Cybersecurity and Data Management Take the Spotlight
As we move forward into 2019, it is important to remember what we have learned. Data leaks and hacking incidents were at an all-time high in 2018, and the management of those incidents left behind lasting impressions on consumers. The impact of GDPR was felt throughout all of global business. IT Asset Managers are called upon year after year to increase the offerings they provide to their organizations. The year 2019 will be no different. IAITAM has predicted three distinctly unique challenges that will push the profession and the industry even further forward in 2019:
- Contract management will become a new emphasis for IT Asset Managers – These contracts govern everything the organization does between their businesses, IT department, and the IT provider community. Written, signed agreements and contracts are fading and giving way to a new contractual style: contract URLs. Companies are currently being invaded organically by URL contracts without even realizing what has happened. With providers being the ones driving this change, their legal staff is much more equipped to handle this than that of your company. IT Asset Managers need to understand that this is an unsigned and non-negotiated agreement that is generated through multiple purchase or use agreements and may exist on a product-by-product basis. These contracts can also be changed at any time with little or no warning or notification from the provider. Contractual URLs will dictate what you do, how much you pay, how you pay, what can be changed, etc. for many years to come. IT Asset Managers will need to either strengthen their relationship with their legal and contract departments or become adept contract managers themselves. This will be a new requirement for managing assets in the future and IT Asset Managers will be called upon to handle this change.
- The strong focus on cybersecurity will continue – In September of 2018, NIST (National Institute of Standards and Technology) along with NCCoE (National Cybersecurity Center of Excellence) published a standard for IT Asset Managers. This standard directly impacts our profession. We are being called upon to help aid the cybersecurity efforts of organizations and government agencies all over the world. Currently, compliance with the new NIST Cybersecurity Framework Version 1.1 will only be for governmental agencies. However, just as other governmental best practices have trickled down into commercial enterprise, this too will find its way.
The year 2018 was the worst year in recorded history for data breaches and leaks of personally identifiable information (PII). There is no sign of this trend slowing down. While data leaks are sometimes impossible to defend, identifying them and reporting them to those affected so the victims can protect themselves quickly is becoming the new focus. This discussion was held on Capitol Hill during the Equifax data breach regarding why Equifax took so long to report that there was an issue. The speed in which an organization can report a data breach is only as fast as their ability to locate the data and offending assets. This is an ITAM best practice and as of September 2018, NIST and NCCoE agree.
- ITAM and ITSM will continue to blend, and not always harmoniously – From a C-level view, ITAM and ITSM serve the purpose of ensuring an organization is able to continue their core competencies. From a practitioner’s point of view, this becomes a battle of quality vs. speed. ITSM is focused on providing the services necessary for the business. They are paid to close trouble tickets and get new products up and running. Naturally, doing this as quickly as possible is their primary focus. ITAM is paid to manage assets, licenses, vendors, and contracts in a manner that is advantageous to the business. ITAM is often times slower and more deliberate than ITSM. Change is coming in the form of ITAM becoming recognized more and more as a foundational aspect of an organization. Identifying assets, leveraging vendors, and negotiating contracts are producing actionable cost-savings and efficiencies and reducing risk for organizations. C-level executives are seeing the value in a mature ITAM process. It is important to remember that a mature ITAM process is also agile and able to move more quickly than an immature process. As such, IT Asset Managers need to ensure they are striving and progressing towards a more mature ITAM program so they can better facilitate ITSM and, in turn, the organization.
The year 2019 is sure to bring some unexpected developments and be just as impactful as 2018. Exciting things are developing for IT Asset Managers as the capabilities and benefits that they offer to their organizations are recognized more and more each year. IT Asset Managers need to be aware of coming trends and stay a step ahead of the changing business and regulatory environments. In doing so, we can continue to make positive changes throughout the world. IAITAM will be here for you every step of the way.
Here’s to a productive, thriving, and revolutionary 2019 for everyone in the ITAM industry!