Digitally Speaking
man working with servers, IT gear

Dean Mitchell
January 18, 2018

In the previous blog post on Capacity Management, we explored why IT projects fail and what you can do to prevent it.  What is even more important is to understand why, when it comes to securing your business, product alone isn’t the answer.

 Ransomware, data breaches, insider threats, phishing scams… we’ve all seen the headlines. And, although these words, once reserved for IT departments, are becoming a part of everyday vocabulary, that doesn’t make them any less concerning. They have the power to derail your entire business- everything that you’ve built- within seconds.

Nowadays, cybercrime is big business, and you can guarantee that for every security solution churned out by vendors, someone, somewhere is creating a brand new malicious code to target other vulnerabilities you didn’t even know existed within your organisation. Add to that modern working habits, with more and more businesses needing to adopt cloud and IoT for day-to-day operations, to keep up with their competitors, but subsequently increasing the potential attack surface, and you soon see that organisations are under siege from all angles.

To state the obvious; cybersecurity is no longer optional.

And this is something that all CIOs are more than aware of. In fact, in our 2017 global CIO Survey, security was cited as the number one concern when it came to an increase in the use of cloud services, with 70% of respondents citing it as a challenge.

So the problem is common knowledge, but what’s the solution?

Well, if your automatic answer is ‘by investing in security products’, then you’re not alone. Many business leaders define ‘security strategy’ as lots of different solutions coming together to work as one protective shield. Each solution is built to defend against a single threat vector, so various email, cloud and web products all become separate pieces of a much larger security puzzle.

Given the sheer volume of security products readily available, it’s no surprise that this puzzle doesn’t come cheap and that certain pieces aren’t as effective as others. But, surely the more products you deploy- effective or otherwise- the more significant your overall security capabilities and the better the protection for your organisation. After all, it’s better to be safe, and slightly out of pocket, than sorry… right?

 It’s an easy trap to fall into.

In reality, a growing number of point solutions patched together is no longer an effective strategy. Instead, this method compounds complexity and creates the very vulnerabilities that it is meant to be mitigating against.

This is because security devices raise an alert for each threat that they detect- that’s how they work. And when you have multiple tools in place, each detecting multiple threats, the chances are that alerts will be going off almost constantly. This is fine; it shows that the solutions are working.

But, it’s unlikely that a single organisation will have the manpower needed to deal with each alert simultaneously. Instead, overwhelmed and underresourced IT teams will probably try to prioritise and as a result many of the alerts, and therefore threats, are ignored, making your organisation vulnerable.

So, when it comes to protecting your business, spending thousands and thousands of pounds worth of your budget on product alone is futile. It’s clear that the ‘best of breed approach’ has had its day, with an increasing number of organisations coming to the realisation that it’s not about how many solutions you have in place, it’s about how you’re using them.

 A problem shared is a problem halved

To simplify things, you can strip your security strategy back to three key areas that all need to be done well; threat insight, vulnerability management and managed endpoint security.

Then, you need to make sure that the solutions you have within these areas are being used correctly. The easiest way to do this, and to make the most out of your resources, is to undertake a collaborative approach.

Take the heat off your own IT team and share the security burden with a partner who can help you to plug the gaps with managed solutions like:

–       Managed SIEM/SIRM- A Security Incident Event Management service working in conjunction with a Security Incident Response Management service will provide optimal threat insights. It will solve the biggest and longest headache for your internal IT team- the one that began when you started installing security solutions… External engineering teams will analyse and, effectively, filter the never-ending stream of alerts so that, before they even reach your team, they are prioritised in terms of risk to your business and have clear actions on how to stop them in their tracks.

–       Patch management- By combining patch management services with existing vulnerability scanning in a single service you can achieve optimal vulnerability management. Believe it or not, this service will fill any gaps in your security wall automatically. This is because networks will be regularly scanned for vulnerabilities with any intel gathered then being rolled into a patching program. Obviously, this will significantly reduce the time between when a vulnerability is identified and when it is patched.

 –       Security device management- This incorporates all endpoint security, including antivirus solutions, firewalls and device control, as a single managed service. Delivered via software on laptops, desktops and servers, the service can also detect rogue devices attaching to the network and provide web filtering.

