Thursday, March 27, 2014

The NSA's spying has in fact hurt U.S. cloud providers

MARCH 27, 2014

Although worrying, the loss of business is not as great as analysts originally feared
By Bill Snyder | InfoWorld

When Edward Snowden ripped open the curtainand began revealing details of the NSA's data vacuuming, IT analysts warned that an unintended consequence of the program was a huge blow to the credibility of U.S. cloud providers. After all, they asked, why would anyone who cares about the security of their data put it someplace where government snoops could access it?

At the time, the ITIF (Information Technology & Innovation Foundation) published a prediction that the U.S. cloud computing industry stood to lose as much as $35 billion by 2016. James Staten, a veteran Forrester Research analyst, suggested that the ITIF might be too low, saying the hit could be as high as $180 billion, or 25 percent of overall IT service provider revenues.

Nearly a year later, it appears that those fears were in fact justified, but not to the degree predicted. For example, Cisco Systems admitted during its recent earnings call that it has lost offshore business due to fears of NSA spying, and that recent RFPs (requests for proposals) from customers have explicitly excluded U.S. cloud providers as an option for Cisco to consider. Cisco's CEO attributed some of its weak European results to fears related to spying, but he declined to quantify the losses and in a later interview with the New York Times said that the NSA disclosures had not affected Cisco's sales "in a major way."

Meanwhile IBM is spending $1.2 billion to build more secure cloud data centers abroad in an attempt to placate nervous foreign customers.

When he predicted a possible loss of $180 billion in business for U.S. cloud providers, "I was explicitly painting the worst case," Staten told me this week. "The numbers could well be lower. Right now, there's not enough evidence to support a doomsday scenario."

U.S cloud providers find foreign customers are suddenly not so interested in them
But there's no question there's been damage to those providers, such as Amazon Web Services, Google, Microsoft, Rackspace, and Like other businesses, IT companies are quick to boast about wins and much slower to tell the world about losses, so it's not easy to be very specific about the real extent of the NSA's effect on cloud providers. But it certainly is real.

"I do get a lot of questions about hosting services outside the U.S., particularly from Canada," says Gartner analyst Ed Anderson. A recent IDG News survey showed that North American and European companies are being more cautious about using U.S. cloud providers and are paying more attention to their security arrangements.

Offshore providers are taking advantage of mistrust engendered by the NSA. But the natural evolution of the cloud business made the rise of non-U.S. providers inevitable, Anderson says. "It's likely that the NSA revelations sped up a process that was going to occur on its own, and some of what you hear from foreign providers is chest thumping by companies trying to steal business from U.S. providers." The NSA scandal makes it easier to do so.

Forrester's Staten was recently briefed by a large French retailer and a major German manufacturer that were putting out RFPs that pointedly did not include U.S. companies that normally would have been strong candidates, he says. Even so, the companies did not explicitly say that security fears were the reason, which is why Forrester is now conducting a study that Staten hopes will allow it to quantify the actual losses caused by the NSA's program.

The NSA surveillance caused a global steel manufacturer based in Britain to demand that its data not cross into the United States, said Mark J. Barrenechea, CEO of OpenText, Canada's largest software company CEO, in a New York Times story. In the same article, Matthias Kunisch, managing director at Germany's Forcont Business Technology, said he took his business to Deutsche Telekom instead of a U.S. provider because of the NSA controversy.

There are other examples as well, notes Daniel Castro, the author of last year's ITIF report that raised the alarm., he notes, lost a contract with a major German insurance company because of the NSA concerns, and Boeing lost a $4.5 billion fighter jet contract with Brazil because of anger over the NSA's spying on that nation's leadership.

Boeing obviously isn't part of the IT industry, but when major companies in any industry lose significant business because of fallout from a government program, they're quick to yell. It's also likely that President Barack Obama's recent call to rein in the NSA is at least partly the result of complaints from companies like Boeing, not to mention Microsoft, Facebook, and Google, says Forrester's Staten.

With spies everywhere, companies turn inward and invest more in security
The Snowden revelations have put the NSA in the spotlight, but it's naïve to think that other governments don't have similar programs, says Gartner's Anderson. In fact, Snowden's revelations show that Britain's GCHQ is an active partner with the NSA in such spying in Britain and other countries. In addition, U.S. government officials have been warning about Chinese government spying for years.

Corporations know that other governments spy on at least their own providers, Anderson says, which is why he doesn't expect a massive hemorrhage of cloud business from the United States.

That's why large businesses are doing more than shopping for cloud providers less likely to be major spying targets. They're keeping data stores in their own facilities and increasing their use of encryption. Companies with consumer-facing business have ramped up security precautions; Google, for example, spent a good deal of time and money encrypting email, search queries, and other information flowing among its data centers worldwide.

Even in the spying fears are overblown, the money spent on security may be well spent, given the huge number of data breaches we've seen recently. Intruders are intruders, whether NSA spies or hackers from Eastern Europe.

This an issue to watch closely. Even if you don't care all that much about what the NSA is doing, the business lost by U.S. companies will quickly morph into major job losses for the armies of technologists they support.

I welcome your comments, tips, and suggestions. Post them here (Add a comment) so that all our readers can share them, or reach me at Follow me on Twitter at BSnyderSF.

This article, "The NSA's spying has in fact hurt U.S. cloud providers," was originally published Read more of Bill Snyder's Tech's Bottom Line blog and follow the latesttechnology business developments at For the latest business technology news, follow on Twitter.

No comments:

Post a Comment