Tag: ITS

Boosting Project Readiness in Technology Talent: A Comprehensive Framework for Developing Project-Ready Workforce | Blog

April 26, 2024

To combat the technology talent shortage and improve project readiness, technology firms are investing in comprehensive initiatives across the talent management value chain, including learning and development platforms, niche partnerships, and other strategies. Explore how Everest Group’s 3A framework can help firms assess, acquire, and activate project-ready talent at scale. Reach out to speak with us further on this topic.

With rapid technological advancements and an acute specialized talent shortage, IT firms increasingly recognize the importance of developing technology talent internally. As a result, they have accelerated developing comprehensive learning and development (L&D) frameworks backed by robust tech-driven learning solutions to upskill/reskill technology talent. These strategic investments are aimed at ensuring future readiness and resilience to technology disruptions.

However, even after these focused L&D investments, organizations still struggle to build a sustainable pool of project-ready resources. According to the Talent Readiness for Next-generation IT Services PEAK Matrix® Assessment 2023, IT service providers reported the lack of project-ready resources as a critical barrier in building a future-ready workforce.

Picture1 4

Recent excessive hiring by technology firms has resulted in large benches with lower-quality talent unprepared to be deployed in client projects. Firms continuously train their benches on emerging and in-demand technologies while optimizing talent-sourcing strategies to improve project readiness, particularly in the entry-level talent pool. However, they still face several key bottlenecks in enhancing the project-readiness quotient, as illustrated below:

Picture2 4

Solving the project-readiness puzzle: The 3A framework focused on Assess-Acquire-Activate.

Picture3

  • Assess – Effectively assessing project readiness is as critical as embedding it in the L&D journey. Most technology firms lack a dedicated project readiness assessment framework. Developing a robust framework to evaluate and identify gaps in workforce project readiness is crucial.

The framework must be holistic and able to evaluate granular-level details specific to a particular role, project, and service line. It must include all skill types, including technical skills, domain expertise, cognitive and interpersonal skills, and related attributes such as proficiency level and experience.

Additionally, it’s critical to move beyond the conventional metrics of gauging project readiness, such as certifications and skill tags to digital readiness quotient.

We have invested in an in-house tool designed for conducting technical assessments of trainees. Customized assessments are created in the tool based on the skill matrix, and trainees are evaluated using these assessments to assess their level of upskilling. The assessments include scenario-based and coding questions to evaluate conceptual and hands-on expertise of candidates.” – Leading IT service provider

  • Acquire – Leading organizations are strategically shifting their focus on developing technology talent at early stages. By adopting a train-hire-deploy talent acquisition model, companies aim to build project-ready pipelines. Here are some initiatives top firms are using to acquire project-ready resources:
    • Forming in-depth alliances with academic institutions to focus on building talent from the ground up through tailored learning content, internships, apprenticeships, dedicated courses, or degree programs targeted at industry-relevant and in-demand skills
    • Creating pre-onboarding programs with learning content and hands-on practice modules in simulated environments to prepare freshers for a streamlined transition and integration
    • Partnering with training firms to acquire specialized talent equipped with niche or next-generation skills

We have an exclusive job program for individuals looking for full-time jobs after high school, thereby making them financially independent. This is a hybrid training program focusing on the overall education and personality grooming of students to make them job-ready.” – Leading Indian IT service provider

We currently have seven master’s programs running across six premier institutes in India to channelize the talent generation in the IT industry. We have handstitched the curriculum interventions and provide internship opportunities to students, which eventually leads to conversion to FTE.” – Leading global system integrator

  • Activate – In addition to traditional learning interventions, firms should promote on-the-job learning opportunities such as peer learning forums, collaboration and knowledge-sharing platforms, and sessions to exchange expertise on niche topics, projects, accounts, and roles.

Further, firms can explore strategic partnerships with specialized technology providers to build and integrate tailored learning exercises into their L&D ecosystem. This may include hands-on projects that mimic real-world scenarios, customized simulated environments, and labs specific to particular use cases or industries.

We partner with multiple providers of advanced-level technology programs who design and deliver training in boot camps as well as virtual instructor-led training (ILT) mode for training in higher order competencies. They also provide cloud labs along with the program, apart from personalized subject matter expert (SME) guidance. In fiscal year 2023, 33% of our deep-skilled learners were deployed in projects where they could use their new skills” – Leading Indian IT service provider

Following are some examples of the partnerships leveraged:

Picture4

Future outlook

The sharp decline in the project-readiness quotient of the workforce in recent times and the ever-evolving client expectations have led technology firms to take holistic measures to ensure they have sustainable pipelines of ready-to-deploy talent.

To effectively tackle the issue, firms must continue adopting proactive measures to enhance the project-readiness quotient. These approaches can include comprehensive assessment frameworks, optimized talent sourcing strategies, and establishing a balanced L&D ecosystem.

Firms with robust workforce strategies that strongly emphasize project readiness will   be better positioned to build and sustain scalable project-ready pipelines – giving them a competitive edge in the talent crisis.

To gain further insights into how leading service providers are transforming their workforce strategies to extensively focus on enhancing project readiness and technology talent, contact Arpita Dwivedi [email protected], Amit Anand [email protected], and Abhigyan Kumar [email protected].

Watch the webinar, Locations and Workforce Strategy 2024: Insights, Trends, and Key Priorities, for trends shaping 2024’s workforce and locations strategies.

Evolving with AI: The Rise of Next-Generation Digital Adoption Platforms | Webinar

April 11, 2024
Webinar

Evolving with AI: The Rise of Next-Generation Digital Adoption PlatformS

April 30, 2024
8:00 AM PT | 11:00 AM ET

Join Everest Group Vice President, Sharath Hari in an upcoming webinar that assesses AI’s impact on business. This webinar will explore insights from Everest Group’s latest report, showcasing how Digital Adoption Platforms (DAPs) are transcending their traditional functions to play a pivotal role in driving enterprises towards hyper productivity. The expert panel will discuss:

  • The evolution of DAPs and their critical role in the age of AI  
  • Emerging use cases of next-gen DAPs
  • The advanced capabilities & benefits of AI-powered DAPs
Sharath Hari
Vice President, Everest Group
Liya Spiegel
Senior Director of Product Management, Walkme

Gen AI Unhyped: Where is it Working and How to Plan for Success | LinkedIn Live

April 3, 2024
Linkedin Live

Gen AI Unhyped: Where is it Working and How to Plan for Success

View the event on LinkedIn, which was delivered live on Tuesday, April 3, 2024.

