Tech
Building resilience in the cloud: Bridging SLA gaps and mitigating risk | Computer Weekly
Today, enterprises need a robust digital infrastructure for everything from customer engagement to operational continuity, and multi-cloud technology has become a fundamental enabler of enterprise success. However, with these increased complexities, organisations face increasing challenges in managing security risks, maintaining operational uptime, and above all, to maximise value from their cloud investments.
Emerging technologies and innovative approaches are reshaping the way enterprises navigate these challenges, and at the same time service level agreements (SLAs) too are evolving to align with these developments.
Transparency and clear communication between providers and customers are key to achieving faster, stronger security outcomes. With careful planning and a proactive mindset, IT and security leaders can bridge the gaps in their SLAs, mitigate security vulnerabilities, and scale their cloud strategies to achieve sustainable growth.
For cloud services, security is a shared responsibility: the provider ensures the integrity of the infrastructure, and businesses must protect their own applications, endpoints, and data. SLAs are intended to provide clarity on availability and performance, while outlining accountability between cloud providers and their customers. As businesses use more providers to boost agility and reduce dependency, managing SLAs grows more complex. Variations in contractual terms, misalignment with regulatory requirements, and inconsistent reporting structures can leave organisations exposed to unnecessary cyber and operational risks.
Addressing these challenges starts with centralised governance. Bringing IT, security, procurement, and legal teams together to evaluate and negotiate SLAs ensures that they are aligned with an organisation’s risk appetite and regulatory obligations.
Additionally, regularly mapping SLA terms against evolving compliance requirements and threat landscapes helps highlight where additional clauses, such as improved breach reporting timelines or clearer security obligations, are needed. Combining this with a resilient cloud strategy that addresses concerns like disaster recovery and load balancing can ensure that even if one provider falls short, the impact on business operations is minimised.
As enterprises expand their cloud capacity, this inevitably widens the attack surface. Traditional SLAs tend to focus on infrastructure uptime but often fail to address advanced cyber threats. IT leaders must take ownership of this gap by integrating AI-driven threat detection and end-to-end encryption into their cloud ecosystems.
AI-powered analytics, for example, can proactively identify anomalies in real time, flagging suspicious activity and helping teams respond to potential breaches before they escalate. Similarly, implementing end-to-end encryption and identity access management (IAM) ensures that sensitive data remains secure, even in the face of evolving threats. By investing in these measures, enterprises can close the security gaps left by standard SLAs, moving from a reactive to a proactive security posture.
It’s also important for SLAs to be flexible enough to meet the demands of highly regulated sectors, such as finance, where compliance requirements are particularly stringent. For example, aligning an SLA with the General Data Protection Regulation’s (GDPR) requirement for a breach notification within 72 hours not only ensures compliance, but also helps businesses avoid potential penalties while strengthening customer trust. As cyber regulations become more stringent worldwide, aligning security practices with global standards like GDPR is no longer optional, but essential for maintaining a competitive advantage.
The same principle applies to operational resilience. Service disruptions caused by weak SLAs are not just an IT inconvenience; they can have financial and reputational consequences. This is why uptime strategies must be shaped by both regulatory obligations and business priorities. In industries such like healthcare, that might translate into higher uptime guarantees and enhanced security controls, with customised SLAs designed to meet sector-specific needs. Further adopting a shared responsibility model, where providers ensure infrastructure resilience and enterprises focus on optimising application performance, reduces risk and speeds recovery when challenges arise.
Cloud technology’s promise lies in its ability to deliver agility, scalability, and cost efficiency. But these benefits are only realised when innovation is paired with disciplined governance. Whether adopting cloud architectures, containerised workloads, or serverless models, operational expertise and oversight are essential to prevent new vulnerabilities.
Cloud transformation is both a challenge and an opportunity for IT security leaders. SLAs set important expectations, and as tech innovation accelerates, they are continually evolving to address risks and business needs. By centralising governance, strengthening security beyond contractual terms, and adopting resilient, regulation-aligned cloud strategies, organisations can turn SLA gaps, security risks, and operational complexities into levers for improvement. Practical, risk-informed steps like these build trust and resilience, enabling enterprises to unlock the full potential of their cloud investments and achieve sustainable success in an increasingly digital world.
