According to Daniël Pairon at KPMG, “resilience is the ability to deliver critical operations in the face of disruption. It allows organizations to absorb internal and external shocks, ensuring the continuity of critical operations by protecting key processes and resources such as systems, data, people, and property.”
However, after COVID-19, I think that many business leaders would all agree that resiliency is about more than service availability and optimization of system performance through prediction of future performance and capacity requirements. Today, resiliency is about people, then processes, and then systems.
So how have things changed because of the crisis? The following comments were part of a recent CIO Chat about this key business topic.
Has Defining IT Resiliency Changed as a Result of COVID-19?
CIO David Seidl starts this discussion by saying that “even though we knew better, we mostly thought about our systems, and perhaps do I have enough staff to cover things. Now we think about how our staff is doing mentally, emotionally, and physically in a way that we should have before.
“We also think about how to support multimodal access methods for almost everything. Hybrid meetings have become a default. For this reason, we adjust far more fluidly to changing circumstances. Meanwhile, our leadership team has leveraged IT more than before the crisis and has learned to use more of the tools that we provide. We operate a pair of video conferencing tools because we need the ability to operate even if one is down. Before, most folks didn’t know how to use one conference tool very well. COVID has been an all-hands-on-deck experience.”
CIO Martin Davis agrees with Seidl and says he has rethought “IT Resiliency as well as mental resiliency. It must also include resiliency over a longer term then we were expecting. It’s no longer about can we survive a short period of pain.”
Adding on, CIO Melissa Woo says, “the last 18 months have been grueling for IT professionals. And let’s add we are now seeing a resurgence in infections at a time we were all breathing a sigh of relief that the end of the pandemic was in sight. This second round really tested resiliency. There’s a recurring theme here – resiliency of our teams is a concern.”
CIO Sharon Pitt adds, “it turns out our systems could have been a bit more secure and robust. Also, our procedures and processes could have be tighter. The biggest concern, as time marches on, is the well-being of our teams. For my part, I think it’s a cross-university concern. Maybe even it is an across the nation concern. People are still suffering and many of our teams remain very, very lean.”
CIO Deb Gildersleeve agrees and says, “in the past we often thought about resiliency around a location, work, and data center, COVID-19 made us look at it from an employee perspective. As important, you can’t look at resiliency in a silo. You must consider resiliency alongside adaptability. So, organizations need to stay as resilient as possible and agile enough to adapt when disruption occurs.”
Does IT Resiliency Have a People Component?
Former CIO Ken LeBlanc started this conversation by saying it is “so important for CIOs to have strong partnerships with the HR function and 3rd party sources.”
But, Seidl says, “I think it always did. We had group 1, 2, and 3 picked out for emergencies. But COVID changed how we view preparing for an emergency. I think we’re better for it, but I’m also worried about the long-term impact on folks who have carried the resiliency burden for so long.
“If I asked folks the question how would you prepare for a multi-month, or yearlong emergency now, I wonder what our plans would look like. Our old plans were for an outage, or major event that would be days, maybe weeks.”
Woo adds an important note: “none of the stuff matters without people to run it.” Davis agreed and said, “most things are people at their core. Even before you always relied upon the people working 24×7 to resolve a critical outage. That’s true even more so now.”
For CIO Jim Russell, the people component today “has received at least greater awareness. The flex in our organizations comes first in the people and if they are working from a trauma position, they often lose resiliency. So being and keeping folks fresh should always have been part of putting in place a healthy IT department.”
IT Strategy Officer Katie Rose, adds “we have to ensure that people can bring their best, and if they’re burnout, that won’t happen.”
Rob O’Donohue, Gartner CIO Analyst, said, “I look at this through many domains in IT. Culture, leadership, strategy, workforce models, and relationships all as important as technology. Interested to see if others are thinking the same. I have results coming out soon on this topic and the shift in technology resilience to more of the human jumps out. More needs to be done. Cultural resilience is key.”
Reconsidering Endpoint Devices and How They Connect
CIOs shared with me over the last couple months that many workers were issued laptops for the first time as they left their offices. So how should strategy work going forward?
Seidl said, “in many cases, we sent desktops home that were never expected to move. We benefitted, fortunately, from a purposeful effort to make services available wherever people are over the past few years. Our administrative assistants were surprised when the leadership team took over mail duties during the pandemic. I think we learned some good lessons about leveraging location too.”
For Russell, “COVID-19 accelerated the work from anywhere movement. This change has meant rethinking security and training but just sped up one aspect of digital transformation. And some of the resiliency of IT occurs in the clients or customers.”
Adding on, Davis says that “this time has changed the thinking of many. It’s no longer about locations for resiliency or security it’s more about individual objects, e.g. a device, or a database, or an app.”
Given this, Gildersleeve says the question that every CIO is asking is “what can we do as a company to make sure everyone can do their best work from wherever they are located in a secure way.”
Part of this starts by doing what Pitt suggests, “redefining technology standards, allowing teams to work from anywhere. In our cases, significantly change was required to our HR policies. Fortunately, we did not need to redefine how our teams connected to our systems…although we expanded and tightened that capability. But certainly the availability of broadband was a significant concern for some.”
CTO Anthony McMahon added an international perspective by saying, “in New Zealand, our issue was a return to normal too quickly. Leaders didn’t have time to note the impact of security in home networks before everyone moved back to the office. Endpoints have been tightened, but risks remain. Especially as we are now back working from home.”
CIO Carrie Shumaker adds, “her organization will now have laptops for most if not all and a soft phone-first strategy. Many departments had been deploying laptops for years, but this pushed the stragglers forward.”
Where Systems Needed Help
Seidl says that his organization’s “infrastructure is a decent-sized small city, which means our approach has to include stuff that just plain won’t flex that way now, or even easily in the future. I look at this through many domains in IT. Culture, leadership, strategy, workforce models, and relationships all as important as technology.”
Gildersleeve similarly argues for considering the people and process stuff first. She says, “getting tech to new hires became a whole new process. Previously, we were able to bring people into an office and walk them through their setup and then they were good to work from anywhere…
“Now, we have to get ahead of ordering and building out new systems because we have to factor in shipping time and getting folks what they need before they start”. She adds that “as we continue to work in a hybrid-remote workforce where people are working all over… Resiliency is as much equipment and systems as it is making sure employees are safely accessing data and information in a way that keeps the company secure but doesn’t compromise productivity.”
To make this happen, Russell says several technology decisions needed to be made. This includes the following: “Communications, Video Collaboration, Files Storage, and a host of exploration and training just on better use of resilient aspects of existing tools.” CIO Carrie Shumaker notes, “we need soft phones by default and for business texting.”
Without question, CIOs think about resiliency through a whole new lens because of COVID-19. As well, the crisis is going to force the ripping off of “human band-aids” to systems.
CIOs need to make employees resilient wherever they work. Shumaker puts it this way. “For me, I grew up in IT running payroll, which required all-nighters on a regular basis, and we staffed; accordingly, tired people make poor decisions. Those were typically marathons of greater than 48 hours. COVID-19 has added a whole new dimension.”
Businesses today without question need to be concerned first about resiliency from the people dimension.