While generative AI (gen AI) seems to be the predominant theme of the time, there is still a lack of clarity regarding where the technology works best and where the primary developments are occurring. 🧠💻

Watch this LinkedIn Live where our expert’s explored tangible, real-world gen AI applications, addressed challenges for practical implementation, and discovered key insights to assist in staying ahead in harnessing the potential of gen AI for your business. 🚀

During this session, we addressed the following questions:

✅ What is the current on-the-ground adoption of gen AI among enterprises?
✅ Which enterprise areas and functions are seeing the highest level of gen AI activity and interest?
✅ What are the key challenges and risks associated with gen AI, and what are the potential solutions to overcome them?
✅ How can organizations become gen AI-ready across talent, culture, and technology?

Gupta Vishal
Vishal Gupta
Partner
Everest Group
Sehdev Ashish gray square
Ashish Sehdev
Vice President
Everest Group
ketan headshot
Ketan Singh
Staff Software Engineer (Tech Lead)
Meta
Aniruddha edited

Exploring the Importance of Post-quantum Cryptography: An Unbreakable Vault to Protect Enterprises Against Advanced Cyberattacks, Part 2 | Blog

April 3, 2024

Post-quantum cryptography (PQC) has become essential for enterprises to protect against future quantum-enabled attacks and secure digital assets and sensitive data. Read on to discover providers’ crucial role in preparing enterprises for PQC. Reach out to explore this topic further.

As discussed in our previous blog, the emergence of quantum computing poses a significant threat to current public key cryptographic methods. When run on quantum computers – or more specifically, Cryptographically Relevant Quantum Computers (CRQCs) – some algorithms such as Shor’s can potentially break widely used methods like RSA, DSA, ECDSA, EdDSA, and DHKE, among others.

The advancement of quantum computers can seriously threaten data security and privacy for various enterprises, affecting fundamental principles such as confidentiality, integrity, and authentication. This makes it essential to reassess the security of these cryptographic methods.

The early and widespread use of quantum computers could wreak havoc, enabling new advanced cyberattacks that are impossible using classical computers. Post-quantum cryptography (PQC) is the solution to this problem. Let’s explore this further.

What is post-quantum cryptography?

In the quantum computing era, PQC is vital in ensuring the long-term security of digital communication and data protection. PQC focuses on researching and adopting cryptographic algorithms that are ready for this era.

These algorithms are designed to be secure against both quantum and classical computers. Furthermore, they are expected to be deployable and integrable without significant modifications to current protocols and networks.

With extensive ongoing research in this field, researchers have proposed several mathematical schemes that meet the requirements for being potential candidates for quantum-safe cryptographic algorithms. These include lattice-based, multivariate polynomial, code-based, hash-based, and isogeny-based cryptography.

The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) launched a program in 2016 to create standardized quantum-safe cryptographic algorithms.

After a rigorous six-year evaluation involving global experts, it announced four finalists for quantum-safe cryptographic standards. The following algorithms selected by NIST address general encryption and digital signatures that are crucial for securing data exchanges and identity authentication:

PQC algorithm Cryptographic scheme Purpose
CRYSTALS-Kyber Lattice-based cryptography Key encapsulation method (KEM)
CRYSTALS-Dilithium Lattice-based cryptography Digital signature
FALCON Lattice-based cryptography Small digital signature
SPHINCS+ Hash-based cryptography Digital signature

Several other developments related to PQC have occurred recently. The notable ones are highlighted below:

Timeline final

Common cryptographic pitfalls

The complexity of cryptographic fields makes it difficult for enterprises to navigate data security. With numerous algorithms, protocols, and standards, enterprises often struggle to understand and implement robust cryptographic solutions.

Enterprises may encounter several common cryptographic pitfalls, including:

  • Lack of awareness about cryptographic algorithms used for data protection
  • Dependency on long-life data secured by cryptographic schemes not suitable for the quantum computing era
  • High costs and efforts required to update cryptography across systems and applications manually
  • Use of outdated cryptographic algorithms
  • Challenges in ensuring interoperability between different cryptographic systems and protocols, especially in hybrid IT environments
  • Limited resources, including security budget and expertise, hindering effective cryptography implementation and management
  • Risk of vulnerabilities and security breaches due to incorrect implementation of cryptographic protocols or algorithms

Enterprise considerations for embracing PQC

Considering the current challenges with cryptography, enterprises would face far more significant difficulties if they do not strategically plan for PQC. To prevent this, cybersecurity leaders globally must proactively prepare and initiate early plans to migrate to post-quantum cryptographic standards.

Taking a proactive stance is crucial since transitioning to new quantum-safe algorithms will be discontinuous, considering the inherent disparities in key size, error-handling properties, and other complexities.

Hence, enterprises should give themselves enough time to start small, experiment, learn from positive impacts and challenges, and explore ways to reduce technology transition costs.

Steps to establishing a quantum readiness roadmap

Staying abreast of advancements in quantum computing and quantum-safe solutions is paramount. Enterprises must establish a comprehensive quantum readiness roadmap following these five steps:

  • Inventory quantum-vulnerable systems: To kickstart readiness efforts, enterprises should conduct a thorough inventory of quantum-vulnerable systems across both information technology (IT) and operational technology (OT) environments, covering all cryptographic assets, including keys, certificates, protocols, libraries, and algorithms. Understanding cryptographic assets and algorithms, locations, and purposes is a fundamental best practice, especially when preparing for post-quantum cryptography. It is also crucial to identify where long-life data resides, comprehend data flows, and understand the types of cryptography used to protect it.
  • Conduct an internal risk assessment: This can help identify and prioritize assets most impacted by a quantum computer cryptographically, thus exposing the organization to greater risk. Chief Information Security Officers (CISOs) and Chief Revenue Officers (CROs) must ensure that quantum risk mitigation is integrated into existing risk management strategies.
  • Engage with technology vendors: Partner with supply chain providers to understand their quantum readiness roadmaps and migration strategies to facilitate a smooth transition that aligns with enterprise goals and timelines.

Streamline the current cryptographic infrastructure: Enterprises can initiate modernization efforts by streamlining their current cryptographic infrastructure, including consolidating or replacing vendors to enable a managed migration process. The CFO should collaborate with other executives to prioritize PQC investments based on the risk appetite and strategic objectives and adopt a fully crypto-agile approach. Establishing a governance structure with clearly defined roles and responsibilities to adopt PQC effectively is also recommended.

  • Adopt PQC algorithms: Enterprises eventually should integrate PQC algorithms into browsers, applications, public key infrastructure (PKI), files, and data systems, wherever quantum-vulnerable cryptography is employed. CIOs must collaborate closely with CISOs and other stakeholders to assess the compatibility of current systems with PQC solutions.

