Kathy Gibson reports – There is no doubt that the Covid-19 virus has impacted every person and business on the planet.

What is important at this time is our reactions to it, says Cecil Munsamy, MD at AVeS Cyber Security. “At the beginning we were caught off-guard, not knowing how to react.

‘But is has forced many differences in our lives.”

Many businesses have changed their working models, others are battling to make the move. “But people are having to change: even though change has been forced on to us, we are doing it.”

Organisations are now looking at cost and the optimisation of cost. “Companies are realising the befits realised by IT; also the risks and resources. They are looking at how to optimise the costs to survive.

“For at least the next six months and beyond, we need to look at how to thrive.”

Companies are looking for savings on their IT operational costs. “From experience, I can say, don’t’ try to use guesswork. Rather use guidelines and a framework.”

An international framework offers a much better chance of success, Munsamy says.

The first step is to understand the enterprise goals, which give directions to IT; which they can align to, to ensure they are successful. The business model is key, offering the ability to use IT effectively and efficiently.

The first step is to reduce cost, while keeping the lights on.

Munsamy says companies should think initially for the next six months to one year.

“Forget about finding a single idea that will solve all your problems. It might be too risky or cause more grief than you think.

“Rather use a combination of 10 or more actions so risk is spread out.

“Also don’t try to complete all your saving in one day. Work at it and you will come up with new ideas as you go.

“Importantly, don’t implement it if you are going to regret it.”

Technology can offer significant short-term savings. Interventions companies can implement quickly include virtualisation, cloud-based services, managed service provider (MSP) licensing, connectivity costs, off-the-shelf application support instead of custom software, consolidate IT service management, balance insource and outsource services, and hardware standardisation.
Keeping the lights on is vital – you cannot reduce costs if it compromises business continuity and availability, Munsamy says.

It needs to classify and keep and inventory of information assets, make practices and activities leaner with continuous improvement, determine and measure value to the business.

When it comes to risk it is important there are changes to enterprise goals and changes to risk optimisation.

“The appetite and tolerance of the business could change,” Munsamy says.

“It is important for IT to be a trusted adviser.”

Pros versus cons of risk treatment solutions need to be considered, along with the business value. CIOs need to ensure they balance risk appetite and tolerance versus the risk a management controls that must be effective and efficient.

“If you find there is a deviation you need to remediate and remediate fast.”

When it comes to managed security services, Munsamy urges business to ensure they are working effectively. This includes ensuring an up-to-date asset inventory, proactive monitoring, user access for work-from-anywhere scenarios.

So it is important relook security patches and virus control, he adds, on all parts of the system.

Governing the whole process is vital to its success, Munsamy adds. This will be determined by policies around business continuity among other things, and the associated plans. Testing and training must follow from the planning.

AVeS is offering discounts for its governance and management offerings for the next six months.