Blog: Wellbeing in the IT department

Let’s start by thinking about a healthy, high performing, optimal IT infrastructure with a focus on wellbeing… According to the ITDMs we surveyed, contributing most are qualities such as security, for example in data storage, backups and within their networks (66%), controlled information access and availability (41%) and scalability (38%). Based on these qualities, how would you consider the health and performance of your organisation’s IT infrastructure? Perhaps somewhat of a pitiful basis for comparison is our respondents’ assessment of theirs.

Unfortunately, it’s not a gleaming picture – when asked to rate their current IT infrastructure overall, only around half (52%) believe it to be completely healthy, immune, high performing and optimal. Even when looking across the sectors surveyed, those from IT, technology and telecoms are most likely to report that their IT infrastructure is completely healthy, which may be expected as this is largely their turf and expertise, still only around six in ten (65%) report this. A similar story emerges when asking respondents about the various components of their IT infrastructure; the hardware, software and network within it. In fact, only a third (33%) of ITDMs in the UK consider their hardware to be completely healthy, the lowest of the three components.

Infrastructure pain points felt throughout the organisation

An IT infrastructure being in anything less than optimal health potentially leaves systems wide open to problems such as downtime, bugs, data loss, cyberattacks and latency. And, unfortunately, this is happening to our surveyed ITDMs pretty frequently – over half (53%) report experiencing these issues at least monthly. For those in the manufacturing industry, these kinds of challenges are happening weekly to around four in ten (42%).

Such issues are not localised to the IT department and this is not just an IT problem, Almost all (99%) report that their IT infrastructure plays a role in their organisations’ overall success or performance, and the majority (75%) consider that role to be significant. Alongside a similar proportion reporting the same about their organisation’s wellbeing (69%), it is not surprising to see the level and variety of impact ITDMs cite. Of those who experience issues with their IT infrastructure – the vast majority (96%) of our respondents – a similar proportion (95%) report that they impact their organisation in some way.

The knock-on impacts of IT infrastructure health and wellbeing to the organisation are seemingly wide reaching and somewhat nuanced, affecting not only its wellbeing and performance through increasing exposure to cyberattacks, affecting the bottom line, losing valuable data and the like, but also the hardworking employee within. While the latter can be less tangible and harder to measure, it is no less detrimental or important. Such impacts including reducing productivity and efficiency (51%), preventing employees from doing their jobs effectively (49%) and employees needing to work more as a result (33%) can even create a compounding effect; all having considerable negative impact to an employee’s stress levels, their health and wellbeing and consequently their performance.

Alarmingly, the vast majority (82%) – and nine in ten (90%) of those holding c-level and/or senior management positions – agree that their mental health and wellbeing is influenced by the health of their organisation’s IT infrastructure. Equally concerning, though, is that these figures seem to correlate with their physical health and wellbeing, with a similar proportion (78%) – and, again, around nine in ten (89%) in leadership positions – agreeing that their physical health and wellbeing is influenced.

Such stark effects are also evident by the variety of ways respondents report their organisation’s IT infrastructure issues to impact them personally. Most likely are that they have to work more than their contracted hours and that they impact their emotions by feeling a sense of frustration about them at work, with more than a third of ITDMs reporting these consequences.

It may be obvious that the health of an IT infrastructure plays a significant role in its organisation’s overall wellbeing and performance, however, would you consider it to play a similar one in your own personal wellbeing, success or performance? Perhaps surprisingly to some, or perhaps not considering the reported impacts, our results suggest that it does – and considerably. Similar to its role in the overall organisation, the vast majority cite that the health of their organisation’s IT infrastructure plays a role in their personal success or performance (97%) and their wellbeing (92%).

Reassuringly, however, an overwhelming majority (92%) of the ITDMs we interviewed agree that their organisation possesses a clear vision for having a healthy IT infrastructure. This indicates that, while organisations may not currently be as resilient or indeed digitally immune as they’d like to be, those working within the organisation are optimistic at the path ahead. With the right investment, training, and overall focus on increasing organisational wellbeing and IT infrastructure health, organisations can greatly improve their overall immunity, health, wellbeing, performance and, ultimately, success.

So, what can be done?

