How Cloud, Security and Big Data Are Forcing CIOs to Evolve
By Wayson Vannatta
The role of the chief information officer is changing dramatically. A decade ago, CIOs were charged with managing and protecting an organization’s network perimeter, intellectual property and IT assets. Often viewed as a compulsory cost center, a traditional CIO’s work was generally preventative and reactive. Since then, major industry trends have altered conventional technology leadership roles.
At the enterprise level, many responsibilities that would typically fall within a CIO’s purview have been absorbed by other executive roles. Today, just 58% of CIOs sit on the board compared to 71% just two years ago, and nearly two-thirds of organizations allow a “business-managed” IT spend. Midmarket CIOs in particular might be left wondering, “With all this change, am I on my way out?” Let’s explore the three major industry disruptions that have reshaped the role of the enterprise CIO:
Cloud: Cloud computing changed the technology landscape forever. Topics like hybrid and multi-cloud, microservices and containers dominate headlines and conferences. But what’s really impacting our world is the underlying DevOps movement — the shift toward combining and streamlining software development and IT operations. Now that infrastructure and applications are no longer separate, businesses don’t need the CIO to manage server setup, code deployment or other previously manual IT tasks; or implement technologies like Kubernetes or new SaaS solutions. This is one of the reasons many traditionally “CIO-level” responsibilities have been redistributed to CTOs who own the resources and cloud infrastructure that runs their applications directly.
Information security and privacy: Businesses are far more concerned with security, data privacy and compliance than ever before, and rightfully so. The average cost of a data breach today is $3.9 million, according to IBM. As the ever-growing wave of security and privacy incidents continues, we’ve seen legislative reactions such as GDPR or the California Consumer Privacy Act (CCPA) emerge. A decade ago, CIOs would typically manage all aspects of data security and privacy based on the advice of a dedicated information security specialist. The sheer level of regulatory, financial and reputational damage at stake has shifted those responsibilities to chief information security officers (CISO). Prominent board advisers, CISOs are responsible for mitigating security and privacy risks, maintaining compliance, and preventing incidents from impacting the business.
Data: In the past, CIOs would typically be responsible for collecting, organizing and retroactively reporting on company data. Now, we view data as a business enabler that can highlight meaningful trends, provide predictive models and help maximize efficiency and profitability. Using data analytics, Netflix saves $1 billion per year on customer retention, while Walmart processes 2.5 PB of customer data every hour to increase sales. As companies focus on developing faster, more comprehensive access to data and the tools necessary to accomplish this, enterprise-level CIOs have become less involved in direct data management. With advanced technical skills and a mandate of complete ownership over company data, chief data officers (CDOs) now lead data governance, management and protection, while embedding AI systems to streamline workflows and reduce manual processes and decision making.
CIOs: Transform your inner “I”
The good news is that these enterprise-level disruptions to the CIO role represent an opportunity to re-examine your position and make meaningful adjustments. Here are six role-changing routes every midmarket CIO should explore:
1.Become a “Chief Improvement Officer.” It’s time to become a more well-rounded, versatile CIO. Learn scripting languages like Python or Ruby to enhance cloud management. Spend time educating yourself on secure coding best practices. Scan podcasts like Arrested DevOps, The 443 – Security Simplified and Super Data Science for key industry trends. Invest time into developing capabilities that will improve your team and business.
2.Tackle the role of “Chief Instigation Officer.” Challenge your company to try new things. Should your organization adopt multi-factor authentication, or finally transition away from that old data warehouse nobody wants to manage? Develop your IT improvement plan, understand and overcome potential obstacles, and instigate change.
3.Develop a reputation as “Chief Influencing Officer.” Build your influence by collaborating with other company leaders. Understand your CMO’s top technology priorities and considerations. Proactively engage the legal department about privacy and compliance issues. Approach these interactions as an enabler whose influence and expertise can support change.
4.Turn into a “Chief Investment Officer.” CIOs need to proactively demonstrate their value. Use cold hard data to educate other executives about your current projects, progress and challenges. For example, educate your chief financial officer (CFO) on your organization’s security needs by breaking down your budget across prevention, detection and response spending. Explain the cost of a data breach with examples. Make your case by being detailed and transparent, demonstrating ROI, calculating costs versus output, etc.
5.Take on the role of “Chief Initiative Officer.” CIOs also need to understand other aspects of the business beyond IT and take the lead on new initiatives that will better service other departments. Increase operational efficiency by introducing AI or ML capabilities before customers ask for those, or learn finance principles and advocate for smarter business decisions. This will allow you to provide greater value and become more engrained across the entire organization.
6. Transform into a “Chief Innovation Officer.” Always look for creative ways to help strengthen the business. Push for DNS-level security to provide better off-network user protection. Propose using a cloud data warehouse to store your older network logs in order to reduce your SIEM storage costs, while preserving your ability to quickly troubleshoot issues. Great things can happen if you reject the status quo and seek out opportunities to innovate.