In today’s IT, security and innovation surely top the list of your most urgent priorities. In meeting after meeting with fellow C-suite executives and the board, you’re no doubt stressing the importance of securing the business and moving it forward. But when it comes to executing that vision, how much of that talk is mere lip service? Judging by how your IT workers spend their time, you may not be emphasizing security and innovation where it counts most.
Cloud backup company Carbonite recently commissioned Spiceworks to conduct a survey of over 150 IT decision makers in the U.S. and Canada to find out how IT workers spend their time. The results reveal a heavy focus on “routine maintenance,” leaving IT workers with little time to spend on “tasks they enjoy most.”
Worse, the survey also revealed that “malware, phishing attacks and ransomware topped the list of IT pros’ security concerns,” but the majority polled said their company was “not fully prepared to handle these security threats.”
As technology changes at a rapid pace and security becomes a top concern for businesses across every industry, CIOs will need to find ways to free up IT workers so they can focus on innovation and cybersecurity.
[ Learn from your peers: Check out our State of the CIO 2017 report on the challenges and concerns of CIOs today. | Find out how IT leaders can drive innovation and transform their organizations for the digital era. | Get weekly insights by signing up for our CIO Leader newsletter. ]
“Even the best IT team is at a loss without the proper tools to keep them engaged and, more importantly, productive. If you want your IT teams to be able to focus on long-term security strategies, invest in tools that allow them to do their jobs faster and more efficiently,” says John Peluso, senior vice president of product strategy at AvePoint, a company that helps businesses manage Microsoft cloud services.
Time to invest in your loyal IT staff
The survey found that those in IT decision making positions have a long history in IT. On average, they’ve worked 15 years in IT, seven years with their current organization and six years in their current position. They’re also accustomed to working on small teams — the average IT team consists of four full-time team members, according to the survey.
Loyal employees are valuable — they know the ins and outs of your business and IT infrastructure, which is important when in finding ways to innovate for the future. However, without the proper resources — whether that’s budget or staffing — you can’t expect them to stay proactive.
“Technology should service the business as an enabler, not a cost center. As such, organizations should consider the value that technology can provide when they need to do things better, quicker, or more broadly,” says Peluso.
Routine maintenance trumps security
The survey found that in 2016, the biggest concerns for IT pros included malware (42%), phishing (40%), ransomware (26%), spyware (25%) and DDoS attacks (13%). However, the survey showed that IT workers spend most of their time on deploying or maintaining hardware, networking, email, data storage and backup and recovery. These daily tasks leave little room to focus on securing the business, researching new security products and preventing future threats.
To stand a chance in the fight against cybersecurity threats, Peluso says businesses need to focus on “end user education and training.” That means giving IT time to develop internal or external training programs for products and services and to create a culture that embraces security.
“This education cannot be a once-a-year training course, but rather must be pervasive throughout your company culture. In the absence of security education or experience, people — employees, users, and customers — naturally make poor security decisions with technology,” he says.
Expectations versus reality
The survey found that IT pros enjoy modernizing technology, troubleshooting or assisting users and planning or strategizing. However, respondents estimated that they spend, on average, only 11 percent of their time on “IT planning and strategy,” and 13 percent on “modernizing technology.”
While day-to-day issues in IT will never go away — there will always be hardware to deploy, software to update and help desk tickets to attend to — there are ways you can ease some of the grunt work in IT.
“The secret here is to identify and automate those time-consuming, repetitive tasks that are sapping your organization’s ability to focus on more business-critical issues and find ways to automate them,” says Peluso.
Creating time for your IT staff to focus on innovation and cybersecurity can help your IT workers spend more time on projects they care about — such as modernizing business technology and safeguarding the business against attacks. A little automation can go a long way — and it will all be worth it the next time your business escapes another major data breach unscathed.
“To avoid becoming the next data breach headline — which surface nearly daily — organizations need to prioritize cybersecurity controls and training. When IT workers fail to devote adequate time to devising a security strategy, they open themselves up to harmful threats like ransomware, malware, and even inside attacks,” says Peluso.