Logo
Become a Client

Resource Regions: Central and Eastern Europe

At IDC’s UK & Ireland Security Summit 2023, on April 17, 2022, 60 security leaders from across the UK and Ireland discussed the key theme of the event — “Security Strategy 2023: Managing Risk to Enable Digital Business”.

The summit featured an impressive panel of speakers from our partners and the CISO community, complemented by insights from the IDC’s European Security and Privacy team. Based on the presentations, workshops, and roundtable discussions from over 20 sessions, our top five European cyber security trends are as follows:

  1. Threat Landscape

Security practitioners are aware that their attack surfaces are expanding due to digital transformation, remote work, IoT and mobile adoption, and an increasing reliance upon the Web for conducting all aspects of a business. Cyber threats facing organizations are diverse and fast-changing. The ability to understand and mitigate risk depends upon having a clear view on the complexity and dynamic nature of the threat landscape. Who might the threat actors be? How are they trading in terms of selling enterprises’ credentials and vulnerabilities? Employees and contractors at organizations continue to be a point of entry for successful cybercrime. This may be credential theft or more simply end users clicking on malicious links. Standards for security hygiene must be continually assessed and addressed; for example, avoidance of the use of guessable password formats, conducting regular back-ups on different mediums including immutable data back-up and limiting the use of unsanctioned IT or Bring Your Own Device (BYOD).

Businesses should challenge the security industry on how technology vendors and MSSPs can drive security behind the scenes; so that malicious URLs and emails do not appear in the inbox or browser in the first place. Thus, security should become more invisible and frictionless.

  1. The Evolving Security Leadership Role

IDC sees the CISO role as a communications conduit to the board and the C-Suite on strategic security topics. It has become important for security leaders to have expanded skills broader than the technicalities of security. The modern CISO needs the capability to understand the overall business strategy and direction: inevitably this will include digital transformation or digital business elements. The CISO must ensure that security outcomes delivered are consistent with business strategy and digital initiatives.

  1. The Importance of Cyber Crisis Readiness

A senior speaker from a European government national defence agency highlighted how demonstrations of crisis response during a major global sporting occasion was a valuable exercise, as it gave leaders first-hand experience of how the response to crisis is handled in a realistic scenario. In this example the crisis response group brought in senior government officials to witness crisis response activities. Major cyber-attacks on critical national infrastructure have become national security event, and predetermined crisis centres are essential to give the most effective response to serious incidents. The key takeaway is that security leaders should explore bringing the C-suite and Board into cyber crisis simulation “rooms” to imitate a major attack and use this to critically evaluate responses amongst the executive leadership, as well as build in muscle memory so that appropriate responses are more automatic.

  1. Generative AI

It’s agreed that generative AI will have a transformative effect across all aspects of the technology industry, including cyber security. Generative AI is already a major issue as far as cybersecurity is concerned, with generative AI, for example, making phishing attacks much harder to detect. Businesses and governments should be encouraged to move quickly in understanding and responding to these new threats. Unskilled would-be cyber criminals can potentially create malware code using OpenAI, and thus the barriers for entry are now lower than ever, which is driving up the number of potential threat actors and cyber-attack volumes. On the other hand, the application of generative AI can help security teams build up their defences, by applying generative AI to SOC automation and SIEM/SOAR triage.

  1. Security Skills Shortages and Lack of Diversity

There continues to be a major skills shortage in cybersecurity that’s been around for a decade. There are initiatives in place to address this, but organizations must do more to address the skills shortage and lack of diversity. MSSPs and security technology vendors should lead on up-skilling and diversity in the industry, by driving training programs, internal skills transfer programs, and efforts to encourage and motivate a more diverse workplace.

Railways are becoming increasingly strategic. They are more energy efficient and pollute less than private vehicles, and they are 15 to 20 times safer than cars.

Compared with private vehicles, they do not entail any fixed cost for travellers. No wonder governments around the world are making huge investments in rail. For instance, 21 out of 27 EU member state national recovery plans have allocated billions to invest in electrification and modernisation of rail infrastructure. President Biden’s Bipartisan Infrastructure Law has nearly tripled funding for rail infrastructure — to $1 billion a year for the next five years.

Airlines struggled to survive when COVID reduced traffic to unprecedented levels. Fuel price increases and labour shortages compounded the effect of COVID by creating the urgency to profoundly rethink business and operating models, while regulators and passengers demand accelerated investment in environmental sustainability, such as more fuel-efficient traffic management, more sustainable fuels and, in the future, zero-emission aviation.

Both industries have reached an inflection point. Hiring more people and growing the size of fleets and number of routes will not be enough to increase capacity utilisation and offer more competitive and personalised services, while maintaining high safety standards and improving environmental sustainability. Achieving those strategic goals will require railway and airline executives to invest in technology innovation.

