In the wake of the COVID-19 pandemic, resiliency has become a business priority. But traditional approaches struggle to integrate business resiliency with the digital environment in which companies increasingly operate. A new report from International Data Corporation (IDC) presents a digital resiliency framework that shows CEOs, CIOs and other business leaders how technology can support the entire organisation through the different stages of any business crisis. The Digital Resiliency Framework was introduced at the 56th annual IDC Directions conference, which this year focuses on delivering digital resiliency in a changed world.
“Perhaps the most worrying takeaway from the recent pandemic concerns our lack of preparedness as nations, industries and companies to deal with similar systemic crises, which are inevitable in our increasingly digital and interconnected world,” said Sandra Ng, Group Vice President for Research at IDC. “Old approaches have proved to be wanting. Nonetheless, organisations must not only respond fast to threats, but also learn to opportunistically rise above them. Our new digital world calls out for a new technology-enabled approach to deal with future crises — digital resiliency.”
IDC believes that digital resiliency – the ability for an organisation to rapidly adapt to business disruptions by leveraging digital capabilities to not only restore business operations, but also capitalise on the changed conditions – must be a key objective in every organisation’s Digital Transformation (DX) efforts. Digital resiliency is also a central tenet of the future enterprise, IDC’s vision for the end state of DX.
IDC’s Digital Resiliency Framework includes three phases describing the timeline of enterprise responses to a crisis across a set of six organisational dimensions that are all enabled with a shared technology/digital architecture. Resiliency must be achieved within each of these organisational dimensions, which are interdependent; a weakness in the digital resiliency of one dimension will likely impact other dimensions. Digital resiliency across all these organisational dimensions must be underpinned by an open, integrated and holistic technology architecture. IDC calls this the DX platform and defines it as a combination of an intelligent core of data analytics, automation and decision support, a wide-variety of intelligent applications and intelligent services, such as governance, DevOps and orchestration.
For each dimension, IDC has highlighted the enterprise use cases (funded projects) that improve digital resiliency. These use cases can then be mapped to the digital technologies, data and analytics that support them as well as the business priorities and plans that promote them. This framework enables CXOs to map the business priorities in one or more organisational dimensions to specific use cases that would achieve those goals. Armed with a prioritised use case agenda, CIOs can then propose the relevant investments in the underlying technologies and tools that support those use cases and promote digital resiliency overall.
Recognising the challenges organisations are looking to solve and demonstrating how technology solutions can help overcome these obstacles will be critical to becoming a trusted digital resiliency partner.
We heard from a number of industry experts to glean their thoughts on the ways business leaders can apply the lessons learned from the COVID-19 pandemic to ensure they are prepared for the next crisis.
Alex McMullan, VP and CTO International, Pure Storage: “Even before COVID-19, the world was going through a period of great change. For many years, businesses have been under intense pressure to digitally transform or lose out to the competition,” said McMullan. “Digital Transformation instantly became an immediate imperative in order to survive.”
McMullan explores how this rapid acceleration of Digital Transformation impacts the IT department and how businesses can manage the risks.
“While the immediacy caused by the pandemic proved to business leaders that Digital Transformation projects could happen far faster than previously thought, many IT departments were under such pressure to spin up technologies to support the business that they often didn’t have the necessary time to complete their usual due diligence,” said McMullan.
“This involves the management of tech debt — the off-balance-sheet accumulation of all the technology work a company needs to do in the future. If this is continually deferred then it can prevent companies from being competitive as they focus their attention on managing the challenges hidden in the architecture.
“However, CIOs still have to grapple with old infrastructure which isn’t designed for the modern digital age in that they can’t support critical data services or business models needed today. This legacy also makes it much more difficult to consolidate, migrate, scale or provide access to data, causing IT teams to have to go through disruptive enterprise storage refreshes.
“These challenges are amplified under the additional pressure and uncertainty caused by the pandemic, meaning IT departments cut corners on various aspects, which in turn increases tech debt later in the innovation cycle.
