This article is an extract from GTDT Cloud Computing 2023. Click here for the full guide.

So where does the cloud market find itself in mid 2022? It is always illuminating to look back over the past year and pull out some trends and what these may mean for the cloud computing sector in 2023.

The market overall

Gartner again predicts yet more growth in spending on public cloud services, with its April 2022 figures forecasting 20.4 per cent growth in 2022, taking spending to US$494.7 billion and estimating that end-user spending will reach nearly US$600 billion in 2023. Software as a service (SaaS) remains the largest public cloud services market segment, forecasted to reach US$176.6 billion in end-user spending in 2022. Cloud providers are also driving revenue from emerging technologies in cloud computing such as hyperscale edge computing and secure access service edge. A 2021 Markets and Markets report estimates that the global computing market size could reach US$947 billion by 2026, with the hybrid cloud segment to be the larger contributor to the overall size of the cloud computing market. A Flexera user survey indicates that 8 per cent of all respondents spend more than US$60 million, and more than half spend over US$2.4 million on public cloud each year (with public cloud spend even more significant among larger organisations).

Interestingly, some investors are querying whether cloud company revenue growth will continue on the trajectory predicted by market analysts. Data from Bessemer Venture Partners Cloud 100 index does show revenue multiples for cloud companies dropping significantly as between June 2021 and June 2022 but whether this marks a long-term downward trend or just reflects a return to historical norms after covid remains to be seen.

And zooming out further, it is uncertain whether the current geopolitical climate will affect investor sentiment in new tech and if this will have consequences for the cloud computing model. Given it is cheaper, and allows for scaleability, will this shield the sector from the effects of a prolonged economic downturn? Or does it mean there is no room for further efficiency savings to be made? This could also have a knock-on impact on investment in other new tech (such as blockchain, AI) and potentially increase appetite for business process outsourcing or offshoring or increased regional spread of data processing or hosting activity across a country.

Key markets

Its also worth looking at the key global markets for cloud to see changes in adoption patterns and emerging trends. MIT Technology Reviews Global Cloud Ecosystem Index 2022 assesses four themes (infrastructure, ecosystem adoption, security and assurance and talent) and their role in promoting the availability of cloud services worldwide. It ranks 76 nations and territories on the technology, regulations and talent they use to promote cloud computing services. Singapore leads the Index overall, given its cloud-first strategy (begun in 2018) that has benefited from a central government commitment and an ability to cultivate collaboration and cooperation across a nationwide digital transformation project. After Singapore, the rest of the Indexs top 10 places are taken by European countries that seek to balance the rights of digital consumers (by means of the EU General Data Protection Regulation) and also make determined efforts to tackle monopolistic practices in the tech sector. Singapores digital transformation means it now has an estimated 600 government systems in the cloud, and Microsoft has recently been engaged by its safety and defence departments to develop a sovereign cloud.

What about those countries ranked lower in the Index? African nations form 7 of the 10 lowest ranked countries, predominantly due to the continents sparse broadband and data centre resources. It is estimated that to serve its increasing computing needs, the continent must develop 700 data centres, yet there are currently only 80 in service, and 70 per cent of that capacity sits in a single country (South Africa). We are seeing public commitments of US$2 billion to build more data centres (with African technology firms such as Africa Data Centres committing funds to expand the data centre network). Google Cloud also announced a dedicated US$1 billion five-year investment across Africa to support digital transformation efforts.

It is worth considering whether the distribution of data centres (and the attendant growth of cloud computing) will be affected by the new geographical markets for operators. We are seeing existing operators increasingly encouraged to relocate or move their operations to developing countries to take advantage of lower wage costs and renting costs. At the same time, the EU is concerned to promote data localisation to maintain EU data sovereignty in respect of EU citizens personal data, which is driving partitioning of cloud service provider markets. Amid this, are there opportunities for smaller operators to exploit niche opportunities?

Trends in cloud use

Increased demand for cloud services reflects too a diversification in the use of cloud infrastructure services (particularly in healthcare and the public sector). The impact of the pandemic is still being felt, with cloud used to support permanent patterns of remote working, learning, gaming and streaming, as well as now entrenched patterns of consumer online purchasing. We also anticipate that early adopter interest in the metaverse will continue to drive demand for scaleable cloud services, as will more cloud-native application development. This growing use case will need to be supported by continued investment in cloud resource, and while the lifting of pandemic restrictions in most parts of the world has led to increased market confidence, the sharp economic shock that has followed Russias invasion of Ukraine and the dramatic spike in oil and commodities prices may temper the rampant rate of growth in IT investment in 2022 and 2023.

