Published on the 17/10/2024 | Written by Heather Wright
Internet at risk, strangulation by regulation and serious sustainability…
Neha Ralhan wants A/NZ tech leaders to lift their eyes from the day-to-day technology disruptions and take a wider view of disruptions coming our way – in particular the internet risk, restrictive regulations and sustainability.
A Gartner senior principal analyst, Ralhan spearheaded a recent special project looking at s likely to impact enterprise applications in 2025 and is urging local IT leaders to look at what tolerances can be built into application strategies now to safeguard against likely future disruptions.
“It’s about what tolerances you can build into your application strategy now to have that safeguard in place if something happens.”
“Here in Australia and New Zealand we are not immune [to global disruptors] and in many ways internet of risk and regulation in particular are enhanced by our geographical location,” Ralhan says. “Both impact us strongly because of our location and also in many ways, are geopolitical risks.”
Geopolitical turbulence has disrupted the trend towards globalism and seen a move towards nationalism with countries becoming more isolationist. It’s a movement that sees free movement of trade, and people, as a threat. The pandemic and recent conflicts in Ukraine and the Middle East are also contributing to an erosion of trust in international organisations like the World Health Organisation and UN.
Increased focus on regional and bilateral agreements, rather than global deals, raise questions about the viability of offshoring key capabilities, Ralhan notes, while an uptick in government regulation related to technology development, use, transfer and sale – particularly in Europe – adds further fuel to the fire.
For multinationals, Ralhan says that might mean an increasing move to different tech models, whether a two-tier ERP as an example, or having a localised application portfolio for a specific region.
“Organisations are already reaching for more of a federated structure – which is different from a two-tier structure – where some of the responsibilities are managed within the head office and you’re focusing more on a localised aspect, as opposed to the global aspect which has been the de facto for many years.”
She says that means more localised controls are required, along with a reassessment of the status quo – while ensuring that there is still some degree of global oversight and control.
“That’s not to say this should be the default moving forward for every organisation, but it is being aware that it may be a requirement for some parts of the world sooner rather than later.”
Even organisations without a global footprint could find themselves impacted through limitations on the services they can procure.
“It’s about what tolerances you can build into your application strategy now to have that safeguard in place if something happens.”
Ralhan also calls out concerns around internet trust, whether deepfakes or digital attacks.
But she’s quick to squash any vendor dreams of big sales based on the concern.
“For application leaders and CIOs it would be tempting to go out and buy a suite of products and services that can ‘safeguard’ your organisation’s investments. But what I would say is before you get to that point it is important to first identify where your true risks are.
“There will always be those sort of Crowdstrike risks that come out of nowhere, but first work with what you have, work with your sourcing and procurement teams to ensure the contracts you have in place have non-delivery penalties and you know what happens for this part of the world if a system goes down.”
Technology leaders will need to prepare by proactively assessing their current application portfolio and auditing for both resiliency and redundancy.
A push towards ESG is also leading to ‘serious sustainability’, where what was once optional will become existential as governments increase weighting on evaluation/procurement criteria.
Ralhan adds one additional disruption for local tech teams to consider: The potential impact of natural disaster such as fire and earthquakes.
“We saw this with the 2019-2020 bushfires in Australia and how that impacted service delivery.
“So for Australian and New Zealand organisations, things like that may be more of a high priority than other parts of the world.”
Getting clear on the risks to your application portfolio is Ralhan’s key push for tech leaders.
“An audit of your application portfolio is the first important thing to do.
“From there, don’t just put it in the hands of the CIO – it needs to be a more inclusive, overarching project with a lot of different stakeholders, so ask them to help. This is a great ideation session, almost a hackathon, of where you believe your risks are. The more people who feed into this the more vivid picture you will get and that’s what you are after.”
From there she suggests traffic lighting the potential risks taking into account questions such as what is most likely/not likely and what you are already well prepared for/not prepared for.
“Use that as an opportunity. It’s not the time to bury your head in the sand. This should be revised every 18 months because the goalposts will change and evolve and what was a risk five years ago may be minimised either because of things you have procured to make your application portfolio more robust or sometimes things do fall away.”
She says getting visibility – and exposure – across the whole organisation is also key, with anecdotal evidence showing many organisations already have teams preparing for disruptions that exist beyond delivery for the organisation, but that that work may not be well documented or concrete and is likely siloed.
“Get the planning that is done out in the open. Have those open discussions.”
