Runecast Responds to CIO Dive on prioritizing IT projects

Over the last few days we’ve been catching up with The Water Cooler series of blogs from CIO Dive. It’s safe to say that we’re fans, and today we wanted to talk about one article there in particular: The Water Cooler: How 5 executives prioritize IT projects. I’m sure you can see why it caught our attention. 

In the CIO Dive article (subtitled “Tasked with making the most of budgets and staff, leaders must select the most impactful projects to deliver in the next 12 months”), they shared responses from 5 execs on how they’re prioritizing projects and keeping security at the forefront of their thinking. We’ve picked out a few of the discussion points from some of the different contributors and noted how we responded to the challenges and approaches they put forward.

Runecast Responds

In the article, Sampath Narayanan, CIO at Everside Health, says that they have set aside 20% of their capacity for unplanned critical projects. This strikes us as a great idea and we were a little taken aback that we hadn’t heard of it being used more. Just like a home ‘emergency fund’ in your budget, allocating resources towards the unplanned occurrences is smart thinking in our book. And using tools that optimise the funds and capacity you have, can release extra resources in both areas. We might file this one under making our money work smarter, not harder. 

Miles Ward, CTO at SADA Systems talks about simplification and reducing friction. This is something we totally believe in at Runecast, and we see evidence of this being called out elsewhere. In a Gartner report from August 2021* they say "Organizations have manually stitched together DevSecOps with 10 or more disparate security tools — some new and some old — each with siloed responsibilities and a limited view of application risk."

With the speed of computing in the modern age this simply won’t do. Using our single enterprise platform reduces the mental load of using many pieces of software for all the essential tasks, speeding up your response to critical vulnerabilities like log4j.

Jason Conyard, the CIO at VMware talks about transformation and transformation at speed. There is no longer just a drive to improve, but a critical need. We like to say that security never sleeps and that’s in a large part due to the fact that the malicious actors who we are fighting against don’t take breaks.

‍

In the comic Asterix in Britain the stoic Britons are defeated when the invading Romans decide to start fighting only during the Britons 5PM tea break and on weekends. Cyber security is much the same: we can’t afford to rely on gentlemen’s agreements or a spirit of fair play. You need full confidence that your tools are working for you 24/7, giving you full and clear information for your teams, so that they’re able to continue to work efficiently and effectively, without burning out on all the possible threats around them and the million different ways of managing them.

Aranya Ghatak, VP and CIO at Vectrus continues this theme by saying, 'If a project isn't going to grow a business, why would you prioritize it?‘  There’s a natural law we see all around us: if you’re not growing or evolving you’re stagnating and falling behind, we know that security and operations teams can’t afford to rest on their laurels. They need a competitive advantage, something that puts them, not just ahead of competitors, but ahead of those malicious actors who seek to disrupt your business, for whatever reason.

Another quote from Aranya Ghatak, ‘Managing cyber risk has to be high on the priority list, as do reliable IT systems with high uptime, which enable digital worker productivity.’

We couldn’t have said it better ourselves. Runecast is a patented proven platform for protecting your systems and saving your security and operations teams time and money. When your teams have confidence in their tools they perform better, with our customers reporting between 75-90% time saving and actionable results from the first scan. 

* Innovation Insight for Cloud-Native Application Protection Platforms, Gartner, August 2021