The bottom line is that cybersecurity is not about product. It’s about people, processes and technology working coherently to manage risk and protect your organisation. Often, working collaboratively with providers who can manage your security can be the better option. They will have the resourcing and the skillset to help you deal with any potential threats, while offering more peace of mind.

Today, a third of CIOs see security as the most prominent barrier towards digital transformation. Outsourcing can change that by granting your internal IT teams the gift of time… time that can be used to pursue other areas of your business’ IT strategy.

Talk to us to find out how we can help you.

 

Originally posted on CBR, 21 November 2017

 

Category: Security

Dean Mitchell
December 5, 2017

Whether part of a large, international enterprise, a medium-sized organisation or a small startup, in this day and age, undertaking new IT projects is essential.

Businesses need to adopt new technologies in order to get all the benefits associated with new, innovative IT projects. However, it’s more than that… In our fast-moving digitally-competitive world, if you don’t adapt, you get left behind.For all organisations, it really is survival of the fittest, and the fittest are those who embrace new technologies and invest in new innovative IT projects. Think about it- how can you stand up to your competitors if they’re constantly three digital steps ahead?

Undertaking new innovative IT projects has become the key focus of CIOs everywhere. You can spend weeks, even months pushing a project through the planning stages; going over the specific schedule and timings, working out the breakdown and total costings and redefining the objectives. But what happens if it then falls down?

Failure isn’t something that anyone wants to experience. When you’re a CIO who’s spent huge amounts of time and energy working on getting a proposed project through all the usual barriers to implementation, failure can be even more difficult to accept. And, obviously taking the size of your organisation into consideration, the larger the project, the larger, and more expensive the problem, if it does fail.

A recent global study from Fujitsu found that on average organisations lose £483,690 for every cancelled digital project. That’s a lot of money for a single project, especially for an outcome that could have potentially been avoided.

Why do IT projects fail?

Well, it all comes back to resourcing. When times get tough, CIOs have to throw their efforts into ‘keeping the lights on’, rather than implementing the exciting and innovative new projects that are designed to give their organisations the upper hand against competitors.

Often this will mean that they are working with limited resources from the offset, when it comes to new IT projects and to try and combat this, projects will be run in series, rather than parallel.

However, the fact is that, a lot of the time, various projects rely on the same elements or components. Each project will have a benefit realisation target, which will be recognised upon completion.

If there is a slippage during the implementation of the first project in the series, then the benefit realisation target is not met on time. This then has a knock-on effect; it results in resources being tied up for longer than initially planned which, in turn, affects all the other projects in the series. How can you start a new project when all your assets are tied up somewhere else? Simply put: you can’t, and this is what leads to stalled, and even failed, projects.

But why are resources so far and few between?

Interestingly, a recent independent survey discovered that 22% of CIO’s see a lack of skills as the biggest barrier to achieving their objectives. This came ahead of money, culture, alignment and even technology.

So, even if you have the correct amount of solutions and technologies in place to complete a project, often it’s the human skills needed to implement them that are tied up; stalling projects and leading to their failure.

Why? Well, both the business landscape and our working habits have changed dramatically over the last decade or so. Whereas previous generations might have secured a job in their 20s and stayed with the same company until retirement, now it’s more common to change jobs every 2 or 3 years. And when people leave, they take their specialist in-house knowledge and their skillset with them, creating a lag or gap.

Add to this the fact that technology is constantly changing at an ever-increasing speed and the problem only becomes more exacerbated. In order to keep up, often employees are more focused on, and therefore more skilled in, one sort of technology or in one area.

However, this means that when they leave the company, their absence is strongly felt. The cyber security skills gap is something that everyone has heard of; it’s well documented. But, the truth is that this skills gap is IT industry-wide.

In fact, according to figures released by Indeed in October, since 2014 demand for software developers and machine learning engineers has increased by 485% in the UK, with there now being an average of 2.3 jobs available for every qualified candidate. It’s no wonder that many organisations are feeling the pinch on the skills front!

All in all, resources are tight. There is very little wiggle-room- especially when it comes to human expertise and technical talent.

You need to focus on keeping business operations running as usual before you even start thinking about additional projects. But you need these additional projects in order to avoid falling behind your competitors in the innovation stakes. And with the speed that technology is changing, you ideally need to be undertaking multiple new innovative projects simultaneously.

So what can be done?

