The writing is on the wall: Three inevitable challenges for businesses in 2018
Plagued by cyber-attacks and skills shortages whilst dealing with the fallouts of political turmoil, many businesses underestimated threats in 2017 from a resilience perspective - as well as over estimating their own recovery capability.
As Oscar Wilde famously said, ‘experience is simply the name we give our mistakes.’ So how can business ensure that the errors of 2017, this invaluable ‘experience’ gained, render something positive? Heading into 2018, they will need to guarantee that all lessons learned trigger the necessary risk management and operational changes in the new year. Truly resilient organisations will be those able to withstand and thrive in these adverse conditions.
In a time when predicting what’s around the corner is nigh on impossible, what should organisations’ key considerations be? How can they create a more resilient enterprise? Here I examine some key learnings from2017, and how to navigate three big hurdles in 2018:
Brexit will continue to cause turbulence in 2018, impacting factors such as recruitment, financial market stability and trading. However, while Brexit will not come without it’s challenges, herein lies an opportunity.
2018 represents a chance for firms to review and boost their recovery capabilities to have the best shot at navigating the risky waters ahead. Full resilience across their people, processes and technologies, and the capability to not only maintain ‘business as usual’ in the face of turbulence, but thrive, should be ultimate key goal.
Business should regularly review and test systems to ensure they have the agility to deliver on emerging market demands and Brexit-related volatility. Whether running production or recovery environments, resilience across all aspects of the business as Brexit unfolds is vital. This identifies vulnerabilities; enables strategies for optimum resilience to be put in place and manage risk positively should the worst happen.
2. Cybersecurity and data protection
With ransomware attacks growing at a yearly rate of 350 per cent, and more apps moving to the cloud than ever, it’s imperative that security and recovery moves further up the agenda in 2018. However, our research reveals that a seemingly inadequate 10% of IT budget is currently being spent on security provisions. Cyber threats continue to evolve, and defenses will need to be a central component of any digital and business strategy.
We know that security spending is in the Top-5 of CIOs priorities,  but as 2018 develops, what they need to do is weigh up how much risk they are prepared to take versus the spend that will be required. Certainly, businesses will need to be equipped to tackle threats from a security defense point of view. But if the worst happens, what next? To minimise damage to finances, stakeholder and staff relationships, and global reputation, businesses will also need to be fully prepared from a recovery and crisis communications point of view to temper the aftermath.
We often see businesses scale up their recovery requirements at time of testing. This suggests either that plans were inadequate, their environment has changed or what a successful recovery looked like was not what the board expected. Businesses should be specific about what outcome they are trying to achieve. Is it tick-over mode whilst the business pulls itself together or is it resilience, so you carry onstrong following an attack.
As the May deadline fast approaches, GDPR will also be a driver for improvement to data security. It will require businesses to hire data protection officers, and have a solid crisis management team in place to take care of customer relationship management. Laying the groundwork now by mapping your company data, and ensuring full visibility of what information is stored where at all times, is vital.
3. The Skills Crisis
The skill shortage is growing in IT for many reasons; Brexit, the departure of older generations from IT workforce, and rapidly changing technologies have all played their part in widening the skills gap.
Heading into 2018, we expect that cybersecurity skills will continue to be highly sought after. Security tools are crucial, but more often than not it is staff themselves who constitute a weak security link for organisations. Meanwhile, as companies scale out on SaaS, PaaS and IaaS, core infrastructure management roles will diminish in numbers. Businesses will need to focus on addressing the lack of staff given up-to-date training onto managing, monitoring, updating and maintaining the security aspect of modern IT infrastructure.
As their adoption becomes more commonplace, new technologies such as AI, machine learning skills and coding will mean skills in those areas are increasingly in demand; training in such areas needs to rise up the education agenda for young people. We expect that more generally the most valuable skills to benefit students’ career prospects will be problem solving, innovation & strategy development, D&T and financial management.
While training up the younger generations is important, businesses will also need to ensure they have the right skills and knowledge at boardroom level; rather than those who possess legacy skills alone and a lack comprehensive digital awareness.
With natural disasters, terrorist attacks, the fallouts of Brexit and GDPR no longer possibilities but inevitabilities, businesses must be equipped for the ever-growing range of threats on the horizon. Making the necessary preparations and investments to manage the risk scenarios in 2018 that could hinder their strategic business and IT programmes will put them leaps and bounds ahead of the competition.