What can be done to enable IT infrastructures to be in their most optimum state, with a healthy immune system and potentially mitigate issues? As with humans, one place to start is to build resilience; IT teams can perform maintenance tasks such as software and hardware updates, auditing, monitoring and upgrading that will go a long way to ensuring their IT infrastructure is as healthy and as immune to bugs and issues as it can be.

Optimistically, at an overall level, the vast majority of our surveyed ITDMs report that they are performing these various maintenance tasks at least in line with recommendations, if not more. Indeed, almost all (99%) of our surveyed ITDMs consider them to build at least some resilience and immunity to prevent issues with their IT infrastructures. Perhaps IT teams don’t have the time or skilled resource to even consider the benefits of proactive maintenance, instead, their time is spent firefighting and remedying the frequent issues which leaves them burnt out and ineffective? Conceivable, as more than three quarters (78%) agree that theirs and their colleagues’ ability to maintain their organisations’ IT infrastructure would improve if more focus was aimed at their personal wellbeing.

 

Are wellbeing priorities starting to turn?

With the importance of wellbeing being integrated into increasingly more organisations worldwide, more needs to be done to understand the role it plays among the business and its employees. It could be argued that shifting priorities from an organisation-centric to a more employee-centric mindset is counterintuitive to the wellbeing of an organisation, yet it’s clear that the success of one cannot be achieved in isolation.

As per their human counterparts, organisations with a healthy (digital) immune system will always be better placed to defend themselves from unwanted contagions. As with any organism, the wellbeing of an organisation is directly linked to those who work within it, and leaders might be wise, therefore, to not only actively invest in the health and wellbeing of its IT infrastructure, but also its employees, given its impact on the bottom line.

The survey findings are based on quantitative interviews conducted in January 2023. As a member of the Vanson Bourne Community you’ll gain access exclusive to a variety of insights reports just like this one, based on research with our members.

Blog: Will ChatGPT be a friend or foe to IT decision makers?

ChatGPT and similar AI tools are currently gaining much attraction in the media, with many of us concerned about the possibilities of ChatGPT and similar generative AI tools being used for nefarious purposes. But should (or can we afford to) let these inhibitions hold us back from using some of today’s most exciting technologies? Innovation should be a central focus for all organisations as without it there is a risk of falling behind the competition.

We wanted to find out how IT decision makers (ITDMs) feel about ChatGPT, both personally and professionally, so we conducted a handful of in-depth interviews with technology leaders from large companies in the UK to gain a rich understanding of their thoughts. Our interviews uncovered a mixture of approaches and attitudes: from companies jumping head-on into ChatGPT usage, to those who currently have banned its use on company devices.

Among ITDMs there is an overarching sense of personal excitement and expectation that the future will be heavily influenced by AI. But will ChatGPT persist, or will it soon be overtaken by other platforms? And will organisations overcome the fear-factor to hone AI as a force for good?

 

A cautionary approach to AI-generated data

ITDMs acknowledge the ways in which ChatGPT could be detrimental if used for malicious and non-ethical purposes. Perhaps it will make us less productive or enable individuals to take credit for work that is not their own. There are also feelings of doubt surrounding the accuracy of the data, which would need to be verified separately.

This concept of controlling what data sits within ChatGPT and similar AI tools is a key consideration for ITDMs. It manifested itself in different ways in different conversations. Whether it’s to ensure that it is not used to create templates or how-to guides for cyber-attacks, or to prevent misinformation that could, for example, unduly damage company reputation. In one instance, it was suggested that the best way for ChatGPT to be harnessed within an organisation, would be to have it running exclusively with internally approved datasets.

Business snags, but excitement and hype prevail

ITDMs are impressed by the potential for ChatGPT and similar AI platforms, and how it will shape the future, both in a personal and professional capacity. Thinking more specifically about business use cases, chatbots were singled out as something in use but that could be enhanced by further reducing the need for human intervention.

Currently, tools like ChatGPT are helping take out the mundane workloads in organisations, by compiling, generating, and checking documentation. In this way, potential time-savings are immense. One respondent we spoke to reflected on a task that would have taken 4-5 lawyers a whole week, being carried out by AI and machine learning technology in “probably 10 minutes”. Thinking again about the need for organisations to remain competitive, something that can not only save time but also adapt core business models, is worthy of serious investment.

