Five steps for building greater digital resilience

07 November 2023 Consultancy.com.au

During Cyber Security Awareness Month in October, the focus was to educate people on digital resilience so that they can protect themselves better. This could not come at a more appropriate time, nor be more applicable to businesses that are starting to scale, writes Craig Bates from Splunk.

Over the past few years, Australian businesses have faced a reckoning when it comes to cyber threats. A number of large, seemingly untouchable institutions have been felled by cyber-attacks that are estimated to have impacted a significant percentage of the Australian population, with organisations even facing an $87 million average downtime per year from lost revenue and productivity, according to research from Splunk.

The evolving threat landscape has decimated consumer trust, making it harder, not just for large established organisations to build back their customer relationships, but also for growing businesses to establish a foothold in these competitive markets.

Five steps for building greater digital resilience

Craig Bates, Vice President at Splunk

Businesses of all sizes are impacted by the proliferation of distrust. However, this poses an opportunity for more dynamic businesses, to establish digital resilience right off the bat and build trust into the foundations of their growing organisations.

While many growing businesses focus on customer acquisition, hiring and investment as their growth priorities, forward thinking leaders understand that by embedding a unified approach to digital resilience where they can see, detect, investigate, and respond to problems quickly, they can create a better experience for their customers now, and in the future.

The real question is: how can growing businesses safeguard their systems with limited resources and knowledge? Well, more than just a matter of cybersecurity, it’s a culmination of processes, technologies and practices across security, IT and operations teams.

Based on Splunk’s recent report, here are five key takeaways that can improve digital resilience to future proof businesses as they’re starting to scale.

1) Invest in analytics and automation to be more efficient

First and foremost, efficient operations are key for scaling businesses. By investing in analytics tools, organisations can access security insights that help them to detect and mitigate threats proactively. Automation accelerates mean time to repair and helps smaller security teams do more, without the risk of human error.

When leaders know what is happening within systems, teams can more readily predict and respond to issues before they happen.

2) Adopt a DevSecOps model to get ahead of the game

DevSecOps is a technical framework that combines development, security, and operations. It automates security workflows and allows teams to work together to proactively address any software vulnerabilities, ultimately increasing the efficiency of development processes. DevSecOps isn’t just a technical collaboration, it also involves creating a culture of collaboration amongst leaders within a business.

Most large businesses are now attempting to reverse engineer this culture into their already established organisational structure. However, by starting with this mindset, they can be set up to accelerate its growth phase.

3) Focus on visibility of your systems to avoid downtime

Research from Splunk found that the average organisation experiences about 240 hours of downtime per year, which equates to $87 million in downtime costs annually. As the cost of downtime grows, so does the need for observability. Observability is the ability to see and understand what’s going on within your entire infrastructure by collecting and analysing data.

Organisations with mature observability practices tend to have 66% fewer outages. Indonesian digital payment platform, DANA, is a great example of how a hybrid infrastructure can hinder visibility across their organisation. When they invested in a dedicated tool for distributed tracing and application performance monitoring, they saw 70% to 90% faster recovery from incidents.

4) Use AI to help small teams do more

Growing businesses can be especially vulnerable to unexpected incidents and often don’t have large teams to fix issues or address threats quickly. AI and machine learning can help small teams detect, investigate, and respond to issues much more rapidly. By doing this, AIOps can enable better collaboration and transparency across DevOps, ITOps and security functions.

Businesses can gain the visibility needed to strengthen their security posture, which can increase resilience and provide greater opportunities to customers.

5) Protect the team from burnout

It's no secret that people are the most important factor in the building of a business. Each individual is critical to a company’s success. So, every founder, leader or manager should focus their investments on how to make their people more resilient and boost their capacity.

One way to do this is by taking a platform approach to their security management and tool consolidation. There are several advantages of centralising data collection and storage, such as the ability to serve as a unified security and observability platform. This avoids waste, improves cost efficiency, and makes for an observability system that is easily governable. Ultimately, what this does is alleviate burnout for analysts, helping them keep up with their tools and more easily take action on significant events.

In the end, digital resilience is undeniably multifaceted and requires a collaborative approach across security, IT and DevOps. But what’s certain is that growing businesses have an opportunity to build a scalable and resilient framework if they invest in the right tools, structure and culture at the beginning of their journey, rather than wait until it is too late.