Vaibhav Dutta is vice president and global head of cyber security products and services at Tata Communications.
Amazon Prime Day comes around but once, or twice, or maybe like three times (?) a year, and it’s a great time to stock up on tech, including grabbing one of the best soundbars you can buy on sale. This Sonos Beam Gen 2 Prime Day soundbar deal certainly qualifies, offering clear and expressive performance and a ton of features for a serious discount during Amazon’s Prime Big Deal Days event.
Before you go, don’t forget to check out our Absolute Best Prime Day deals roundup and our Prime Day liveblog for tons more ways to save big.
Small but Stout
-
Courtesy of Sonos
-
Photograph: Simon Hill
-Reviewer-Photo-SOURCE-Simon-Hill.jpg)
Style meets substance has long been the Sonos ethos, and the Beam Gen 2 exemplifies that brilliantly. You’ll find carefully designed curves, slick touch controls, and a compact chassis that fits on any console and below virtually any TV.
The Beam’s sound quality is among the best in its class, with only Bose’s Smart Soundbar keeping pace. While the Bose bar provides better Dolby Atmos effects thanks to dedicated upfiring drivers, Sonos’ bar offers more low-end muscle and impressive frequency balance, along with some solid virtualized Atmos effects.
As with other Sonos products, the Beam Gen 2 is loaded with networking features, including tons of supported streaming services over Wi-Fi in the Sonos app, third-party connectivity like Apple AirPlay and Spotify Connect, and the ability to connect with other Sonos speakers in surround sound or as part of a multi-room audio system.
The Sonos app has had its issues of late, but Sonos has spent plenty of time and toil fixing it since its relaunch with the Sonos Ace. It has worked fine for me for months, with my Sonos Era 100 and Era 300 standing among the most reliable speakers on my network.
The Beam Gen 2 is also a snap when it comes to connection and usability, connecting to your TV over HDMI eARC for simple control with your TV remote. It’s a highly capable little bar that can grow with your system as needed, and at this price, it’s an easy buy.
Power up with unlimited access to WIRED. Get best-in-class reporting and exclusive subscriber content that’s too important to ignore. Subscribe Today.
Prime Day is always a great time to stock up on summer gear for next year that gave you FOMO this year. Perhaps things like this portable, rechargeable misting fan with a refillable tank, for which ads have been all over my social media for the past few months. Shark claims it can run for 30 minutes with the mist consistently on, or for 60 minutes with it in “interval mode,” and when I tested it this summer, I found that mostly to be true. You have to be pretty close to the mister to feel it, like sitting with it on a desk or a table, but if that’s not a deal-breaker, this is a great price on a supremely versatile summer staple. It appears that only the dark-green, limited-edition Spruce colorway is currently priced this low. Not only do I personally think this is the best color anyway, but it also comes with a car charger for travel, which many of the other colors don’t.
Tech
IT Sustainability Think Tank: How IT directors can spot false green claims from Big Tech suppliers | Computer Weekly
The sustainability technology market is vibrant with activity across a range of use case areas (from ESG reporting, through nature capital, sustainable manufacturing, smart energy grids, green IT, and the circular economy).
However, for IT directors navigating this fast-moving landscape, distinguishing genuine environmental credentials from carefully chosen averages, aggregates, and sophisticated spin has become a critical competency… and one which could determine whether your organisation becomes recognised as a sustainability leader or an unwitting accomplice in greenwashing.
Beware of green IT with dirty secrets
One of the most glaring red flags when considering the sustainability of software and IT services is when suppliers tout the benefits of their artificial intelligence (AI)-powered offerings whilst remaining conspicuously tight-lipped about the environmental impacts of the resource-hungry datacentres powering them.
Even when a supplier can cite corporate-level commitments (say, for purchasing renewable power or offsetting emissions), if they’re unable or unwilling to provide granular-level transparency about impacts at the individual workload level, then this should raise concerns.
Global average figures that smooth out peaks and troughs, or rely heavily on offsetting to disguise true consumption, can mask uncomfortable truths about how green your use of their services (in your region, at the time you’re using them) actually is.