There is an ongoing debate over some adversaries already gathering encrypted foreign communications, anticipating the future ability of quantum computers to decrypt such systems, and aiming to extract valuable secrets from the data collected. This threat, known as “harvest now, decrypt later,” highlights the urgency of making cryptographic changes rather than waiting.

How can service providers help enterprises navigate the PQC era effectively and efficiently?

As quantum computing advances, the demand for comprehensive quantum-resistant cryptographic solutions will only increase, favoring a ripe market for cybersecurity service providers to capitalize on.

PQC offers a significant opportunity for providers to position themselves as vital partners in ensuring the security and resilience of enterprises’ digital assets against the evolving quantum computing threats.

Leaders may need help understanding the advanced mathematical concepts and algorithms involved in PQC. The complexity of these cryptographic methods may need to be clarified for enterprises trying to grasp the intricacies of quantum-resistant solutions.

With all the latest discussions about quantum computers, service providers should take this time to develop a perspective on how PQC would impact enterprises from various industry verticals.

Providers should play an educational role, creating awareness about the risks posed by quantum computing and guiding enterprises on the importance of proactively transitioning to quantum-resistant solutions.

Service providers should develop strategies to hire, train, and upskill talent in PQC and quantum computing concepts. Additionally, they can invest in R&D initiatives to explore new approaches and solutions in the PQC field. By collaborating with relevant technology vendors, research institutions, and other organizations paving the way for PQC, service providers can foster innovation and help their clients stay at the forefront of technological advancements.

Cybersecurity service providers can offer specialized consultation and assessment services to help enterprises evaluate and inventory their current cryptographic infrastructure, prioritize components based on risk, identify vulnerabilities to quantum attacks, and recommend appropriate post-quantum cryptographic solutions.

Moreover, they can engage with enterprises on initial levels to develop comprehensive strategies for implementing and managing these solutions effectively, ensuring seamless integration with existing security frameworks and compatibility with legacy systems.

Unlocking potential: Exploring use cases with PQC

Service providers should prioritize PQC to address the threat quantum computing poses to traditional cryptographic systems. By embracing PQC, service providers can safeguard their clients’ data and infrastructure against potential quantum attacks.

Additionally, they can explore new use cases for PQC to unlock innovative solutions and stay ahead of the curve in the rapidly evolving quantum landscape. These new use cases may include:

  • Quantum-safe communication (use cases for cloud computing, data centers, 5G networks, secure private communication links, )
  • Security in the banking sector, securing ATM and online credit card transactions, as well as customer data stored in bank data centers
  • Quantum-safe VPN and SD-WAN
  • Quantum-safe cybersecurity for automotive systems
  • PQC in Internet of Things (IoT) and Mobile Edge Computing (MEC) domains for protection of data transmitted between connected devices and central data processor/edge servers
  • Quantum-safe blockchain
  • Safeguarding the storage, transmission, and processing of sensitive patient data in healthcare (including that collected by biosensors in wearable devices)
  • Quantum-safe PKI for OT environments
  • PQC in Zero Trust Architecture (ZTA)

Envisioning the future

PQC is no longer a theoretical concept but a reality. Multiple applications of PQC have emerged. In their latest release, OpenSSL has fully enabled PQC for digital signatures and fundamental establishment mechanisms. The Signal Protocol, an essential constituent of Signal, Google RCS, and WhatsApp messengers, has also announced support for the PQXDH protocol, becoming the first to introduce PQC for the initial key establishment. Apple has introduced a fresh encryption protocol named PQ3 for iMessage, offering advanced post-quantum security measures for instant messaging.

PQC is rapidly gaining traction for quantum-safe digital signatures, encryption, and fundamental exchange mechanisms. Its widespread adoption seems inevitable as the risks of quantum supremacy proliferate.

The standardized algorithms aren’t battle-tested yet, and exploitable weaknesses could be uncovered, leading to adjustments in their functioning or the development of entirely new algorithms.

We anticipate PQC becoming the cornerstone of cybersecurity strategies in the coming years. Moreover, the security standards are expected to recommend or mandate PQC.

PQC has become a crucial element of enterprise security, safeguarding against quantum-enabled attacks and ensuring the integrity and confidentiality of sensitive data.

Enterprises must start planning to migrate from a secure lock to an unbreakable vault: post-quantum cryptography! Service providers play a crucial role in guiding and supporting enterprises every step of the way.

To discuss post-quantum cryptography further, please contact Prabhjyot Kaur, Kumar Avijit, and Ronak Doshi.

Everest Group Talent Demand Growth Index | India IT Services | Blog

April 3, 2024

Welcome to our monthly India IT services talent demand index. We are excited to bring you this comprehensive analysis, powered by Talent Genius™, our AI-powered insights platform purpose-built to guide IT and Business Process Services location and workforce decisions. To gain a deeper understanding of the capabilities of Talent Genius and learn how to book a demo, watch this quick 2-minute video, Introducing Talent Genius™.

BOOK A TALENT GENIUS™ DEMO

Monthly India IT services talent demand tracker

Previous slide
Next slide

Here is our in-depth analyses of the India IT services industry demand:

December 2023

Demand for IT services in India hit a 17-month low due to declining spending and clients postponing projects. As a result, most Indian IT service providers are reexamining revenue and hiring forecasts. The overall demand across service providers decreased by 28% from last month and 11% from the previous year.

Many service providers slowed hiring, realizing they posted jobs too early and hired ahead of the demand. Service providers are now focusing on improving employee utilization rates and do not anticipate the job requirements returning to the original levels anytime soon. Demand for IT services also declined by a notable 20 percent across enterprises from November.

Overall, the second half was slower than the first half, with demand falling by 7% for service providers and 4% for enterprises. Service providers were impacted more as enterprises cut discretionary spending and insourced some work.

At the city level, demand for employees declined consistently across tier 1, 2, and 3 cities. After peaking in November, the workforce requirements in Hyderabad and Chennai fell significantly by 32% this month.

Demand hit its lowest point of the year across all segments. Despite relatively stable employment over the last few months, retail and healthcare had the biggest drop at 35%. While it is uncertain if this is the bottom, a full recovery is not expected in the near future.

November 2023 update

IT services demand in India increased by 9% month-on-month and 5% year-on-year. Demand for IT application data management (ADM) grew 9.5%, and IT infrastructure increased 5 percent compared to the prior month. However, the surge is expected to be temporary because macroeconomic conditions pushed IT project timelines ahead for most companies.

Talent demand increased more in tier 2/3 cities than tier 1 cities, indicating that enterprises are increasingly confident in hiring outside tier 1 cities to gain a labor cost arbitrage advantage.