Bold Ambition for the Future Will Depend on Realising the Value of Technology Innovation

Railways and airlines have invested in technology for many years to deploy digital customer experience capabilities, such as loyalty programmes, self-service booking and mobile payments, intelligent asset and fleet management capabilities to enhance operational excellence, and scheduling of routes and dispatch to bring together high-capacity utilisation and safety.

However, our recent studies show that they are not standing still. They are now looking at the next generation of technologies, such as 5G, artificial intelligence and machine learning, IoT and edge computing, augmented and virtual reality, even quantum computing for traffic optimisation. They are not doing so for the sake of technology, but to achieve four interdependent strategic business goals:

  • Increase operational efficiency, while targeting net-zero impact​
  • Increase capacity utilisation by combining intelligent scheduling, dispatch and traffic control systems to increase frequency of travel and smart predictive operations to help prevent delays and disruptions 
  • Ensure that efficiency goes hand in hand with safety and security, even with higher utilisation rates thanks to digitally enabled physical security systems, regulatory compliance of operations and cybersecurity​
  • Increase revenue growth through innovative service offerings, often by making their services and hubs — stations and airports — the anchors of a mobility-as-a-service ecosystem

To empower railway and airline executives to make strategic choices about next-generation technology investments, implement new organisational competencies and capacities that accelerate technology investment benefit realisation, and select tech partners that understand the technical and business evolution of their industry, IDC has launched new research on railways and airlines and transportation hubs.

Stay tuned for upcoming research on topics such as ticketing and revenue management, digital twins for intelligent operations, 5G and cybersecurity.

Massimiliano Claps - Research Director - IDC

Analyst Profile
Massimiliano (Max) Claps is the research director for the Worldwide National Government Platforms and Technologies research in IDC's Government Insights practice. In this role, Max provides research and advisory services to technology suppliers and national civilian government senior leaders in the US and globally. Specific areas of research include improving government digital experiences, data and data sharing, AI and automation, cloud-enabled system modernization, the future of government work, and data protection and digital sovereignty to drive social, economic, and environmental outcomes for agencies and the public.

In Europe, the primary driver for corporate sustainability initiatives is the EU’s Corporate Sustainability Reporting Directive (CSRD). It came into force in January 2023 at EU level and must be transposed into national law in all EU countries within 18 months (by mid-2024).

The EU CSRD aims to improve transparency and accountability around corporate sustainability performance. It also aims to accelerate the integration of environmental, social and governance (ESG) considerations into corporate business practices to support the transition to a more sustainable, inclusive economy.

From 2025, those companies already subject to the Non-Financial Reporting Directive (NFRD) — around 10,000 in Europe — will have to report on a variety of sustainability indicators for their FY24. In the following years, the CSRD will be widened to cover around 50,000 companies — all those listed on EU regulated markets with more than 250 employees, more than €40 million in revenues and/or more than €20 million in total assets. The directive also covers non-EU companies with operations in the EU.

 

Download eBook: Sustainability in EMEA: Opportunities for Tech Vendors, Challenges for Tech Buyers

 

The key differences to previous laws are:

  • The introduction of standardised, mandatory sustainability metrics on companies’ policies, risks, impacts and outcomes relating to ESG issues
  • The mandate to consider double materiality, i.e., identifying all potential negative and positive impacts on people and environment connected with a company’s own operations and its value chain
  • The requirement that reported information is audited
  • The requirement that reported information is digitally tagged to feed into a European single access point

Non-compliance can lead to sanctions and financial penalties, but also reputational damage.

Our recent surveys have revealed that most companies are in the very early stages of being able to meet these requirements. The measurement of value chain sustainability performance (including Scope 3 emissions and product life-cycle assessments) is very complex and requires the creation of new KPIs and respective data architectures that enable continuous data collection and analysis, real-time monitoring, automated performance reporting, and data assurance.

 

Register for the webcast: Sustainability in EMEA: The Challenge of Moving from Ambition to Action

 

Will CSRD Legislation Lead to the Same Last-Minute Rush and Soar in Penalties as with GDPR?

Remember when the GDPR came into effect in May 2018? Shortly before, there was a great rush as organisations prepared for compliance. Why? Because of the threat of severe penalties. And penalties were imposed: since its launch, hundreds of millions of euros of fines have been handed out by data protection authorities around Europe. In 2019, those fines totalled €73 million, rising to €172 million in 2020 and €1.3 billion in 2021 (source: enforcementtracker.com).

As with GDPR, CSRD legislation replaces older laws with new, stricter and better enforced legislation. While they are EU directives, both GDPR and CSRD have “extraterritoriality” enforcement, meaning regulators can fine organisations anywhere in the world if they have operations in the EU and do not comply.

The risks of not being prepared for CSRD are significant. If member states implement similar penalties or sanctions as for financial reporting legislation, organisations could face legal sanctions (imprisonment or disqualification of company directors), public reprimands or penalties, depending on the country-specific enaction.

