Governance is the most powerful tool for optimising IT costs in the wake of COVID-19
South African companies are increasingly looking to reduce costs in the wake of the COVID-19 pandemic, with information technology (IT) among the areas being targeted in their cost-cutting drives. By leveraging governance and adapting to more efficient ways of working, companies can optimise their IT costs to thrive rather than merely shaving costs to survive.
“Nipping and tucking here and there could help to bring down a few costs, but there is tremendous opportunity to dramatically optimise IT costs by leveraging governance. So, before you begin cutting away at your IT budget, you must ensure you have governance in place. Once in place, you can use governance as a roadmap to show how and where to cut costs strategically,” says Charl Ueckermann, CEO of AVeS Cyber Security, adding that governance is one of the most essential and powerful budgeting tools available to businesses.
Cost-cutting is often approached in silos by different areas of a business. This means that drives to reduce costs might be out of alignment with business objectives and governance. Every effort to curb expenses should be made with due consideration to the rest of the business and in alignment with its governance processes, and this includes IT. In doing so, companies also reap other rewards such as tightened risk management, better decision-making, improved internal policies and more effective control mechanisms.
“When IT costs are optimised in line with company goals and governance, appropriate cost reduction actions can be made while allowing for the strategic investment in solutions that are needed to empower the business and its employees.
“At an operational level, there have been some big changes. More people are working from home, and companies have had to make technologies available to empower employees to work remotely, while other tools have been rendered ‘not-so-necessary’. For instance, there is a marked increase in the use of video-conferencing platforms and cloud-based solutions to enable people to collaborate with colleagues, customers and suppliers wherever they might be. Changes such as these require amendments to be made to companies’ IT infrastructures and cyber security systems to ensure they are not compromised.”
He offers an example of how to use governance to re-define the changed needs of the business and help IT departments to identify where to cut costs.
“Some organisations such as a mine might have implemented six layers of security around its operations, but when considering governance, this level of security might not match the business's risk appetite, while in the case of a bank, six layers of security are essential. Therefore, there could be an opportunity to reduce costs by removing some layers of security while still operating as usual and without exposing the business to undue risks.”
In the short-term, Ueckermann says there are a few ways for chief information officers (CIOs) and IT managers to reduce the costs of their IT. Firstly, they must establish what they have to work with, in terms of budget. As a result of COVID-19, budgets could be lower than initially planned at the beginning of the financial year. The next step is to look at ways of adapting overlapping IT systems and cost structures to support business areas that are still able to operate. Of course, any cost-cutting efforts should be made with enterprise goals in mind.
“Remove technologies that are not needed or not adding value at this point. Target the 'low hanging fruits' first, such as technologies that are on the verge of expiring, tools that you do not need to sustain a remote workforce or applications that do not add support services to the business. There might not be space in the budget for the ‘nice-to-haves’ at the moment. There could also be opportunities to curb costs by repurposing hardware or making greater use of a technology’s functionality. Implementing a higher level of automation can help to increase capabilities while reducing costs.
“This is also a good time to renegotiate contracts with vendors and suppliers to match your changing IT and cyber security needs. You can also consider outsourcing IT services, such as cyber security. Outsourcing can be a major cost-saver in areas where the costs of insourcing new skills needed to support the business are more expensive.”
In the longer term, Ueckermann says companies need to implement lean processes that are structured to deliver business value in line with their organisational goals.
“A business's enterprise goals should guide the implementation of processes as well as the input-output measurements to define what makes a business process effective. Organisations should be output-focused and not activity-driven.
“Technology and processes are not the only aspects that must be re-engineered in line with governance. Agile, adaptable people that fit the organisational culture are the right ones to have on your team. Companies may also have to reskill their teams and focus on continuous improvement of skill sets. Building a cyber-secure culture with the people you have is more important than ever, especially when more employees are working remotely and companies are cutting costs on technology. Generally, 80% of cyber security's effectiveness relies on people and only 20% on technology, making it clear that people play a significant role in helping organisations run effectively and securely. It is no longer about looking busy but rather about adding value to the business with a strong focus on output.”
Ueckermann concludes: “Businesses can turn the challenge of cutting costs into an opportunity to create value. Approach IT cost optimisation from an overarching business perspective instead of looking at IT in isolation. Look at how people, technology and processes can be restructured in alignment with governance to ensure that IT cost optimisation can be achieved while ensuring IT delivers a greater return on investment for the business.”
AVeS Cyber Security
AVeS Cyber Security is a specialist in industry-specific IT Governance & Architectural services, combining expert knowledge and services with leading technology products to provide comprehensive Information Security and Advanced IT Infrastructure solutions. Over the past 22-years, AVeS Cyber Security has strategically honed its solutions and services to help Southern African businesses future-proof their IT environments against the continually evolving threat landscape while achieving their digital transformation aspirations. The company offers a leading portfolio of professional services, products, and training in security, infrastructure, and governance solutions. In 2019 and 2020, the company won six awards from some of the world’s top technology vendors, indicating competency, strength, innovation and robustness in an industry that is fast growing in complexity due to evolving challenges, such as ransomware, advanced targeted attacks and the Internet of Things. The awards include Kaspersky's Africa Partner of the Year 2019 and 2020, Kaspersky's Top META Learning Partner 2020, ESET's Regional SMB Sales Champion 2019, ESET's Product Champion 2019, and Symantec's SMB Partner of the Year 2019. AVeS Cyber Security also received four new partner statuses, namely, Microsoft Gold Datacentre Partner, DellEMC Gold Partner, Veeam Silver partner and Sophos Platinum partner.