The environmental impact of AI becomes particularly pertinent when considering its application in sustainability use cases. Discussions at COP29 highlighted the ‘sustainable AI paradox’ – the fact that the very AI systems being deployed to solve climate challenges are themselves energy and water-intensive – and so it’s imperative that any sustainability solution deploying AI demonstrates clear net environmental benefits.
Absence of clear statements (taking into account the environmental costs of training models, as well as specific operational usage patterns – where and when workloads are being run, etc.) can mask a potentially green solution’s dirty secret.
Technology consumers face making inevitable trade-offs when attempting to balance sustainability against cost and performance, but without hard data upon which to make hard choices, decision-makers will be operating in the dark.
Insist on seeing actual energy consumption metrics for any cloud-based solutions. The most progressive providers are not only transitioning to renewable energy sources but are also doing so transparently. Vague claims about providing a ‘carbon-neutral cloud’, without specific, verifiable metrics, should be viewed with suspicion.
Also, be wary of sustainability claims that focus exclusively on future commitments rather than present achievements – especially if timeframes continue to shift. For example, have 2030 pledges recently morphed into similar-sounding 2035 ones?
Whilst Science-Based Targets and net-zero pledges for 2050 may sound impressive, they mean little without transparent reporting of baselines, current emissions, concrete reduction milestones, and regular progress updates.
Finally, if a company seems over-reliant on carbon credits (especially when it isn’t operating in a particularly hard-to-abate sector – such as like heavy industrial manufacturing), question whether they shouldn’t have made more of an effort to reduce their own carbon footprint before resorting to paying others to offset their impact.
This is particularly relevant following COP29’s carbon trading agreements, where – despite finally establishing country-to-country trading mechanisms after a decade of negotiations – concerns remain about credit quality.
Count what counts – not just what’s easy to
Everybody is (eventually) somebody’s Scope 3. Before smaller – hitherto out-of-scope – organisations find themselves swept up in the expanding catchments of environmental reporting legislation directly, they’re more likely to find themselves caught in a different net… that of a partner’s or funder’s Scope 3 (indirect) carbon emissions reporting.
In today’s ecosystem world, every company is linked to numerous others up and down their value chains for a variety of reasons, and responsibility to disclose greenhouse gas emissions has now joined that list of touchpoints. Suppliers who claim they can’t provide this data are either behind the curve or are potentially hiding something.
However, even if you can get hold of this information, watch for over-reliance on industry average proxy figures (rather than actual, accurate, attributable data), and proprietary certificates and badges that lack industry-wide recognition.
Platform-specific certificates (or benchmarking schemes designed to focus on ‘product community’ efforts) can obscure the true picture of consumption and emissions when what really matters is compliance with internationally recognised standards (such as ISO 14068, replacing the BSI 2060 scheme).
If a supplier’s primary evidence appears to consist more of self-awarded accolades, rather than respected third-party validation, proceed with caution.
Despite anticipated scale-backs to the eventual scope of the regulation, the EU’s Corporate Sustainability Reporting Directive (CSRD) and International Sustainability Standards Board (ISSB) frameworks represent a good start.
Even post-Brexit, CSRD matters because it covers UK subsidiaries of EU parent companies and UK companies with significant EU operations. Also many UK firms are voluntarily adopting it to maintain competitiveness for EU contracts.
Delays to, and reforms of, CSRD may provide UK companies with some immediate breathing room, but that’s no excuse for complacency. Suppliers that can’t demonstrate the ability to comply with these, and other emerging requirements, likely lack robust sustainability governance at their core – hampering their ability to effectively respond and report on their carbon footprint, whatever is ultimately asked of them.
There’s also now additional framework pressure on tech companies to transparently report and reduce their own emissions following COP29’s ‘Declaration on Green Digital Action’ (signed by 90 governments and 1,000 cross-sector stakeholders).
IT directors should specifically ask suppliers about their alignment with the Declaration and whether they’re contributing to their country’s enhanced Nationally Determined Contributions. The UK’s early commitment (made just prior to COP29) to reduce emissions by “at least 81%” on 1990 levels by 2035 will cascade down through procurement requirements, making suppliers’ sustainability credentials increasingly critical for public sector contracts (especially with the government’s mission-driven emphasis on “Making Britain a clean energy superpower” enshrined in its revised Social Value Model).