Of course, with certain tasks becoming redundant, people are bound to fear for their jobs. However, ITDMs viewed the impact ChatGPT will have on the workforce as positive overall, in modifying existing roles and opening new opportunities.

But some are held back by reservations and hesitancies surrounding regulations, with one respondent revealing that using ChatGPT on company devices was prohibited at their organisation, and could result in dismissal if something were to go wrong. Whether this is the correct course of action remains to be seen.

The future of ChatGPT

A lot of hype surrounds ChatGPT right now, but there is consensus among ITDMs that as other organisations rush to produce their own versions, it may well be overtaken. Microsoft 365 Copilot is one such product we’ve been advised to look out for. AI in a much broader sense is what ITDMs regard as important and while ChatGPT may be replaced by other tools, there is no indication that AI chatbots will be going away any time soon.

So, what have we learnt about ChatGPT in the view of ITDMs?

It’s clear organisations that embrace and adjust to the ever-changing landscape of AI will be best equipped for the future, whether that includes ChatGPT or another AI chatbot remains to be seen. Job security is not a major concern for our respondents, at least not any time soon, as they perceive the tool as an essential component in alleviating mundane tasks, thereby enhancing worker productivity and enabling them to concentrate on other tasks. However, apprehensions regarding security and control of data, as well as unethical usage, are prevalent among many, potentially impeding the advantageous potential it holds.

Whether you feel optimistic about ChatGPT, or are on the more cautious side, there is no denying that it is gaining attention and having an impact. But will it be replaced by other tools? And will it have more of a positive or negative impact on the workplace?

Only time will tell…

Methodology

Five 30-minute in-depth interviews were conducted in June 2023 with IT decision makers in the UK. All respondents were from organisations in the private sector, with 1,000 or more employees.

As a member of the Vanson Bourne Community you’ll gain access exclusive to a variety of insights reports just like this one, based on research with our members.  

Blog: Web 3.0 – A real business game-changer?

With Web 3.0 as a potential game-changer on the horizon, hyped to truly revolutionise the way we do business, we wanted to explore how this innovation is likely to take shape, along with its potential impacts. While Vanson Bourne wouldn’t consider ourselves expert in the subject of Web 3.0, our blog provides a foundation for further exploration on the topic.

Berners-Lee 3.0?! 

Before immersing ourselves in Web 3.0 – or Web3 – it’s worth briefly reminding ourselves of the evolution of Tim Berners-Lee’s world wide web since its inception.  

  • Web 1.0 (the past) – the internet simply provided access to online data. Static web pages, if you will 
  • Web 2.0 (the present) – internet users can manipulate and interact with content (social media, etc.) 
  • Web 3.0 (the future) – whilst the concept is still evolving, the essence of the idea is that the web is decentralised and self-regulating. No one entity will have control over the network, effectively creating a more secure and transparent virtual environment 

Why should businesses care about Web 3.0? 

Forewarned is forearmed -having a solid understanding of the evolving technological landscape, along with the associated organisational opportunities and challenges this creates, can only aid strategic thinking – providing a tactical, commercial, advantage. 

Web3 is not purely conceptual, the building-blocks are already in-place, including technologies for storing and transmitting information without governance by any central authority (blockchains), cryptocurrencies, smart contracts, decentralised applications (DApps), peer-to-peer (P2P) networks, non-fungible tokens (NFTs), and decentralised autonomous organisations (DAOs). Each of these already has real-world applications across many industries. 

Gaining a snapshot of current business understanding 

We recently conducted a poll on our website to find out how many people understand the term Web 3.0. The results can be found here.

To measure the understanding of Web 3.0 across the business community we spoke to IT decision makers across our Community, as well as IT decision makers in the US. 

Almost three-fifths (58%) of IT professionals stated that their knowledge of Web3 was not comprehensive. Perhaps unsurprising, at one level, given the future shape and application of such a technology has yet to come fully into view.  

Whilst in-depth understanding of Web3 is far from universal, the potential benefits are more widely acknowledged. Adoption of Web3 was felt to have the potential to ensure enhanced data analytics (70%), greater data management (64%), as well as ensure an increased ability to understand customers’ needs (63%). 

