Sustainability is primarily a question of thinking, moral attitudes and social values.
The fact that many problems cannot be solved with technology and rational thinking alone, because they are primarily psychological and emotional in nature, becomes apparent at the latest when the child has fallen into the well. Unfortunately, my colleagues and I have had too many crisis meetings in the executive suites of Japanese companies in recent years, which were brought to their knees by malware and sometimes brought to a complete standstill for weeks. When a Japanese CEO or honbu-cho sits across from you with rings under his eyes and trembling hands, or is connected via video conference on his private cell phone (because all the company computers are no longer working), it quickly becomes apparent how sustainably IT was positioned - or not.
The good news is that most of this could have been avoided through relatively simple preventive measures. But given the rapidly growing and increasingly professional ecosystem of globally organized cybercrime, we are now experiencing threat scenarios that would have been almost unimaginable just 5 years ago. Game theory models show that, as with climate change, there is a tipping point at which simple cyber hygiene or superficial "cyber cosmetics" are no longer enough. Companies that do not then operate sustainable and resilient IT will fall victim to a major market shakeout that is long overdue anyway.
Unfortunately, the loose monetary policy of the ECB and BoJ since the Lehman shock in 2008 has meant that large corporations in particular no longer have much incentive to fix structural problems in the long term because it is more convenient to push them along with cheap money. So all that has happened is that time has been bought at great expense and the risks have been increased; in addition, there was Covid-19 (laboratory safety and sustainable research are another topic...) and the Ukraine conflict.
So how do we get out of this mess now? Are there perhaps low-hanging fruits that can be used to convince Japanese management? Or can we perhaps even profit from the situation with the right strategy?
Sustainability in IT is about much more than just efficiently cooling data centers and running them on "green" electricity from wind and hydroelectric power. As with nature and climate protection, IT security and data protection also have concrete and measurable protection goals, especially confidentiality, integrity and availability. In practice, however, compliance, security and safety are often confused or lumped together. Here is some food for thought:
- When was the last time you checked to see if your backup was still intact and how long it would take to restore it?
- Do you have a fallback infrastructure (based on Linux or BSD) on hand to switch to if your Windows PCs are encrypted by ransomware?
- Do you know where to find your GDPR processing directory and whether it has been revised since May 2018 or is just gathering dust in the closet?
- Have you made provisions in case all your system administrators are sick at the same time one day?
- Are you aware that anti-virus software is one of the attack vectors for malware and regularly used for industrial espionage?
Can you rule out the possibility that your employees are secretly running shadow IT with private devices because the hardware and software provided by the company is no longer up to date?
If necessary, could you convince Japan to increase the budget for cybersecurity tenfold or would you rather try out how much costs can be saved in IT until the house of cards collapses?
Quality is expensive, but quality is the best way to save money.
This quality consciousness that Germany and Japan share is, in my opinion, the key to sustainable business.
If you implement best practices and also approach it with a proper strategy, you can not only minimize risks and increase productivity through sustainability in IT, but also reduce costs and reduce the CO2 footprint of the company through this sustainable IT in the right places. The pandemic has taught us that it can be done with less business travel and can even work at the home office.