Recent Cloud Industry Forum research also underlines the integral role that the cloud continues to play in the ongoing transformation of businesses. Almost all respondents (96 per cent) said cloud has saved their organisation money. Despite this, 37per cent said that it is easier to source CAPEX budget than OPEX, suggesting that more needs to be done help businesses move away from older, less flexible CAPEX models. It is also clear that businesses consider cloud very important or critical for digital transformation (given its reliability in supporting technological development in the face of the pandemic and the recent economic downturn) global health. It also appears that hybrid IT is the direction of travel for most organisations. The average proportion of IT infrastructure located in cloud is now 48 per cent, which is actually a decline from 50 per cent in 2020. While only a small reduction, it suggests that barriers to further adoption remain, possibly exacerbated by the pandemic.

Market dominance

Long-term dominance of the cloud market by the top 5 IaaS providers is now being scrutinised by the regulators, given that the market is deep, but not at all broad. June 2022 Gartner figures suggest Amazon retained the No. 1 position in the IaaS market in 2021, followed by Microsoft, Alibaba, Google and Huawei, with the top 5 providers accounting for over 80 per cent of the market in 2021. Amazon continued to lead the worldwide IaaS market with revenue of $35.4 billion in 2021 and 38.9 per cent market share. Alibaba (the third-largest provider) leads the Chinese cloud market, it is also poised to be the leading regional provider in Indonesia, Malaysia, and other emerging cloud markets. Commentators are expressing disquiet about the consolidation of the worlds digital ecosystem in the hands of an incredibly small cohort of companies. Analysts at Canalys estimate that nearly two-thirds of cloud infrastructure spend was captured by the worlds top three hyperscale providers (such that US$6 in every US$10 spent on cloud infrastructure is spent on AWS, Microsoft or Google). Synergy Research Group research estimates that Amazons worldwide cloud infrastructure market amounted to 33 per cent in the fourth quarter of 2021, still exceeding the combined market share of its two largest competitors, Microsoft and Google. Amazon and Microsoft accounted for more than half of cloud infrastructure revenues in the final three months of 2021, with the eight largest providers controlling roughly 80 per cent of the market.

Regulatory authorities worldwide are using policy tools to temper dominance in the cloud market. From the proposal for the EUs new Data Act, which mandates greater interoperability and data portability (and may limit or prohibit fees being charged when consumers switch service provider) to Gaia-X, a European initiative for a common software and governance framework for cloud and edge services, and the EU antitrust investigation into Broadcoms US$69 billion acquisition of VMware, EU regulators are squaring up to cloud providers to limit harms to consumers arising from a heavily concentrated cloud service provider marketplace. The US regulators (working under a more pro-antitrust administration in the White House) are looking at legislation which could limit the market power of the largest tech companies (by restricting established players from providing preferential treatment to their own products and services over their competitors, targeting their ownership of online platforms in combination with other lines of business, generally preventing large cloud computing players (eg, Amazon, Google, etc) from acquiring current and/or future competitor). These reforms appear a step closer, following publication of the US House Judiciary Committees final report on theInvestigation of Competition in Digital Markets. This includes proposals to restore competition in the digital economy (introducing structural separation and prohibition of certain dominant platforms from operating in adjacent lines of business, non-discrimination requirements, interoperability and data portability requirements, prohibitions on abuses of superior bargaining power) and plans to strengthen antitrust laws, as well as ensuring robust enforcement of US antitrust laws. In addition, in April 2022, the Department of Justice initiated an in-depth investigation into Googles $5.4 billion proposed acquisition of security advisory and incident response firm Mandiant Inc. The US could therefore see more Department of Justice involvement and some form of federal legislation impacting Big Tech and the principal cloud services providers in the near future. The UK is also looking at the lack of competition between iOS and Android app stores (which means that app developers must write for both app stores), as well as the impact on the development of cloud-based apps, especially cloud gaming apps.

