IT Brief Australia - Technology news for CIOs & IT decision-makers
Story image
Where digital transformation in Australia goes next
Thu, 23rd Feb 2023
FYI, this story is more than a year old

Digital transformation journeys at many Australian organisations were born - and then accelerated - out of extreme necessity. 

Some organisations have now achieved a base level of maturity in the digital space, defining and working to a digital-first strategy that puts their entire organisation on a trajectory to becoming digitally oriented and connected all of the time.

But even the most advanced transformation leaders would be the first to admit their work in the digital space is far from done. It is still a highly dynamic area with regard to enterprise evolution. 

To that end, two trends are expected to have considerable influence over the strategic direction of digital transformation efforts at Australian organisations during 2023.

First, we’re likely to see organisations use the next 12 months to really double down on application modernisation efforts. Larger proportions of internal applications will be redesigned to be microservices-based and cloud-native. 

Microservices have opened the doors to new approaches to developing applications by combining the concepts of service-oriented architecture (SOA), containerisation, and DevOps, and will become even more indispensable in the coming year for organisations embracing digital transformation.

This work had already started: the 2022 Service Mesh Adoption Survey, conducted by Solo.io and ClearPath Strategies, showed that 85% of companies are modernising their applications to a microservices architecture. That makes 2023 the year that much of this modernisation work will be completed, but that brings with it a new set of challenges. 

And so, the second trend that will bear considerable influence over digital transformation efforts in the next 12 months is the need to ensure that all of these newly cloud-native, microservices-based applications are reliable, secure, and manageable.

This is where service mesh enters the picture. Service mesh is a dedicated infrastructure layer that addresses the complexity of these increasingly distributed architectures and the challenges it creates for developers and operators. 

The driving force behind service mesh innovation in 2023 will be the continued growth and adoption of cloud-native and microservices-based application architectures, and the very real need to manage it all. As the number of microservices in production explodes, this is the year that ways to manage this explosion will take root. 

Consequently, 2023 is the year we expect microservices-based application architectures, along with service mesh, will go ‘mainstream’, at least from an enterprise adoption perspective.

Reaching for Istio

It’s not just any service mesh that will cross over into mainstream adoption and use, however. 

As more organisations connect microservices with faster, more reliable application development, they are likely to look specifically to Istio, the open-source service mesh. 

Istio is emerging as ‘the Kubernetes of service mesh’. Kubernetes has crossed the chasm, so to speak, of enterprise adoption, with nearly two-thirds of companies using it in production. Founded in 2017, we see Istio now on the same track. 

In fact, Istio was recently accepted as a CNCF incubator project, reflecting the production adoption and maturity of the project. The project has over 6,000 contributors from over 1,000 companies, and CNCF’s governance will only expand the active, diverse community and skillset surrounding Istio. 

Observability, management, and zero-trust security remain top enterprise priorities and are at the heart of service mesh. Istio transparently adds these capabilities to applications without adding them to your code. Our research shows that organisations choose an Istio-based service mesh by an almost three-to-one margin to boost application reliability and security.

Security at the heart of new digital directions

As Istio becomes an integral part of organisations’ cloud-native stack of technologies (along with Kubernetes and all things open source), it will become a key part of bolstering security within organisations. Security in Istio delivers strong policy, encryption, authentication, authorisation, and audit features to protect services and data. 

Software security still has significant holes, and a missed patch or single misconfiguration can open the door for a breach or hack. The risk is even greater for organisations moving to the cloud-native architecture of microservices and containerised applications. 

With microservices, the “at-risk” surface area has increased exponentially. Organisations must think beyond protecting the perimeter and the network and factor in the multiple connections between microservice containers. 

For organisations that use microservices, a service mesh can help by combining security and operations into a single infrastructure layer that sits between the containerised application and the network. It can also help mitigate service impersonation, unauthorised access, and data exfiltration attacks — as well as help manage encryption, authentication, authorisation, policy control, and configuration. And with role-based access control (RBAC), service mesh supports the zero-trust philosophy of “trust no one, authenticate everyone.”

This is the convergence of zero-trust network security and service mesh technology. We anticipate seeing more government agencies and commercial organisations adopt Istio to strengthen zero-trust mandates within technology infrastructure through 2023 and beyond.