit growth and new clients but also foresee growth continuing in 2024
    • Services: We see strong resilience for IT services spending in specific segments such as public sector, healthcare, and energy
  1. Fixing revenue leakage

Over several past quarters, service providers have reported contradictory numbers for revenue growth versus bookings (Exhibit 2).

Our research uncovered some key factors creating this dichotomy, including shifting profiles of existing deals to longer terms and lower annual contract values (ACVs), delayed/canceled commitments, and slow ramp-ups of large deals.

As a result, signings did not translate into revenue growth even after expected ramp-up periods. However, we see signs of stabilization in the latest quarter, especially for mid-tier players, and some stalled projects moving forward. This signals that the net negative effect is reversing and that net positive revenue contribution from bookings may begin.

Forces Forsigh Exhibit 2jpg

  1. Pockets of additional demand

We see some specific growth areas in 2024. Rising cybersecurity demand is promising (as is the case in challenging periods) and is seeing more takers, such as governments expanding cybersecurity budgets. Engineering, Research, and Development (ER&D) demand in asset-heavy industries like automotive is getting stronger as enterprises strategically invest in next-generation concepts to modernize, such as smart factories. Data and analytics will continue its growth trajectory, with the rise in Artificial Intelligence (AI) fueling more robust use cases.

Beyond these promising areas, we also see signs of a turnaround in segments and sub-segments that were hit hard in recent quarters. Prominent ones include investment banking and high-tech industries, and North America.

Note: We are not factoring in benefits from AI and generative AI (gen AI) in our foresight for 2024. While we strongly believe in the immense potential of gen AI, our research suggests that scaled adoption will still take time, and the effect on this year’s growth will not move the needle.

Implications for service providers

Despite the ongoing challenges, the industry has not slumped. The revenue declines seen in one to two quarters is better than several quarters in previous downturns (Exhibit 3). We predict pivotal growth soon.

Exhibit 3

However, given the “classical economics” nature of this downturn impacting IT services, we anticipate the industry’s recovery will be more gradual than previous event-based downturns, in contrast to the sharp recovery in the last two recessions. We expect a diverse mix of industry verticals and geographies to undergo various recovery cycles, making it an interesting and complex scenario.

The key for IT service providers lies in identifying early recovery pockets and attacking rather than being defensive and possibly investing in account management on late recovery cycle areas.

For more insights, supporting data, and trends on IT services growth, please read the report, Forces & Foresight Q1 2024.

Contact Prashant Shukla to learn more at [email protected].

How can we engage?

Please let us know how we can help you on your journey.

Contact Us

"*" indicates required fields

Please review our Privacy Notice and check the box below to consent to the use of Personal Data that you provide.
This field is for validation purposes and should be left unchanged.