Our hearts go out to the people of Ukraine. Today’s Insider will focus on service delivery and cybersecurity risks given the unprecedented events of the last several days.
SERVICE DELIVERY RISK
As we have discussed over the past several weeks, leading IT services firms in Ukraine started diversifying their employee populations after annexation of the Crimean Peninsula in 2014. This approach has helped to enable strong growth in the Ukrainian tech sector over the past several years, because it reduced risk for risk-averse clients in Western Europe and the U.S.
But even with this diversification, the center of gravity for Eastern European software engineering remains in Ukraine, with over 50,000 tech employees, and well over 200,000 technology freelancers. And based on discussions over the past 48 hours, it’s our view that, while some IT services employees have left the country, most are sheltering in place. This is likely to remain the situation for the near term as internet has been disrupted, many roads are blocked, and air space has been closed to commercial air traffic.
This means that not only is delivery being impacted in some cases, but also that short-term relocation out of the country as part of some providers’ business continuity plans may be impacted as well.
INQUIRY WATCH
CYBERSECURITY RISK
Cyber threats are rapidly increasing inside of Ukraine. The Computer Emergency Response Team of Ukraine warned today of a spearfishing campaign targeted at the private email accounts of Ukrainian military personnel, while earlier this week several government websites were taken down with a DDoS attack.
But it’s also our view that cyber risk outside Ukraine has increased significantly over the past 48 hours. The possibility for cyber-attacks against critical infrastructure providers outside of the country is now very real. The average dwell time for these types of attacks is more than six months, which means it’s likely some organizations have already been breached but are not yet aware.
All enterprises should be prepared, whether they use Eastern Europe as a technology delivery location or not. Firms should 1) heighten awareness of cyber risks, 2) review internal and external communication plans, 3) continue to be diligent in patching systems, 4) ensure backup technology and resources are ready and available, and 5) ensure open lines of communications with third-party technology providers that may also be compromised.
About the author
Stanton Jones
Stanton leads ISG's Index research, helping providers, investors and ISG clients make sense of the global IT services sector. Stanton’s weekly newsletter, the Index Insider, is read by thousands of market stakeholders each week. An ISG Digital Fellow, Stanton has been quoted in Fast Company, Forbes and CIO.com, and has appeared on national cable news.