Given this degree of potential engagement with future applications, it is no surprise that almost 8 in 10 IT decision makers we interviewed felt that the majority of organisations in their industry will employ the technology over the next 5 years. 

Positioning you, your team & your organisation for the future  

There are a number of practices which can be put in-place to ensure you are you’re well positioned to embrace Web 3.0: 

Raising your base knowledge 

Being inquisitive, informed and future-facing in terms of ethos -this is no different to when dealing with any such drivers of truly transformational landscape/organisational change. 

In more specific terms, ask yourself, your team and your organisation the following questions: 

  • To what extent do we truly understand the fundamentals underpinning Web3? 
  • Do we have time, headspace and/or resource dedicated to understanding related movement within our industry vertical? At the very least, is Google Alerts set-up to monitor ‘Web3’/’Web 3.0’ – tracking major sectoral developments 
  • Has any thought been invested as to how we position our proposition (and brand) within a Web 3.0 landscape? 

Keeping a close eye on the pioneers  

Within your industry (as well as across adjacent sectors), pay attention to those businesses at the leading-edge of developments, those embracing Web3. Learn from their successes and missteps. 

  • Which activities/product solutions are they prioritising? 
  • How are they positioning themselves? 
  • What problems are they solving? 
  • How are they adapting their business model(s)? 

 Focussing upon walking, before running  

Start small – look to become gradually more familiar with the foundational concepts of Web3, so that you’re ready to pivot when the opportunity arises. 

Our final thoughts  

Whether it’s called Web 3.0, Web3, or something entirely different, the third generation of the internet is heading our way. Though such major transformational change may still be five years – or even a decade – off. 

Web3 will bring with it the full VUCA (volatility, uncertainty, complexity, ambiguity) suite of impacts and disruption – as is the case with all game-changing innovation. Ultimately though, such seismic transformation can be viewed through the lens of opportunity or challenge. 

The most agile, innovative, forward-facing businesses will look to embrace the technology and the associated commercial possibilities, to win. 

In our view, the emergence of Web 3.0 should be closely monitored and considered, but not feared. Whilst the foundational technology continues to evolve and integrate, it’s no bad thing to sporadically ask yourself that same, tough, question: ‘Am I, my team and my organisation well placed to embrace such innovation and the opportunities it offers?’ 

Methodology 

The survey findings are based on quantitative interviews conducted in 2023 with Vanson Bourne Community members and additional interviews with IT decision makers from the US. The research comprised of 300 interviews, from enterprise organisations and representing a range of commercial sectors.  

As a member of the Vanson Bourne Community you’ll gain access exclusive to a variety of insights reports just like this one, based on research with our members.  

Blog: BYOD, shadow IT and mitigating risk

Hybrid working opens a potential Pandora’s Box for IT security

While debate will no doubt continue, it seems likely that working patterns have been changed irrevocably – latest figures suggest that around a fifth (22%) of the GB workforce worked at least one day a week at home, almost double the pre-pandemic level (12%). 

Hybrid working brings with it new challenges and concerns particularly in terms of IT infrastructure and support with the potential heightened use of ‘bring your own device’ [BYOD] and Shadow IT. 

A quarter of those surveyed already have a formal BYOD company-wide policy (24%), whilst a similar proportion (26%) agree BYOD on a case-by-case basis, and 6 in 10 (59%) believe that Shadow IT occurs in at least some parts of their organisation. Half (51%) agree that ‘Shadow IT has increased with the rise of hybrid working’.

Those who use BYOD generally consider its introduction to have been successful, although just over 1 in 10 (12%) feel unable to comment – whilst this might be down to the individual respondent’s role not focusing on this specific area, it may also point to a lack of formal assessment as to the effectiveness of BYOD (particularly amongst those organisations only adopting it informally on a case-by-case basis).

BYOD is likely to place additional strain on internal IT teams

Nine in ten of those organisations using BYOD have security measures in place to cover the practice, although many of these are standard IT policies, such as password requirements and data transfer provision, which are likely to be adopted on any work device, be it employee or organisation owned. Data wipe upon contract termination, installation of company approved anti-virus software and device maintenance may raise additional BYOD challenges for any internal IT team, particularly if a variety of different devices are being used (an issue raised as a concern by over a third of those currently without a BYOD formal policy). 

