Main
Log in

Irene Pimentel

This email address is being protected from spambots. You need JavaScript enabled to view it.

Irene Pimentel is an IBRS analyst who focuses on news and information on the global IT Outsourcing market. Irene provides IBRS clients with up to date information on all outsourcing deals that are taking place helping our clients understand who is winning business in what markets. With over 10 years experience as a management consultant, Irene has worked with some of Australia's largest blue chip companies and public sector organisations. Irene has also worked as a research manager for an IT sourcing consultancy, providing clients with targeted intelligence and advice for their specific IT sourcing transactions.

Conclusion: This month, discussions regarding critical security issues have continued to be prominent. In particular, an increase in the ineffective management of security threats and incidents was flagged. A high proportion of companies have cited a preference for paying off ransomware demands due to a perception it is a cheaper and less complex resolution to security incidents. These types of short-term solutions often produce other risks and create larger, associated problems in the future. A growing trend to under-report security incidents and a lack of cyber threat intelligence has left many companies exposed. Customers often deprive themselves of opportunities to improve cyber security controls and processes when they do not adopt long-term mitigation strategies to reduce risks and enhance response measures.
Such long-term and consolidated efforts allow customers to take advantage of all resources available to the company, founded in threat intelligence. Accessing a wide range of cyber threat intelligence and establishing ways to obtain this information is particularly critical. Plans must include ways to identify and assess security incidents, how staff communicate and share information regarding incidents, as well as harnessing data from external sources such as service providers and other tailored data specialists. Whilst complex, establishing sturdy threat identification, protection, response and recovery frameworks will improve a company’s capacity to manage security risks, utilising all resources and information available.


Register to read more...


Conclusion: This month, there have been increased discussions regarding highly targeted, industry-specific security threats. Security issues for managed service providers can be especially complex due to the nature of the industry and delivery frameworks. Targeted attacks on vendors that support a large and diverse client base, utilising intricate, often intertwined solutions which cater to a wide range and large number of business functions, can result in difficulties when security issues arise. Problems such as theft, malicious attacks, denial of service and framework collapses can cause added risks because of vendor/client structures in this sector. For vendors, attacks can result in difficulties such as managing security issues over a large number of clients or associated entities which provide services. For clients, outsourced networks spanning different sites and critical functions are amongst the variety of threats which can leave clients exposed. Responses for vendor co-ordination with clients, as well as associated service providers and partners, must be considered and thoroughly planned when developing response measures for service providers. Measures must be as robust as possible, as well as sufficiently flexible to cater to unforeseen events and the complex nature of the managed services sector, where threats can be highly variable in nature, volume and extremities.


Register to read more...


Conclusion: This month, discussions regarding ICT outsourcing project completion and outcomes have been prominent. Whilst project successes outweigh those which are still struggling, the results make it clear that the capacity to develop and implement a strategic approach to the adoption of managed services is critical. Projects experience difficulties due to failures to stay within budget, set timeframes or providers cannot meet basic milestones. Difficulties are also experienced when unforeseen problems arise because of miscalculations regarding the size or complexity of a project, as well as technical issues. Project successes, which provide a stable working relationship and added value to customers are the result of clear strategies, allow the services to facilitate business objectives, and a thorough consideration of adoption barriers during a project, including administrative, technical, legal and regulatory.


Register to read more...


Conclusion: This month, the large outsourcing agreement between Thales and the Department of Defence/Airservices Australia has been the subject of discussion. Whilst the contract value is high, more significant are the complex project objectives which resulted in a lengthy contract negotiation period. Initially, agencies involved anticipated an off-the-shelf solution to replace national air traffic control systems. However, it became apparent that a customised solution to support system functions was required, given the large and technically complex nature of the project. In order to reduce risks associated with contract failure, a two-year negotiation period was undertaken to ensure delivery responsibilities and specifications were well-defined. Project oversight and monitoring frameworks, vendor incentives to stay within project budgets and meet fulfilment targets were also described in detail within agreements. Although concerns were flagged regarding the delay in finalising this agreement, extra care was warranted given the critical functions the system will support, as well as the high value and complex system foundations. By adopting this approach, all parties have a sturdier agreement which can provide value for money, performance incentives, frameworks for contract execution as well as a better chance of project success.


Register to read more...


Conclusion: This month, discussions regarding digital transformation efforts have been prominent. Plans to upgrade, improve and modernise internal ICT frameworks are critical for effective value creation and faster results delivery. Customers need to invest in technological change in order to establish a set of digital products which address stakeholder needs and integrate with business operations and functions. Customers often struggle with identifying and evaluating vendor risks and establishing appropriate audits and controls for service providers. Whilst customers are familiar with issues such as contract compliance and security, obtaining a managed service provider with a deeper understanding of business requirements can be difficult. However, this understanding is critical when developing digital transformation solutions, and vendors need to augment skills, develop more detailed strategies and address concerns specific to particular customers in order to deliver business value during digital transformation efforts.


