Is Reactive IT Finally Dead

If there's one thing I've learned in my 25-year career, it is that life in reactive IT is hard.

As engineers, we design networks and expect them to operate in a certain way. However, there is often a drift between the expected state and reality because the network is a living, breathing thing. And when things go wrong, we either learn that from telemetry data, or we get that dreaded phone call telling us that the network is down. Then, we have to figure out what has gone wrong, and how to prevent it from happening again.

At that point, we are already too late; we are in "firefighting mode", reacting to an outage that has already impacted the business.

Engineers, on average, spend 150+ hours per year restoring normal service operations following an unexpected outage.

Let's put that into context: in that amount of time, you could watch the entirety of the US TV show The Office, from start to finish 3x, fly from San Diego to Honolulu 14x, or run 30 marathons. All better alternatives to working overtime or troubleshooting critical issues in the parking lot of a Starbucks at 11:30 p.m. when you are supposed to be on holiday. Yes, that's a real example. Sadly, we have all been there.

This reactive posture means that teams suffer from:

• High Costs of Unplanned Downtime: Unexpected outages can lead to substantial financial losses, damage to brand reputation, and decreased customer trust. The inability to anticipate and prevent these incidents also exacerbates operational risks.

• Limited Visibility Across Complex Environments: Many IT teams lack comprehensive, real-time visibility into their infrastructure, applications, and user experience. This blind spot makes it difficult to detect early warning signs of issues.
• Configuration Drift and Vulnerabilities: Over time, systems can deviate from their intended configurations, introducing security vulnerabilities and performance inconsistencies that are hard to track without continuous monitoring.
• Ineffective Legacy Tools: Legacy monitoring and management tools frequently fall short in providing actionable insights or integrating telemetry data effectively, limiting their usefulness in proactive risk management.

These challenges collectively underscore the need for a more intelligent, preemptive approach to IT management.
So, let us imagine for a moment what that would look like?

The vision of preemptive IT

The aspirational vision of preemptive IT would look something like this: AI-powered intelligence anticipating and predicting issues before they disrupt operations - avoiding risk, performance degradation, and downtime.

Let's make it more specific by examining two aspirational use cases:

Firstly, you would have visibility into your assets, enabling proactive lifecycle management of hardware and software components. Through a digital interface, you could view detailed end-of-life milestones including end of sale, last ship date, end of software maintenance, and end of support. This visibility would allow your IT teams to anticipate when devices or software will become obsolete and plan replacements or upgrades in advance, preventing unexpected service disruptions. By tracking these lifecycle events, organizations could move from reactive troubleshooting to preemptive action, anticipating and addressing issues before they impact service availability.

You would also have AI-driven recommendations automating routine tasks and keeping you always up-to-date with the current state of your environment.

In the era of LLMs, you will probably expect access to the totality of our intellectual capital, and the ability to engage with it through natural language querying. This would provide you with guided troubleshooting to accelerate issue resolution and improve operational efficiency. Definitely a time-saver - it would only be fair to expect it.

An intelligent approach to the minefield of today's security would also be on your list - that's for certain.

You would want the ability to proactively investigate and mitigate risk related to security, stability, capacity, compliance and aging. Ideally, you would want a view that displays data including intrusion events, application stats, and associated hosts, organized by estimated risk or business relevance. This would enable your teams to prioritize security efforts by understanding which applications pose the greatest risks and require further investigation. That capability would provide clear context and would support filtering and drill-down capabilities for granular analysis, helping teams shift away from reactive to proactive security practices.

With these in hand, your teams would be equipped with correlated threat intelligence, vulnerability information, and business impact into an overall threat ranking - making for quick and accurate prioritization of their efforts and removing guesswork.

Today's vision, tomorrow's reality with Cisco

It is starting to sound like you could complete those 30 marathons, isn't it?

Well, that's our goal! These capabilities outline Cisco's vision of where the IT industry is going and the strategic direction we are spearheading.

At Cisco Live, my colleague, Maddie Speakman and I, shared a little preview of what will soon be available through our new digital experience. You can find that replay in the On Demand gallery or watch the our colleague's Ross Dula demo here:

Sounding the alarm: Killing reactive IT to save your business

While this picture of AI-powered, preemptive IT is compelling, I want to leave you with a note about the current state of IT. Today, only 16% of organizations are ranked as 'advanced' in digital resilience.[1] To be considered "advanced", a company needs to be able to:

• Prevent outages and address incidents before they occur.
• When incidents inevitably occur, have the systems and automation in place to accelerate resolution and recover from that shock.
• And finally, throughout all of that, safely and continuously accelerate innovation and digital transformation by maintaining critical elements such as security and compliance.

Let me be blunt: given the state of the industry, the shift to preemptive IT isn't just desirable - it's critical.

Our goals with these new capabilities are simple. We want to help you:

• Achieve that desired state of advanced digital resilience.
• Move from reactive to preemptive IT operations.
• Reclaim those 150 hours you are currently spending in 'firefighting mode' and focus on what's important for the growth of your business.

Stay tuned as we share more about how Cisco Services can help you get there.

[1] Splunk, "Digital Resilience Pays Off" (2023)