Non-compliance could also result in reputational damage, loss of stakeholder confidence, allegations of greenwashing and legal action from non-governmental entities such as climate activists.

And it’s not just the CSRD. The EU is also working on a Supply Chain Due Diligence Directive that aims to mitigate the adverse impact of governance, environmental and human rights risks in the value chain of companies selling products within the EU. Many national governing bodies are implementing or tightening mandatory carbon emission and other sustainability regulations.

Investing now in efforts to prepare data collection, analysis and reporting capabilities will keep an organisation ahead of the curve as CSRD and other new sustainability regulations are put in place.

Reporting compliance and impacts on risk management are one thing. Forward-looking companies are going further and are acting on the metrics. They are developing disruptive strategies and road maps for sustainable business transformation that redesigns end-to-end value chains and breaks up traditional industry models.

Circular (instead of linear) economy approaches are emerging, innovation is sustainability driven and products and services are becoming “sustainable by design”. Those approaches — not yet widely seen — are the basis for future-proof organisations that will have a much lower risk profile, greater resilience and long-term strategic growth potential. And they won’t have to fear sustainability regulations.

 

Related Research

2023 Key Sustainability Trends and Developments in EMEA

Sustainability and ESG Readiness Among European Organizations

Other Resources

IDC Survey Finds Organizations Turning Toward ESG Software Solutions and Independent ESG Program Management

The Need for Harmonised ESG Reporting for Financial Entities

Katharina Grimme - Associate VP, Research and Practice Lead, EMEA Sustainable Strategies and Technologies - IDC

Analyst Profile
Katharina Grimme has more than 20 years' experience as an industry analyst and strategy consultant in the tech industry and is leading is leading IDC's Sustainability research in EMEA. With her expertise and passion for sustainable concepts for business, society, and digitization, she drives thought leadership at the intersection of sustainability and digital transformation.

A few months ago, as I was walking down the aisles of a professional fair for public sector decision makers, I noticed two main themes on display:

  • Cybersecurity, from secure citizen identity verification to the resilience of systems and data to threats.
  • Efficiency of public services, with an emphasis on the need to better leverage and share data.

As a public decision maker, I would be lost, if not paralysed by, the contradiction of being asked to modernise my systems and organisation through better use of data and data sharing, while being constantly reminded that cyberthreats (and cyber attacks) are everywhere.

The first months of 2023 have been characterised by two sub-topics that illustrate this bipolarity: digital sovereignty (a country’s capacity for self-determination and in some cases data protection and isolation) and generative AI (a platform’s capacity to have access to all the data you might collect and extract, and lever this information to turn it into intelligible insights).

To bring these together, we felt something was needed and that some well-implemented borders and security measures are needed to be reconsidered.

An Inflection Point in the Importance of Data

Governments have long classified data primarily on its sensitivity. The UK government’s security classification, for example, defines “the sensitivity of information (in terms of the likely impact resulting from compromise, loss or misuse) and the need to defend against a broad profile of applicable threats.” Based on that definition of sensitivity, UK government policy applies three levels of classification for government data: top secret, secret and official. The majority of EU governments have also classified the data they manage based on sensitivity.

This classification showed its limits in February 2022 when Ukraine rushed to identify and migrate strategic data assets critical for the government to enable operational continuity and bolster resilience. Previously, Ukrainian law required some government data to be stored in local servers in Ukraine, but this was changed a week before the invasion. Essential data has already been migrated from over 27 Ukrainian ministries.

IDC analysis shows the public sector is at an inflection point when it comes to the importance of data, and that it’s not only a matter of protecting sensitive data but also of anticipation. This is done by recognising data as a critical and strategic asset for governments to function more efficiently, effectively and resiliently to deliver the outcomes and security solutions that citizens expect, in times of crisis and on a daily basis.

A Framework to Facilitate Readiness

This has led us to create a framework that builds a new layer in data classification. In our Learning from Ukraine: Building a Framework to Safeguard Governments’ Critical Data, we recommend that governments not only classify and manage sensitive data but also critical and value-added data.

Critical data can be defined as data that if not accessible or not reliable can jeopardise a government’s ability to function in its daily activities and in times of crisis. It’s important to highlight this difference between classifying data based on the level of sensitivity and the level of criticality because some data sets have both characteristics.

For example, a criminal record is both sensitive (because it contains personal information) and critical for the criminal justice system to function. However, land registry data does not contain the most sensitive information but is critically important to determine jurisdictional boundaries, settle property disputes and assess the value of taxable assets.

Bringing Everyone on Board

Data sharing and interoperability and the building of European data spaces are vital here; sovereignty (the capacity to self-determine your action) should serve this cause and not get in the way, as it is often confused with security.

Sovereignty is a current concern as many government entities are seeking to update their cloud policies, such as the “Cloud au Centre” in France and “cloud first” in the UK. Some initiatives also promote interoperability, with Portugal’s eSPap government authority developing a platform for public entities.

