How can NZ’s SME CIOs balance innovation with budget constraints?

In the New Zealand business landscape, a predominant challenge for Chief Information Officers (CIOs) is to manage the increasing demand for technological innovation while preserving the value of existing investments. While CIOs in smaller enterprises may operate within more constrained budgets compared to those in larger corporations, they often have a broader latitude to innovate within their existing technological frameworks.

A significant portion of New Zealand’s small to medium enterprises (SMEs) have demonstrated resilience in the face of challenges. Following two years marked by business disruptions and accelerated modernisation due to the COVID-19 pandemic, these enterprises are now contending with an evolving economic landscape and additional external disruptions.

The pandemic served as a catalyst for digital transformation. Current challenges necessitate that businesses strike an equilibrium between cost-saving initiatives and technological implementations that can foster growth and augment customer experience. This dynamic is prompting CIOs in SMEs to extend their strategic vision beyond mere technological solutions to secure a competitive advantage.


Support Infrastructure


The advent of novel digital platforms, combined with the transition to remote and hybrid work models in recent years, has somewhat equalised the competitive landscape between SMEs and their larger counterparts. This trend is not only reflected in the digital maturity of SMEs but also in their strategic priorities. Irrespective of the size of their IT budgets, CIOs are increasingly aligning their focus with both business and technological strategies.

Many SMEs in New Zealand function with limited IT personnel, necessitating a concentrated effort on optimising current technological investments. While innovation remains a priority, the resource constraints often limit the scope of their initiatives. Consequently, there is a growing reliance on external partners to identify opportunities where technology can deliver tangible business value within a cost-effective framework.

Moreover, the escalating landscape of cyber threats is exerting additional pressure on SME IT teams. Data protection remains paramount, yet a significant number of SMEs lack the specialised security expertise to counteract sophisticated cyber threats. Despite the relief offered by automation, SMEs frequently find themselves targeted by cyber adversaries. It is becoming increasingly evident that a comprehensive cybersecurity strategy, complemented by informed staff training on prevalent threats, is indispensable.

Strategic Differentiation

While some SMEs maintain operations using primarily cloud-based tools and inherent resourcefulness, those that stand out have adeptly leveraged both technological investments and strategic partnerships. In a business environment where customer expectations are multifaceted, SMEs are strategically positioned to cultivate a competitive edge.

Given inherent constraints related to budget, resources, and expertise, SMEs are tasked with devising innovative strategies to meet customer expectations. Exceptional customer service, a hallmark of successful SMEs, can be augmented with the judicious deployment of technological tools. This ensures that even a lean team can deliver service levels that differentiate them from competitors.

Balancing technological aspirations with budgetary constraints remains a challenge for SMEs. While there might be an inclination to adopt the latest technological solutions, discerning CIOs recognise that value and tangible outcomes can also be derived from cost-effective solutions that empower employees with essential tools and information.

Ongoing digital transformation initiatives have underscored the significance of technological investments for SMEs across various sectors. While CIOs now operate with enhanced autonomy and potentially larger budgets, the most effective strategies are not necessarily the most expensive. CIOs who are charting a course for long-term sustainability are those who judiciously utilise available resources to refine their technological ecosystem through informed strategic choices.

Modernise your Backup & Recovery Approach

Data is the lifeblood of any Kiwi organisation, making it a prime target for increasingly sophisticated and relentless cyber criminals. Moreover, the threat isn’t just external; rogue employees present a significant internal risk.

It’s essential to note that New Zealand, while not as vulnerable as some countries, is not immune to these threats. Recent reports indicate a surge in ransomware attacks within our shores, reflecting a global trend.

Alarmingly, there’s mounting evidence that cyber attackers are setting their sights on backups, which are often an organisation’s last line of defence. Given the rise in ransomware attacks, the best practice discourages paying ransoms. However, this is only feasible if the organisation is confident in its data recovery capabilities.

A staggering 93% of New Zealand organisations have reported cyber attack attempts on their backups, with 73% admitting partial success on the attacker’s part.

It’s also worth noting that paying ransoms doesn’t guarantee safety. A mere 16% of organisations managed to retrieve their data after parting with their funds.

In essence, backups have always been paramount, and now they’ve become indispensable. This reality brings forth a new set of challenges for the already burdened Chief Information Security Officer (CISO) or their equivalent.

Historically, backups have been a tedious task. From the era of tape backups meticulously moved off-site at regular intervals to modern disk subsystems, the backup process has always been time-intensive and mundane, yet utterly crucial.

Backups must be frequent and manageable, but they also need rigorous testing for reliability. This complexity makes them particularly susceptible to human errors, which can have devastating consequences during a cyber attack.

A concerning statistic reveals that 93% of organisations face significant challenges with their current backup solutions.

Hybrid Environments and Their Challenges

The evolving nature of IT infrastructure, especially with the advent of cloud computing, complicates the backup landscape. Organisations in New Zealand, like their global counterparts, are increasingly adopting a hybrid approach. This means a mix of on-premises systems, co-located data centres, and public clouds such as Microsoft Azure or Amazon Web Services.

This diverse data environment necessitates that organisations pinpoint their critical data’s location. The varied landscape also complicates the backup process, introducing more potential points of failure.

Given this backdrop, ensuring robust, real-time backups of corporate data is a pressing concern for New Zealand’s CIOs, CTOs, and security officers. To guarantee peace of mind, organisations must adeptly manage their intricate data environments, ensuring backups are immutable and isolated from potential threats.

A crucial feature is the ability to compare each backup against an uncontaminated baseline, promptly identifying any discrepancies. This is vital due to the rise of “stealthy hackers” who discreetly introduce malware, which, if undetected, corrupts subsequent backups.

Traditional backup methods are no longer sufficient.

Consider a case from across the Tasman: An Australian health insurance company faced a ransomware attack. They chose not to pay the ransom, only to discover their backups were compromised. The recovery process was prolonged and costly, far exceeding the initial ransom amount.

The potential reputational fallout from such incidents is immeasurable.

Envisioning a Modern Backup Solution

So, what should a contemporary backup solution for New Zealand organisations encompass?

Given the diverse IT landscape, a modern backup solution must offer a unified platform for data management. This platform should facilitate data location discovery, proactive threat detection, risk assessment, and backup testing.

Harnessing the power of artificial intelligence and machine learning can enhance and automate this solution.

From a design perspective, backups should be encrypted and “air-gapped” for added security.

Such an approach offers numerous benefits, including cost-effective management, demonstrable cyber resilience, and reduced effort due to a singular, intelligent backup platform.

Above all, it ensures the reliable recovery of data, offering peace of mind to all stakeholders.

Questions to Ponder

  • How confident are you in your organisation’s current backup solutions, especially in the face of evolving cyber threats?
  • In the event of a ransomware attack, would your organisation consider paying the ransom? Why or why not?
  • How often does your organisation test its backups for reliability and integrity?
  • With the rise of “stealthy hackers,” how is your organisation proactively monitoring for anomalies in your data environment?
  • Are your employees adequately trained and aware of the internal and external threats to data security?
  • Considering the diverse IT landscape, is your backup solution flexible enough to adapt to new technologies and platforms?
  • How would your organisation handle the reputational damage following a significant data breach or loss?


PCTECHNZ Services Overview