Gary Harrison
March 13th, 2025
In this ever increasing world of technical complexity we often search for equally complex solutions to our business problems. But it doesn't always have to be that way, especially when we take the time to look at the bigger picture, reflect on how we have managed complex problems at scale in the past, and use those lessons learned to build simple and effective solutions for the future.
A great part of my role as CTO at Digital Earth Group is looking for innovative or disruptive technologies that help business leaders not just manage but thrive in today's technology complexity. I especially like solutions that create clarity around problem solving, allowing us to look forward and focus on building new business value, and not looking back always fighting technology 'fires' around previous infrastructure investments. Hence being excited when I was introduced to the team and the proposition at BugZero.
It's a simple proposition that solves real business problems, without you having to 'reinvent the wheel'. (It plugs straight in to existing business processes).
Yet, and perhaps rightly so, people ask me, if the proposition is so simple then why has no-one done this before? Why have organisations not implemented something like BugZero already? What has changed that organisations need a solution like BugZero now?
It's because our world has been changing around us, and will continue to at an ever increasing pace. Below are just some of the drivers that now make a solution like BugZero not just best practice, but actually a must for some businesses.
Bug risk management and mitigation has been implemented in many organisations for a long time but has typically been siloed, without consistent processes, within the various infrastructure and technology teams that own the platforms and software. This has involved numerous people providing various levels of effort with often largely manual processes. This also results in a lack of visibility and accountability, where it is difficult for managers to ensure recently released bugs are being addressed in a timely manner. This practice is no longer sustainable for the modern enterprise.
The rate of change, and scale, of software components in technology services has massively increased in recent years. The trend has been towards not patching versions of software but addressing bugs in new releases, meaning the required frequency of software upgrades has increased. The demands placed on teams has increased to a level now that more risk is taken and more software is pushed to production without thorough assessment. As a consequence we are becoming less proactive and more reactive to software bugs.
Automation, abstraction and "shift-left" - modern DevOps and automation practices are pushing responsibility for the configuration of software and platforms into teams that are no longer experts in the underlying technology. Whether consumed through APIs or via abstracted automation frameworks (such as Terraform or Ansible) the teams consuming the underlying software may not even be aware what vendor it comes from, let alone what version or bugs are relevant. Thus they are in no position to actually assess the risk of the configurations and services they are deploying.
Emerging regulatory compliance obligations - as our world and everyday lives become significantly dependent on technology, regulators are now imposing requirements to ensure operational resilience for critical infrastructure and services. And they understand that to manage the risk at scale we need new integrated tooling and automated bug assessments, that fit into a mature risk management framework. Some organisations need to provide real-time evidence of compliance and auditable risk mitigation activities.
Customer experience and brand damage - I talk to businesses on a regular basis that have all experienced service impacting outages from known vendor bugs within the last couple of years. Across fintech, healthcare, transport, education and telecoms. We see these outages in the news way more often than we used to, demonstrating that the 'blast radius' and the scale of impact is increasing. And a lot of these outages were actually avoidable with a more mature approach to risk management around vendor bugs and operational resilience.
Finally, and perhaps to state the obvious, the BugZero business proposition is simple and the value very quick to realise, but that is because BugZero hides and manages all the underlying complexity. They have invested years of development, taking advantage of modern technologies themselves (cloud services, automation, API integrations and even AI models), to deliver a solution that installs in minutes and delivers immediate business value.
So when it comes to managing vendor bugs, as a business in a complex digital world, you could chose to build your own complex solution, or make a simple choice.
Gary Harrison
March 13th, 2025
Eric DeGrass
March 13th, 2025
Eric DeGrass
August 20th, 2024
Sign up to receive a monthly email with stories and guidance on getting proactive with vendor risk
BugZero requires your corporate email address to provide you with updates and insights about the BugZero solution, Operational Defect Database (ODD), and other IT Operational Resilience matters. As fellow IT people, we hate spam too. We prioritize the security of your personal information and will only reach out only once a month with pertinent and valuable content.
You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.