These initiatives aim to bring more coherence to IT systems and enable new services in healthcare and security, for example.

Local governments are still trailing European or central governments when it comes to transformation, partly due to trust issues. We believe that enabling this new layer of criticality, and adapting our framework for every local public entity CIO, will be key to creating a common secure language.

To learn more about government’s role in safeguarding critical data, see our new study Learning from Ukraine: Building a Framework to Safeguard Governments’ Critical Data and join us at the IDC Government Xchange.

Remi Letemple - Senior Research Analyst, IDC Government Insights - IDC

Analyst Profile
Remi Letemple leads IDC’s Worldwide Sustainable Transportation and Smart Vehicles Strategies service, where he provides strategic guidance and thought leadership on the future of mobility and transportation. Operating at a global level, he is recognized as a subject matter expert in smart mobility and transportation technologies—including connected, autonomous, shared, and electric mobility—enabled by software-defined vehicle (SDV) architectures, over-the-air (OTA) updates, cloud and edge platforms, and AI, including generative AI.

The proliferation of data is transforming businesses and public administrations, and changing consumer experiences and society. The European Union has responded to the challenge with the ambitious European Strategy for Data (2020). One of the pillars of the strategy is the creation of common European data spaces in strategic economic sectors and domains of public interest.

Europe’s strategic data spaces vision is the next stage of evolution of data sharing. Rather than happening only within the boundaries of one organisation or through bilateral contractual agreements that are costly to manage and not conducive to innovation, data sharing must scale to multilateral exchanges, including beyond industry boundaries.

Building on the experience of the European research community with the European Open Science Cloud, the European Strategy for Data proposes an additional nine data spaces. Since the EU Strategy for Data also left the door open for other data spaces to emerge, other EU preparatory actions are planting the seeds for the development of data spaces in adjacent domains, such as cultural heritage, language, media, smart cities and tourism.

The key features of data spaces are:

  • Federated technology capabilities that dynamically match data demand and supply in a trustworthy and energy-efficient manner
  • Governance policies and processes for secure, transparent, non-discriminatory and fair participation of every data user and data provider
  • The ability to make good quality, interoperable data available within and across industries, for non-profit/altruistic purposes, for-profit purposes or both, in compliance with EU regulation

Accelerating Data Sharing

The bold vision for European data spaces still has some way to go. IDC’s research on the future of industry ecosystems (subscription required) found that over 90% of public and private sector organisations globally share data with external partners, but only 30% do it in a consistent and strategic manner, instead of only when strictly necessary and mandated by law. Among European governments, only 22% of organisations have established public-private collaborations to share data for the public interest. There are many digital sovereignty, governance, semantic and technical interoperability challenges to overcome to fully achieve the European data spaces vision. Nonetheless, many actions are accelerating the realisation of the vision:

  • European Union grants funding for coordination and support actions, such as DATES
  • Implementation of new regulation, such as the Data Governance Act
  • Implementation of industry-specific European regulations, such as the Commission Delegated Regulation (EU) 2017/1926 regarding the provision of multimodal travel information services
  • Multilateral initiatives, such as GAIA-X
  • Individual country platforms that could then be federated across Europe, such as the smart tourism data platforms being developed by the Italian and Spanish governments
  • Individual countries’ investments in digital sovereign computing infrastructure that can support data spaces

We expect data spaces to be realised through different architectural and operating models. For example, some of them could consist of a set of common standards maintained by a non-profit association, while others could be based on a federation of national data platforms operated by member states’ governments that build ad hoc integrations for cross-border data exchange. They could also be centred on a joint platform, owned by one or multiple large private sector enterprises that operate as the anchor for a data space.

The Role of European Government in Data Spaces

As these architectural road maps and operating models evolve, it’s important that European governments take an active role in influencing the trajectory. Governments can play five roles in shaping the future of data spaces:

  • Regulator. Governments act as policymakers to set the rules (laws, policies, standards, etc.) for deploying, operating and participating in data spaces.
  • Operator. Governments provide the core data space platform services such as onboarding, identity management, data aggregation, data catalogues, data access and billing.
  • Enabler. Governments fund and/or provide data space platform infrastructure such as connectivity, cloud and edge computing.
  • Data providers. Governments supply data to the data spaces.
  • Data users. Governments consume data from the data spaces.

Senior government leaders should not just wait and see for EU-wide regulations and programmes to define the European data spaces road map. They should take a proactive approach to realise the benefits of data sharing by:

  • Evaluating what role they want to play to maximise the benefits for the public sector and to incentivise private sector contribution, while setting the example in terms of protecting personal data, intellectual property and digital sovereignty
  • Working with the private sector to identify priority use cases, business models, governance models and technical blueprints that accelerate deployment in a secure manner
  • Collaborating with technology suppliers and academia to accelerate development of technologies that enable trusted data sharing in federated, heterogeneous environments
  • Collaborating with enterprises and industry associations to prioritise the data space in which it makes sense for governments to take an operator or enabler role
  • Nurturing organisational competencies and culture that foster data spaces

If you want to learn more about the role governments can play and the capabilities they need for data spaces, read our new study (subscription required) and join us at the IDC Government Xchange.

