So I just finished presenting at a Business Continuity and Disaster Recovery conference. Not my strongest subject although, after years of battering my liver with alcohol, I am pretty adept at Disaster Recovery.
Anyways, not knowing much about the subject, I just called the presentation Life’s a Glitch, as there appear to be so many of those darned glitches out there right now.
The premise of the presentation is that too many financial institutions in the last century had the attitude if it isn’t broken, don’t touch it. The result is that they built a legacy liability for this century by cementing early technology systems into their foundations.
Those foundations are now creaking, being unable to take the demands of 21st century non-stop real-time processing and cyberattacks.
The question is then how to replace the foundations without the building falling down.
It is not easy, but the interconnected global world of technology demands that banks are far more agile and flexible. Therefore, any system that is old and inflexible should be ripped out and replaced if it relates to real-time processing.
Most of these systems were designed for batch, not real-time, and most are falling apart through lack of skills, expertise, knowledge and capability.
So the banks are replacing such systems, but even as they do this things change.
Just as banks consolidate and rationalise core processing on megaplatforms, the megaplatforms become redundant because you can do it all in the cloud today.
I urged the audience to move mission critical processing into private cloud and shared services into public cloud, as that’s the best way to get great resilience and business continuity.
Most of them looked at me incredulously.
I urged the audience to review systems every five years and replace them every ten, even if they are not broken, as ten years is far too much cycle time in our world of rapid change.
Just look at the iPod. It burst onto the market in 2001, became iconic and peaked around 2008 as the iPhone took over and guess what? It’s now redundant.
That’s how fast things change.
Add onto this non-stop cyberattacks and Distributed Denial of Service (DDoS) and a bank that has not bulletproofed its current systems, let alone the legacy, is going to be hammered.
One of the other presenters at the conference was from IBM and stated that banks generally get 111 million cyberattacks a year. That’s over 300,000 a day!
Of these, around 87 – or 1.67 a week – are really malicious and would cause mission critical damage.
There’s the issue right there.
24 by 7, non-stop real-time customer demands and 24 by 7, non-stop real-time attack.
How any legacy system in core processes could withstand such demands is beyond me.
Anyways, as can be seen, consolidation and rationalisation is all well and good, but systems must then evolve and focus upon continuous improvement rather than cryogenic freezing.
Review every five years (or more often) and renew every ten (or more often).
That’s the only way that a bank, as a technology business, is going to survive.
Oh, if anyone’s interested, here’s the slide deck as well (those who know me will recognise some of these).