Register to read more...


Conclusion: This month has seen a focus on ICT 2018 forecasts and 2017 reviews. These types of analyses are important for vendors in order to strike a balance between providing new, high quality service offerings customers’ demand and traditional concerns, such as privacy and legislative compliance. It is critical that new offerings are carefully planned so they align market drivers such as cost savings, utilising new technologies and business improvements with basic needs that are common to all customers and integral to establishing, managing and completing outsourcing agreements.


Register to read more...


Conclusion: This month has seen an increase in activity for public sector outsourcing. While reports this year have flagged sector growth, with more diverse offerings and a greater uptake of smaller providers, difficulties with contract performance in this area are still clear. While the size and complexities associated with these projects can present serious problems, they are aggravated by issues that are especially prominent in the public sector. For instance, running critical functions such as financial management, customer service and human resources, on disparate, large or obsolete systems, can result in a wide range of vulnerabilities for government agencies. These can interfere with business continuity, pose security threats, hamper disaster recovery or prevent appropriate skills development. As vendors evolve to offer more specialised services that cater to customers’ requirements, it is important for the public sector to continue to review and analyse its outsourcing projects because of serious consequences associated with catastrophic failures, outages and exploitation of government systems.


Register to read more...


Conclusion: Discussions regarding the increased presence of small-to-medium businesses (SMBs) and start-ups in the IT industry have been prominent this month. Initiatives aimed at generating growth in the sector, such as funding for smaller providers, information exchange and facilities which allow for access to government contracts, are showing clear results. Support for smaller providers that offer specialist services are in high demand, as well as resources and information regarding sustained growth, product development and consumption frameworks. Both vendors, and customers seeking tailored and competitive offerings in a market traditionally dominated by large vendors as well as smaller customers hoping to access quality services, have benefitted.


Register to read more...


Conclusion: This month has seen an increased focus on security threats posed by managed service providers and associated vendors. ICT service providers are attractive targets because they can provide access to a wide variety of customer networks, or can be used as a starting point for other malicious attacks. Compromised commercial or government data, or products which facilitate vendor service provision, can result in serious breaches and unexpected losses. More in-depth reviews of vendor security protocols, products and response measures to threats are required for customers to obtain the best possible protection against attacks launched through their managed service providers.


Register to read more...


Conclusion: This month, there has been an increase in the launch of digital communities or marketplaces which facilitate partner access to resources, information and collaboration in specialist areas. These types of initiatives can be beneficial to both vendors and customers, providing the capacity to identify disparate services and combine them for specific needs or develop new tailored vendor offerings. Products, service offerings, project delivery, financial models and contract structures can be enhanced by targeting individual needs. In an environment where innovation is critical to remain competitive and relevant, these types of initiatives are valuable. They also allow for a clearer and broader perspective when developing solutions.
This kind of transparency can help to address some of the challenges associated with complex outsourcing agreements which result in technical or contract management difficulties. Allowing this kind of exchange can help drive fresh ideas and new approaches to IT outsourcing, as well as more effective customer and partner engagement.


Register to read more...


In the News

PageUp starts rebuilding and looks to learn lessons after data breach nightmare - AFR - 27 June 2018

The timing couldn't have been worse for PageUp; two days before Europe's new data protection regime came into force the Melbourne-based online recruitment specialist's security systems detected...
Read More...

Australia is still in the cyber security dark ages - AFR - 28 June 2018

In terms of cyber security years, Australia is still in the dark ages, a period typified by a lack of records, and diminished understanding and learning. We're only a few months into practising...
Read More...

AMP does maths on infosec shortage - ITnews - 18th June 2018

Cyber security and risk advisor at analyst firm IBRS, James Turner, said the cyber skills shortage was prompting a wider rethink around the domain in terms of resourcing for the last few years....
Read More...

How Australia must use the PageUp data breach to become stronger - AFR - 18th June 2018

PageUp People, a successful Australian Software-as-a-Service vendor, has been the victim of a crime , with a data breach that could be extremely damaging for its prospects . There are two lessons...
Read More...

The three cyber security challenges Australian businesses can't ignore - AFR - 6 May 2018

Australian businesses currently face a cyber security triple threat that has nothing to do with warding off hackers. Rather there are three new regulatory forces impacting specific points of the...
Read More...

Subscribe to IBRS Updates

Invalid Input
Invalid Input
Please enter a valid email address
Please enter your mobile phone number
Invalid Input

Get in-context advice from our experts about your most pressing issues or areas of interest

Make an Inquiry

Sitemap

Already a subscriber?

Login to read your premium content.

        Forgot your password?
Recently Viewed Articles