Increased regulatory scrutiny

We saw last year signs the wind was changing. Developments this year include a June 2022 UK Treasury policy paper, which examines the role that critical third parties play in the financial services infrastructure, and a July 2022 discussion paper DP3/22 seeking feedback. Highlighting the potential for significant disruption (and increased financial stability risks) in circumstances where many firms rely on the same third party, the Financial Conduct Authority is likely to be granted direct oversight over certain key services provided to the finance sector. Service providers may also be required to meet minimum resiliency standards and make increased information disclosure to the regulator. It is widely anticipated that the power to designate businesses as critical third parties will target in large part the major cloud service providers, and the paper itself highlights the risk posed by the sectors dependency on a small number of providers, noting that, as of 2020, Bank of England research indicated that over 65% of UK firms used the same four cloud providers for cloud infrastructure services. How far this will require the largest cloud service providers to open their doors to regulators remains unknown, although the FCA is likely to be granted powers to enter premises (with a warrant).

A mid-2021 UK consultation on supply chain cybersecurity has also led to the launch of a new government strategy. Both the EU and the UK are separately considering revising the Network and Information Systems Regulations, again to tighten up perceived gaps in cybersecurity defences. The UK consultation focuses on supply chain cybersecurity risks, in particular, those posed by the mass adoption of managed services. These service providers have the ability to access the networks of thousands of other companies. A vulnerability in one such service provider then risks exposing the networks of all its customers and potentially jeopardises the running of critical infrastructure a classic weakest link effect. The EUs approach is sector-based, expanding the remit of NIS to cover all medium and large organisations across a number of sectors, as well as addressing cybersecurity of the ICT supply chain, covering business-to-business ICT service management. The EUs proposals need to be viewed in the context of its other sectoral developments, such as the proposed Directive on the resilience of critical entities (CER Directive) and the proposed Regulation on digital operational resilience for the financial sector (DORA). The interplay between the UK and EU reforms looks set to lead to divergent scopes and reporting obligations, as well as the need to designate NIS representatives in both the UK and EU.

The UKs NIS reform proposals should also be seen in the context of the UKs ambitious cybersecurity strategy for 20222030 launched in January 2022. Separately, it has developed proposals on enhancing the security of connected smart devices (the Product Security and Telecommunications Infrastructure Bill currently before Parliament) and a drive to train more cyber professionals. The UK is also taking a look at data centre security, in May 2022 launching a consultation on the UKs data storage and processing infrastructure, such as data centre infrastructure, cloud platform infrastructure and managed service provider infrastructure, (given the strategic importance of data and the UKs reliance on large-scale data storage and processing services to deliver essential services).

But the dependence on cloud (and the need to rely on it to deliver innovation and savings) cuts both ways the UK chancellor in his 2022 Spring Statement confirmed that from April 2023, all cloud computing costs associated with R&D, including storage, will qualify for R&D tax relief.

From a data protection angle, there are also signs of increased regulator interest, with the Danish data protection authority investigating two Danish public authorities over their cloud use and personal data transfers to third countries, and is also to examine private company use of cloud in the coming months. The French authority (the CNIL) has also indicated that investigating cloud computing technologies will be a priority in 2022, alongside the February 2022 launch of the European Data Protection Boards first coordinated enforcement, which will look at the use of cloud-based services by the public sector, and report by the end of 2022. This investigation will survey 80 public bodies across the EEA (and across a range of sectors) to identify challenges with GDPR compliance when using cloud-based services (such as international transfers of personal data).

Broader issues

The dominance of cloud as a technology means cloud providers also have to grapple with larger societal and political challenges, the most pressing of which are environmental sustainability in the cloud context and data sovereignty and related privacy concerns.

Whilst a UK Cloud Industry Forum report found 84 per cent of respondents stating that ESG credentials are important factors in cloud procurement, when ranked alongside other factors, ESG and sustainability rank much lower, cited by just 25 per cent of respondents. Unsurprisingly, cost is the most widely mentioned consideration, then range of services, trust, ability to scale and the speed of response of a chosen cloud managed service provider. A recent blog by Google Clouds director for global sustainability highlights the risks of greenwashing, a practice also under scrutiny from regulators globally, such as the UKs Financial Conduct Authority, the Competition and Markets Authority and the Advertising Standards Authority. The UK governments Department for Business, Energy and Industrial Strategy is advising firms to use cloud to reduce their carbon emissions. We are also seeing more customers set ESG ratings that their suppliers must meet (such as Deutsche Banks new mandatory ESG ratings for suppliers, for high-value contracts). Data centres are also looking at sustainability issues, given that it is estimated they use about 1 per cent of the global electricity demand and contribute to 0.3 per cent of all CO2 emissions. Reducing energy consumption used to cool data centres (or using renewable energy sources) is an objective but a consortium of software developers (Green Software Foundation) is looking at developing greener code to design more energy-efficient software.

Excerpt from:

Cloud Computing: Global Overview - Lexology