Manager's POV: Why are there outages everywhere in IT?
Obsah
We probably read it all the time in the news – companies, states, agencies – all face IT system or infrastructure outages. Whenever an outage occurs, everyone is surprised – and that surprise grows with the size of the business affected by the problem. Whenever there is a cyber attack, everyone is horrified.
We are surprised and horrified despite the fact that, for example, the Uptime Institute study on data center outages points to a high percentage of outages over the last 3 years – 55%. Although this number is going down anually, there is still more than 50% chance that the data center in which you run your IT will experience an outage. In addition, EuRepoC shows that last year brought hundreds of cyber-attacks on various organizations.
What is behind these numbers? Of course, every business is different, so it will always be a combination of factors. But since I am the CEO of an IT company, I can see what our technicians encounter in company IT. So I would rather focus on the areas that everyone considers to be the foundation, but quite a few companies really have it well laid out. These are:
- Insufficient information
- Misunderstanding the value of data
- Inexpertly selected tools
- The opinion that it won’t happen to us
🤔 Insufficient information
Continuous education of our employees quite often gives us managers unpleasant feelings. It is a cost that is quite often extremely high. But with the growth of the IT industry, the complexity of the entire computing ecosystem also increases, and it is so easy to get lost in technologies.
Did you know, for example, that virtual private servers used by many small businesses and entrepreneurs often do not have security set up by default? And if you’re not an expert, you won’t know. And we immediately open the door to problems due to a lack of information.
And guess what approach pays off the most to hackers when trying to steal data? People – i.e. the social engineering approach. In its study, Positive Technologies found that in 2023, 43% of successful attacks used this very approach – mainly attacks via email, SMS, social networks and communication applications.
Result? Businesses and their employees do not spend enough time building awareness of potential threats and basic cybersecurity principles. Then all investments in security measures are useless, because you are pouring money into a bathtub that is completely unplugged.
🤷 Misunderstanding the value of data
How much do you value the data your company works with and has stored? Do you understand the full extent of their key role in your operations and ability to satisfy customers? If so, that’s absolutely great. But then this question is also relevant – and do the costs you spend on data storage and protection correspond to your view?
Indeed, these costs include much more than just the space where it lies. Because you need to work with data, it is about setting up the entire IT architecture of the environment and infrastructure you run on. Yes, the service provider looks after some, but the rest of the security is up to you.
In addition, not all data is suitable for being in the cloud. And on the other hand, there are a lot of activities that don’t need to be run on-premise on a physical device. So it’s also about distinguishing how important each category of data is and how it should be treated accordingly.
But that takes more time, more analysis, more costs. But think how much it would cost you if you lost your data.
❌ Inexpertly selected tools
Do you know what percentage of companies globally plan to approach their business in a digital-first way? It surprised me, but the IDG study from 2023 shows that 93% of respondents have or plan to take this approach. The vast majority of companies will depend on technology.
So does it make sense that the thing on which the life of your business depends on should be carefully selected? Nevertheless, companies strongly resist IT analysis. Results? No analysis prepared leads to inefficient IT architecture. And you can still be happy if the result is only inefficiency.
IT is no longer just a part of the oeprations, IT is the core of the operations of today’s society and companies. And if companies want to stay in business, they must increasingly involve technology. But these changes did not change the view of how important it is to approach the selection of IT tools more responsibly. Hand to heart – how many of us include activities like these in our financial plans and budgets:
- Regular analysis of needs and reassessment of IT architecture
- Development and updating of the business continuity plan
- Check of backup processes
- Ensuring regular familiarization of all employees with potential cyber threats and what to do
I could go on, but I think this short list is enough to make us reconsider the management approach.
🙈 The opinion that it won't happen to us
Do you expect your house to burn down? No? So why do you have insurance? Do you expect to get into an accident? No? So why do you have insurance? Do you expect someone to rob your business? No? So why do you have insurance? Do you expect your business to become a victim of a cyber attack? No? So you’re in for a big problem.
The numbers we discussed earlier in this article clearly show that the risks of being attacked in cyberspace are high. Yes, the numbers are decreasing anually, but it is still tens and tens of percent of companies that will become victims of cyber attacks this year.
Do you want to deal with the ransom? Do you want to solve the dysfunctional backbone of your company? Do you want to solve wiped out data? Do you want to deal with unplanned investments? As managers, we don’t like any of that. But with the current approach to company IT security, it’s almost certain that something will happen to companies.
💡 What is the solution?
I probably don’t have to answer that – we all see it in black and white. But do we really internally understand and are we, as managers, aligned with the fact that there is a need to act in this regard? This is a battle that we all have to fight alone. But the other steps are much easier to take – if you have the right partner.
