Has IT become obsolete? Marc Lestienne, Deputy Chief Information Officer at Prodware, dares ask the question, or should he…he may have some things to say about it.
The large volumes of data that transit, mobility and the increasing number of digital devices we use or even cyber risks, all call for much greater agility within an organization. IT departments are first in line when it comes to addressing these challenges and their implications. However, some have cast doubt on whether they should actually play a role.
Why IT Departments are Important
OMG…you must be kidding!! Indeed some articles in the press have suggested that IT departments aren’t needed in an organization anymore and that they will eventually die out. With a growing digital-nomad workforce and employees that are much more digital-savvy, one could argue that these two trends are enough to justify that IT departments may be becoming old school and not really in-tune with the needs of modern-day users.
Digital natives, as per their name, are a generation born and brought up during the age of digital technology, and are so tech-savvy that they could handle whatever technical issues they come across on their own. Those who support and suggest such a surprising assumption do not realize the extent and scope of what an IT department covers within an organization.
An IT department reaches across the whole organization and supports all business aspects: it is in charge of managing, running and securing the entire IT hardware infrastructure. We live in a world where internet users are used to having everything delivered, ready and operational from A to Z. This easy-to-have and easy-access to all this technology skews our judgement leading us to believe that we are digital independent. Big mistake.
The smallest SaaS (Software as a Service) solution, as simple as it may be to subscribe to, is nothing more than an empty shell: solutions of this nature require support from IT, if only to ensure compliance issues, security or “simply” to migrate data. With that you need to factor in Cyber Risk management and you clearly understand why believing that we can afford not to have an IT department anymore is completely ludicrous and even very dangerous.
Raising Awareness of Employees
WANNACRY. This simple word freaked out so many companies across the globe.
It was back in 2017, this new-generation malware spread panic across corporate networks as it quickly infected more than 200 000 computers crippling a significant part of the economy in 150 countries spreading through computers seamlessly without needing any human intervention. There is no down time for hackers: they operate at night, during holidays, on weekends, whenever…cybercrime has become a very lucrative business.
In this hyper connected world where data is the new Holy Grail, organizations need to shape up and reinforce their defenses. Now, more than ever, they will need to rely on an IT department that is efficient and cyber-ready to detect, protect against and address their network vulnerabilities.
But looking strictly at the IT side of things isn’t enough. Remote work, having become the norm during the pandemic, has demonstrated that the information, files and documents shared via networks greatly heightened cyber risks with more opportunities for hackers to strike. Those who have been victims of cybercrime know this: having a VPN for protection isn’t enough. You need to raise awareness among employees on the do’s and don’ts or best practices when users are online (refraining from clicking on a suspicious link, looking out for content and/or emails sent by unknown senders…).
According to a report on Cybersecurity issued by IBM, 95% of all security breaches are due to human error caused mainly by easy-to-guess passwords. And who could have guessed that most cyber threats actually originate from USB keys, devices we use everyday? 40% of USB keys contain at least one risky file.
In fact more and more IT departments have actually started running fake cyber attacks to test users and raise their awareness on cyber hygiene which is a good thing. We all contribute to securing and keeping our organization safe.
The Importance of Collaborating
So how do we all “reconnect?” How did we end up believing that IT departments serve no purpose within companies? Maybe it’s because some of them give off the impression that they keep to themselves and are cut off from the rest of us. But that would be a big mistake: contributors that belong to the same ecosystem feed off each other. In this specific case relating to cybersecurity, one contributor can flag an attack while another can intervene to protect against it. This is why it is important to raise awareness, share information and keep everyone informed at all times.
It’s all about breaking down silos and exploring new frontiers when it comes to fending off new cyber risks together. And this is where Project Leads come in – they can actually play a major role. They can help by being the go-between between the business side and the IT department qualifying, gathering and addressing all the users’ needs in the best possible way.
The IT department, when acknowledged as the official « go-to » people within a company or organization, remains, at the end of the day, the first point of entry open to employees for any IT incident they may encounter at work.
Every IT department should be « Employee Centric » minded: a strategy that puts the employee first whether the employee is on site or working remotely. Moreover, companies need to provide around the clock IT services with SOCs (Security Operation Centers) in order to monitor, prevent, detect, investigate and respond to cyber threats 24/7.
And of course let’s not forget SIEM (Security Information and Event Management) to prequalify threat severity levels and allowing for human intervention. Only an IT department possesses that expertise.
The role of an IT department is therefore considerable in an organization. It can automate processes, work towards making interactions much more smoother, so that all the company stakeholders can work together more efficiently and effectively very rapidly. The IT department is unique in that it can leverage AI-embedded technologies and Machine Learning, for instance, to protect the ecosystem against cyber threats.
We are definitely referring to an ecosystem because the IT department needs to be at the heart of the system that “feeds it” and that it supports. It is a matter of digital hygiene. Getting rid of it would be a big mistake.
We don’t solve a problem by pretending there is no problem. Remember what Donald Trump suggested during the pandemic? “If we stop testing, we’d have fewer cases.” Absurd. But I’ll let you be the judge of that.
Article initially published in Silicon.fr