The number of available positions increased in all tier 1 cities, except Kolkata, where the job postings fell for the second consecutive month. Since the prior month, job openings increased 18% in Hyderabad and 14% in Chennai, representing the highest month-on-month increase.

Among tier 2/3 cities, Jaipur recorded one of the highest month-on-month increases in open positions at 34%. All the other cities experienced increased monthly postings – except for Chandigarh and Thiruvananthapuram.

IT services demand increased across all industry segments, with service providers and manufacturing demonstrating the most strength, up 5% from October.

Demand fluctuates more for service providers than other enterprises. As clients cut back on outsourcing spending, the talent need from service providers is expected to decrease in the coming months.

October 2023 update

The demand for IT services in India declined by 9% from last month but increased by 5% year-on-year, with significant variation over the past few months. Despite the shifts, demand remains near the same level as May 2023, when IT services demand increased after being at its 12-month lowest the prior month.

Tier 2/3 cities continued to be more attractive for companies seeking employees. Hyderabad and Kolkata had the biggest monthly drop in talent demand among tier 1 cities at 15% and 12%, respectively. Employee talent needs remained the most stable in Pune, with only a 5% drop compared to the previous month.

Although demand for most roles declined, help desk engineer, data analyst, and business analyst roles continued to increase by about 5% monthly. Only the retail segment maintained net positive month-on-month growth rates at about 7%. Cyclical commodities and service providers declined the most by 12% and 7% month-on-month.

Over the past few months, India IT talent demand has been volatile across roles, cities, and industries. Talent demand is expected to continue to fluctuate as major Indian IT service providers lose contracts and enterprises explore more insourcing opportunities.

September 2023 update

The demand for IT services in India jumped by 19% on a month-on-month basis after declining for two consecutive months. The year-on-year increase of 22% pointed to a significant uptick in hiring activities this month, rebounding from the slowness over the previous few months.

On a month-to-month basis, demand again surged in tier 2/3 cities compared to tier 1 cities. The increased reliance on tier 2/3 cities suggests a growing client preference for cost-effective IT service delivery locations.

Among tier 1 locations, Hyderabad and Kolkata bounced back the strongest with 36% and 35% growth in demand on a month-on-month basis. All locations in the three top tiers showed increased IT services demand – except for Pune, which dropped slightly.

Every major industry segment, except for banking, financial services, and insurance (BFSI), returned with increased demand. Service providers led the chart with a 22% increase in job demand compared to last month. However, BFSI declined 23% from the prior month.

August 2023 update

The demand for IT services declined for two consecutive months after recording a 14-month high in June 2023. Demand fell by 16% month-on-month and 32% on a year-on-year basis. At a segment level, IT ADM and IT infrastructure declined from July.

This trend could be a result of a quick fix by employers to adjust for the hiring surge in the second quarter of 2023. If the pattern continues, employee attrition will rise. However, the demand will likely pick up in the next few months as the end of the year nears.

Tier 1 cities continue to experience a higher decline in demand than tier 2/3 cities on a month-on-month basis, indicating the preference by enterprises to leverage low-cost talent from tier 2/3 cities.

At a city level, Kolkata witnessed the sharpest decline in demand at 47% and had an all-time low in the last 20 months. Among leading tier 2/3 cities, Kochi and Thiruvananthapuram showed the least decline in month-on-month demand.

The surge in demand by industry sectors halted, with consumer packaged goods registering the greatest decline since July. Business and professional services also reversed the growth trend.

A slightly higher decline in month-on-month demand across service providers that has continued for several months now clearly indicates increased insourcing by enterprises.

July 2023 update

While the month-on-month view showed a 9% drop in the IT services talent demand trend in India, demand grew 17% over the prior three months and by 32% year-on-year.

Tier 1 cities witnessed a relatively higher decline than tier 2/3 cities month-on-month, showcasing the increased leverage of tier 2/3 Indian cities. This trend is consistent across most tier 1 and tier 2/3 cities. Jaipur and Coimbatore are the only exceptions across tier 2/3 cities, showing 10% and 3% growth, respectively. Among tier 1 cities, Mumbai and Kolkata witnessed the highest decline, while Pune recorded the lowest decline of approximately 2%.

Service providers witnessed the highest decline of all industry verticals for IT services demand over the past year. Business and professional services and consumer packaged goods saw a slight uptick in demand.

June 2023 update

The demand for IT services in India showed further recovery and grew by 15% compared to May 2023. For the first time in the last six months, demand also showed growth on a year-on-year basis (21% growth compared to June 2023). At a segment level, both IT ADM and IT infrastructure segments witnessed 14-month high demand levels in June 2023, with IT infra talent demand growing 40% on a year-on-year basis.

The growth trend, which started in May, is solidifying and was consistent across all cities, though the extent of recovery varied. Chennai saw a modest recovery, whereas Mumbai saw a significant spike in demand. We believe the demand surge in Mumbai may not be entirely due to net new demand but could be due to talent management/attrition challenges arising from the hybrid/in-office model and the need to back-fill resources.

The demand from service providers continues to grow, and we believe there is more focus on hiring laterals this year compared to the previous year, which saw a significant uptick in campus hiring. This increase could also be due to multiple large deals that are at play in the market and providers hiring in anticipation of winning large business in the medium term.

May 2023 update 

The demand for IT services in India showed a recovery in the month of May, growing by 34% compared to the previous month and staying flat compared to 2022. This spike compared to March and April could be attributed to buyers placing demand ahead of the summer in key onshore geographies, which tend to be slower from a business perspective. The increase in demand was consistent across both tier-1 and tier-2/3 cities; however, the recovery was much steeper for tier-1 cities (growing 14% YoY) compared to tier-2/3 cities (shrinking by 20% on a YoY basis). Among the tier-1 cities, all showed an uptick in demand; however, Pune set a demand record of a 17-month high. The service provider segment, while it showed recovery compared to the previous month, on a YoY basis, registered a 7% decline in demand. On similar lines, BFSI and technology & communications verticals continue to show a declining demand trend on a YoY basis. 

April 2023 update

The demand for IT services in India further shrunk by 17% in April, reaching a 16-month low, and declined by 29% on a year-on-year basis. The impact of the anticipated global economic slowdown is clearly visible in the latest demand trends. 

The declining trend is consistent across both tier-1 and tier-2/3 cities. Among tier-1 cities, Chennai, followed by Delhi-NCR, witnessed the highest decline. Tier-2 cities saw an even higher decline on a year-on-year basis at 32%. At this point, the demand for IT services talent in India is almost 50% of the demand in January 2022. However, this trend needs to be observed over a slightly longer period. If this trend continues for a few more months, the already reduced attrition numbers are likely to come down further. 

