Almost every organisational process today has a digital element to it, which makes dedicated IT funds a common budget item. That changes in the context of a pandemic.
Across the region, we are seeing two distinct approaches to IT spend since the start of the pandemic. India, one of the biggest markets in Asia, saw the first decline in IT budgets in the past five years.
This mirrors the trend seen in the wider region, where IT spend is expected to see a drop by 1.3% in 2020. Yet in Singapore, an estimated SGD3.5 billion was spent on ICT last year—up by 30% from 2019 and a staggering amount considering the republic’s 5.8% contraction in GDP growth.
Such contrasting views come with their own set of rationale—some view digital innovation as an urgent means to rebound and rebuild; others are more reserved about spending on IT in fear of worsening their financial standing.
But with technology set to remain a permanent feature in the current digital economy, organisations, both public and private, will need to figure out a budget-conscious, optimal approach to getting the most out of their digital investments without jeopardising their long-term growth.
Ensuring the ROI on IT investments
Not all IT projects are created equal. In view of budget constraints due to the ongoing economic recession, it is crucial that available funds are channeled towards mission-critical projects, focusing on key business and operational enablement.
Take Singapore as an example—at the peak of the pandemic, the government announced a $500 million budget to help businesses get the digital support they needed to quickly adapt to new market conditions and pandemic-related regulations, while maintaining operations.
This injection of funds was vital for the survival of the local small-and-medium business ecosystem. Immediate results ranged from the setting up of digital payment infrastructure for companies that had to move their entire business online overnight, to gadget-enabled contactless services for those that still maintain a physical operation.
Some are considered stopgap measures, while others more permanent, these investments removed key IT bottlenecks and brought about the desired outcome in a timely fashion. This is the mission-critical aspect that must be factored into the decision-making process.
The second aspect to keep in mind is the manner of execution—how to optimally spend a fixed amount of funds so as to achieve the highest return on investment. In a way, the pandemic has accelerated the concept of “smart digital transformation”, characterised by a desire to bridge the old with the new—existing infrastructure with new solutions—rather than a rip-and-replace approach.
The former approach works in the favour of budget-conscious decisionmakers, with the added benefits of shorter implementation time and more yield out of the past and present IT investments.
Foreseeing the long-term challenges
One thing to appreciate about shorter rollout time is the ability to bypass certain red tape or accelerate the approval process. The benefits are clear—quick and impactful results, effective allocation of resources, and a foundation for further improvements.
However, a shortened IT project timeline could carry serious compliance and security implications. These are probable outcomes due to less time spent on thorough audit processes and testing, which are key determinants of the success of any digital transformation effort.
We saw how devastating the consequences of overlooked network vulnerabilities could be with the recent SolarWinds breach, where hackers exploited cybersecurity loopholes to gain access to major organisations across key sectors that used the company’s solutions.
The implication of this example is far-reaching. Companies of any size or sector could unknowingly put themselves in a high-risk situation by deploying insecure digital solutions or engaging third-party vendors that have not been subjected to a rigorous audit process.
In response to this incident, the Monetary Authority of Singapore has issued new regulations to raise the standards for digital risk management involving third-party technology vendors, proving that the quest for digital transformation, no matter how urgent, should not be done at the expense of risk governance.
This brings us to the compliance aspect of rushed IT projects. Could one argue that considering many organisations are in dire need of emergency digital measures, should the burden of compliance demands be reduced for time being?
But this is exactly what threat actors are anticipating—rushed deployments that overlook comprehensive protection. The mass migration of workplace processes and customer interactions onto the cyber sphere means regulatory compliance could make or break long-term digital and cyber resilience.
Digital enablement today should not cost organisations’ growth and reputation tomorrow. Smart modernisation efforts that impact mission-critical processes could form the foundation of a financially sound recovery strategy, with the caveat that all expectations must be realistic. Aiming to do more with less could lead decisionmakers into the trap of sacrificing security and compliance, the impact of which can be long-term and devastating.
Stephen McNulty is President, Asia Pacific and Japan at Micro Focus