As Oscar Wilde famously said, “experience is the name we give mistakes.” So how can bosses ensure the errors of 2017 render something positive? They will need to guarantee that lessons learned trigger the necessary risk management and operational changes. Truly resilient organisations will be able to withstand and thrive in the face of inevitable challenges.
In a time when predicting what’s around the corner is nigh on impossible, what should organisations’ key considerations be? How can a more resilient enterprise be created? Here I examine some learnings from 2017, and how to navigate three inevitable challenges in 2018.
Brexit will continue to cause turbulence, impacting factors such as recruitment, financial market stability and trading. However, while Brexit will not come without it’s challenges, herein lies an opportunity.
This year represents a chance for firms to review and boost recovery capabilities to have the best shot at navigating the risky waters ahead. Full resilience spanning people, processes and technologies, as well as the capability to not only maintain “business as usual”, but thrive, should be the ultimate goal.
Bosses should regularly review and test systems to ensure they have the agility to deliver on emerging market demands and Brexit-related volatility. Whether running production or recovery environments, resilience across all aspects of the business as Brexit unfolds is vital. This identifies vulnerabilities; enabling strategies for optimum resilience to be put in place, to manage risk positively should the worst happen.
2) Cyber security and data protection
With ransomware attacks growing at a yearly rate of 350 per cent, and more apps moving to the cloud than ever, it’s imperative that security and recovery moves further up the agenda. However, our research reveals that a seemingly inadequate ten per cent of IT budget is currently being spent on security provisions. Cyber threats continue to evolve, and defences will need to be a central component of any digital and business strategy.
We know that security spending is in the top five list of CIO priorities, but as 2018 develops, what they need to do is weigh up how much risk they are prepared to take versus the spend that will be required. Certainly, businesses will need to be equipped to inevitable challenges from a security defence point of view. But if the worst happens, what next?
To minimise damage to finances, stakeholder and staff relationships, and global reputation, businesses will also need to be fully prepared from a recovery and crisis communications point of view to temper the aftermath.
We often see businesses scale up recovery requirements at time of testing. This suggests either that plans were inadequate, the environment changed or what a successful recovery looked like was not what the board expected. Bosses should be specific about what outcome they are trying to achieve. Is it tick-over mode whilst the business pulls itself together or is it resilience, so you carry on strong following an attack.
As the May deadline approaches, GDPR will also be a driver for improvement to data security. It will require businesses to hire data protection officers, and have a solid crisis management team in place. Laying the groundwork now by mapping your company data, and ensuring full visibility of what information is stored where at all times, is vital.
3) The skills crisis
The skills shortage is growing in IT for many reasons; Brexit, the departure of older generations from IT workforce, and rapidly changing technologies have all played their part. We expect that cyber security skills will continue to be highly sought after. Security tools are crucial, but it is staff who constitute a weak security link for organisations.
Meanwhile, as companies scale out on SaaS, PaaS and IaaS, core infrastructure management roles will diminish. Businesses will need to focus on addressing the lack of staff by giving up-to-date training on managing, monitoring, updating and maintaining the security aspect of modern IT infrastructure.
As their adoption becomes more commonplace, new technologies such as AI, machine learning and coding will mean skills in those areas are increasingly in demand; training in such areas needs to rise up the education agenda for young people. We expect the skills to benefit students’ career prospects will be problem solving, innovation and strategy development, D&T and financial management.
While training up the younger generations is important, businesses will also need to ensure the right skills and knowledge are at boardroom level.
Overcoming inevitable challenges in 2018
With natural disasters, terrorist attacks, the fallouts of Brexit and GDPR no longer possibilities but inevitable challenges, businesses must be equipped for an ever-growing range of threats. Making the necessary preparations and investments to manage the risk scenarios in 2018 that could hinder strategic business and IT programmes will put companies leaps and bounds ahead of the competition.
Chris Ducker is senior director of global proposition strategy at Sungard Availability Services