Digital Security and Compliance Priorities: Before, During and After COVID-19
A Top-Down Autopilot Of Revenue Growth & Cost Cutting Priorities
Enterprises are sure to experience material security breaches due to a history of short-term priority setting, autopilot driven by shareholder demands that put off addressing digital risk exposure.
Business objectives drive department leader and team priorities in operations, finance, product, IT and all departments. Whether the objective is revenue growth, new product introductions, client service delivery or operating cost reductions, the business objectives dictate the priorities teams execute. It is a top down methodology autopilot. In the words of Yul Brynner, as the mighty Pharaoh ignoring risks, “So let it be written, so let it be done.”
Every year priorities are set and then updated at C-Level operating meetings to review status. All priorities are driven by the annual plan and the guidance that CEOs communicate to shareholders.
Unlike revenue growth or cost reduction objectives, digital security, and compliance objectives to reduce business risks tend to play second fiddle. Enterprise leaders are not naïve, but they are self-interested. They know security and compliance initiatives and technologies are always important considerations. However, in the final analysis, when weighed against human resource budgets and competing revenue growth or cost reduction initiatives, digital security and compliance initiatives often fail to make the cut. They remain in the queue to be executed later. Preventative security and compliance initiatives are IMPORTANT but rarely URGENT relative to EBITDA immediacy. Executives tend not to get bonused on improved security and compliance postures. They do get bonused on EBITDA performance. When the inevitable security breach or non-compliance regulatory enforcement action occurs, the IMPORTANT/URGENT firefight action begins. Depending on the security incident damage level, exits to door replace the bonuses.
In a best practice business management world, priorities are planned and resourced moving from the IMPORTANT/NOT URGENT to IMPORTANT/URGENT quadrants consistent with Stephen Covey’s Time Management Matrix. The matrix theory advises leaders to focus on Quadrant 2 as a proactive management practice.
Deadlines / Crises
Plan / Resource
Noise Requests / Interruptions
In the real world, however, business practices at the department level, projects and teams are constantly working in the IMPORTANT/URGENT quadrant. Project deadlines loom or pass, new fires emerge, and the entire notion of a proactive business management practice simply does not exist. As a result, the IMPORTANT/NOT URGENT priority initiatives sit idle without execution, quarter over quarter over quarter.
Now is the time to retool for the future
COVID-19 is challenging businesses to operate in new ways, unimagined barely a month ago.
It is forcing a complete reset of business objectives and priorities. It also presents an opportunity to take stock and tackle IMPORTANT items that never get done. We all have those IMPORTANT/NOT URGENT priorities that continually get kicked down the road in favor of the revenue generating priorities. With COVID-19, this is great time to prioritize good housekeeping backlogs with modernization initiatives to help IT teams be more efficient and effective. This is particularly true with digital security and compliance initiatives to protect the business, keep your customers safe, reduce fixed costs over your digital infrastructure and position the organization for a bright future.
During the first month of the crisis business leaders and teams were in emergency business continuity mode of ‘keeping the lights on”, moving human resources to remote work environments. Leaders took fast action to reset immediate direction, working to maintain high team moral and productivity while the disrupted world evolved around us. Now some weeks into the crisis, priority setting begins anew.
Empowering your IT teams with modern toolsets to make their jobs easier and more efficient has never been more critical.
IT teams are struggling with increased workload to support the sudden shift of company wide remote workstation environments. Deploying tools to support those workers is a top priority. Empowering your IT teams with modern toolsets to make their jobs easier and more efficient has never been more critical. Proactive companies who modernize will emerge from the crisis stronger, more resilient, leaner, with modern tools to empower IT teams.
It is a unique window of opportunity with the pause in shareholder revenue growth expectations to shift focus to modernization over digital security and compliance priorities that keep leaders awake, but never have the time to complete. Now is the time. Enterprises that prioritize systems modernization to improve digital security and compliance, reduce total cost of ownership over the long term and empower IT will be better positioned to restart growth initiatives.
Positioned For Growth And Dns Security Management
Your shareholders, customers and employees will all be in a better position by these actions taken during COVID-19 to modernize your systems.