Also, look for evidence of an integrated (and ‘by-design’) approach to sustainability, not just a collection of disparate initiatives.
TechMarketView’s Sustainability Technology Activity Index research, which analysed the sustainability activities of over 2,000 suppliers and tech users worldwide, reveals that leading suppliers are embedding sustainability into their offerings rather than maintaining separate systems.
The Index also found that they’re providing the means for customers to leverage sustainability data for wider business decision-making and operational control too (beyond core sustainability interests).
If a firm’s sustainability team seems disconnected from its core product development and operations, its influence (and that company’s commitment) may be superficial. Sustainability should be a business issue – for them, and for you.
Shortcomings and shortcuts to being sustainability savvy
There’s something of a skills crisis at the sustainability-business-tech nexus. The uncomfortable truth is that many organisations lack the internal expertise even to properly evaluate third parties’ sustainability claims, let alone determine what sustainability means to their business.
With talent that combines environmental expertise, business context, and technical capability in short supply, companies should establish cross-functional teams to evaluate incoming proposals.
Don’t just include IT and procurement people (and sustainability specialists, where you have access to them), though – also look to finance teams, with their understanding of ROI models; operations, with their grasp of implementation realities; and business strategists, for the big picture context.
These combo teams can provide the domain expertise needed to spot greenwashing that might slip past unsupported generalists – especially when paired with the use of formal scoring frameworks that focus on third-party audited emissions data, compliance with recognised standards, and evidence of year-on-year improvements; and that weight verifiable, present-tense achievements over future promises.
Not every company has this breadth of expertise available, of course – even distributed across multiple roles and role-holders – and in such circumstances, IT services firms are ideally placed to step in and bridge the gaps.
According to data from the Index, professional services are involved in 34.9% of worldwide sustainability tech activity (rising to 38.4% in the UK) – underscoring how initiatives remain heavily consultancy-driven, rather than having yet become operationally embedded within organisations.
However, an over-reliance on external expertise risks businesses failing to truly embrace and understand sustainability thinking (and develop anti-greenwashing antennae) for themselves – with sustainability instead remaining more of a bolt-on consideration, at risk of being sheared-off when consulting budgets are re-assigned.
Moving forward
The stakes are higher than mere compliance. Unsubstantiated sustainability claims risk not just reputational damage, but also potential legal and financial consequences as greenwashing regulations tighten. IT directors that fail to implement rigorous verification processes risk allowing their organisations to become complicit in environmental deception (and losing control of their net zero narrative).
Companies should start by auditing their current technology partners against clear sustainability criteria; for new procurements, make third-party verified sustainability metrics a mandatory requirement; and also start to build internal competency through training, hiring, and strategic partnerships – but don’t wait for the perfect team to coalesce before acting.
By combining healthy scepticism with systematic verification, IT directors can ensure they’re working with genuine sustainability leaders rather than sophisticated storytellers. In a market where environmental considerations have the potential to reshape every industry, the ability to distinguish substance from spin isn’t just good governance. It’s business critical.
Cowboys’ Jerry Jones on middle finger incident: ‘That was unfortunate’
This Sonos Soundbar Puts Your TV Speakers to Shame at a Great Prime Day Price
Car finance scandal: Payouts of £700 per driver under compensation plans
-
Fashion1 week agoHarrods warns customers of data theft in latest IT breach
-
Tech1 week agoInterrupting encoder training in diffusion models enables more efficient generative AI
-
Sports1 week agoTransfer rumors, news: Benzema linked with reunion with Mourinho at Benfica
-
Tech1 week agoMore people are using AI in court, not a lawyer. It could cost you money—and your case
-
Fashion1 week agoThe World’s Fashion Business News
-
Fashion1 week agoThe Lycra Company names new key appointments
-
Tech1 week agoOpenAI Is Preparing to Launch a Social App for AI-Generated Videos
-
Fashion1 week agoPay, human rights and the environment: the OECD puts Shein on notice