Massimiliano Claps - Research Director - IDC

Analyst Profile
Massimiliano (Max) Claps is the research director for the Worldwide National Government Platforms and Technologies research in IDC's Government Insights practice. In this role, Max provides research and advisory services to technology suppliers and national civilian government senior leaders in the US and globally. Specific areas of research include improving government digital experiences, data and data sharing, AI and automation, cloud-enabled system modernization, the future of government work, and data protection and digital sovereignty to drive social, economic, and environmental outcomes for agencies and the public.

Ways to Make IT Seen As a Customer Focused, High Quality Face of the Organization

Organizations regularly complain about the cost level of their IT department. This is by no means a new phenomenon. At IDC, we continuously assist IT managers dealing with challenging cost reduction targets. I find that these cost reduction targets are often determined bluntly, and IT departments have trouble in demonstrating their true value to the organization.

Run and Change: Commodity and Adding Value

The first step to take is making a well-considered distinction between the ‘run’ and ‘change’ parts of the IT budget. In other words, appreciate the difference between keeping the automation of the organization running and enabling the organization to innovate.

  • The running of the automation should be the subject of continuous cost saving projects and optimization. Regular benchmarks and a fitting sourcing strategy are important tools to optimize this part of your IT.
  • On the other hand, we have ‘change’, the innovation. This is where the strategic added value of IT lives. The added value is often found in software development, allowing for digitization of certain process to save cost in the primary functions of the business or to innovate in other ways, such as bringing new products to market faster.

What Are Other Ways for IT to Shine Within the Organization?

User Satisfaction

Another way to present IT as an adder of value instead of a cost center is through user satisfaction. In nearly every IT procurement project guided by IDC, user experience is a major theme. Key steps to take in improving user satisfaction is through simplifying technology and improving user IT practices. These practices like self-service portals, instructional videos, FAQs, and user training improve user self-sufficiency through automation and education. Our benchmark data teaches us that successful implementation of these practices can have spectacular results on both the service desk workload and user satisfaction rating.

Consider the Employee Instead of the User

After implementing these practices, which many organizations have successfully done, an IT organization has the opportunity to engage the employee to add more value during their time with the organization. Yes, we have now transitioned from user satisfaction to employee satisfaction. After all, a user is more than a workplace account. Cooperation with other supporting functions of the organization, such as human resources, becomes an opportunity.

Employees are motivated by more than salary and vacation time. The feeling of purpose and corporate social responsibility are crucial factors for many employees to really connect with their employer and experience satisfaction in their careers. In the work from home climate that we have experienced since early 2020, this connection is at risk.

“In nearly every IT procurement project guided by IDC, user experience is a major theme.”

The logistical processes of the IT organization can play a cost-efficient role in engaging the remote worker. To supply offices with the right hardware and services, IT knows logistical services such as ‘on-site support’ and ‘IMACD’ (install, move, add, change, dispose). During the pandemic, these services have modified somewhat for some organizations as many workers changed their work location. Especially now, these logistical processes allow the organization to engage their remote workers. Take, for example, the onboarding of new employees. When IT delivers the required hardware, why not integrate with HR and include a handwritten note from the manager and overviews of the company culture and mission. With some real attention and coordination with other departments, IT can deliver a warm and welcoming experience at no additional cost.

In summary, if the cards are played right, IT can be seen as a value adding function instead of a cost center. The logistical processes are already in place to position IT as the customer focused, high quality face of the organization towards the employee. If a transparent dialogue between IT and the rest of the organization about the cost level is also in place, the relationship is bound to become value based instead of cost based.

German Chancellor, Olaf Scholz said in January that the government had successfully fended off the economic crisis, while the country’s minister of economy also addressed the extreme adaptability of German firms making it possible to avoid the worst scenarios. These statements strike a much more positive tone than those in October when negative growth was forecast for the German economy for 2023.

The panic over energy supplies has eased – at least for now – and the general outlook has significantly improved in the Germany, Austria, and Switzerland region (DACH) over the past 4 months. However, it remains clouded by some serious risks as the storms of disruption continues to rage above Europe. Organizations must remain cautious and stay focused on data to evaluate evolving risks and opportunities.

Business Risks are Hiding Behind Short-Term Improvements

The Russia-Ukraine War marks a critical economic and geopolitical turning point for Europe and the rest of the world – and the functioning of ICT markets has not escaped the impacts of the conflict.

Relying heavily on Russian gas, the DACH region has become particularly vulnerable to the increasing energy prices. Although the governments of Austria, Germany, and Switzerland reacted quickly to ensure energy supply for the winter months, the complete independence from Russian energy products is yet to come. Governments will have to consider that rapid escape from reliance on Russian gas may contravene with climate ambitions on the short term​, therefore reducing energy demand and increasing energy efficiency will need to be in focus.

