Bringing DRaaS to the C-suite: The key job roles analysed

(c)iStock.com/samxmeg

A series of large scale cyberattacks have been in the headlines this year and, according to McAfee, the situation will only worsen as hackers use more advanced techniques to infiltrate networks.

Despite this, there are still a large portion of companies that remain vulnerable, mainly due to the lack of executive interest in preparing for worst-case scenarios. The same report states that 79 percent of C-level US and UK executives surveyed say executive level involvement is necessary to achieving an effective incident response to a data breach and 70 percent believe board level oversight is critical.

It is therefore vital that IT leaders effectively communicate the latent threats to the ‘C-suite’ - the top executives at that organisation - to successfully address the weaknesses that may exist and be fully prepared to respond when they happen. Because they do and will happen.

For example, data centres experience total shutdowns an average of more than twice every two years, localised shutdowns nearly six times every two years, and limited outages more than 10 times per year. Therefore organisations must prepare themselves for when this happens. Because disasters create a crisis environment, they increase the need for the immediate return to operation and the ability to test and view the solution. Therefore, DRaaS (Disaster-Recovery- as-a-Service) is not merely an add-on to a cloud service provider’s offerings but it must be a focused discipline with appropriate infrastructure and staffing expertise.

So many of our customers tell us that their path to making the decision to adopt Disaster-Recovery-as-a-Service was not as smooth or as fast as they would have liked. And, one of the common reasons for this is around the difficulties faced in convincing high-level decision makers, often those in the ‘C-Suite’ to prioritise a DR strategy. It’s not that these C-level executives don’t understand the need to protect IT systems from a potential disaster, but that the prospect of such a disaster is sometimes not immediate enough to be the catalyst for a fast decision.

So, if you are looking to address the topic with your executives, below are some of the key aspects to consider depending on their job title:

  • CEO/COO - Components of a DRaaS offering that would appeal most to CEO/COOs are the time to business resumption (e.g. near-zero RTO), the ability to pay as-you-go without a large capital investment, the ability to prioritise data and workloads for restoration and the flexibility to test to ensure proper operation in case a disaster is declared.
  • CIO - CIOs have a tough balancing act; they must balance costs with the need to limit exposure. They may have to meet compliance requirements imposed by regulation or standards bodies. CIOs need to satisfy the needs of different stakeholders and business imperatives with DR – and this is a huge challenge.
  • CFO - As their primary responsibility is financial, they must be approached from a fiscal angle. They look for an unbiased, independent perspective. Often perceived as being risk averse, they will invest in sound decisions, especially when they see a value proposition backed by financials and metrics.
  • CMO- While traditionally associated with branding, advertising, and public relations, more often the CMO has key objectives tied to customer loyalty as well. An obvious concern of CMOs is how the negative press around disasters affects brand image and customer loyalty.  The CMO will not be interested in the details of the services chosen but can be a strong supporter on the need for DR to protect brand image as well as maintain excellent customer support.

It is important to build each individual case based on the key elements of your company’s DR requirements, and focus on the aspects that the target executive needs the most and that will be highly impacted by unplanned outages. These will be the biggest factors that can positively influence the C-suite towards prioritising DRaaS come budget time.

Read more: Selling Disaster Recovery as a Service (DRaaS) to the C-suite

Related Stories

Leave a comment

Alternatively

This will only be used to quickly provide signup information and will not allow us to post to your account or appear on your timeline.

Mark Campbell
14 Nov 2015, 9:03 p.m.

Two other C-level executives to consider:

CSO: Chief Security Officer. As was demonstrated with "sting" that the Daily Mail did on Datto's data center (http://www.dailymail.co.uk/news/article-3269608/Open-doors-no-checkpoints-dumpster-waiting-rifled-security-farce-data-fortress-run-company-held-Hillary-Clinton-s-emails.html) the CSO must be aware of the physical and electronic security measures at the data centers which constitute the DRaaS cloud. Extending OSI level 2 (VMware vCloud Air) or level 3 (other hyperscale providers such as AWS or Google Cloud Platform) from on-premises to the cloud extends the "perimeter" of security and can increase the attack surface.

CTO (Chief Technology Officer). The other C-level executives should rely on the technical vetting of the underlying technology which constitutes DRaaS for all business units as well as understanding the SLAs and processes of the DRaaS offering.

Mark Campbell | CTO | Unitrends | @DrMarkCampbell
Blogs: http://blogs.unitrends.com | http://vmboomerang.com/the-boomerang-blog/

Reply