Special Report - CompTIA's Five Industry Trends to Watch in 2010

By Todd Thibodeaux

(Back to article)

While some macro-economic indicators have shown signs of improvement in recent months, some big unknowns still loom: unemployment, the impact of public sector debt, and a tight lending and credit market to name just a few. Perhaps, the biggest fear among IT executives is the possibility of a stalled recovery; specifically, an environment of weak consumer and corporate demand.

Other factors that keep them awake at night include access to credit and capital, government regulation, competition from foreign firms and downward pressure of profit margins. And yet IT executives continue to perform the delicate balancing act of investing in the future, through R&D, new business investment and new technology adoption, while at same time keeping costs under control.

Though executives continue to be cautious with spending, at least the indefinite waiting game is over in many areas. Global IT spending is projected to be the two-to-four percent range in 2010, with the U.S. market trailing slightly. IT projects postponed due to the economy are slowly resurrecting. And while many execs hope to eke out a bit more useful life from their current systems, others expect to be in full IT replacement mode as they increase staffing and capital expenditures.

Based on these observation and little bit of educated guessing these are the five key areas where we’re likely to see the most activity going forward in 2010:

Security is (Still) Job One - The primary cause of the majority of security breaches is unintentional end-user error―often by non-IT staff. The most significant costs of security breaches remain the overall impact on employee productivity, according to the study. About one-third of U.S. respondents to a 2009 CompTIA survey cited loss productivity as the top consequence of a breach, followed by a disruption of revenue-generating activities. Although the exact amount of money lost to IT security breaches is tough to calculate because of the difficulty in estimating lost productivity, data suggests security breaches cost U.S. companies in excess of $17 billion annually, and most likely significantly more.

The CompTIA study found that while the average number of security breaches increased only slightly over previous years, severity levels of breaches have increased more substantially. This suggests that while many organizations have made significant progress in dealing with security issues, the number, type and severity of threats have adapted in step. As in years past, spyware, viruses, worms and a lack of user awareness remain the most common IT security threats. However, threats from browser-based attacks, use of handheld devices and VoIP intensified for the majority of respondents.

To address these evolving threats, support mechanisms such as disaster recovery plans, dedicated security teams, security trainings and formal policies for responding to incidents have been adopted by many firms. These are supplemented by preventive technologies, such as firewalls and antivirus software used in combination. A growing number of firms are using other technologies (though to a lesser degree) including intrusion detection systems, physical access control, and multifactor authentication.

There is little doubt that companies recognize the importance of IT security and are willing to spend money to fortify their systems against attack. Indeed, security spending is at or near the top of most organizations’ IT shopping lists again this year. The federal government, for example, is expected to sharply increase its spending on information security products and services over the next five years. According to an INPUT study, security spending is forecast to jump from $7.9 billion this year to $11.7 billion in 2014.

What’s much less clear is whether organizations fully understand the value of training end-users to avoid inadvertently compromising IT security. According to the CompTIA study, almost all U.S. respondents (87 percent) note improvements in security when their organizations provide security training for non-IT employees, notably through increased awareness and proactive risk identification. However, while the majority of organizations require security training for IT staff (54 percent), relatively few firms (45 percent) require non-IT staff to be similarly trained.

The first and most important thing is to implement a comprehensive data security policy. Once a proper IT security policy is in place, non-IT employees should be trained to avoid causing an accidental breach. A comprehensive IT security training program should explain the IT security policy and the reasons behind any restrictions. This will encourage compliance without stifling creativity and will have the added benefit of teaching staff about some of the ways they may inadvertently cause a security breach.

Information technologists tend to focus on the technology that protects their sensitive information, but they can't afford to ignore the human element. The best lock in the world can't protect a vault if someone leaves the door open.

Technology Levels the Playing Field for SMBs - Today’s small business is more sophisticated when it comes to investment in new technology. Innovative solutions such as managed services and software-as-a-service (SaaS) are being deployed in greater numbers by organizations with 500 or fewer employees.

A Q4 2009 survey by CompTIA of more than 400 small and mid-sized businesses (SMBs) across the US found that nearly 30 percent plan to implement SaaS solutions in 2010. That’s up from 22 percent and 14 percent respectively in the two prior years. Similarly, 30 percent of SMBs intend to implement managed services solutions in 2010. SMBs cited a desire to lower costs and maintain and build on their competitive edge as top reasons for adopting the SaaS model.

But a sharp decline in the planned adoption of basic IT such as computing, software and communications is anticipated in 2010. The number of SMBs surveyed that plan to make PC upgrades or replacements in the upcoming 12 months dropped from 98 percent to about 30 percent looking forward to 2010. This is indicative of SMBs looking to leverage their existing IT infrastructure better; and a shift in mindset to IT investments that drive revenue generation.