Amongst those without a formal BYOD policy, the key concerns centre on compliance (61%) and data removal/retrieval (53%). 

BYOD further compounds the prevalence of Shadow IT, its associated risks and resourcing implications

Of those without a formal BYOD policy, a third (34%) are concerned that implementing BYOD will lead to an increase in Shadow IT within the organisation. This is a realistic expectation, given that employee-owned smartphones and computers are likely to be loaded with applications, software and tools that they use and are comfortable with, and so will want to continue accessing. 

An increased prevalence of Shadow IT is clearly of concern, when the vast majority of those organisations currently with Shadow IT report experiencing security issues (80%) and/or compliance regulatory issues (74%). It is perhaps unsurprising that over 8 in 10 (84%) feel that Shadow IT results in a lack of visibility for the IT department. 

Despite more efficient working and effective collaboration often being cited as a potential benefit of Shadow IT due to increased familiarity with the apps and tools being used, and improved accessibility for non-company users, 6 in 10 of those organisations with existing Shadow IT have experienced collaboration challenges as a result (59%). Almost as many have experienced Disaster Recovery issues (55%). Indeed, our mixed audience of IT and business professionals estimate that they spend on average 11% of their week addressing issues caused by Shadow IT.

Seven in ten agree that ‘Shadow IT poses a security risk to my organisation’, whilst over half (53%) disagree that ‘the advantages of Shadow IT outweigh the challenges’ (against just over a quarter agreeing – 27%).

Mitigating risk must be the focus

It is probably too late to put the genie back in the bottle: with 59% reporting some occurrence of Shadow IT in their organisation, and a quarter (26%) saying it extends across the majority or all departments, the focus must surely be on mitigating any risks posed – especially if hybrid working and BYOD are likely to continue unabated.  

Central to mitigating risk is identifying the extent of Shadow IT use within the organisation. Understanding the non-company applications, software, hardware and tools that employees are turning to, and why, may help to identify gaps in the company IT provision, which can then be filled by approved versions. Risk assessments and audits can help to identify Shadow IT use which poses a serious compliance or security issue, and so allow these to be addressed before any damage is done. 

Just over 7 in 10 (72%) are able to state ways in which their organisation is mitigating or planning to mitigate against the risks posed by Shadow IT, most commonly with employee education (48%) and provision of approved tools (45%).  

With almost one in three (28%) reporting that they are unsure or are not currently mitigating against the risks of Shadow IT, there is still room for improvement in the management and prevention of risks. 

 

‘The impact of remote and hybrid working on workers and organisations’, published 17 October, 2022 https://post.parliament.uk/research-briefings/post-pb-0049/

The survey findings are based on quantitative interviews conducted in December 2022 with 226 Vanson Bourne Community members. All respondents are UK based, representing a range of commercial sectors.

As a member of the Vanson Bourne Community you’ll gain access exclusive to a variety of insights reports just like this one, based on research with our members. 

Blog: From supplier to partner

In our earlier report ‘Security is a team sport’, we explored whether organisations have the necessary expertise or headcount to deal with all IT and IT security needs in-house. Almost half (46%) of the Vanson Bourne Community members we surveyed were using the services of a Managed Services/Security Services Provider [MSP/MSSP] to support IT needs, and specifically to access their IT security expertise. 

Whether it is direct assistance from IT security vendors or from a MSP/MSSP, end-user organisations may well be open to help in terms of managing the risks posed by hybrid working, BYOD and Shadow IT. On the whole, IT budgets would appear to be holding up sufficiently to finance such additional support, with over a third (35%) stating that their 2023 IT budget will see an increase, with a further third (32%) believing it will remain stable. 

Getting on the supplier radar

To be in with a chance of securing any additional IT support work generated through hybrid working and the challenges it brings, IT vendors and MSP/MSSPs must first be on the radar of the end-user organisations as a potential supplier. 

Almost all of our audience access additional information about their role and/or industry (96%), most commonly to understand new technologies (82%) and/or to further their skillset (71%). Half are looking to understand the latest threats (51%).

Given the focus on ‘understanding’, it is unsurprising that online articles and publications capture the largest share of voice, being accessed most (69%), and most frequently (87% of those reading, do so at least monthly). 

