With the start of the fourth quarter IT leaders are likely to be scratching their heads, to figure out where best to spend whatever IT budget has been allocated for next year. No one could have predicted the instant change in working practices arising from the global crisis. No amount of planning would have prepared IT departments for the mix of software tools that, little over six months following on from the UK’s coronavirus lockdown, have become commonplace.
IT has proved it can adapt to change instantaneously, providing the technology backbone that has enabled many organisations to remain operational.
But while the IT team were the unsung heroes of the global crisis, IT leaders are not expecting a big thank you and a blank cheque to spend, spend, spend.
Economists predict a slow recovery; business growth will be challenging. This, inevitably, means that IT budgets are going to be squeezed. Businesses are already making redundancies and there is a very real possibility that IT chiefs will need to weigh up whether to retain staff or cut vital projects in 2021.
If full time employees are taken out of the sums, the bulk of IT spending goes on support and maintenance of existing software; what little remains is then invested in new projects. Earlier this year, before the pandemic, analyst Forrester urged CIOs to trim back their new project portfolios for the next two years and start looking for ways to contain their other costs.
A large proportion of IT spending goes on maintaining existing enterprise software. Maintenance and support contracts for these can amount to an annual fee of 20-25% of the original software license fee. So for every £100 spent on a software licence, a further £20 goes on maintenance.
The fee funds further development of the product, provides technical support and updates and patches. While the IT industry relies on its customers continuing to upgrade, often, IT departments cannot easily justify the ROI on an upgrade. When an enterprise product is no longer in support, the customer no longer receives patches, which leads to security risks. Third-party support providers offer services that take on support of these unsupported products.
While these companies do not have access to the source code, they say that scripting, web application firewalls and open source initiatives like the OWASP ModSecurity core rule set project can offer viable workarounds.