To be sure, the majority of SMBs continue to be “value adopters” who prefer to wait until new technologies are proven before buying. But the percentage of businesses claiming to be early adopters of technology has doubled from 2008, to 31 percent in the latest survey. Manufacturing, finance/insurance and government are leading this wave, where 60 percent of the respondents in these categories claim to be early adopters.

Significant investments in computing, networking, the Internet, websites, e-commerce and mobile communications are enabling SMBs to transition to more advanced technologies, leveling the playing field with larger competitors and helping to create competitive advantages.

Clearly, SMBs are placing increasing importance on technology solutions that drive revenues, produce immediate results to the bottom line and have a direct, positive impact on the customer’s experience. This is reflected in their growing adoption of enterprise resource planning (ERP), and other such solutions in 2009. Between 70 percent and 80 percent of the SMBs we surveyed consider the usage of ERP, CRM and online e-commerce capabilities as strategic to their business. One-third use virtualization and over half report having custom software in house to help tie their IT investments together. This sets the stage for leveraging technology to enable business growth by enhancing core business processes, productivity and efficiency; and increasing connectivity and knowledge access and sharing with customers, partners and suppliers.

When it comes to IT spending in the next 12 months, it appears that SMBs are being cautious. They’re fairly evenly split between expecting their IT spending to remain flat or decline in the next one year (45 percent) versus expecting it to increase (55 percent). The fact that 55 percent say they expect to increase spending is generally positive and encouraging given that this percentage has increased from the same time last year.

Organizations in finance/insurance and government demonstrated the highest purchasing power, spending as much as three times the average. The former especially has recovered quite nicely from the credit crisis with the help of government incentives to boost lending and credit availability. Healthcare businesses have planned for the greatest increase in average annual IT spending in the next 12 months despite having the lowest average annual revenue.

SaaS, managed services and virtualization are likely to become more strategic in the next 12 months because all of these technologies have the ability to scale with the business, outpace total cost of ownership, and work within tighter budgets thus eliminating the need for formal IT personnel or upfront investments. Of the initiatives being taken to generate and drive revenues, business solutions that enhance customer-facing interactions have gained in importance in the last 12 months and will continue to be relevant in 2010.

Managed IT Services Make Inroads - The biggest change the IT channel is likely to see in 2010 is the increased delivery of technology solutions via managed services. Companies delivering managed IT services weathered the storm better than most during the Great Recession. Managed services providers (MSPs) were better able to generate cash flow, avoid wild quarter-to-quarter fluctuations in income and generally out-performed traditional technology resellers, according to a 2009 survey by CompTIA. The top MSPs also tended to hold their profits longer even as the economy headed downhill and began their recovery sooner.

From the customer perspective, reliance on MSPs continues to grow at the small businesses, mid-sized company, and enterprise levels. MSPs are coming in and managing wireless phone networks, voice networks, print systems, desktops and servers, network integration, IT consulting, help desk functions, security, network and firewall monitoring, e-mail management and storage/backup. Because MSPs ensure customers get the service they need in an affordable and predictable manner, they're just scratching the surfaces and have probably penetrated only a small percentage of customers who have not made a wholesale transition to managed services.

The first of three core business drivers for the end customer is managing cost. Business reality necessitates that a business control its expenses and IT is an expenditure that needs to be managed. Due to the inherent efficiencies of the managed services model (economies of scale, use of remote technologies, aligned business interests between the MSP and customer that reward cost reduction, efficient use of experts, etc.), the cost of providing IT―when done right―is lower. The solution provider can choose whether to pass these savings on to the customer.

Regardless of whether the cost reduction is passed on, a business under managed services also benefits from price predictability. Since MSPs provide service to an SLA at a fixed rate, the customer benefits from a “no surprises” cost structure and this predictability allows them to accurately forecast the cost of IT services and plan accordingly.

The second core business driver for the end user is the predictability of service. When you are looking for a doctor, what is foremost in your mind? It’s certainly not “Where can I find the cheapest doctor to provide my treatment?” While cost is a consideration, far more important is the quality of service and whether or not the physician can successfully treat your condition.

An IT services provider relationship to business is akin to that of a doctor and patient. What the business really wants is reliable IT services that continue to work and meet the organization’s needs. Because MSPs provide a long term relationship that aligns the MSP's interest with that of their customers (the MSP wants a trouble free network to reduce expenses), it inherently provides a better service to the end customer. Additionally, because an MSP supports many customers, it can afford to make resources available to its customers that they could not justify on their own.

The last business driver for the end user is managing chaos and complexity. A small business does not want to be preoccupied with myriad IT decisions. An MSP helps a small business navigate the difficult world of technology decisions, upgrades, architecture strategies, etc. Their expertise and single-minded focus on IT frees the customer to focus on what matters most to them―their business.

Up in the Cloud - There’s been a lot of talk lately about "the Cloud". Pick up just about any tech journal, business publication or even the newspaper and you’ll find articles and analysis discussing everything moving to “the Cloud.” What does that really mean? Is the end of the desktop/laptop, as we know it today, coming sooner than we thought? Is it all about being connected 24/7 so that no applications reside locally anymore?

