It’s become common in the business and enterprise world to consider aspects of information technology as a commodity. By this, we mean something that can be acquired from numerous sources with little difference in quality, so that companies prioritize cost savings over all else. The conclusion of this way of thinking is, more or less, why not outsource, and to the cheapest option around?
This kind of thinking is understandable. This shift has already happened in many other aspects of the business. (Do you clean your own toilets at your office? We didn’t think so.) It’s even happened in specific IT-related areas. Common software applications, as well as hardware configurations, have become commoditized. Does it really matter whether Dell or Lenovo or whoever else provides your workstations?
Flawed Thinking
Here’s the problem: this thinking about IT as a service is flawed. Considering IT as a race-to-the-bottom commodity ignores the seriousness of what’s at stake. Data breaches are a dime a dozen these days, so much so that we’ve nearly become immune to shock at the news.
Our collective sigh at such news reveals a misunderstanding of the seriousness of cyber threats. Thomas Koulopoulos at Delphi Group explains some recent research from the National Cyber Security Alliance.
He sums up that research with these three very alarming points:
1. Nearly 50% of small businesses have undergone a cyber attack.
2. Small businesses are the targets of over 70% of all cyber attacks.
3. Around 60% of SMBs that are breached is no longer in business six months after the attack.
Around 60% — that’s six in ten! — “SMBs attacked go out of business in less than a year”, claims Dave Brewer of San Jose IT services company, BC Networks. ”Those are serious stakes” Brewer concludes. The reasons for the demise of those firms vary. Some can’t recover from the financial losses incurred. Others lose so many accounts (due to outage time or loss of trust or both) that they end up in financial ruin. Others are unable to recover from the backlog generated during an outage and then succumb to one of the previous reasons.
Whatever the reasons, these are serious stakes, and they deserve our serious attention.
Devastating Losses
Some of the biggest recent data breaches have been absolute crises, like Yahoo! and Experian. Both companies incurred major losses after their big breaches. The damage to Experian is hardly calculable. The immediate stock hit was a $5.3 billion loss, and the fallout from class-action lawsuits will continue for years. (One seeks $70 billion in damages!) Neither of those figures includes the damage to the company’s reputation. If it survives, the name Experian is likely tarnished for a generation.
We Need a New Mindset
Corporations need to reinvent their mindset about IT. It can’t be an afterthought, a nuisance, or a commodity. The focus in IT can’t be solely on cost savings and efficiency gains, or even on the data the company has gathered. In addition to those areas, leaders must focus on protecting everything: infrastructure, hardware, web interfaces, and most importantly, the trove of customer data that each company has amassed.
What Is the True Cost to Doing IT Right?
So what is the true cost of doing IT right? It will, of course, vary widely, but a few principles are universal according to Lance Stone, owner of San Francisco IT services firm, On Time Tech.
It’s More Than Most Firms Are Spending
First, it’s more than most firms are spending. How can we say this with certainty? Look at the status quo. It’s not working. There are data breaches all over the place, from small businesses to massive corporations (here’s looking at you, Experian!). Businesses simply are not prioritizing this as they should.
It’s Less Than the True Cost of Doing IT Wrong
However much it costs to secure your IT concerns the right way, it’s less than it will cost you if you do it wrong and get burned. You can’t afford to go out of business, and that’s the likely outcome (60% odds aren’t great!) if your business gets compromised.
It’s More Than the Bargain Basement Players Are Charging
The true cost of doing IT right is certainly north of what the cheapest players are charging. This is why we’re advocating for a mindset shift. When companies look for the absolute cheapest offering, more IT vendors race to lower their prices. They scale back on their offerings, and some cut corners.
Conclusion
Here’s the bottom line: you can’t afford a data breach, period. Partner with a firm like ours to manage your IT and gain peace of mind that your data is as secure as it can be.
