Archived CEO Blogs

In my last post, I described some of the key ways Managed IT Services help monitor networks and applications, conduct real-time analysis of security alerts, and streamline management of security reporting and policy compliance.

Important as these Managed IT Services are, however, the IT-centric capabilities they provide are just part of a larger IT security picture. Unquestionably, these capabilities are necessary, but they are by no means sufficient – especially if your goal is (as it should be) to create and sustain multiple security layers that are proactive and preventive.

Today’s digitization of just about everything – especially a whole lot of business data – means the technologies your organization depends on may be changing more quickly than you think.

Of course, this has been true for some time. But for a while it wasn’t the case – software patches and antivirus updates were less frequent, and the sense of urgency was by similar degree, less as well.

Alas, that was then. Now if you let your IT environment – especially your security stance – fall behind, you could be left exposed to some pretty insidious threats.

Disaster Recovery is one of those best practices you can’t imagine needing – until your business gets hit by a power failure, bad weather, or a single-point-of-system failure you didn’t realize was there.

Suddenly, you need help. You need the right provider with the right solution, right now. In my last post, I reviewed the reasons why a cloud-based Disaster Recovery solution may be the best proactive measure for sustained resilience and outright prevention .

It remains sound advice – but how do you choose the right provider of cloud-based DR services?

If you check out the numbers , it’s clear that businesses with solid Disaster Recovery plans will be back on their feet within hours or days following an event, while the majority of those without DR plans — too often smaller businesses — won’t recover at all.

But it doesn’t have to be that way.

According to Gartner , by 2020 60% of businesses will suffer major service failures due to mismanagement of risk in new technology and use cases. This is why, in my last post, I suggested that the best way to deal with these risks is to commit to a strategy of resilience — “ the capacity of an organization to plan for and adapt to change or disruption through anticipation, protection, responsive capacity, and recoverability .”

To get a sense of a resilient business in 2015, let’s start with where you want to end up.

Have you noticed how people are talking more about risk these days? Not surprising, given the spectacular nature of recent hacks. Even reinsurers express worry: in a poll last fall , 40% ranked cyberattacks as the most threatening emerging risk of 2015.

Yet, cyberattacks threatening your systems’ security and your data’s privacy are only part of a much larger risk problem. This greater scope of risk is more about effect than cause – if you contain your risk strategy solely to cyberattacks, you’ll leave yourself exposed on other fronts.