Ratan Tipirneni, President and CEO, Tigera
Prediction #1: Organizations will increasingly create GenAI applications with Kubernetes, creating the need for more robust Kubernetes security.
To derive the most value from GenAI applications, enterprises will utilize proprietary data to create these models. Using a Retrieval-Augmented Generation (RAG) architecture, organizations can customize models based on company data, so that GenAI applications are personalized to an enterprise and their specific use cases.
Most GenAI applications will contain confidential company data as a result of this approach, leading to security considerations. To address concerns around data security, privacy, and integrity, some organizations will opt to deploy GenAI applications in their data center, an existing hub for sensitive enterprise data. Most organizations, however, want the flexibility to deploy GenAI applications across both cloud environments and on-premises in their data center.
With flexibility at the forefront, Kubernetes is quickly becoming the de facto platform in which GenAI applications are being deployed. Organizations can run Kubernetes for GenAI across various workloads including virtual machines (VMs), containers, or bare metal servers – or a mixture of all three. Against this backdrop, in 2025, there will be a heightened focus on Kubernetes security.
To achieve comprehensive security for GenAI applications being deployed on Kubernetes, organizations should prioritize:
1. Implementing Network Security Access Controls
Network security is a critical aspect of any Kubernetes deployment, ensuring that data transmitted within clusters is protected against unauthorized access, interception, or modification. Microsegmentation in particular is crucial to enhancing network security within Kubernetes environments. This technique divides networks into smaller, isolated segments, allowing for granular control over traffic flow and significantly bolsters security posture.
2. Proactively Managing Vulnerabilities
Organizations must implement continuous monitoring, image scanning and policy enforcement processes to detect vulnerabilities, malware, and unsafe configurations across all Kubernetes clusters. By implementing vulnerability management practices, organizations can proactively identify and address vulnerabilities within container images before they are deployed into production.
3. Protecting Against Known and Unknown Threats
Runtime security is another crucial element to securing Kubernetes, protecting against known and zero-day attacks, whether they are network or container-based. This is crucial for GenAI applications as any breach could pose an existential threat to an organization given how much proprietary and sensitive company data resides within such applications.
4. Preventing & Addressing Misconfigurations
In the context of GenAI, misconfigurations can leave an organization’s private information dangerously exposed, hence the need for careful management and monitoring. This process involves continuously monitoring images, workloads, and Kubernetes infrastructure configuration against common configuration security standards and referencing CIS benchmarks when configuring Kubernetes.
5. Maintaining Observability
Organizations must maintain a real-time view of traffic flows within and outside Kubernetes clusters to understand workload communications and connections, service dependencies, and policy enforcement. This will enable organizations to proactively identify and resolve security gaps and policy violations.
2025 will be the year that many organizations officially deploy GenAI applications across their infrastructure. With Kubernetes set to serve as the core platform for deploying and running these applications, there is a critical need for organizations to step up their security in this domain.
Prediction #2: Open Source LLM vs. Subscription-Based: Who Will Win in 2025?
Meta changed the rules of the Large Language Model (LLM) game by open sourcing their model, Llama. Now, Meta is on track to have the most widely deployed chatbot in the world by the end of the calendar year 2024, despite OpenAI’s initial leadership with ChatGPT.
As the GenAI race heats up and more native artificial intelligence Independent Software Vendors (ISVs) emerge, open source models will continue experiencing exponential growth. ISVs will adopt an open source model like Llama instead of building on top of a model with a licensing fee involved. Ecosystems will form around open source LLMs, and they will gain critical mass.
Prediction #3: Big Tech Bets on GenAI – Will the Risk be Worth the Reward?
Recent earnings reports from major players like Meta, Google, Amazon, and Microsoft revealed a spike in quarterly capital expenses–capital being invested in land, data centers, networking, and GPU. The payback from the capital is not clear, but the reports indicate that the payback time could take up to 15 years.
This is a staggering amount of capital and an extraordinarily risky bet. What’s more, this investment is not coming from the venture capital community; it’s a Balance Sheet item for these companies, and the cash is coming from their reserves.
Why is Big Tech making such risky investments? Simple: because they cannot afford not to.
If they don’t make the investment, they will be shut out of the race. We are witnessing a market transition: If you look at the last 30 to 40 years in the tech industry, we have never seen capital investments at this scale. GenAI is going to become the next platform and to play in that, companies must make these kinds of capital investments or risk becoming irrelevant.