In a timespan of ten years, the IT-landscape has changed beyond recognition. Infrastructures that used to cost millions of dollars and took months of implementation are now available within minutes in Amazon Web Services with per-usage pricing. It’s obvious that Amazon is leading the pack in the disruptive transformation fueled by the cloud computing paradigm. But the cloud wars are far from over. Google, Microsoft and others are growing their cloud business at least as fast as Amazon.

The emergence of modern cloud computing

Many industry observers date the emergence of modern cloud computing to around 2003, when Amazon started the foundational work for what would become Amazon Web Services (AWS). Thanks to the S3 storage platform IT-departments didn’t need to worry about maintaining safe, secure and always-available data storage. In 2006, Amazon introduced Elastic Compute Cloud (Amazon EC2): a web service that provides secure, resizable compute capacity in the cloud.

Cloud computing was the logical sequel to the hardware virtualization that had previously revolutionized VMware’s data center operations. Amazon took that concept one step further:  rather than virtualizing servers in on-premise company data centers, EC3 offers one big virtualized compute platform in the cloud.

The early successes and phenomenal growth of AWS did not go unnoticed. In contrast to Amazon, which started out as an online retailer, Microsoft and Google were pure-play IT companies who were now attacked in their own back garden. They responded with cloud offerings of their own. In 2010, Microsoft introduced the Azure cloud platform, and Google launched its Cloud Storage, after having introduced its Google App Engine earlier.

The difference between PaaS, IaaS and SaaS

These days, public cloud services are usually categorized in three separate segments: IaaS, PaaS and SaaS. The Infrastructure-as-a-Service (Iaas) segment refers to the original AWS pay-as-you-go access to storage, networking and computing resources. Alongside this market, a new market for cloud-based platforms to build, test and deliver applications developed: Platform-as-a-Service (PaaS).

Microsoft Azure and Google App Engine are typical examples of this segment. Software-as-a-Service (SaaS) companies offer application software online on a subscription basis. Leading SaaS companies are Salesforce, Workday, Google, Microsoft, but also Dropbox, Mailchimp and Slack.

But when it comes to the cloud infrastructure market, Microsoft and Google still have a lot of catching up to do. In the span of a decade, Amazon has transformed itself from an online bookseller to one of the largest enterprise tech companies in the world.

Amazon dominates global infrastructure market

According to research firm Canalys, Amazon currently holds 31% of the total cloud infrastructure market share, higher than the combined share of its two closest competitors – Microsoft Azure (18%) and Google Cloud (8%). Although Amazon continues its domination, Google and Microsoft are accelerating their year-over-year growth rates.

Amazon AWS CEO Andy Jassy offered a realistic view on the global cloud market in a recent interview. According to him, there won’t be just one successful player, but several.

Google Cloud CEO Diane Green told tech-blog TechCrunch this summer: “We’re playing the long game. This thing is early. Some people estimate that only 10 percent of workloads are in the big public clouds. And if it’s not in a public cloud, it is going to be in a public cloud.”

Pursuing multi-cloud strategies

For CIOs pursuing a so-called multi-cloud strategy, the increased competition and cloud service portfolios of companies such as AWS, Microsoft, Google, IBM, Oracle and Alibaba spell good news. The cloud by itself does not offer automatic guarantees against vendor lock-in. But developments such as micro-service architectures and the growing popularity of containers hold the promise of making applications more portable across the cloud platforms of the main vendors.

The rapid industry adoption of the open source container management platform Kubernetes signals the need for multi-cloud strategies.

Security challenges and shared responsibility

Many cybersecurity providers are still catching their breath trying to follow their customers’ infrastructure migration to public clouds. Most of them have offerings specific to the AWS, Azure or Google platforms. But the new mantra is: not in the cloud but across the cloud.

Customers will increasingly demand the flexibility to move workloads across cloud vendors, while at the same time consistently securing those workloads in AWS, Azure or Google Cloud, preferably with a single-pane-of-glass visibility into all security events.

The new challenge for cyber security companies

In Europe, the EU General Data Protection Regulation (GDPR) was enforced on 25 May 2018 and is the most important change in data privacy regulation in 20 years. The legislation raises serious questions concerning the shared responsibility by the owner of the data and the cloud infrastructure provider.

The large providers of public cloud services offer a great number of guarantees, audits, and certifications to emphasize the quality of their technical and organizational security measures. But this does not dismiss companies from their own responsibility to protect the personal data of EU citizens, and when necessary deliver proofs of compliance.

The same holds true for security software and services that security teams use to manage adequate responses to data breaches. Forensic analyses and logs require a high level of visibility into container instances spread across public or hybrid cloud infrastructures. This is the new frontier for cybersecurity companies.