Newsletters and online forums also feature strongly with almost 1 in 2 using, most commonly on a weekly basis. Although not accessed as regularly, webinars and online courses prove popular, no doubt reflecting the ‘new normal’ of online working following the pandemic. 

If wanting to engage customers directly, IT vendors need very visible online content providing in-depth insights into new technologies and threats, and if appropriate, to be offering relevant interactive sessions/training through forums, webinars and courses. 

In using vendor websites, our decision-maker audience are laser-focused on the information and functionality that will facilitate a quick and easy purchase: access to prices (68%), easy navigation (57%) and multiple contact points (50%). Clear messaging is also important for almost half (46%), with the potential for this to key into the essential supplier traits of availability, flexibility, and consistency – as well as demonstrating sector expertise (as outlined in the following section).

Making the leap from Supplier to Partner

Having established a presence, and so hopefully a foot in the door, the aim must surely be to move from one of many providers to a trusted and integral business partner. Our audience identify availability of support, flexibility and consistency as essential if a supplier is to stand out from the pack – to move out of the friend-zone to be truly ‘loved’.

‘Understanding the client’s target audience’ is also of importance, with over 1 in 10 (13%) selecting it as the supplier trait that they love the most. 

Excelling as an IT Vendor Support Team

Despite living with Zoom, MS Teams et al for over two years, customer preference for communicating with a vendor support team is a live telephone chat with an agent – over a quarter (27%) select this is their first-choice touchpoint, and over half (59%) select it within their top three. Reality is not too far removed from this, with over half (55%) currently interacting with vendor support teams via telephone chats, although email is the touchpoint used most commonly (74%).

There is an apparent mismatch with self-service portals, more experience this in reality than would select it as a preferred option (47% vs. 36%), whilst the inverse is true of a live online typed chat with an agent (32% vs. 41%). Reflecting the preferred characteristics of ‘loved’ suppliers already identified, availability of support is most likely driving this, with the immediacy of a live chat answering this need.  

Indeed, when asked for the most important characteristics of an effective IT vendor support team ‘responsiveness’ is cited by 8 in 10. Proactive problem solving (70%) and knowledge & training (66%) are also key, whilst clients appear to be relatively less concerned about the operational nuts & bolts of the support team, such as offering automated solutions (15%) or having few unopened tickets (25%). 

Thriving in our hybrid world…

Hybrid working brings real challenges to end-user organisations in terms of their IT infrastructure and services, there is a growing need for IT vendors and MSP/MSSPs to: 

  • Provide guidance through online articles, insight and training to highlight the pros & cons, particularly the potential threats associated with hybrid working, BYOD and Shadow IT
  • Potentially offer services to help develop viable company-wide BYOD policies, which can be easily monitored and audited
  • Similarly, audits of existing Shadow IT use may be of value to end-user organisations, including risk assessments of the apps, software and hardware being used, and recommendations on approved tools to adopt in order to fill any existing gaps in employee needs.

In offering such services, to be a true partner and not just a provider, IT vendors must focus on availability of support, flexibility, and consistency of service – ideally delivered via a one-to-one ‘real-time’ support channel. 

 

The survey findings are based on quantitative interviews conducted in December 2022 with 226 Vanson Bourne Community members. All respondents are UK based, representing a range of commercial sectors.

As a member of the Vanson Bourne Community you’ll gain access exclusive to a variety of insights reports just like this one, based on research with our members. 

Blog: Security is a team sport

External threats are rife, and appear to be on the rise, while internal resources are stretched, all reflected in regular media headlines that cyber criminals are on the front foot, moving closer to achieving their corrupt objectives. Even the Electoral Commission has been subject to a data breach, more on that here.

However, we’re not here to preach about the rights and wrongs of what organisations are doing to protect themselves. Instead, we will examine one possible option for organisations as, alongside their vendor partners, they look to stem the tide and elevate their IT security posture. This ray of light comes from the utilisation of managed services providers (MSPs)/ managed security services providers (MSSPs).

 

Embracing external support to alleviate internal issues

It’s true that sometimes too many cooks spoil the broth. In business that proverb can rear its head in various ways – whether too many people being involved in a process causes a decision-making bottleneck, or teams end up at cross purposes on a project, there are a number of ways where a smaller, more streamlined team can be of benefit. This may also be true when it comes to IT security. However, in an ever-evolving space, where knowledge and expertise translate into power, surely the more brains there are working towards a common goal, the greater the chances of success when it comes to defending against cyber criminals. 

