Despite a common desire to adopt more technology, businesses face a big challenge in the training and upskilling of employees. Even those firms that outsource their IT and cybersecurity functions to third parties often found that their contractors lacked sufficient understanding of their businesses to provide sufficiently-tailored support. According to the survey, the biggest challenge faced by 60% of the respondents, was that their IT vendors lack the right knowledge; the second big challenge, facing 58% of the respondents, was that the vendors cannot quite accurately represent the client organisation’s brand, vision and processes. On top of this, 40% of the respondents face difficulties ensuring the quality and competency of solution providers. Ramakrishna notes that much of this mismatch arises from third-party firms not keeping pace with customers’ needs. IT professionals, he shared, cannot merely be technically proficient, but must have business acumen and be ready to adapt quickly. “IT development used to be about writing the specs and coding it, but today it’s more about finding problems and creating solutions,” notes Jeff Kavanaugh, adjunct professor at the Graduate School of Business of the University of Texas at Dallas in a Harvard Business Review article. At times, merely finding sufficient IT professionals with a specific skill is in itself a problem. Case in point: demand for cybersecurity talent far outstrips supply as firms grow more concerned about potential cyber attacks. The 2020 Allianz Risk Barometer Survey found that cybersecurity was among the leading concerns for businesses, both in the Asia-Pacific and globally. According to the CIOAA survey, 89% of companies have a cybersecurity strategy in place. However, only 62% note that the cybersecurity function fulfils their corporate needs despite 65% of companies reporting that they have dedicated employees to man the cybersecurity function. Just under 50% of enterprises reported they have not budgeted for a dedicated cybersecurity hire. “This is not surprising, given that trained and experienced cybersecurity talent is very expensive to hire, and in many cases or countries, just not available,” according to the report.
In the short run, firms can overcome the business knowledge gap between themselves and third-party IT providers by changing their procurement strategy. For one, businesses should build long-term relationships with the vendors so that client and contractor can get to know each other better. Under the common traditional open-tender model for specific projects, IT contractors do not have time to acquire a more than superficial knowledge of the client. Furthermore, the typical tendering process can take too long and quite often, the requirements of the project can change completely even before the contract is signed. “Firms face shorter timelines and things regularly evolve as we speak. Procurement techniques need to evolve in order to keep up with the times,” he says. Instead of offering tenders on a project basis, firms should instead recruit contractors based on their existing capabilities and agility and trial their abilities before transitioning them to longer-term projects, he says. Alternatively, firms can also rely on co-creation, where firms develop long-term strategic partnership with third-party providers to allow the latter to build familiarity with their operations, even “embedding” or “seconding” specialist personnel with the contracting firm. The government, Ramakrishna says, is increasingly adopting the latter. More fundamentally, however, the education system and societal attitudes have to change in order to reflect how workers are trained for IT roles going forward. “The acquisition of digital and computer science skills has been led by industry but schools are two steps behind. [IT] skills will be acquired not through formal education, but instead through skills-based platforms like Coursera and Udemy,” says Ramakrishna.
