How CIOs can overcome COVID-19 by adopting the next generation of IT solutions
It's really hard to imagine a more challenging scenario for CIOs than the rapidly evolving technological pressures posed by COVID-19. The past few years have been witness to incredible innovations in the development of software aimed at improving IT productivity, yet in many industries adoption has been slow. To survive is not enough, we need to implement software and solutions that produce operational efficiencies with alacrity. Here's how we, as technologists, can lead our organizations forward into a post-COVID-19 world with momentum.
Adapting IT to Workspace Evolution Brings New Challenges
It’s extremely rare to find a company in the world that's not reexamining its IT infrastructure right now. In America, most of the “knowledge worker” labor force has shifted almost overnight to a work-from-home (WFH) model, bringing about unprecedented expansion of intracompany networks and the associated disruption to security protocols and compliance procedures. The longer social distancing endures and our WFH models are maintained, odds are this new paradigm is (at least partially) here to stay. According to Kate Lister of Global Workplace Analytics, the end of 2021 will see around 25 to 30 percent of the US's labor force working remotely multiple days a week (up from 3.6% of the employee workforce working at home half-time or more at the time this forecast was published).
Even the best-positioned to deal with the pandemic – large corporations in finance, tech, and media who have strong digital business models, in-house IT infrastructure expertise, and carefully examined IT security controls – are challenged each day to meet the moment. In the new world, CIOs have hundreds, if not thousands of endpoints, all accessing valuable information (including sensitive data and/or trade secrets) via home routers, which of course have other IoT devices and “visitors” that have become prey for a new wave of opportunistic cybercriminals. It's difficult to appreciate how vulnerable our systems are currently, and it's even harder to ascertain the potential exposure to a breach or repercussions of a data leak outside our traditional networks.
These rapid changes have only exacerbated an already forecasted trend. A recently published report conducted by the Poleman Institute in January stated that endpoint attacks that compromised data assets and IT infrastructure jumped from 54 percent in 2017 to 68 percent in 2019 and that the rate of new or unknown zero-day attacks will increase to a forecasted 42 percent in 2021, up from 23 percent in 2018.
Resources for addressing these substantial security gaps may be lacking in the coming quarters. As suggested by the IDC, IT budgets will decrease in funding worldwide, with cuts to devices (-8.8%), IT services (-2.0%), and IT spending (-2.7%) respective to 2019 as a result of the economic stress produced by the pandemic. On top of that, the pandemic's disruption of IT supply chains, the expansion of the “attack surface”, and the looming threat of illness for our people brings elevated risk in endpoint and network vulnerability, especially if the maintenance and monitoring are left to manual processes.
Meeting the Need with New Software Solutions
Despite the apparent doom all around, the IDC forecasts an increase in software investment. To save our departments from dramatic cuts in labor and resources, CIOs and senior-level IT executives can show our peers how we drive value by introducing software to bridge any projected gap in infrastructure investment. For our IT services and infrastructure, automation solutions will usher in a new level of efficiency to improve operations and empower our existing IT personnel.
One clear opportunity for obtaining efficiency is our ability to automate software deployment and patch management. Most processes that lend themselves to automation are riddled with repetitive tasks and, in this case, modern software streamlines routine IT operations and plays a key role in increasing resilience to security breaches.
The CIS Control 5 is a critical component in almost any cybersecurity framework. Fail to deploy packages for updates to operating systems and software in a timely manner and the risk for exploiting vulnerabilities in our systems and having an incident leading to a breach rises exponentially. The process of creating packages, testing them in pilot groups, and deploying them network-wide is a time-consuming, yet critical, process for maintaining a robust IT security posture and keeping systems in compliance with organizational software standards. Automation here is a clear win: with an automated deployment system, we can keep endpoints updated, roll-out new software with greater efficacy, remediate many existing vulnerabilities, and dramatically increase immunity to a variety of common endpoint attacks.
Bringing Focus to Mission-Critical Tasks
Building a genuinely transformative IT function can only be accomplished when our people have the time and resources to proactively focus on addressing critical business needs and exploring new opportunities. Sound investments in software can translate to reenergizing and getting the most from our IT personnel already in place.
Of course, there are also tremendous benefits from DevOps and development lifecycle optimization, often thought of in the past couple of years as key drivers to achieving operational efficiency. But, there is low hanging fruit for automation in routine network maintenance activities like patching. Cutting down on time our engineers and systems administrators spend performing routine maintenance and “firefighting”, such as patching systems, monitoring databases, and being pulled into all-too-frequent escalations on helpdesk troubleshooting due to failed or faulty software deployments are just a few of the ways in which implementing automation can thrust us out of the weeds and into the future.
If we step back from the fray, we can easily spot other missed opportunities in our organizations to refocus our best talent. One other example where productivity can easily be increased through automation is database administration and architecture. UK-based DSP estimates up to 80 percent of a database administrator's (DBA) day is consumed performing manual day-to-day administrative tasks like provisioning, patching, configuration, and tuning. With automation, most of these laborious tasks are easily handled. Modern database management solutions leverage AI, machine learning, and advanced scripting to store, analyze, and protect our data.
Due to innovations in IT infrastructure tools and automation solutions, key players such as our Senior Systems Engineers and DBAs can now be freed-up to take on tasks that are more strategic, architectural, or otherwise impactful in nature. By identifying and implementing these solutions, we enrich the value of our team members, enable greater contributions, and increase their overall job satisfaction in the process.
Acting Now to Enter a New Golden-Age
Economic historian, Carlota Perez, in her influential book Technological Revolutions and Financial Capital: The Dynamics of Bubbles and Golden Ages (Edward Elgar, 2002), suggests that humanity can get through a period of upheaval and economic malaise and enter a new “golden age” of broad economic growth if the world’s key decision-makers act in concert to help foster one. For IT leaders, now is the time to be decisive and strategic – pull the trigger on investing in automation we have long been considering to drive greater security, resiliency, and increase productivity. The key to our future success – surviving and thriving despite the obvious economic impact of coronavirus is to bring automation and efficiency to every area within our locus of control.
If you want to stay more strategic than operational, I suggest creating a task force focused on automating every repetitive process and spending your time exploring new transformational opportunities, while looking for ways to optimize everything else. A common misconception is that implementing automation will kill IT jobs. If you have the right people on your team, this should not be the case. Automation itself is a powerful practice, a mindset available for your IT department’s arsenal and adopting it rapidly will position your organization ahead of the curve in handling the turbulence to come.
For evidence of just how quickly an industry can change by implementing new software, look no further than education. Just over a month ago, students were sitting in the same classroom arrangements that existed 150 years ago. Within weeks, institutions spreading the gamut from universities to grammar schools across the world rapidly deployed learning-management systems, live-streaming apps, and video-conferencing platforms simultaneously. Now, faculty and administrators have successful experience bringing online education to students, a scale of adoption that would have likely taken over a decade to achieve.
Disruptive events like the novel coronavirus pandemic are, hopefully, just once in a lifetime. As CIOs and IT leaders, it's our job now to not only mitigate the strains we are currently experiencing but to prepare for future eventualities. Let’s grasp this opportunity to transform our teams from reactive groups of engineers, struggling to keep their heads above water, into a proactive unit working to drive innovation by optimizing existing systems and achieving operational efficiencies at an unprecedented scale through automation.
Interested in reducing risk through seamless compliance and deployment automation? Schedule a short intro call with one of our experts we're happy to help!