THE Impact of Covid
Covid is driving a wedge between the demand and supply of IT talent. 2021 saw both a spike in demand for technology and digital transformation, and a strong supply side disruption in IT talent The war for talent is a challenge for the coming years and companies, both clients and service providers, need to adjust to it.
Covid has put an accelerator on the demand for digital transformation. Restrictions on physical movement and presence have meant that the world has shopped online and employees have worked remotely. All companies have thus had to accelerate their digital presence requiring new capabilities, new channels and new platforms. For CIOs, this has resulted in a sharp spike in demand particularly on new technologies.
Cloud has enabled some of this scaling and expansion at speed. We have seen cloud adoption like never before. The genie is out of the bottle and there is no stopping it anymore. In a single year, the world has jumped three to four years in terms of digital transformation. And we believe this trend will continue into the next few years.
At the same time, we have seen a huge disruption on the supply side. Demand for skills (particularly on new technologies, but not only) resulted in a war for talent and a sharp increase in salaries or incentives offered. As the distance between home and office became less important, work from home opened new opportunities. COVID forced many people to re-think their career and life choices. This cocktail of realities lead to workforce instability especially at the side of the IT service providers. While in early 2021, clients were still telling us that remote working is viable and clients pushed more and faster to offshore, by mid-2021 they were talking about the growing impact of high attrition at their service providers, especially at offshore. This period dubbed ‘The Great Resignation’, has seen in the ranges of 30% at several IT companies, the impact being even stronger at offshore.
Weaving your way out of the above challenges and the new reality of scarce IT talent will remain a hot topic for organizations over the next few years. What is the suggested way forward?
Prepare your organization for Work from Anywhere: Flexible remote working is here to stay. More than 90% of employees currently working remote want the ability to stay virtual after the pandemic. Enable your organization to hire and retain talent from across the globe. This starts from HR adapting how and where it recruits, hires and contracts, to IT departments adapting how you work operationally. “Work from Anywhere” will be the new Work from home.
Focus on engagement and retention: Remote working creates a lack of bonding, particularly with the new employees. It becomes even more important to focus on engagement and a feeling of belonging within your teams, both internally and with your service providers (better communication and connect , ‘one team’, branding and incentives).
Diversify your sourcing channels: Given this situation, it becomes critical to work with the right combination of consulting companies, service providers and product companies. We see several clients augmenting their offshore access to skills with nearshore skills (either with a partner or captive). This is particularly true for new technologies and agile development.
Destination Cloud: How prepared are you for the Journey?
The pandemic has triggered digital transformation projects across small and medium enterprises alike. An increasing number of enterprises are reshaping their digital transformation journey on the back of cloud enabled services offered by the major Cloud Service Providers (CSPs) such as Microsoft, Amazon, or Google. Cloud adoption continued to accelerate in 2021. Enterprises have had to expedite their cloud journey to serve their customers and employees through online channels. Our survey indicates that more than 90% of the enterprises are utilizing public cloud today in some capacity. Several organizations intend to migrate over 50% of their workloads onto the cloud in the next two years.
There is much that the cloud offers in terms of service and capabilities. Beyond unprecedented elasticity, cloud offers additional benefits including resilience, security, metered usage and high availability. However, there are many complexities to be managed.
The paradox of choice
It starts by having to devise your cloud strategy – public or hybrid cloud? You need to manage the complexity of the service offerings. On average, each CSP offered around 200 featured services this year. Should you go for IaaS or PaaS? Navigating through the pricing models and forecasting the spend is also not easy. Should you go for on-demand or dedicated instances? You must also make the choice on cloud tooling – native or open source? How far do you go with your cloud transformation – lift & shift or refactor or re-platform? These are some of the major decisions organizations must make. Wrong choices will lead to fragmentation of cloud services with increased complexity leading to Cloud Sprawls.
Who do you need on this Cloud Journey?
While there is gold at the end of the rainbow, the journey is treacherous and needs specialized skills. Making the right decisions requires the skillful expertise of cloud architects and engineers. In a market that is stretched thin on supply side, it not easy to put in place the right capabilities. This is where organizations must not only build internal skills, but also work with the right set of partners.
Cloud Center of Excellence: This should be an internal team of experts responsible for cloud strategy, security, architecture and governance. The Cloud CoE focuses on selection of the cloud provider, choice of landing zones, proof of concept, etc.
Cloud Service Providers (CSPs): The CSPs have built strong teams to guide you, particularly during the early stage challenges where you need assistance in building the roadmap, for security and for compliance.