Although forecasts have been revised upwards during the past months, the latest data still indicate a major economic slowdown for the DACH region in 2023. Germany is expected to grow just 0.2%, while the economies of Austria and Switzerland are projected to see 0.5% growth. These numbers can easily go negative if geopolitical conflicts escalate or there is another major outbreak of COVID-19 in China, for example. Indeed, our Future Enterprise Resilience Survey found that more than 90% of German organizations expect recession this year.

DACH experienced the highest inflation in decades in 2022, and price increases are expected to weigh on households and businesses in 2023 and beyond. Switzerland is the only country in DACH, and one of only two countries in Europe, expected to keep inflation under 2% this year.

Labour shortage will be another major factor impacting IT budgets, while the lack of digital skills within the organization may hinder the completion of digital initiatives. Easing supply chain bottlenecks and declining transportation costs reduced pressures on some of the previously constrained sectors, such as automotive manufacturing, but the possibility of further supply chain disruptions cannot be ruled out.

How is the ICT market impacted by these headwinds and how should businesses approach weathering Europe’s storms of disruption?

Shifting Focus on Tech Investments

Despite volatile market conditions, ICT spending in the DACH region is expected to rise 4.9% this year and 6.4% over the 2021–2026 period, exceeding the European average. However, IT plans have been impacted. Organizations are reshuffling their investments, focusing on technologies that can sustain the growth in uncertain times, reduce costs, improve performance, optimize processes, enhance customer experience, and nurture talent.​

Our identified the following key areas to drive ICT spending in the DACH region:

  • Artificial Intelligence: AI’s tremendous potential to improve customer experience, enable new employee experiences, mitigate skills shortages, and transform the workplace is driving rapid adoption. Augmented human resources, image processing, fleet and freight management will be among the top 10 use cases related to AI. According to IDC’s Worldwide ICT Spending Guide: Enterprise and SMB by Industry, spending on AI platforms will grow an outstanding 46.6% in the DACH region during 2021–2026.
  • Security: The rising frequency and sophistication of cyberattacks are keeping security a top investment priority. Annual spending on security in DACH is growing faster than the European average and is expected to exceed $18.5 billion in 2026.
  • Cloud: Investments are expected to more than double between 2022 and 2026 as organizations continue migrating workloads and data to the cloud to boost cost efficiency, flexibility, and customer satisfaction.
  • Internet of Things: IoT is a critical element of cost reduction, process optimization, and improved performance. Steady, double-digit growth in IoT spending is expected into 2026, with investments related to electric vehicle charging, advanced payments and shopping growing fastest.

Apart from these, enterprise infrastructure, managed services and project/professional services are additional areas where DACH organizations indicated they would continue their investment pace.​

IDC’s Recommendations

Planning the IT budgets and identifying technologies to support growth in these uncertain times is extremely difficult, especially without having the right skills and partners to complete digital initiatives. In response to the current era of uncertainty, industries are embracing transformative new trends and technologies. Adapting to these transformations, being use case-centric, and placing the right bets for growth will be essential to keep afloat and continue delivering value.

 

IDC can help technology vendors stay resilient, competitive, and generate revenue during turbulent times. We offer the following assets to support organizations’ needs for precision planning:

  • IDC Trackers enable organizations to assess their competition and their position by analyzing technology markets, vendor shares, and forecasts.
  • IDC Black Books provide extensive market overviews to help organizations position their products and services for the appropriate audiences.
  • IDC Spending Guides enable organizations to find strategic opportunities according to industry, company size, use case, and geography.

Contact us for more information about how IDC data products can help business leaders target, plan, and execute their most important strategic initiatives. We provide analysis of 100+ countries, 120+ technology markets, 20 industries, and 400+ use cases.

The IMF has warned that half of the European Union and a third of the world face recession in 2023. This means that economic headwinds such as energy costs and currency fluctuations are forcing organisations to reassess budget decisions.

In our recent Future Enterprise Resilience and Spending Survey (December 2022), IT leaders said they expect inflation to impact spending decisions. IT cost price increases stemming from inflation and currency changes is expected to have the greatest impact on IT spending plans in 2023.

C-suite concerns are related to IT and technology challenges. In our Worldwide C-Suite Tech Survey (August 2022), 60% of European C-suite concerns about the impact on their IT and digital spending was related to challenges coming into sharper focus as macroeconomic conditions worsen. This includes IT price increases stemming from inflation.

So how can tech vendors navigate these issues and thrive?

Planning Is the Foundation for Success

According to research by the Harvard Business Review, companies that not only survived recessions but thrived afterwards were those that were prepared and agile — those that didn’t just slash costs but invested strategically.

Strategy is essential to know where to plan resources, to determine which projects you are going to prioritise and which you are not, and to know how you are going to identify and target the opportunities that will give you the best return.

