By Guy Warren, CEO ITRS Group

With autumn in the air and September resets required for many, the ‘back to school’ mentality is currently spreading further than the classroom. The next few months to year-end provide a natural time for organisations to revisit their business plans and set their minds to thinking about what they can achieve in the tail end of the year. And given the rapidly shifting political and economic backdrop in the UK, executing on the fundamentals is more important than ever for firms to navigate the uncertainty successfully.

As firms ease back to the boardroom, executives must use this opportunity to look for effective ways to mitigate the current challenges, or risk falling behind competitors.

Stopping system failures

The first thing firms must do is reduce any risk of system outages. Just last month both Lloyds and Halifax experienced long outages, leaving thousands of customers locked out of their accounts over the August bank holiday weekend. And with the cost-of-living crisis putting increased strain on consumer finances, outages like that could be especially damaging to reputation and ultimately, to customer satisfaction.

And these aren’t isolated incidents. Far from moving towards greater operational resilience over the last 18 months, IT estates have only become more complex and more susceptible to outages with longer periods of down-time.

All businesses must have highly proactive monitoring and security capabilities to see what their systems and users are doing in real-time.

And these days, real-time must mean real-time – not 60 seconds, 30 seconds or even 10 seconds later. Going forward, there will be no excuses made for shortcuts or sub-par capabilities. While it might seem costly at a time when most businesses are operating on small margins, the bottom line is that system outages will not only cost you reputationally but could have very tangible financial repercussions as well, so it’s imperative firms don’t take their eye off the operational resilience ball amidst challenging economic headwinds.

Looming cyber threats

Avoidable system outages are one thing but, as they assess their plans for the next quarter, executives must also consider the external threats that pose a risk to their business.

With ongoing conflict in Ukraine, financial institutions must continually assess about how they’re safeguarding their business and their customers from foreign cyber threats. Back in April, CISA, the US Cybersecurity and Infrastructure Security Agency, released a statement concerning US vulnerabilities to Russian cyberattacks, which followed previous cautions regarding the risks posed by Russian cyberattacks to critical US infrastructure. Similarly, even prior to the invasion, the FCA issued a warning to UK banks regarding the potential for Russian retaliation in the form of cyberattacks following the implementation of tough sanctions.

All this goes to show the necessity of first recognising vulnerabilities and then actioning processes that both protect against and prevent targeted attacks. If these processes are not already in place, management teams should use this reset period to expedite the implementation of new operational resilience strategies.

It looks likely that the EU’s two law-making bodies – the European Parliament and Council of Ministers – will be doing just this.  The vote to approve the draft legislation for DORA, the Digital Operational Resilience Act, which was first proposed by the European Commission in 2020, is expected to take place this month, putting operational resilience back to the forefront across the continent. Once formalised, the legislation will require firms operating in the EU to strengthen requirements to disclose the reporting of major ICT-related incidents, business continuity and disaster recovery.

For British firms operating in Europe, now is the chance to get ahead and begin implementing strategies that incorporate the new legislation.

Optimising the Cloud 

Beyond operational resilience, executives need to be savvy about where they’re spending budget. With costs rapidly rising, institutions need to see where they can optimise spending without compromising system safety. Firms should be reviewing their IT infrastructures to ensure they are optimised with no wasted costs.

Establishing the right foundations for hybrid cloud management is essential to optimising operations – and costs.

Optimising hybrid cloud management has the capability to radically transform a business’ operations, but this can only be achieved by acknowledging how it differs from on-premise estates. Firms should approach it with an ‘owning’ vs ‘renting’ mentality. You own your on-premise estate, so buying bigger works because you will probably expand into it in time. However, you rent your cloud estate, so in order to optimise efficiently, it’s essential not to rent something much bigger than you need.

What management teams need to be conscious of is how easy it is to end up paying excessively for their cloud estate. Confirming they have the right size for their operations should be the first order of business in the boardroom this month.

As we move into an increasingly challenging economic period, it’s essential that businesses use this month to plan effectively for the next three, six and twelve months. It’s a rapidly changing landscape and firms will need to be agile, but assessing the fundamentals of operational resilience and cloud optimisation now will set them up with the best chance of success.