Today’s legacy systems: a need to modernize
Even before COVID-19, the need to boost command center resiliency had become a point of emphasis. The movement of critical business functions (CBFs) and their supporting infrastructure to the public cloud has had institutions looking to modernize command centers and transition to detached, external control systems capable of managing complex IT ecosystems from the outside.
While some institutions have embraced automated continuous integration/continuous development/continuous testing (CI/CD/CT) methods to make their management of those ecosystems more agile, most continue to rely on legacy methods that were developed more than a decade ago. For years, hyper-redundant Tier 1 facilities have been the foundation for managing complex day-to-day business and technology cycles — and for enabling a steady stream of new capabilities to protect business applications and CBFs.
As activity has migrated to the public cloud, the challenges to those legacy-based command centers, command-and-control systems and crisis-management processes have become more evident. Common problems that limit their effectiveness include:
- A reliance on fragmented legacy tools and environments that are ill-equipped to manage the complexities of modern-day applications and sophisticated data constructs
- Limited AI capabilities, such as the ability to self-diagnose and self-heal
- An inability to scale elastically with demand and manage a plethora of connected devices
- A reliance on human and manual input, which slows decision-making
Collectively, these problems manifest themselves in ways that are felt by customers, workers and operations, including:
- Longer help-desk wait times, which lead to failed customer interactions and lower customer- and employee-satisfaction rates
- An inability to integrate with internal and external system and organization controls (SOCs) and third-party carrier capabilities and to troubleshoot problems in complex ecosystems
- Persistent difficulties in making informed decisions and solve incidents due to the lack of a 360-degree ecosystem views
- Challenges satisfying regulators of adequate controls over business, cyber and technology risks
COVID-19 has revealed two other significant problems with those legacy systems. First, the relatively static, inflexible nature of on-premise systems supporting command centers are fraught with choke points, which can stymie an institution’s ability to react to crisis situations in an agile and flexible manner. Second, those systems don’t do well at supporting IT teams when they need to work remotely.
The VCC approach
The VCC approach represents a coordinated set of technologies, applications and processes that applies the established principles of modern-day public cloud, automation, robotics and containerization to help navigate uncertain terrain during times of business disruption. It can help overcome constraints, such as geolocation, processing capacity and network bandwidth, that are largely static and inflexible in today’s on-premise systems.
While this hybrid use of modern technologies will likely be spun up and managed by artificial intelligence (AI), it’s useful to envision a highly augmented virtual reality (VR) setup, where VR technology bridges the gap between humans and AI by providing a tangible and interactive space and structure as well as enhances communication in a virtual world.
Multiple screens could be used by crisis leads and senior executives, while senior operations leads could have a more immersive experience, taking manual control of the command center remotely. Imagine, for example, being able to slide on a pair of VR goggles or walk into an equipped augmented reality room (ARR) in your home office and see everything on your work desktop — and other people on your team — in real time.
The VCC requires successful implementation of this level of automation, which is wholly dependent on the institution having a strong foundation in modernized operations (ModOps) across the wider organization. This diagram illustrates the interplay between the VCC and what’s already in play in a typical ModOps framework:
Virtual command center value stack