Download eBook: Essential Building Blocks for an Effective Growth Strategy

A good strategy should help you align with business conditions, so that you can be agile enough to deliver short-term savings without impacting long-term growth.

Informed Decisions

Data becomes more important in volatile and uncertain economic situations. Economic conditions can impact regions and industries differently. Knowing the factors that might impact the market(s) you are selling into is crucial.

Those who are buying tech is changing, with European tech spending moving from the IT department to the C-suite. In Europe, 47% of IT spending is now C-suite funded (source: IDC Worldwide IT Spending Guide: Line-of-Business Forecast, January 2023, European forecast).

Download eBook: Speaking the Language of the C-Suite: Selling Beyond the IT Department

This is an example of how data can give you insight into your customers and how they are buying. Knowing who is buying, where they are spending and what is impacting spending decisions will help you build an effective strategy.

Data-supported decisions are key to effective resource management both internally and externally.

This means you need to know who is buying in your market. Which markets or industries are more resilient? What are their drivers and challenges?

Adapt and Invest

Times of economic uncertainty can also be a time of possibility. Microsoft, Instagram and Airbnb, for example, were all formed during or just after a recession.

Technology is an area where businesses tend to continue or increase spend. 66% of European C-suites believe that IT budgets will increase, even during an economic downturn (source: IDC Worldwide C-Suite Tech Survey, August 2022).

According to our Digital Executive Sentiment Survey (October 2022), European organisations now expect more than 50% of their revenues to come from digital business models on average in the next three years.

Technology is often seen as a critical business differentiator to better deliver business outcomes, increase resilience and accelerate revenue growth. So while caution may continue while the economic outlook is uncertain, investments in projects that improve efficiencies are continuing. According to the Harvard Business Review, prioritising digital transformation and digital technology can help cut costs and improve efficiencies.

In an economic downturn it can be harder to achieve growth, as you have to do more with less. It can also be harder to get customers to spend, so you must ensure that you are targeting the opportunities with the best chance of success.

But there are opportunities. So what you do and where you allocate resources becomes increasingly important.

You need results. To be proactive rather reactive, but still agile enough to pivot to changing market conditions. An effective strategy is essential to that.

Visit our website for more information on how we can help you build for growth.

Not Going Back to the Office Full Time

If you bring together a group of senior managers and ask them what the most pressing concern is in their workplace strategy, the most likely answer will be, “How can we get our workforce back into the office?” Nostalgia about the “good old days” reassures them that work is better done in the office. A buzzing office at full capacity is often taken as a sign of high performance.

Our data shows that 68% of European employers are determined to have employees back full time in the office (IDC FoW Survey, 2022). Meanwhile, workers are demanding greater flexibility and a choice of where and how to work.

Some employees want to be in the office, while many want to “balance their lives” and family obligations. Our data shows that compared with hybrid staff, employees working onsite five days a week are 10% less likely to recommend their employer, meaning they are less loyal and more likely to switch jobs.

About 73% of office workers in Future Forum’s future-of-work study say they are open to new jobs if they are dissatisfied with the level of flexibility they are offered.

In the wake of a recession in Europe, however, many businesses are reluctant to invest in the technologies needed to transform their organisation into a digital-first workplace for the long term.

Our survey data from December 2022 shows that concerns around geopolitical tensions and labour shortages remain high in Europe, with inflation having the biggest impact on spending plans for 2023. 70% of organisations are planning to significantly reduce their IT spend in 2023 (IDC FERS Survey, Wave 11, 2022).

Many managers need to seriously consider whether a return to a traditional work policy will enable their business to survive in today’s world. A typical organisation has two generations of digital natives in their workforce (Millennials and Gen Z). Employees are key stakeholders in the evolution of their workplace, and their interests and preferences must be considered. Organisational culture needs to evolve and keep pace with social changes. The alternative, in form of a non-negotiable “everyone return to the office” strategy, would cause more harm than good in terms of business outcomes such as talent attrition, quiet quitters and lower productivity.

The Digital HQ and Why It’s a Must-Have

So, what is the way forward? A digital HQ that is accessible to all — those in the office and those working away from the office — can be the foundation for a more flexible work environment that drives performance, loyalty and other positive business outcomes.

Platform vendor Slack defines the digital HQ as “a single, virtual space to connect people, tools, customers and partners for faster and more flexible work”. Contrary to most assumptions, a digital HQ does not imply that people never meet in person.

Yes, the workplace is digital by default, but people will still get together in their office. However, they do so for team building and collaboration, social connection and networking, or training.

The understanding is that going to the office to replicate an at-home work pattern that focuses on productivity would be a waste of time. As a result, the office — or “physical headquarters” — is being reimagined less as a place of routine and obligation and more of a centre for driving company culture and values.