Being the first month of the new fiscal year for many leading India-heritage service providers, this indicates a not so good start to the year 2023-24, and declining talent demand is deeply correlated to reduced business growth.

March 2023 update

After five consecutive months of demand growth/stability, the demand for IT services in India dropped significantly (21%) in March and by 36% on a year-on-year basis. The declining trend in March was consistent across all tier-1 cities, though Mumbai witnessed the lowest decline among all tier-1 cities. 

The demand in tier-2/3 cities also reduced by 26% on a year-on-year basis. This overall declining trend is expected as Q1 2022 witnessed a significantly higher demand due to attrition and talent wars faced by the industry, and with the current economic environment, most companies are not in an expansion mode.  

Stay tuned for regular monthly updates as we monitor the landscape of the India IT services industry demand market. We’ll continue to provide the latest insights and trends, so you stay well-informed on locations and workforce developments.

BOOK A TALENT GENIUS™ DEMO

Driving Factors for IT Services Recovery in 2024: Insights from Everest Group’s Forces & Foresight™ Research | Blog

March 25, 2024

Our inaugural Forces & Foresight research uncovers three factors we predict will drive a gradual recovery in tech services this calendar year. Continue reading to understand the projected path for the IT services industry’s rebound and implications for providers.

Learn more about Forces & Foresight™.

After the global financial crisis in 2008 and the COVID-19 pandemic in 2020, the IT services industry took five to eight quarters to recover. Both recessions had specific catalysts, and the IT services growth rebound after each downturn was fueled by weak comparisons and a release of significant pent-up demand (as illustrated in Exhibit 1).

Let’s explore whether the current economic decline will follow a similar trajectory based on Forces & Foresight research that dives deep into comprehensive dynamics to understand the industry implications.

Forces Foresight Exhibit 1

Over the past year, the contrasts between past recessions and ongoing macro challenges have been well-researched and discussed. More importantly, the industry is now facing multiple forecasts – pulling in different directions – on how the broader macroeconomic outlook will impact IT services growth.

The following three factors are fueling our foresight:

  1. Stabilizing base

Despite the uncertainty that has impacted enterprise decision-making for the past several quarters, we now see signs of spending stability. The fundamental need to leverage technology for growth or cost is keeping enterprise IT budgets green.

Some examples of various factors that give us confidence the demand downtrend has at least stabilized include:

    • Enterprises: Everest Group’s Key Issues Study of enterprise priorities captured that over 60% of enterprises (from a sample of 200-plus) plan to increase technology budgets in 2024
    • IT Providers: A notable trend for technology platform players’ performance and outlook is that SaaS/PaaS players are not only reporting double-digit growth and new clients but also foresee growth continuing in 2024
    • Services: We see strong resilience for IT services spending in specific segments such as public sector, healthcare, and energy
  1. Fixing revenue leakage

Over several past quarters, service providers have reported contradictory numbers for revenue growth versus bookings (Exhibit 2).

Our research uncovered some key factors creating this dichotomy, including shifting profiles of existing deals to longer terms and lower annual contract values (ACVs), delayed/canceled commitments, and slow ramp-ups of large deals.

As a result, signings did not translate into revenue growth even after expected ramp-up periods. However, we see signs of stabilization in the latest quarter, especially for mid-tier players, and some stalled projects moving forward. This signals that the net negative effect is reversing and that net positive revenue contribution from bookings may begin.

Forces Forsigh Exhibit 2jpg

  1. Pockets of additional demand

We see some specific growth areas in 2024. Rising cybersecurity demand is promising (as is the case in challenging periods) and is seeing more takers, such as governments expanding cybersecurity budgets. Engineering, Research, and Development (ER&D) demand in asset-heavy industries like automotive is getting stronger as enterprises strategically invest in next-generation concepts to modernize, such as smart factories. Data and analytics will continue its growth trajectory, with the rise in Artificial Intelligence (AI) fueling more robust use cases.

Beyond these promising areas, we also see signs of a turnaround in segments and sub-segments that were hit hard in recent quarters. Prominent ones include investment banking and high-tech industries, and North America.

Note: We are not factoring in benefits from AI and generative AI (gen AI) in our foresight for 2024. While we strongly believe in the immense potential of gen AI, our research suggests that scaled adoption will still take time, and the effect on this year’s growth will not move the needle.

Implications for service providers

Despite the ongoing challenges, the industry has not slumped. The revenue declines seen in one to two quarters is better than several quarters in previous downturns (Exhibit 3). We predict pivotal growth soon.

Forces Foresight

However, given the “classical economics” nature of this downturn impacting IT services, we anticipate the industry’s recovery will be more gradual than previous event-based downturns, in contrast to the sharp recovery in the last two recessions. We expect a diverse mix of industry verticals and geographies to undergo various recovery cycles, making it an interesting and complex scenario.

The key for IT service providers lies in identifying early recovery pockets and attacking rather than being defensive and possibly investing in account management on late recovery cycle areas.

For more insights, supporting data, and trends on IT services growth, please read the report, Forces & Foresight Q1 2024.

Contact Prashant Shukla to learn more at [email protected].

Decoding Quantum Computing: Uncovering its Potential Impact and Opportunities, Part I | Blog

March 19, 2024

With their exceptional computing prowess, quantum computers have the potential to revolutionize various sectors by expediting complex problem-solving. In this first blog of our two-part series, we delve into quantum computer types, opportunities for businesses and IT service providers, and their impact on modern cryptographic algorithms. Get in touch to discuss further.

What is quantum computing?

Quantum computing is an innovative approach that leverages the principles of quantum mechanics to solve extremely complex problems much faster than classical computers. Unlike classical computers using bits, quantum computers employ qubits, such as photons or atoms, for information encoding. Quantum computing progressed from 2-qubit systems in the 1980s to tens in the 2000s, and by the late 2020s, significant milestones were achieved. Google’s “quantum supremacy” in 2019 with a 53-qubit processor and IBM’s 433-qubit chip, IBM Osprey, set records. In 2023, Atom Computing unveiled an 1180-qubit quantum computer.

Quantum bits exhibit numerous types of quantum phenomena. Let’s explore the following:

  • Superposition – Quantum bits, or qubits, can represent both 0 and 1 simultaneously, allowing quantum computers to process information much faster than classical computers
  • Entanglement – Qubits become perfectly correlated, even when separated by large distances. This means that changing one qubit instantly affects its entangled partner, enabling quantum computers to determine the value of the other qubit immediately.

These principles allow quantum computers to perform calculations based on the probability of a qubit’s state before measurement, revolutionizing computing capabilities

Despite substantial investments, current systems face scalability and stability issues. Error correction and fault tolerance also remain complex, with each additional qubit increasing the probability of errors and higher sensitivity to environmental noise. These issues highlight the ongoing hurdles in quantum computing’s path to widespread commercialization.

