A series of large-scale cyberattacks have been in the headlines this year and, according to McAfee, the situation will only worsen as hackers use more advanced techniques to infiltrate networks. Despite this, there are still a large portion of companies that remain vulnerable, mainly due to the lack of executive interest in preparing for worst-case scenarios. The same report states that 79% of C-level US and UK executives surveyed say executive level involvement is necessary to achieving an effective incident response to a data breach and 70% believe board level oversight is critical.
It is therefore vital that IT leaders effectively communicate the latent threats to the ‘C-Suite’ - the top executives at that organisation - to successfully address the weaknesses that may exist and be fully prepared to respond when they happen. Because they do and will happen. For example, data centres experience total shutdowns an average of more than twice every two years, localised shutdowns nearly six times every two years, and limited outages more than 10 times per year. Therefore organisations must prepare themselves for when this happens. Because disasters create a crisis environment, they increase the need for the immediate return to operation and the ability to test and view the solution. Therefore, DRaaS (Disaster-Recovery- as-a-Service) is not merely an add-on to a cloud service provider’s offerings but it must be a focused discipline with appropriate infrastructure and staffing expertise.
So many of our customers tell us that their path to making the decision to adopt Disaster-Recovery-as-a-Service was not as smooth or as fast as they would have liked. And, one of the common reasons for this is around the difficulties faced in convincing high-level decision makers, often those in the ‘C-Suite’ to prioritise a DR strategy. It’s not that these C-level executives don’t understand the need to protect IT systems from a potential disaster, but that the prospect of such a disaster is sometimes not immediate enough to be the catalyst for a fast decision.
So, if you are looking to address the topic with your executives, below are some of the key aspects to consider depending on their job title:
- CEO/COO - Components of a DRaaS offering that would appeal most to CEO/COOs are the time to business resumption (e.g. near-zero RTO), the ability to pay as-you-go without a large capital investment, the ability to prioritise data and workloads for restoration and the flexibility to test to ensure proper operation in case a disaster is declared.
- CIO - CIOs have a tough balancing act; they must balance costs with the need to limit exposure. They may have to meet compliance requirements imposed by regulation or standards bodies. CIOs need to satisfy the needs of different stakeholders and business imperatives with DR – and this is a huge challenge.
- CFO - As their primary responsibility is financial, they must be approached from a fiscal angle. They look for an unbiased, independent perspective. Often perceived as being risk averse, they will invest in sound decisions, especially when they see a value proposition backed by financials and metrics.
- CMO - While traditionally associated with branding, advertising, and public relations, more often the CMO has key objectives tied to customer loyalty as well. An obvious concern of CMOs is how the negative press around disasters affects brand image and customer loyalty. The CMO will not be interested in the details of the services chosen but can be a strong supporter on the need for DR to protect brand image as well as maintain excellent customer support.
By Monica Brink, director of product marketing, iland