These new offices emphasise free-form flexibility, offering hot desks, huddle rooms and smart meeting rooms. However, too few companies have given thought to the workings and architecture of digital headquarters. And given that so many workflows and team collaboration efforts now happen in the digital space, that seems like a serious lack of imagination and an invitation to failure.

To ride the wave in a challenging labour market, companies must prioritise attracting talent and keeping existing employees motivated. By enabling employees to connect and collaborate from anywhere, a digital HQ helps companies to provide the flexibility that today’s workforce demands.

All workers can feel included and productive in a digital HQ, no matter where they live or what their daily schedules might look like. Flexible work practices are also essential to building inclusive workplaces, which is top of mind for many employers as diversity, equity and inclusion have become a priority in recent years.

A digital HQ can break down silos, unite teams in an asynchronous work model and boost security. Employee and customer experience will benefit from that increased agility and create a stronger culture as a result. The fact that 56% of European companies feel they are not ready to meet current and future work transformation requirements should be a wake-up call for those trying to survive the coming storms of disruption.

Meike Escherich - Associate Research Director, European Future of Work - IDC

Analyst Profile
Meike Escherich is an associate research director with IDC's European Future of Work practice, based in the UK. In this role, she provides coverage of key technology trends across the Future of Work, specializing in how to enable and foster teamwork in a flexible work environment. Her research looks at how technologies influence workers' skills and behaviors, organizational culture, worker experience and how the workspace itself is enabling the future enterprise.

The Future of Work is going through a tumultuous time. In a response to tough market conditions, business leaders across industries, including high profile CEOs, are mandating a return to the office. The reason is no more than a desire among managers to boost employee performance by having tighter control over their reports.

Moreover, recent mass layoffs, which are essentially no more than a sugar rush for shareholders, can also be interpreted as a shift in power from employees back to employers. The latter are now in charge, dictating how work gets done for the sake of financial performance.

Will this last? Can we assume that the past few years of progress in the Future of Work have been erased from history?

Are You Ready for the “Era of Disruption”

Returning to a pre-pandemic workplace is not viable. A company with top-down decision making will find it difficult to adapt to a fast-changing environment.

Employees will not give the best of themselves if their voice is not heard, or if they feel disrespected or undervalued. Many will retire early, quiet quitting or even joining the large contingent of gig workers, simply because they feel “they don’t belong”.

The pandemic taught us something profound that goes beyond “where” work happens. It is the realisation that work is a projection of ourselves, our life goals and aspirations, and a means of fulfilment.

Meaningful Work

Brad Bird, the movie director, once said, “Money is just fuel for the rocket. What I really want to do is go somewhere.” This sentence, which reflects the mindset of many people at work today, can be summarised in one single word: Purpose.

With Millennials and Gen Z making up roughly half of the current workforce, and soon becoming our future leaders and CEOs, it is reasonable to expect “corporate purpose” to change business as we know it today. Younger generations want to work for companies with impact, beyond shareholder value.

Purpose is the secret sauce for high performance

Therefore, it’s not “where” work happens but “why” work happens — i.e., the purpose of work that unlocks employee energy. In an era of disruption, when work has direction and is transformed into purpose it is powerful and energising.

Let’s think about a sailing racing yacht, and the teamwork involved to pursue a common goal, a North Star. In a racing yacht, the following applies:

  • The interest of the team is always above individual interest
  • There is just “one collective head” — they must think and act together
  • Every crew member has a critical role to play for the victory, from the leading role of a helmsman to the agile role of trimmers, tuning the sails to ensure maximum thrust.

 

How does the above apply to your firm? Are your people “energised” to collectively pursue your North Star? Do they feel their roles and responsibilities make an impact?

This is the secret sauce of high-performance organisations: by nurturing their core, business leaders can drive employee performance and team cohesion.

Sustainable companies do business and make profit by placing the welfare of their people, society and the environment as their core purpose. As such, unfair pay, work inequalities, “command and control” management styles and the social disconnect affecting many organisations today is foreign to them.

Companies with a sustainable purpose enjoy a more mature social contract between employer and employees. Thus, the choice of hybrid or full time in the office is actually irrelevant. What matters is that decisions are not top down but in partnership with employees.

Technology Is the Enabler

In a digital world, pursuing the North Star is far more effective (and enjoyable) when employees are given the right technology. Here are some suggestions:

  • Devices that are sustainable by design and appropriate for different workstyles
  • Digital Workspace solutions for productivity, inclusive collaboration and connection to purpose.
  • Workflow automation to free up employee time for more human work
  • Online training platforms to continuously elevate employee skills throughout their careers
  • Intelligent IT support for employee experience and productivity
  • Identity management for digital trust
  • Zero Trust security solutions for a perimeter-less workplace

In summary, placing purpose at the core of your business is most effective for employee performance and social cohesion. Numerous third-party studies show that purpose-led organisations outperform their peers.

If you would like to learn more about this and how technology enables a purpose-led organisation, join us at our IDC Future of Work Conference.