“Businesses need to build a strategy that prioritises Digital Transformation and manages tech debt more sustainably. There are five ways to do this:
- Align on IT and business strategy: Clarify the overall business strategy and define the capabilities needed at an enterprise level.
- Prioritise automation and elevate human innovation: Automate as much as possible to free up resources to focus on creating a culture of innovation and enabling long-term thinking.
- Choose flexible consumption models: Choose flexible consumption models whereby you only pay for what you use.
- Secure the right talent and allocate it accordingly: Ensure you have access to the right internal and external skills.
- Nurture and maintain employees as the world changes: Make sure employees are being supported and educated.
While the pandemic has taught organisations that fast change is possible, it’s now even more critical to balance the focus of that change on business agility. A strategy of total reliance on the latest software to mitigate tech debt should also be avoided.
Technology alone can’t solve these issues, a company’s culture and processes must evolve with or ahead of the times. Businesses now face the challenge of getting the right balance between moving fast, but doing it in a way that avoids tech debt.
Don Schuerman, CTO, Pegasystems: “A year after the first lockdowns across Europe, business leaders are reflecting on the impact of COVID-19 on their organisations. Research by Pegasystems found 31% of global senior managers and frontline IT staff said they were either totally unprepared or ‘not very’ prepared for the effects of COVID-19. To be ready for future shocks, business leaders need to apply the two biggest lessons from the pandemic: speeding up Digital Transformation and having the right technology in place. Promisingly, 84% identified preparedness for future pandemics or similar disruptions as their main focus, showing organisations are willing to take action even in the toughest of times.
“The first lesson is that leaders need to speed up Digital Transformation. Coronavirus caused hundreds of thousands of businesses to shift to remote working overnight, and those that were still relying on decades-old legacy technology struggled most. More than one in three (37%) business decision-makers admitted to damaging customer trust had negatively impacted their brand during the crisis as a result of communication failures, and 36% said they lost customers.
“Another study by Pegasystems found that IT decision-makers are already applying this lesson by doubling down on Digital Transformation, but are facing a variety of roadblocks. It revealed 94% of employees in Europe and North America want to be more involved in IT transitioning, but that 44% do not know how to help. Even 14% of CEOs reported that they weren’t clear on how to get involved. This not only disenfranchises workers but also slows the pace of success. Business leaders, therefore, need to address obstacles holistically, dedicating adequate budget and improving internal communications to keep everyone in the loop. They can also expand the group involved with digital transformation by training employees on no code/low code software to become ‘citizen developers’ – employees that aren’t professional coders but have the data science skills to help rollout new IT systems.
“The second lesson is that organisations need to have the right technology in place to be able to rapidly adapt to change. Business leaders seeking a real competitive advantage must modernise, adopting the latest digital technology and taking an active, deliberate approach when doing so. They need an agile software framework underpinning their whole organisation that they can build on and which allows them to adapt to advances in technology on an ongoing basis. One example is a software architecture that works from the ‘centre-out’, whereby the technology foundation puts customers, rather than channels, data or systems, in the middle. This means organisations can best capitalise on intelligent automation, one of the technologies that will see the most substantial growth in use in the coming months. Intelligent automation, a combination of AI and case management, can increase process efficiency, improve customer experience, optimise back-office operations and more, all while minimising human contact.
“By accelerating Digital Transformation and having agile technology in place, organisations will be far better prepared for future storms, whether it be a virus, recession or another major event. Research has shown business leaders are motivated to apply the lessons they have learnt. Now, they just need to make it a reality.”
John Vestberg, CEO and Co-founder of Clavister: “The COVID-19 crisis has proved that nothing can stop a cybercriminal in their tracks – not even a pandemic. Businesses of all sizes have suffered cyberattacks over the past 12 months and even large enterprises like energy company Npower, and huge global organisations like Facebook have been victims of hackers exposing users’ data in 2021.
“Cybercriminals have also been actively exploiting people’s concerns around COVID-19. For example, there have been a wealth of phishing scams where attackers have posed as the World Health Organisation (WHO), pretending to give advice or circulating fake medical updates in order to get victims to click on bogus link. This has all been made worse by people working from home, often on corporate devices, while away from corporate networks and colleagues who they can quickly ask if an email link seems a bit suspect.
