Managing IT Portfolios During Geopolitical Volatility
Steps For More Hardened Portfolios
Hey, fellow Leader 🚀,
I am Artur, and welcome to my weekly newsletter. I am focusing on topics like IT Management, Innovation, and Leadership, with an Entrepreneurial mindset. My goal is to help you navigate the IT corporate landscape. Make better decisions, create awareness, and share real-world stories.
It has been a wild ride since I published the first article on the SoW. Exchanging views with you and hearing feedback on how these articles have been useful is what drives my motivation to write. Leave a comment, subscribe to the SoW, and be part of the community.
If this article resonates with you, or you know someone who might find it useful, just share the link!
In an increasingly connected world, turbulence in one part of the globe can disrupt global supply chains and cause prices for major hardware components to spike. The recent events in Iran have created a panoply of issues that must be managed moving forward, offering key lessons on how to operate more effectively within the IT landscape.
The goal of this article is not to provide a political assessment (which falls outside the scope of the SOW) but to analyze how we should better manage our IT portfolios and projects. In the following sections, I will outline several considerations intended to raise awareness of the factors that can impact our projects and initiatives.
Imagine a conflict 5,000 kilometers away just added 8% to your offshore payroll and 15% to your cloud bill. IT Leaders should remain vigilant to geopolitical turbulence.
Cybersecurity: Prevention and Impacts
If you have business interests in the Middle East, you may have already encountered sophisticated cybersecurity threats. Recent events surrounding the conflict in Iran and the Strait of Hormuz have led to an increase in cyberattacks targeting companies in finance, retail, healthcare, and technology, among other sectors.
While these attacks are primarily focused on Middle Eastern nations, they can easily spill over into the US, EU, and other regions in the globe.
The overarching message is that companies must strengthen their IT security practices during periods of heightened geopolitical tension, particularly if they partner with entities in affected regions.
Hacktivism is a significant threat that can be orchestrated from anywhere in the world. To mitigate these risks, it is essential to ensure the company adheres to foundational IT security best practices:
Implement MFA (Multi-Factor Authentication): Require MFA for all applications, even internal.
Enforce Credential Rotation: Regularly update passwords, access keys, and secrets for both systems and employees.
Employ Zero-Trust Architecture: Apply Zero-Trust principles to critical software, especially back-end services for public-facing websites.
Coordinate with IT Security Vendors: Ensure robust DDoS mitigation strategies are in place, particularly for organizations in critical sectors like government, finance, and logistics.
Maintain Actionable DRPs: Ensure Disaster Recovery Plans are updated, tested, and ready for rapid execution.
Utilize Offline Backup Storage: Offline backups to protect data from ransomware and wiper attacks.
IT Budget Impacts
Rising energy costs and the global helium shortage have significantly increased the cost of semiconductor manufacturing. These expenses are inevitably passed down to the consumer, leading to higher costs for cloud services and physical server hardware.
Such shifts can disrupt annual budget projections. Depending on the project, organizations may need to re-evaluate their cost structures or, in some cases, pause initiatives entirely.
These inflationary pressures also extend to laptops and personal workstations. Companies may face higher procurement costs, which can become particularly impactful during periods of rapid scaling or high staff turnover.
While utilizing refurbished hardware is a viable temporary measure, it may not serve as a sustainable long-term solution regarding hardware obsolescence and performance.
Plus, internal IT security budgets must be reviewed to account for increased regional exposure. Some organizations, if vulnerable to these events, might need to invest in platform modernization to mitigate rising risks and vulnerabilities.
Be mindful that exploits are becoming increasingly sophisticated due to AI-driven threats. Maintaining a resilient security posture requires investment, particularly where legacy applications and past security practices have led to technical obsolescence.
Near-shoring and Far-shoring Risks
Recent events have served as a significant “eye-opener”, reminding us that the Middle East remains a volatile region. The closure of Dubai Airport some weeks ago highlighted that, despite its modern infrastructure and welcoming business climate, the region is still susceptible to sudden disruption.
On top of that, the impact on fertilizer supply chains and pricing could potentially destabilize economies like India, a primary powerhouse for US and EU far-shoring strategies.
I have never been a big fan of implementing far-shoring for the sake of cost reduction alone (story for a different article). However, it is vital to assess the risk of inflation when a significant percentage of your workforce is concentrated in an impacted country. For instance, if India were to experience a surge in food prices, it would drive up the national inflation rate.
High inflation is the primary catalyst for increased staff costs and higher turnover. If a far-shoring decision was based solely on low labor costs, an unexpected 6–8% spike in payroll expenses could severely undermine the strategy’s projected ROI.
Another strategy involves selecting regions that offer greater security and stability. However, if the company is already in a less stable region, this requires an assessment of the additional investment needed for new offshore implementations. Cost should never have been the main driver for the investment (again, story for a different article).
That’s it. If you find this post useful, please share it with your friends or colleagues who might be interested in this topic. If you would like to see a different angle, suggest it in the comments or send me a message.
Cheers,
Artur