Quantum computer types

Quantum computers have different architectures, determined by the nature of qubits and quantum mechanics phenomena used to manipulate them. The research and innovation put into these architectures deliver solutions to problems that previously could not be solved due to classical computers’ limited computing capabilities.

Below are some of the most typical architectures that enterprises should be familiar with:

  • Superconducting: Usually made from superconducting materials, these computers use loops and circuits to produce and alter the qubits. They are the most sophisticated and popular quantum computers and can accurately model and simulate the behavior of molecules, materials, chemical reactions, etc. This feature finds practical utility in fields like drug discovery, materials science, and chemistry, where understanding the quantum behavior of complex systems is essential. They also excel in solving optimization problems, such as route optimization, scheduling, and resource allocation, which have applications in logistics, supply chain management, and financial portfolio optimization
  • Trapped ion: These quantum computers use ions trapped and manipulated in an electromagnetic field as qubits. Their long coherence times make them viable for applications requiring high stability and control levels
  • Neutral atom: Similar to trapped ion quantum computers, these use neutral atoms suspended in an ultra-high vacuum by arrays of tightly focused laser beams. They also offer long coherence times and high-fidelity operations, making them suitable for implementing complex quantum algorithms such as simulations and solving optimization problems in logistics and cryptography
  • Quantum dots: These use semiconductor quantum dots or tiny semiconductor nanocrystals as qubits that can confine electrons or other charge carriers, usually manipulated by electrical, magnetic, or microwave pulses. Theyhave the potential for robust scalability and are typically implemented in quantum communication networks and quantum sensing, among other use cases
  • Photonic/optical: Photonic quantum computers leverage photons (or packets of light) to carry and process quantum information. It can play a significant role in quantum communication protocols, enabling secure transmission of information through quantum key distribution (QKD) and quantum teleportation. This ensures the confidentiality and integrity of data, which is essential for various sectors such as finance, defense, and telecommunications

Implications for enterprises and IT service providers  

Quantum computing presents numerous opportunities for enterprises across various industries to revolutionize their operations, drive efficiency, and unlock new possibilities for growth and innovation.

As the field matures, business leaders must prepare to embrace quantum computing in the following five ways:

  1. Educate stakeholders: Enterprise leaders must educate themselves, their teams, and stakeholders about quantum computing, its potential applications, and its implications for their industry. They can organize workshops, training sessions, and seminars to increase awareness and understanding of quantum computing concepts and opportunities
  1. Identify potential use cases: Leaders must understand their respective fields’ most significant challenges and opportunities and actively search for quantum computing use cases. This can be achieved by either having an in-house team of quantum computing experts or collaborating with academia, research institutions, regulatory bodies, and other industry players to stay abreast of the latest quantum computing technology advances
  1. Build a quantum-ready workforce: After identifying relevant quantum computing use cases, leaders must build a dedicated team with expertise in quantum physics, algorithms, hardware, software, and other related fields that can work together to research, design, and implement quantum solutions tailored to their needs. This will enable the enterprise to filter out the hype and focus on areas with real business implications
  1. Invest in research and development: By allocating resources to R&D initiatives focused on quantum computing, enterprises can explore potential use cases, develop proof-of-concept projects, and experiment with quantum algorithms and applications relevant to their industry
  1. Understand technology needs: Enterprises should determine the frequency of their quantum computing usage to help decide whether to purchase/own a quantum computer or utilize cloud-based quantum services provided by computing companies. It is crucial for enterprises to carefully evaluate and choose quantum-computing partners based on their unique requirements

Service providers can play a crucial role in educating enterprises about the potential applications of quantum computing in their specific industry sectors and help them navigate the challenges and benefits associated with its adoption. Enterprises should understand they don’t necessarily need to own or build a quantum computer. Instead, they should embrace quantum computing as a service that provides multiple benefits, such as scalability, elasticity, reduced costs, and increased accessibility.

Furthermore, it’s crucial to communicate to enterprises that quantum computers will not require continuous availability, as they will coexist alongside classical computers. Providers can collaborate with enterprises on R&D initiatives and develop custom algorithms and applications tailored to their business needs. Additionally, providers have an essential role in helping enterprises navigate quantum computing security concerns.

Quantum computing’s impact on modern cryptographic algorithms

Cryptography has served as the cornerstone of secure communication in the digital age, addressing multiple information security aspects, such as confidentiality, data integrity, authentication, and non-repudiation in the presence of third parties or adversaries. Some of the foundational elements of cryptography are:

 

Algorithm Description Use-cases Examples
Hash function/

algorithm

 Transform input data into fixed-size strings called hash values Password hashing, digital signatures, hash-based message authentication codes (HMACs), and data integrity verification SHA2, SHA3, Blake2
Symmetric algorithms Uses one key for both encryption and decryption Data encryption, SSL/TLS, MACs, and VPNs AES, RC6, Blowfish, Twofish
Asymmetric algorithms Uses a pair of keys: a public key for encryption and a private key for decryption HTTPS, digital signatures, email encryption, blockchain, public key infrastructure (PKI) RSA, DSA, ECDSA, EdDSA, DHKE, ECDH, ElGamal

Many cryptographic algorithms that enterprises rely on today, such as RSA and ECC, are based on mathematical problems that are computationally difficult for classical computers to solve efficiently.

However, the advent of quantum computing threatens the security of these algorithms. Shor’s algorithm efficiently solves integer prime factorization and discrete logarithm problems, breaking the security of RSA and other asymmetric encryption schemes. Additionally, Grover’s algorithm threatens symmetric cryptographic algorithms and hash functions by offering a quadratic speedup in searching through unsorted databases.

 

Cryptographic algorithm Type Purpose Impact from large-scale quantum computer
AES Symmetric key Encryption Large key sizes needed
SHA-2, SHA-3 Hash functions Large output needed
RSA Public key Signatures, key establishment No longer secure
ECDSA, ECDH

(Elliptic curve cryptography)

 Public key Signatures, key establishment No longer secure
DSA

(Finite field cryptography)

 Public key Signatures, key establishment No longer secure

Source: Report on Post-Quantum Cryptography (nist.gov)

Quantum computing – a mixed blessing?

Given their immense computational powers, quantum computers have the potential to revolutionize various fields by solving specific problems much faster than classical computers. Rapid technological advancements in the field make it critical for enterprises to understand the technology, determine potential use cases, and prepare for it.

However, the need for robust quantum-safe or post-quantum cryptographic solutions becomes increasingly evident as quantum computing advances. Read our next blog in this series to learn how to navigate quantum computing security concerns.