Managed Service Providers (MSPs): The MSPs offer comprehensive cloud service covering spanning areas of cloud assessment, cloud migration, cloud operations and cloud native development.
The right team will be a combination of above partners and is a function of your cloud life-cycle stage.
The assistance you need varies with the stage you are at:
At this stage enterprises are looking to get their cloud journeys initiated. Focus is on cloud strategy, CSP selection, and proof of concept development.
At this stage enterprises are in the process of moving workloads to cloud. Focus is on migrating workloads progressively to cloud. Production deployed workloads require cloud management and operations.
At this stage enterprises will be focussed on building cloud native applications (E.g., PaaS, Serverless) hosted, built, and managed on cloud end-to-end.
Horses for courses
During Early-Stage, most of activities can be guided by the Cloud CoE. The Cloud CoE can benefit from professional services offered by the CSPs.
At the Intermediate Stage, enterprises benefit from services of MSPs. MSPs rooted in the applications services bring stronger capabilities in areas like cloud readiness assessment and cloud migration - re-factor, re-architect or re-build. MSPs with background in infrastructure bring stronger capabilities in areas of cloud provisioning, brokerage, and operations. Several MSPs have developed Cloud Management Platforms to manage cloud resources including provisioning, orchestration, billing, integration and monitoring.
Advanced Stage requires expertise to develop cloud native applications. Focus here is to leverage full cloud capabilities such as elastic capacity, automation, and standardized deployments. Here MSPs with convergent capabilities in both application and infrastructure are required.
Organizations need to have the right cloud strategy and strike the right partnerships to further their cloud journey and take advantage of full range of capabilities that cloud has to offer. We believe the application of the following sourcing principles will enable you to achieve greater success.
Develop internal cloud capabilities through the cloud CoE
Leverage professional services from CSPs for specific activities as required
Select the right MSP to help you on the journey
Clear segregation of duties between yourself, MSPs and CSPs
Consider best in class tools for cloud management and automation
DDoS attacks, hacking, ransomware, data breaches and an ever increasing list of vulnerabilities – it is easy to see why Cybersecurity is a hot topic not just for the CISO and CIO but for the board and CEO. However, there are a number of aspects that make the job of a CISO unenviably complex:
Inreasing cybersecurity incidents: Cybersecurity incidents are increasing not just in frequency, but also in sophistication. From rogue individual hackers, to hacking organizations and even nation states, the sophistication of hacking is increasing. The attack surface is increasing as organizations adapt remote working and employees are connecting to applications and accessing data from beyond trusted network perimeters such as VPNs and Firewalls. Cloud adoption, increasing use of IoT devices, mobile devices and edge computing also elevate the risk. We also see an increasing number of zero day attacks such as Log4j vulnerability on long existing systems.
Increasing compliance and regulatory requirements: With the rise of extensive data collection and misuse, governments have finally started to put in place the required regulation around data collection and processing. We have an increasing number of complex regulatory and compliance requirements such as GDPR and HIPAA that an organization must comply with.
Proliferation of solutions: In the past, cyber security was about securing your endpoints and network. This has now expanded to I&AM, vulnerability management, cloud security, data protection, advanced forensics and much more. There is a plethora of software for each service with complicated pricing mechanisms that are not always easy to predict or understand. There is so much choice, and so many variations – that its often difficult to make the right choices and distinguish the must haves from the nice to haves.
Shortage of talent: There is a war for talent in general. But this is particularly critical when it comes to cybersecurity. As Benoit Rousseaux, head of sales for Big Data and Cybersecurity at Atos Belgium and Luxembourg pointed out – “there are no universities offering courses on cyber security in Belgium”. This makes it particularly difficult to hire the right talent.
The complexity of the job coupled with the difficulty to find resources means that companies often need to work with external partners.
Sourcing for Security services
In the past, security was often bundled together as a sub-service of the datacentre contract. We now see an increasing number of CIOs sourcing for Security as standalone service. We also see increasing focus from the service providers on developing Security as a service. The security space is vast and different providers are strong in different areas. We believe the Cybersecurity space is organized into the following three categories:
Advisory: Advisory covers strategy, architecture and definition of the perimeter.
Implementation: Implementation covers the deployment of the different solutions.
Managed Security Services (MSS): MSS covers a wide area of operations (e.g. running the SOC, managed detection and response, disaster recovery and resiliency).
While this year, we do not have a Square for Security services, we profile some of the most important players in the Cybersecurity section under The Squares.