McKinsey recently released its “technology survival guide for resilience,” no doubt because that’s what consumes just about every business leader and IT pro to some degree these days.
The guide starts with this definition: “Resilience means understanding the criticality of a business process, the capability of the underlying technology, the business impact if the technology fails, and the organization’s risk tolerance.”
A 2022 study by ITIC found that the hourly cost of downtime exceeded $300,000 for 91 percent of enterprises of all sizes. And 44 percent of midsize and large enterprise survey respondents said that a single hour of downtime could cost their businesses over $1 million. So, if, as McKinsey writes, a technology fails, it can be costly.
Resilience Requires Understanding Criticality
The McKinsey guide states that to achieve resilience, your organization needs to understand the criticality of a given process. You then need to assess the underlying technology, identify the business impacts of a failure, and establish your organization’s risk tolerance—as well as your partners’.
The guide notes that, to get there, “an organization needs to understand where and what its resilience is today and be able to answer the question: Could we recover and rebuild after a catastrophic event?”
Put in context, Sophos’ The State of Ransomware 2022 found that 66 percent of responding IT pros from around the world said their organization had been hit by ransomware in the previous year, and 65 percent of those attacks resulted in data encryption. Meanwhile, the Uptime Institute’s 2022 Outage Analysis found that 80 percent of data center managers and operators have experienced some outage in the past three years.
Technology Resilience Principles
McKinsey also shares the foundational principles for maintaining resilient technology:
- Applications, systems, platforms, and the IT workforce are flexible and scalable.
- Data sets, applications, and network technology infrastructure are fully visible to data owners, and applications are traceable within the environment.
- Data sets and applications are built to be agile and mobile.
- The architecture of applications, data platforms, network environment, and the IT workforce is resilient by design, i.e., the architecture is built to compensate for probable failures and inform future designs.
- Systems are interoperable and leverage standard API approaches that are defined and well-architected internally and between third-party services.
Resilience Maturity: Architecture by Design
McKinsey says that “resilience capabilities fall on a maturity spectrum from simple redundancy to duplicate servers through to advanced capabilities with resilience built into the architecture by design.” They break this spectrum into four areas:
- Architecture and design
Mature organizations incorporate technology resilience into enterprise design and architecture.
- Deployment and operations
Resilient operations need to consider not only operational contingencies like disaster recovery but also the root cause of incidents.
- Monitoring and validation
Mature organizations use proactive and predictive approaches that stress-test solutions, disaster response, and contingency plans.
- Response and recovery
Mature technology resilience ensures a fast response to incidents as they occur while learning from operations, industry trends, and disasters in a continuous feedback loop.
Building a Resilient Organization
There are three areas where McKinsey says to start and grow a more resilient technology environment:
- Establish a blame-free culture, so when problems happen, instead of pointing fingers, everyone works toward solving the problem.
- Use metrics to measure performance and focus on the incidents they identified, like unpatched software, to avoid repeating incidents.
- Rehearse the outage so you can anticipate problems and iteratively prepare for and train your team to respond to complete system outages.
The McKinsey guide, which you’ll find here, offers a wealth of valuable information for organizations on their technology resilience journey.
Make Data Resilience a Priority
While establishing technology resilience is an organization-wide endeavor, ensuring data resilience tends to fall to IT. That’s where Arcserve is a game changer. Arcserve delivers data resilience with the broadest set of best-in-class solutions to manage, protect, and recover all data workloads, from SMB to enterprise, regardless of location or complexity.
Arcserve solutions eliminate complexity while bringing cost-effective, agile, and massively scalable data protection, and certainty across all data environments. This includes on-prem, off-prem (including backup as a service [DRaaS], backup as a service [BaaS], and cloud-to-cloud software as a service [SaaS] backup), hyper-converged, and edge infrastructures.
You May Also Like
- Backup and Disaster Recovery Business ContinuityFebruary 13th, 2024
- Backup and Disaster Recovery Business Continuity Cloud Compliance Cybersecurity Data ProtectionFebruary 8th, 2024
- Geschäftskontinuität Datensicherung Data Resilience RansomwareFebruary 7th, 2024