To discuss further, please contact Prabhjyot Kaur, Kumar Avijit, and Suseel Menon.

Don’t miss the Global Services Lessons Learned in 2023 and Top Trends to Know for 2024 webinar to learn the successes, challenges, and trends that defined the services industry in 2023 and the opportunities for business leaders in 2024.

Gig Worker Benefits Collective: Transforming Benefits Delivery in the Gig Economy | Blog

March 13, 2024

The rising trend of gig work, especially among Gen Z and Millennials who favor nontraditional employment, is garnering attention. However, the lack of workplace benefits for many gig workers is a significant concern. A viable proposal for this urgent need is a Gig Worker Benefits Collective. Read on to learn more.

Reach out to discuss this topic further.

With more than 70 million individuals in the US engaged part or full-time in the gig economy, the notable lack of workplace benefits and life insurance coverage for these flex workers has sparked widespread debate.

About half of Gen Z and millennials, who constitute over 50% of the workforce, gravitate toward nontraditional employment. Consequently, employers are reconsidering benefits for gig workers while navigating various legal and tax complexities.

Employees access benefits in the following ways:

  • Employer-provided benefits – Employees typically offer benefits, using them as an incentive to attract top talent
  • Purchasing individual policies – This alternative provides individuals flexibility and control over coverage
  • Government assistance – This serves as many employees’ safety net. However, the ongoing debate in the US over classifying an “employee” and “independent contractor” complicates matters for gig workers

While this issue appears daunting, finding an answer is possible. Let’s explore this further.

Proposing a solution: The Gig Worker Benefits Collective

One proposal is to create a Gig Worker Benefits Collective for these short-term workers across various employers. This centralized hub would bring together multiple employers or gig platforms under a comprehensive benefits umbrella.

Here are some benefits a Gig Worker Benefits Collective could offer:

  • Centralized administration: A central administration entity or pooled plan provider would manage benefit plans, including health insurance, retirement savings, and other relevant benefits. Technology and digital platforms would streamline administration and communication
  • Flexible benefit options: Through the collection, gig workers could choose from a wide range of benefits based on needs. Options may include health insurance, retirement plans, disability coverage, and more. Furthermore, this would give gig workers the flexibility to customize benefit packages
  • Cost sharing: Participating employers would contribute to the collective pool to cover administrative expenses, potentially reducing costs for individual employers. The collective could leverage economies of scale to negotiate better rates with insurance providers and service vendors
  • Portability and continuity: This solution would ensure gig workers could continue their benefits even when transitioning between different gigs or employers within the collective. Having seamless benefit continuity would enhance worker satisfaction and retention

The Gig Worker Benefits Collective represents a professional, tech-enabled solution designed to address gig workers’ unique needs, potentially changing the landscape of life insurance and group benefits for the gig economy.

To discuss gig worker benefits further, please contact [email protected] and [email protected].

Watch the webinar, Locations and Workforce Strategy 2024: Insights, Trends, and Key Priorities, for insights into strategic workforce decision-making for 2024.

The Capital One Merger with Discover Potentially Signals a Shift in the US Banking Landscape | Blog

February 26, 2024

Capital One’s planned US$35.3 billion acquisition of Discover Financial Services would combine two of the largest credit card companies, creating the most dominant US credit card firm. This deal holds the potential to significantly impact the banking and financial services (BFS) IT services market and providers. Read on to learn the looming risks and what to pay attention to.

Contact us to discuss the topic further.

Acquiring Discover would give Capital One access to a credit card network of more than 300 million cardholders. If the Capital One merger clears antitrust regulations, the combined entity would become the sixth-largest US bank by assets and a leading card issuer and network provider for the US payments market.

Let’s explore the following four implications of the Capital One merger on the BFS technology and IT services sectors.

  1. Increased deal activity will help banks sharpen their focus on core operations

Macroeconomic uncertainty and rising interest rates slowed financial services dealmaking in 2023. However, S&P predicts regional and community banks will be interested in mergers of equals this year. In these challenging times, banks want to understand the potential synergies of the merged entities clearly. They also require deeper due diligence than in the past, as exemplified by the failed merger of TD Bank Group and First Horizon.

Traditionally, acquisitions were an opportunity to enter new product lines and geographies, gain new capabilities, and achieve cost savings and operational efficiencies through technology modernization and streamlining processes and systems.

Recent banking sector acquisitions underscore a clear strategic focus on directing resources to targeted areas. Banks are divesting or seeking partners for non-core or insufficiently scaled units that lack a distinct competitive edge and demand substantial investment.

  1. Investments in data and Artificial Intelligence (AI)/Machine Learning (ML) will rise

Our analysis indicates that merger and acquisition (M&A) activity among regional and community banks will increase, driven by the need to achieve greater scale. This strategic move is essential for these financial institutions to compete effectively with larger players, particularly as customer engagement transitions from physical to digital platforms.

By joining forces, these banks will be better positioned to develop new competencies in data management, AI/ML, open application programming interfaces (APIs), and advanced analytics, aligning with the growing digitalization of banking services. The merged entities will benefit from larger resource pools, facilitating improved alignment between skills and talent.

  1. Service provider portfolios will likely reshuffle

Discover and Capital One have traditionally relied heavily on outsourcing to two or three major service providers. In mergers, providers with significant contracts with both entities typically stand to lose revenue because spending by the merged entity will not be as large as it was under the separate relationships unless they gain wallet share from competitors.

Capital 1 Discover 1

 

Suppliers that solely provide services to Discover are at risk of having their portfolio consolidated and moved to Capital One. However, providers who bring intellectual property or a niche capability may maintain the business through the consolidation.

Discussions about increased regulatory scrutiny are emerging, as even the regional banking market is at the cusp of such transactions. Moreover, this transaction can potentially increase competition for giants Mastercard and Visa.

  1. Banks will require substantial consulting and system integration support

M&As spur increased short-term spending on post-merger integration and consulting services. By rationalizing vendor portfolios and IT infrastructures, merged entities can substantially cut costs by eliminating redundant applications and platforms. BFS firms will need partners to devise modernization roadmaps to create long-term value.

Merged entities must swiftly adapt their operational models, delivery strategies, and sourcing decisions to excel in the evolving landscape. Investing in specific technologies and tools is essential to foster growth and ensure operational continuity. Emphasizing core operations becomes a prerequisite as firms assess the appropriate valuation before crafting their integration strategy.

The road ahead for the Capital One merger

Richard Fairbank, founder, chairman, and CEO of Capital One, has emphasized that the merger with Discover presents a unique opportunity to unite two highly successful companies with complementary strengths and franchises.