The one thing to bear in mind here though, is that not all organisations have the expertise or the headcount in-house to throw towards IT and IT security needs.

The way in which respondents’ organisations’ IT departments are structured begins to highlight potential expertise and/or headcount shortfalls. Larger companies (1,000+ employees) are notably more likely than their smaller counterparts to have one overarching IT department, but with this large team also including a group that focuses specifically on IT security – i.e., a team of dedicated experts exclusively working on keeping the business secure.

It is therefore probably fair to assume that the IT teams within the smaller surveyed organisations – particularly those with only 1-49 employees – are in a tricky position when it comes to both headcount and security expertise as they aim to maintain a secure environment for the rest of their colleagues. And this provides a good basis for explaining why these are the organisations most likely (31%) to be utilising an MSP/MSSP in tandem with an internal individual/small team to manage their IT security needs.

Sharing expertise and responsibility

But this doesn’t tell the whole story – overall, almost half (46%) of surveyed organisations are leaning on an MSP/MSSP to some extent for their IT security needs, with this even applying to the largest surveyed organisations (5,000 or more employees) where 45% report that this is the case. Our two cents – this can only be a positive thing – the more brains at the table working towards securing organisations the better, while it also highlights the value that these service providers can offer. This line of thinking is supported by the fact that 59% of respondents from organisations using an MSP/MSSP for their IT security requirements, report that the IT security expertise offered by these third parties is among the reasons for their use in the first place – making it by far the most commonly reported reason.

Aside from the expertise that MSPs/MSSPs can offer, there is also the added bonus of easing the burden of responsibility on internal teams that are often already stretched and struggling from a skills perspective. This is clear from the 40% and 31% of our Community members respectively reporting that they don’t have the headcount or skills in-house to manage their organisation’s IT security needs.

It would, of course, be a stretch to say that without an MSP/MSSP organisations will inevitably fall victim to a security breach, but it stands to reason that the added support wouldn’t go amiss. Further to that, it seems fairly evident that once a partnership is in place, end user organisations, IT security vendors, and MSPs/MSSPs must seamlessly work together if they hope to stave off the continuous barrage of threats that they’re up against.

This is perhaps best demonstrated by the ways in which respondents’ organisations keep up to date with the latest threat intelligence. Approaching half (48%) do so through their product vendors ending alerts on specific threats to their products, while only slightly fewer (43%) utilise specific threat intelligence tools from their vendors. And MSPs/MSSPs can also play their part by keeping end user organisations up to date with the latest intelligence, as is the case for 28% of those surveyed. 

End user organisations clearly require assistance, so it’s up to IT security vendors and service providers to help ease that burden and help to mitigate the risks at play. 

Stronger together – maximising IT security

All in all, the situation seems pretty clear – whether the partnership is just between the end user organisation and their IT security vendors, or whether there is also an MSP/MSSP in the mix as well, it is critical that all parties are singing from the same hymn sheet when it comes to maximising IT security efforts. 

Security is, after all, a team sport, and until everyone involved recognises and buys into it, there will always be an avoidable opening in white hat security defences, with the damages of a breach having the potential to impact all of those who could have prevented it, to varying degrees.

 

These survey findings are based on qualitative and quantitative interviews from September 2022 with 216 members of the Vanson Bourne Community, our network of IT and business professionals at the forefront of their industries. 

As a member of the Vanson Bourne Community you’ll gain access exclusive to a variety of insights reports just like this one, based on research with our members. 

What do our members think?

“Vanson Bourne Community sends me interesting IT related surveys. The rewards I receive are generous and I love that I can send them to a selection of charities.”
Operations Manager, Financial Services
"I have been part of the Vanson Bourne Community for many many years now, and the surveys are always interesting and do make me think about my understanding of topics, its great being part of the group."
Head of Technology, Media
"Vanson Bourne Community surveys are relevant to my job role. The surveys are well designed and not repetitive. The survey incentives are variable, extremely fair and delivered quickly. This is by far my favourite panel."
IT Manager, Financial Services
Interested?
Come and be part of our great community!