“What business leaders can learn from this is people living through uncertainty have a disproportionate amount of questions and concerns which attackers will only play on. As such, businesses leaders should engage with their employees, helping to manage their concerns. In a crisis, a safety-first mindset should be projected across the whole company – driven by C-level executives and filtering down to everyone – which can make an employee stop for that split second before they click on a phishing link.
“When it comes to remote working, the personal and professional became more intertwined than ever before – one danger of this is people are likely to be using passwords across personal and business applications as there isn’t an obvious mental barrier, like going into and leaving an office is. Worryingly, despite the fact the UK has been working remotely for over a year, one in five home workers have received no training on cybersecurity which is leading to increasing numbers of data breaches for UK companies, risking not just reputation but also causing serious financial consequences. Education around security for all employees is key.
“As well as cybersecurity training for employees, in order to be fully prepared for the next crisis, business leaders need to adopt genuinely robust, but flexible, security measures such as SASE – Secure Access Service Edge. In the new era of hybrid working, security needs to span on-premises and the cloud, protecting every corner of the decentralised network while providing the flexibility for employees to work as freely and securely as they can under the protection of the traditional, centralised corporate network.
“SASE effectively brings together all the most important security elements, such as SD-WAN, SWG, CASB, ZTNA and FWaaS, into one solution so that businesses possess the capability to truly secure data and networks from leaks and attacks as networks expand. With functions hosted in the cloud rather than at the network edge, it can scale as needed with all the necessary rules set centrally to ensure businesses remain in control. This is critical, because if the past 12 months have taught businesses leaders anything, it’s that cybersecurity must be flexible to allow for a suddenly remote workforce, without restricting employees from doing their jobs.”
Rob Walker, UK&I MD, Cognizant: “Leading a team during unprecedented circumstances is, by definition, a challenge for managers and one that has taught us all a lot on both personal and professional levels. I’ve had the unique experience of joining a global company right at the very peak of the pandemic, which means that I have still not met any of the thousands of UK&I employees, my direct reports or the executive team in person.
“I’ve therefore had to adapt my leadership skills from my very first day to be able to provide my team with the support they need by solely relying on video calls and internal systems to communicate. For many of us, this was a new, daily way of working we had to get used to but it has in fact had its advantages. Through remote or digital ways of working, senior leaders in general have become far more accessible than ever. This is no bad thing, particularly internally as we had little choice but to share more of our homes, our lives and ourselves than we ever have before. This has brought many people closer together.
“Under these circumstances, it has also been essential to acknowledge the difficulties we’re all operating within – and some more than others – and explain how the company is addressing these concerns. As a collective, we are all in this together but each individual will have their own unique set of circumstances and for them, the challenges both in and outside of work may be more pronounced.
“These considerations are important and it is arguably something we already should have been doing better, by demonstrating greater awareness of others. Tailoring communication to different personas and circumstances, taking the time to thank individuals for their contributions and personalising messages rather than cascading corporate communications, has also been key, and will remain so.
“As we consider the longer-term impacts of the pandemic, I am optimistic about what comes next. Last year, we were all operating under the twin uncertainties of Brexit and COVID-19 and a great degree of caution was understandably being taken by business leaders. However, with increasing clarity now comes growing confidence. From a technology standpoint, the acceleration in adoption has solidified its central role in how we all live and work but we also need a confident economic landscape if businesses and society are all to thrive.
“Another inevitable lesson has been crisis planning. Most companies already do this to some extent but it is unlikely that anyone had properly prepared for the likelihood of, for example, having to source tens of thousands of computers for a workforce who, overnight, had to switch to working remotely. The better prepared a company is, the more resilient it will be. While we certainly hope not to experience another pandemic, there is little doubt that businesses will now work harder than ever to ensure suitable protocols and models are in place to fall back on, should future unexpected events occur that have an unprecedented impact on a business and society overall.”