Cost cutting vs cost optimisation

Issue 5 2023 Information Security

While South Africa has fended off the threat of recession after recording a slight growth in the first quarter of 2023, the global tech industry is still being cautious as it prepares to weather a storm.

Tech companies are looking at optimising their costs across the board, with one such area topping the list of CIOs being controlling cloud expenditure. The cloud’s recent fortunes have also been closely tied to the pandemic, with the market for cloud services more than doubling in just three years since 2020. So, if the pandemic bubble is truly over, is the cloud going to burst with it? Not necessarily, as cutting cloud costs doesn’t always have to mean cutting back on the cloud altogether.


Michael Cade.

Great expectations

It might seem obvious, but at times it’s worth reminding ourselves that optimising costs was one of the main reasons for adopting cloud strategies to begin with. And it’s not simply a case of too much of a good thing – despite research indicating that 61% of South African organisations spent more on cloud solutions in 2021 than 2020, with the public cloud services market expected to increase at a compound annual growth rate of 24,5% through to 2025.

So, despite the cloud promising cheaper pastures, in reality, many CIOs are still waiting for the initial investment to pay off. How has this happened?

When leveraged correctly, the cloud can greatly reduce costs, but it’s important to remember that cloud providers aren’t in the business of saving you money. If you’re ordering from your favourite pizza chain, and adding extra topping after extra topping, they aren’t going to stop you and ask, “Are you sure you need all that?”

The cloud’s value is that you pay for what you need, but therein lies the issue – its flexibility is a double-edged sword. This has caught out many a CIO to the point where ‘bill shock’, a term once reserved for utilities, has become synonymous with cloud computing. Bills can scale out of hand, not just because it’s easier than ever to build out new environments, but because IT teams can often be focused on looking forward to what they will need next, and not always looking back to what they don’t need anymore.

Enter FinOps

This is why we’ve seen the rise of Financial Operations (FinOps) in recent years. Operations teams have historically never had to worry about day-to-day costs, but the rise of the cloud has brought with it opex-dominated budgets. Looking at IT operations through a financial lens is vital to controlling these rising costs, particularly on an enterprise scale.

The options for beginning to optimise cloud costs are broad, and choosing the right strategy for your environment is often the first hurdle. Re-platforming or repatriating to a new cloud or back to the good-old physical server are both viable options. However, they both present a big initial lift, while often not necessarily fixing the issue at the source, not to mention having to navigate around vendor lock-in.

Rather than trying to pull away, many opt to dive even deeper into the cloud and re-architect with cloud-native models and services to try and offload costs. This might include better managing of VM instances, implementing intelligent tiering for storage costs or implementing containers and Kubernetes. The latter needs to be set up correctly, however, or it can wind up being just as much of a drain on budgets. If the cloud’s flexibility is a double-edged sword, Kubernetes is an even bigger blade, offering more upside but more financial risks if mismanaged.

This is a good example of how key a consideration personnel and skills are, when optimising cloud spend. The cloud skills gap is an ongoing issue for the industry and a large factor in why we’re in this position to begin with. The pandemic essentially forced many businesses (and their IT teams) to launch into the cloud without enough time to prepare and now many are (quite literally) still paying the price. Since then, while the gap might be closing slowly, many teams lack the expertise to undertake the large scale re-architecting that may be required to optimise costs. Businesses need to look at outside expertise where needed, or alternatives such as dedicated cost saving modules, or automated cloud cost optimisation solutions.

The missing piece

Finally, it’s crucial that during this cloud optimisation, decision making, security and data protection aren’t neglected. With cyber threats like ransomware becoming increasingly ubiquitous, businesses need to ensure that they are staying as resilient to these threats as possible, or short term savings could lead to long term pain. According to the 2023 Veeam Ransomware Trends Report

(https://www.veeam.com/ransomware-trends-report-2023), 85% of organisations suffered at least one cyberattack in a twelve-month period; an increase from 76% experienced in the previous year, so now is definitely not the time to cut back on protection in the cloud.

It’s important this stays top-of-mind, for example, when looking at storage costs for cloud-hosted backups, or changing storage tiers for existing workloads. Essentially, decisions for each workload in the environment need to be made considering these three factors – operations, finances and data protection. This may mean that while businesses aim to push overall cloud spending down, data protection as a fraction of this may continue to increase. Indeed, most organisations around the world expect to increase their data protection budget in 2023 by 6,5% (5,8% in Middle East and Africa) according to the Veeam Data Protection Trends Report 2023, which is notably higher than overall spending plans in other areas of IT.

Even during a boom, you’d argue that businesses need to get wasted cloud expenditure under control, but against the backdrop of economic uncertainty and a technology sector that’s licking its wounds, it’s more important than ever. While strictly speaking, the best time to act was early on, when workloads were first moved to the cloud, the next best option is now. After all, you know what they say about the best time to plant a tree.

For more information, contact Veeam, +27 10 822 1120, www.veeam.com


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Managed security solutions for organisations of all sizes
Information Security
Cyberattackers have become significantly more sophisticated and determined, targeting businesses of all sizes. PwC’s Global Digital Trust Insights Survey 2025 Africa and South Africa highlights the urgent need for organisations to implement robust cyber risk mitigation strategies.

Read more...
Multiple IoT devices targeted
Information Security Residential Estate (Industry)
Mirai remains one of the top threats to IoT in 2025 due to widespread exploitation of weak login credentials and unpatched vulnerabilities, enabling large-scale botnets for DDoS attacks, data theft and other malicious activities.

Read more...
Local-first data security is South Africa's new digital fortress
Infrastructure Information Security
With many global conversations taking place about data security and privacy, a distinct and powerful message is emerging from South Africa: the critical importance of a 'local first' approach to data security.

Read more...
Sophos launches advisory services to deliver proactive cybersecurity resilience
Information Security News & Events
Sophos has launched a suite of penetration testing and application security services, designed to identify gaps in organisations’ security programs, which is informed by Sophos X-Ops Threat Intelligence and delivered by world-class experts.

Read more...
Kaspersky highlights biometric and signature risks
Information Security News & Events
AI has elevated phishing into a highly personalised threat. Large language models enable attackers to craft convincing emails, messages and websites that mimic legitimate sources, eliminating grammatical errors that once exposed scams.

Read more...
Software security is a team sport
Information Security Infrastructure
Building and maintaining secure software is not a one-team effort; it requires the collective strength and collaboration of security, engineering, and operations teams.

Read more...
From the editor's desk: Can it be October already?
Technews Publishing News & Events
Welcome to the final SMART Handbook of the year. In this issue, we focus on residential estate security, from the fence to the gate and beyond. We also review our Durban SMART Estate Security Conference, ...

Read more...
Private fire services becoming the norm?
Technews Publishing SMART Security Solutions Editor's Choice
As the infrastructure and service delivery in many of South Africa’s major cities decline, with a few, limited exceptions, more of the work that should be done by the state has fallen to private companies.

Read more...
View from the trenches
Technews Publishing SMART Security Solutions Editor's Choice Integrated Solutions Security Services & Risk Management Residential Estate (Industry)
There are many great options available to estates for effectively managing their security and operations, but those in the trenches are often limited by body corporate/HOA budget restrictions and misunderstandings.

Read more...
Visitor management views
Entry Pro ATG Digital Technews Publishing SMART Security Solutions Access Control & Identity Management Residential Estate (Industry)
Visitor management is always changing, taking technology and legislation into account. SMART Security Solutions examines the latest trends with input from ATG Digital and Entry Pro.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.