Simply put, there just are not enough resources to do everything.

Or are there?…

It’s true, you can’t just pull extra time and technical know-how out of thin air, or magically create an immediately accessible pool of skills where there isn’t one. It’s clear that, this time, the answers aren’t going to be found within your organisation- so why not look somewhere else?

Talk to us to help you with all the extra resources you need to invest in innovation while ‘keeping the lights on.’ It no longer has to be a dreaded choice, with the need to keep the business running as usual, stifling any form of innovation. Instead, by collaborating, you can have it all.

 

Originally posted on Information Age, 14 November 2017

Dean Mitchell
October 24, 2017

Overspending on resources?

We can all agree, it’s nothing new. In fact, it’s an issue faced by business leaders almost every day. In our increasingly digital world, overspending on technical resources, alongside the human resources (or skills) to back them up, is common.

If you view over-provisioning as a necessary evil, you’re not alone. A recent independent study discovered that 90% of CIOs feel the same way, with the majority only using about half of the cloud capacity that they’ve paid for.

But, why pay for resources that you’re not going to use?

Well, it’s no secret that over provisioning on IT resources is better than the alternative. Understandably, you’d rather pay above-the-odds for ‘too many’ functional digital systems, than risk the outages associated with ‘too few’. A 2015 study by Populus discovered that almost a third of all outages on critical systems are still capacity related, proving that over provisioning is not the only problem here.

It can seem as if organisations are stuck between a rock and a hard place: do you spend thousands and thousands of pounds from your (already) tight budget and over provision, or do you make an upfront saving and risk becoming one of the 29% of companies experiencing business disruption, downtime or worse when the demand on your services exceeds the resources you have in place? How do you optimise costs without risking future, potentially devastating, strain on your resources?

Enter IT Capacity Management…

In a nutshell, IT Capacity Management gives you a snapshot view of all your business resources against the demands placed upon them. This enables you to ‘right-size’ your resources and ensure that you can meet current requirements without over provisioning and over spending.

The level of demand placed upon business resources is constantly fluctuating. That’s why Capacity Management models should run alongside your current operations as part of your ongoing business strategy. It’s one way to be proactive when it comes to resourcing.

However, it doesn’t stop there… Capacity Management also enables you to prepare your business for the future. It continually measures the performance and levels of use of your resources in order to make predictions, which will enable you to prepare for any future changes in terms of demand.

What can Capacity Management do for your business?

There are a number of benefits to having IT Capacity Management included in your company strategy. It gives you visibility of your entire IT infrastructure, including all physical, virtual and cloud environments. The importance of this should not be underestimated; it can enable you to:

● Optimise costs. It’s simple- if you have a clear view of all your resources, you can see where they’re not required, which means that you won’t feel the need to purchase them “just in case”. Capacity Management can be seen as a long-term investment- especially given its ability to predict future trends based on current performance.
● Easily adjust IT resources to meet service demands. With the ability to see exactly which of your services are being placed under the highest amount of pressure in terms of demand, you’ll be able to adjust your business plan accordingly to relieve some of that pressure- allowing you to even out the playing field by ensuring that one service area isn’t being drained whilst others are idle. You’ll be able to add, remove or adjust compute, storage, network and other IT resources as and when they are needed.
● Deploy applications on time. You’ll be able to reserve IT resources to be used for new applications when needed, resulting in a faster time to deployment.
● Reduced time and human resources spend. Imagine the hours being spent by your employees to plan and calculate capacity usage and availability. By implementing a real, ongoing plan which can run in the background, you free up more time for your employees to pursue higher value tasks.

Capacity Management solves the age-old problem of optimising costs for today’s CIOs. While this has always been a priority for organisations, our new digital landscape has redefined its meaning and its importance. Working habits and IT business structures have evolved to include mobile working, shadow IT, unimaginable amounts of data and complex technological advancements that need a certain skillset to deploy. Therefore, it is impossible to view everything simultaneously and manage all resources accordingly, unless you deploy the correct tools and have the right strategy in place.

Capacity Management should be a key element of any business strategy. It’s a model built for your business’ resourcing needs, both today and in the future.

If you’d like to find out more about the Capacity Management and Cost Optimisation services that Logicalis provides then, contact us today.

 

Originally posted on Information Age, 18 October 2017.

Latest Tweets