By Dave Russell, Vice President of Enterprise Strategy and Anthony Spiteri, Senior Global Technologist at Veeam
This year IT has been elevated to utility status, proving to be as essential as water, gas and electricity. Without connectivity, telecommunications and the cloud, an overwhelming number of businesses would not have survived 2020. Despite the challenges of the pandemic, the adaptability and resilience of Australian IT has enabled many industries, such as insurance, broadcast and financial services, to survive and thrive. There has been a collective and widespread epiphany of IT’s value to both the economy and society, but with great power comes great responsibility and for IT to become more dependable, there a few factors that need to become more consistent.
Down with downtime
If IT is to live up to this critical infrastructure status, availability must be a given. Think about the frequency with which power cuts or empty water taps actually occur. These are infrequent events which still cause surprise and generate headline news. Can we honestly say the same about the availability of Australian IT services? Think about how often routers need rebooting and applications fail to respond to basic commands. Cyber-breaches occur on a daily basis – with some statistics suggesting around 30,000 websites are hacked every day. For technology to be elevated to utility status, there needs to be an agreed level of service to which providers are held accountable by independent regulators. Simply put, ‘this page cannot be displayed’ and ‘computer says no’ moments have to become a thing of the past. While in principle such a scenario may seem unattractive to technology giants, this expectation is befitting of the vital role technology plays in almost every aspect of our lives today.
According to Veeam’s 2020 Data Protection Trends Report, 95% of global organizations suffer unexpected outages – lasting an average of almost two hours. For High Priority applications, which account for over half of a company’s applications, one hour of downtime is estimated to cost $67,651. That means for an application such as email, payments, websites and mobile apps, one outage costs an average of over $135,000. While companies can fight the case for compensation, change providers if they are dissatisfied, or demand urgent maintenance of a system that causes downtime, there is no one-size-fits-all insurance model to protect businesses. A step towards tighter regulation of technology and telecoms could be a set of minimum service requirements, including a maximum amount of downtime allowed, time to recover data and applications, frequency of software upgrades.
Cyber-attacks on the up
The growing importance of IT in the world’s day-to-day operations is an opportunity that cyber-attackers will pull out all the stops to exploit. Anything that is connected can be hacked. So, what does that mean in a world where everything is connected? What it means is that cyber-attacks have risen again in 2020. Microsoft’s 2020 Digital Defense Report shows that Office 365 alone has blocked 1.6 billion URL-based email phishing threats in the past twelve months. Of six trillion messages scanned for viruses, 13 billion malicious emails were blocked. This supports Veeam’s own research, with IT leaders naming cyber threats their biggest challenge in the next 12 months – above issues such as a shortage of skills and the ability to meet customer demands.
The penalties for businesses who fail to secure their systems and data are already high. As well as the financial cost of downtime, loss of confidence from customers and reputational damage leave a distasteful legacy, and something businesses can’t always recover from. All of this once again points towards the utility-like status of technology – in this case with specific reference to cybersecurity and data protection. Perhaps the question needs to change from what security provider is a business using, to what security protocols should businesses be required to implement based on the data they are processing? Countries across the world have implemented their own unique cybersecurity regulations to try to control this, but adhering to these measures is a choice rather than an enforced necessity. As cybersecurity becomes a utility that businesses need, rather than a layer of IT they can choose, there is an opportunity to institute best practice across the board. Will cybersecurity training for office-based employees become mandatory, particularly with the rise of the remote workforce? Should all organizations publish a full disaster recovery plan? Which details how they will recover data should it be lost or stolen? Going further, should personal data held by organizations be subject to a universal cybersecurity standard to ensure all citizens’ data is protected to a satisfactory level?
2020 has demonstrated that having access to the Internet is just as important as keeping the lights on. It has become a basic need for learning, communication and working in Australia and now it is up to us to accept the responsibility that comes with it. The Australian IT industry has borne witness to the ‘techlash’ experienced by companies that have failed to protect their data or use it ethically, and must move forward by learning from these mistakes. Our economies, societies and lives are enriched by the ability to communicate, share content and complete transactions online. The result is that technology’s role in the world has evolved into that of something which is expected to be ubiquitous, always-on and permanently available. The world simply will not accept ‘this page cannot be displayed’ anymore.