The Capital One merger aims to establish a payments network capable of rivaling the industry’s most extensive networks and companies. However, the potential impact of increased market concentration from this combination will face regulatory scrutiny.

Providers should closely monitor system integration opportunities, as Capital One plans to expand its 11-year technology transformation initiative to encompass all of Discover’s operations and network.

The new entity will invest in growth initiatives, including faster time-to-market, innovative products and experiences, and personalized real-time marketing efforts. Operationally, underwriting, efficiency, risk management, and compliance enhancements will drive data and technology investments.

We are closely watching the market and regulatory actions. To discuss the Capital One merger and its impact on the US banking landscape, reach out to Ronak Doshi, [email protected], Kriti Gupta, [email protected], or Pranati Dave, [email protected].

Join this webinar to hear our analysts discuss Global Services Lessons Learned in 2023 and Top Trends to Know for 2024.

Navigating the New Landscape: How DORA Regulations Will Reshape the Future of Financial Services | Blog

February 22, 2024

With the deadline for the European Union’s Digital Operational Resilience Act (DORA) less than a year away, financial entities and service providers need to begin acting to reach compliance. Learn the steps organizations should take to prepare now and discover how the new DORA regulations will strengthen digital operational resilience.

Financial institutions’ reliance on information and communication technologies (ICT) for core operations brings immense opportunities in today’s digital world but also exposes banks, investment firms, insurers, and other financial entities to significant cyber threats and operational risks. To address these growing vulnerabilities, the EU has enacted DORA.

The DORA regulations are expected to significantly enhance the digital resiliency of the EU’s financial sector and foster greater stability, consumer protection, and trust. Financial institutions and authorities are working toward meeting the implementation deadline of January 17, 2025. Let’s explore this further.

DORA addresses two critical concerns:

  • Rising cyber threats: DORA mandates robust cybersecurity measures to protect financial systems from increasingly sophisticated and frequent cyberattacks that steal sensitive data, disrupt operations, and erode trust
  • Potential financial instability: DORA aims to prevent ICT incidents from cascading through the financial system, jeopardizing its stability and impacting consumers and businesses. The regulations ensure financial institutions can withstand, respond to, and recover from ICT-related incidents

Who will be impacted by DORA regulations?

DORA will impact all financial institutions and ICT third-party service providers. This includes banks and credit institutions, investment firms, trading platforms, and providers delivering critical services like cloud computing, data centers, credit ratings, and data analytics. It applies to over 22,000 financial entities in the EU and ICT infrastructure support outside the EU.

DORA framework

DORA establishes a comprehensive framework for managing digital operational resilience across the financial sector. Some key provisions include:

  • Enhanced ICT risk management: Financial institutions must implement robust ICT risk management practices, including threat identification, vulnerability assessments, and incident response plans
  • Mandatory incident reporting: Major ICT-related incidents and significant cyber threats must be reported to authorities, enabling faster response and improved threat intelligence sharing
  • Regular digital operational resilience testing: Financial institutions must conduct regular ICT systems testing to identify and address vulnerabilities
  • Strict oversight of ICT third-party providers: Financial institutions are accountable for the resilience of their third-party ICT service providers, with DORA outlining clear oversight and risk management requirements

DORA requires third-party providers to maintain robust cybersecurity measures and operational resilience capabilities to mitigate risks from potential vulnerabilities and disruptions. Moreover, financial institutions must ensure their current and future contracts with providers are compliant.

DORA focuses on five strategic pillars centered around data: risk management, third-party risk management, incident reporting, information sharing, and digital operational resilience testing. However, financial institutions still have many technology legacy systems that could create obstacles to data management.

Capture 3

How can financial institutions comply with DORA regulations?

Immediate next steps financial institutions should take to prepare for the January 2025 deadline include:

  • Conduct a gap analysis and develop an operational resilience framework, business continuity plans, and governance policies
  • Assess risks with third-party providers in the sourcing portfolio and review existing contracts that may be at risk of termination by authorities
  • Ensure risk and compliance leaders are represented on management boards, as the board will have full accountability for ICT risk management
  • Establish systems for managing, logging, and reporting ICT incidents to regulators

How can providers help financial institutions achieve compliance?

By leveraging their deep understanding of enterprise technology footprints, providers should proactively assist enterprises in meeting the regulatory deadline. We recommend providers take the following actions:

  • Develop a perspective on how DORA will impact financial institutions to ease clients’ worries and gain mindshare with new customers
  • Identify accounts needing support to determine current and future states, business continuity plans, risk management frameworks, etc.
  • Evaluate incumbency status and competitive landscape threats. Acknowledge financial institutions will need to reduce their reliance on a single or small group of providers and have open discussions with clients to ensure transparency and collaboration
  • Develop effective rules, procedures, mechanisms, and arrangements to manage ICT risks to financial entities
  • Review contracts and proactively identify clauses needing changes to incorporate DORA compliance
  • Prepare to undergo threat-led penetration testing with financial institutions if deemed critical by regulators

In the near term, we foresee the banking, financial services, and insurance (BFSI) industry in the EU being impacted in the following ways:

  • Spiked demand for security services as financial institutions run security services maturity assessments to review the current state of DORA compliance
  • Revamped sourcing portfolios as financial institutions assess concentration risk of functions deemed critical under DORA
  • Increased demand for a qualified talent pool to conduct vulnerability assessments, performance testing, penetration testing, etc.

With the deadline fast approaching, enterprises and providers cannot afford to wait for the regulatory process to conclude and must begin to take these recommended steps to reach compliance by 2025.

To learn more about the Digital Operational Resilience Act and how to achieve compliance with the DORA regulations, contact Kriti Gupta, [email protected], Pranati Dave, [email protected], and Laqshay Gupta, [email protected].

To learn about Global Services Lessons Learned in 2023 and Top Trends to Know for 2024, don’t miss this webinar.

EG with tagline Neg
Linkedin-in Facebook-f Play Instagram
Better Decisions Powered by Tenacious Research    

Contact Us

Who We Are

About Us

Newsroom

Office Locations

Partners & Affiliations

What We Offer

Memberships

Custom Decision Support

Published Research

Careers

Why Everest Group

Explore Openings

Equal Opportunity Employer

Resources

Access Reports

Citation Policy

Everest Group Market Intelligence (EGMI)

Legal

Using the Reports Portal

©2023 Everest Global, Inc.         Privacy Notice          Terms of Use        Do Not Sell My Information

How can we engage?

Please let us know how we can help you on your journey.

Contact Us

"*" indicates required fields

Please review our Privacy Notice and check the box below to consent to the use of Personal Data that you provide.
Consent*