To accelerate transformation and become more resilient, organizations are continuing their rush to the cloud—even with sensitive data.
In fact, in a KPMG global study of technology, risk and compliance professionals, respondents said 78 percent of their business applications reside in the cloud. And in the next two years, more than half the respondents said that most, if not all, of their companies’ sensitive data will live on cloud platforms.
However, the cloud is not a magic bullet for operational resilience.
There are risks, and indeed more than half the organizations have had issues in the past year. Among them are IT delays, data loss, productivity loss, application outages, regulatory compliance violations, and diminished ability to provide services.
To drive operational resilience, stakeholder trust, and other outcomes in the business case, cloud transformations need continued nurturing after implementation, and many leaders are working with service providers to do it.
Leading providers bring a combination of advisory capabilities and managed services, helping companies design a target operating model for the cloud—and optimize it through ongoing risk management, change management, platform enhancements, and more.
The top four areas of public-cloud risk, according to the KPMG study, are:
Others on the long list of risk concerns include cloud costs, data governance, controls monitoring, and regulatory compliance.
All are areas where providers can help, with as-a-service processes such as managed detection and response, managed application security testing, identity and access management, and financial crime compliance.
To get long-term return on cloud investments, forward-thinking companies consider the risk implications at the outset of a transformation initiative—while budgeting for the ongoing management of them.
But what about the companies who didn’t have this forethought? Because of unforeseen costs and risks, some are struggling to achieve the target outcomes in their business case, so they’re now working to modernize their platforms post-migration.
For example, my colleague Marcus Murph, leader of Technology Advisory at KPMG in the US, recently said in CIO magazine that some companies are exploring serverless and composable architecture as a next phase of transformation. Others are pursuing ongoing services for platform enrichment, cybersecurity, and advanced data management.
Whether you’re planning a migration or you’ve already done one, remember that cloud transformation is an ongoing journey that doesn’t end with implementation. The companies that gain and sustain operational resilience will be those that continually optimize their platform while managing risk.