“My view has always been that you can’t mess with risk on IT security and reliability. Particularly if you have Federal government clients, or clients engaged in cross-border commerce. Our clients are facing consequential problems and are often subject to legal restrictions related to privacy and other confidentiality concerns – we are often required to prove compliance with NIST standards, or in the least, having that compliance provides a potential client with assurance that we take it seriously. They also need to have faith that our IT systems, which sit at the core of our capability and service offering, are stable, reliable, and protected from attack and crashes that could lead to catastrophic loss and cost.

Also, from a purely commercial perspective, the benefit to us is that clients are more likely to trust us if we are demonstrably serious about data and IT security, and have invested resources in maintaining stability and resilience. From an operations perspective, offloading the service to a specialist provider who can access the benefits of scale in hardware and software services is just good economics, and allows us access to a grade of gear and expertise that would cost more to functionalize internally.”