According to the recently issued definition put forth by NIST (National Institute of Standards and Technology, Information Technology Laboratory): “Cloud computing is still an evolving paradigm. Its definitions, use cases, underlying technologies, issues, risks, and benefits will be refined in a spirited debate by the public and private sectors. These definitions, attributes, and characteristics will evolve and change over time.”

Vendors are telling customers that everything’s moving to the Cloud: "It’s better, faster, stronger, cheaper, and able to leap tall buildings in a single bound. It’s the best solution for every IT problem, regardless of industry, and why would you even think of using anything else? ... Oh, and everybody’s using it."

If hype is to be believed, customers can soon ditch all their owned data centers. After all, who needs them anymore? And, of course, it’s hard to find a vendor that hasn’t added “Cloud-ready” or “a Cloud service” into their marketing to capitalize on the trend.

Customers, however, are leery and have a right to be. Security and privacy issues loom large, as do service delivery concerns, legal ramifications and regulatory directives. Many enterprises are testing Cloud offerings in a limited capacity, but anxiety still reigns. Knowing exactly what each “Cloud vendor” offers has gotten more and more difficult, making it very tough for IT managers to evaluate competitors and make informed decisions.

On the plus side, Cloud computing allows even the smallest organization to access enterprise-class technology with minimal up-front costs and easy scalability. By allowing a large number of networked computers to share an IT infrastructure, Cloud computing eliminates the constraints of relying only on local or remote computers. It’s also financially attractive to many organizations, which can reduce their in-house IT infrastructure investment costs and use Web-hosted services, paying only for what they use.

Web 2.0 and Beyond: New Options for Training the IT Workforce - The ever accelerating technology adoption curve places increasing importance on the need to continually update skills of the high-tech workforce. On-going training and education is not a luxury, but a necessity. But this need occurs at a time when the workforce is shrinking due to factors both economic (layoffs and budget constraints) and demographic (an aging baby-boomer workforce with fewer workers following in their footsteps).

Historically, tech workers seize any opportunity to add new skills and credentials to their CV. This desire to stay at the crest of the learning curve is even more pronounced during times of recession when tech workers at all levels discover no job is safe. And it’s easy for companies to sign off on training when business is good and profits are high. It’s a much tougher call when the focus is on every number on the bottom.

Today, the use of Web 2.0 technologies in the training environment is going a long way to easing concerns about the time and resources required to keep workers’ skills up to date. The social Web is rapidly becoming the primary venue for social interaction. It’s where we go to communicate, interact and learn. Whether through blogs or tweets, RSS or e-communities, wikis or podcasts, individuals (and, increasingly, companies) are using these tools to link to one another based on common interests. The use of these tools is becoming more prevalent in the learning realm, too.

A 2009 CompTIA survey of 1,500-plus IT professionals found that 36 percent utilized some type of Internet-based study application, while one in five participated in an online training session led by an instructor. Looking ahead, all signs point to an even greater leveraging of technology as students and instructors seek more flexibility, collaboration and interaction. Just as exciting is the two-way learning experience that’s made more possible than ever by social media or Web 2.0 tools.

Incorporating interactive simulations and games into a class or seminar gets students more engaged. Web 2.0 tools also allow content to be tailored and personalized, even down to the individual student level. Similarly, students can quickly and easily communicate with the instructor for any reason. This can help the instructor improve course material based on immediate feedback or make other changes more quickly in response to student needs. No longer is the classroom dominated by an “I teach and you listen" mentality. Content can be created and debated by all participants.

At the organization level, early adopters have found that blogs, social networking and customer forums offer the “biggest bang for the buck” among Web 2.0 tools in terms of measurable benefits. And coming soon to a desktop or handheld near you is Web 3.0 and 4.0, featuring rich media with full high definition video, sound and even emotive and touch features.

With a potential shift from basic infrastructure investments to solutions that are more focused on driving revenue and efficiency, technology providers that can leverage strong relationships and effectively communicate the business value of technology should continue to see opportunities. More and more customers want technology partners that truly understand their business needs and are able to provide scalable solutions. Providers that focus on these core values, while helping customers understand the potential business impact of IT investments, should see continued success despite the expected economic challenges in the coming year.

Todd Thibodeaux is the president and chief executive officer of CompTIA, the leading trade association for the world’s information technology industry. He is responsible for leading strategy, development and growth efforts for the association. Before joining CompTIA in July 2008, Todd spent more than 17 years with the Consumer Electronics Association (CEA), where he served in a wide range of roles culminating as its senior vice president of industry relations. During Todd's tenure with CEA, the organization grew from having just a small handful of member companies to become a thriving, diverse and widely-respected trade group with over 2,200 member companies and 150 employees. CEA is perhaps best known for producing one of the world's largest technology trade events, the International Consumer Electronics Show.