Why is disaster recovery not central to the security solution?

Businesses take all kinds of risks

Take new product or service launches, for example – success here is always uncertain. Most estimates suggest that the chance of any new product launch being successful is extremely low. Spending money in fresh business areas is a calculated risk that the business hopes will pay dividends in the longer term.

Risk, in short, is a balance. Whether it’s about investing in new areas of choosing to cut spend in others, businesses must assess their balance of priorities given the potential for success or failure – and that’s an issue for technology, security and disaster recovery.

Technology has traditionally been viewed as a cost centre rather than a value generator. If companies have budget to invest, they’ve been more likely to direct money to marketing and sales – areas with an immediate impact on the bottom line – than technology, which is often viewed as the underlying plumbing that keeps the business running.

Gartner suggests IT spend at medium-sized enterprises usually represents 3.5% of total business revenue. Even with the rise of digital transformation and the risk of being disrupted by tech-savvy entrants to the market, most CIOs have been under pressure to keep IT costs in check.

The same principle holds true for security and disaster recovery. Gartner reports that the average proportion of the IT budget spent on security hovers around 5 percent. For many companies, security spend is seen as a black hole; no matter how much you spend, new risks will emerge. Rather than being proactive, they’d rather react when something goes wrong.

That’s a serious misstep. If someone does get inside your systems, the potential for damage – in terms of financial and reputational costs – is huge. Add in the cost of recovery and the figures begin to spiral upwards. To prevent this escalation, business leaders must take security much more seriously.

If you want your business to turn risk into a business advantage, then spending money on technology and security shouldn’t be seen as a nice-to-have. CIOs must work with their C-suite peers to show how an investment now can help the business overcome some of the barriers that are likely to create challenges in the future.

For a start, too many businesses remain over-reliant on legacy technology that is costly to maintain, hard to integrate and carries a high risk of failure. Instead of dealing with this technical debt, companies choose to spend money keeping older systems running, even if they’re sometimes well past their use-by date.

Pioneering companies take a different approach. Let’s return to that 3.5% tech-spending figure: Gartner says progressive CIOs rethink how IT investments influence the other 96.5% of business spending. CIOs that approach conversations about cost optimisation from a strategic investment perspective are better equipped to balance business priorities and risks.

The message is simple: don’t take a risk on older IT. Yes, an investment in technology isn’t going to be cheap, but a failure to spend cash on fresh systems and services will mean your employees are unable to work productively, your data could be at risk of compromise, and your business could be outmanoeuvred by fleet-of-foot, digital-savvy rivals.

So, if you’re going to move away from legacy systems and towards strategic investments in technology, what does this proactive approach look like? Your ground-floor foundation must be the cloud. You can’t react quickly to fast-changing business circumstances if your organisation is hamstrung by a reliance on older systems and unconnected data silos.

Shifting to on-demand IT – either by re-platforming older technology or taking a cloud-first approach to new services – means your business will be able to scale its technology resources up and down as business demands dictate. While investing in the cloud costs money, the long-term benefits – such as being more agile and flexible – are a clear win for the business.

On top of this cloud foundation, your business should implement a range of strategies that help to reduce risk. Focus on an integrated next-gen data management strategy that allows your organisation to clean up systems and create a single view of the customer across cloud-based services. That single view makes it easier to ensure you’re making smart decisions quickly.

Your business should also embrace frameworks and approaches, such as Agile development and DevOps. When the business identifies fresh opportunities in new markets, your business can use these approaches to run small proof-of-concept studies. If the innovation works, you can use the cloud to scale your idea up effectively.

Then as a final layer on top of your cloud-based and agile approach to new technology investments, the connected areas of security and disaster recovery must be upmost in any business conversations. With a well-funded security strategy, your business will be able to fight off the hackers that puts its information at risk.

Even when resources are dedicated to security, other closely related areas seem to figure further down the priority list. Take disaster recovery (DR), for example – researcher IDC says nearly half (43%) of IT and business managers report having experienced unrecoverable data issues in the past 12 months.

IDC says backup/recovery system failed at a critical time for nearly 45% of senior managers. If you’re going to manage the risk that your business faces effectively, then DR must be seen as being central to the security solution. IT and business managers must create an effective, cloud-based DR solution at the heart of their security approach.

Your business will always face new risks. However, this three-layered approach – cloud-enabled services, Agile development methodologies, and effective security and disaster recovery – will allow your organisation to approach the future with confidence. If your technology is in shape, you can view risk as an opportunity rather than as a negative force.

About the Author

Mark Adams is regional sales director, Northern Europe at Cohesity. He has spent thirty years in ‘game-changing’ and emerging technologies, from Big Data, Cloud and ‘As-A-Service’ delivery to machine learning and Blockchain.

Featured image: ©Skorzewiak