CIOs Archives - Cyber Secure Forum | Forum Events Ltd
Posts Tagged :

CIOs

CIOs ‘need to accelerate time to value’ from digital investments

 960 640 Stuart O'Brien
By:
0
0

CIOs and IT leaders must take action to accelerate time to value and drive top- and bottom-line enterprise growth from digital investments.

That’s according to Gartner’s annual global survey of CIOs and technology executives, which gathered data from 2,203 CIO respondents in 81 countries and all major industries, representing approximately $15 trillion in revenue/public-sector budgets and $322 billion in IT spending.

“The pressure on CIOs to deliver digital dividends is higher than ever,” said Daniel Sanchez Reina, VP Analyst at Gartner. “CEOs and boards anticipated that investments in digital assets, channels and digital business capabilities would accelerate growth beyond what was previously possible. Now, business leadership expects to see these digital-driven improvements reflected in enterprise financials.

“CIOs expect IT budgets to increase 5.1% on average in 2023 – lower than the projected 6.5% global inflation rate. A triple squeeze of economic pressure, scarce and expensive talent and ongoing supply challenges is heightening the desire and urgency to realize time to value.”

The survey analysis revealed four ways in which CIOs can deliver digital dividends and demonstrate the financial impact of technology investments:

Prioritize the Right Digital Initiatives

Survey respondents ranked their executives’ objectives for digital technology investment over the last two years. The top two objectives were to improve operational excellence (53%) and improve customer or citizen experience (45%). In comparison, only 27% cited growing revenue as a primary objective and 22% cited improving cost efficiency.

“CIOs must prioritize digital initiatives with market-facing, growth impact,” said Janelle Hill, Distinguished VP Analyst, Gartner. “For some CIOs, this means stepping out of their comfort zone of internal back-office automation to instead focus on customer or constituent-facing initiatives.”

The survey revealed that CIOs’ future technology plans remain focused on optimization rather than growth. CIOs’ top areas of increased investment for 2023 include cyber and information security (66%), business intelligence/data analytics (55%) and cloud platforms (50%). However, just 32% are increasing investment in artificial intelligence (AI) and 24% in hyperautomation.

“Leading CIOs are more likely to leverage data, analytics and AI to detect emerging consumer behavior or sentiment that might represent a growth opportunity,” added Hill.

Create a Metrics Hierarchy

The survey found that 95% of organizations struggle with developing a vision for digital change, often due to competing expectations from different stakeholders. To drive financial outcomes, CIOs must reconcile siloed initiatives by using a visual metrics hierarchy to communicate and demonstrate interdependencies across related digital initiatives.

“A key ingredient needed to accelerate delivery of digital benefits is accountability,” said Hill. “For example, if the enterprise undertakes a digital initiative to improve customer experience, with the financial goal of improving profit margins, then the CIO’s accountable partner is likely the CMO.”

CIOs should connect with functional leaders for each digital initiative to understand what ‘improvement’ means and how it can be measured. Creating a picture that reflects the hierarchy of technical and business outcome metrics for each initiative will help identify the chain of accountability that will collectively deliver the dividend in focus.

Contribute IT Talent to a Business-Led Fusion Team

While strategic engagement with business unit leaders is necessary to accelerate digital initiatives, the survey exposed an IT mindset of “go it alone” regarding solution delivery. For example, 77% of CIOs said that IT employees are primarily providing innovation and collaboration tools, compared with 18% who said non-IT personnel are providing these tools.

“Over-dependence on IT staff for digital delivery reflects a traditional mindset, which can impede agility,” said Sanchez Reina. “CIOs must embrace democratized digital delivery by design to accelerate time to value. Equipping and empowering those outside of IT – especially business technologists – to build digitalized capabilities, assets and channels can help achieve business goals faster.”

Loaning IT staff to fusion teams that combine business experts, business technologists and IT staff will catalyze a team that is focused on achieving digital business outcomes, while also opening the way for reciprocity, such as integrating subject-matter experts from the business into an IT-led fusion team.

Reduce the Talent Gap with Unconventional Resources

Many CIOs continue to struggle to hire and retain IT talent to accelerate digital initiatives. However, the survey identified numerous sources of technology talent that are untapped. For example, only 12% of enterprises use students (through internships and relationships with schools) to help develop technological capabilities and only 23% use gig workers.

“Talent shortages are among the greatest hindrances to digital,” said Sanchez Reina. “CIOs are often limited by policies related to preferred providers or employment contracts. They must stress to business and HR leadership that engaging unconventional talent sources can help accelerate the realization of digital dividends.”

Geopolitical risk ‘will provide CIOs with new leadership opportunities’

 960 640 Stuart O'Brien
By:
0
0

Technology governance issues emanating from cross-country politics have led to digital geopolitics rapidly becoming an issue that multinational CIOs must step up to lead, according to Gartner.

Forty-one percent of Boards of Directors view geopolitical power shifts and turbulence as one of the biggest risks to performance, according to a Gartner survey. Gartner predicts that by 2026, 70% of multinational enterprises will adjust the countries in which they operate by hedging to reduce their geopolitical exposure.

“Digital geopolitics is now one of the most disruptive trends that CIOs must address, with many now dealing with trade disputes, legislation coming from one country that impacts global operations, and government imposed restrictions on the acquisition and use of digital technology,” said Brian Prentice, VP analyst and Gartner Fellow. “They need to get acquainted with this new reality and prepare for its impact.”

Geopolitics describes the geographic influences on power relationships in international relations. The resulting competition between nations plays out in many areas, including economic, military and society. Due to the increasing importance that digital technology plays in each of these areas, digital geopolitics is emerging as its own unique category of impact.

Gartner says CIOs must play a pivotal role in assessing corporate risk and, if required, rearchitecting digital systems. They will need to manage or exploit four distinct facets of digital geopolitics (see graphic below).

1. Protect digital sovereignty

Digital sovereignty will be a primary source of complex, dynamic and expanding compliance obligations for multinational enterprises. Governments are primarily addressing it through their legislative and regulatory powers, such as privacy laws like the GDPR, and are increasingly turning to extraterritorial legislation. Companies that deal with the citizens of a jurisdiction are required to comply with its laws, regardless of where the company operates or where the citizens reside.

CIOs must be proactively engaged in ensuring that the IT organization’s operating model and practices reflect current laws and regulations in place. Their role is to be aware of the legal environment and articulate to other executives how the IT organization supports compliance across the enterprise.

2. Build a local technology industry

The technology industry is of great interest to public policymakers around the world due to its size, fast growth, strategic importance, tax revenue, employment possibilities and lack of requirement for a specific national resource advantage.

Many national governments are investing in developing a home-grown tech sector. For example, the U.S. seeks to address regional imbalance in global chip production through the Creating Helpful Incentives to Produce Semiconductors (CHIPS) for America Act, and the Australian Government’s Digital Economy Strategy 2030 includes building a dynamic and emerging tech sector as a key pillar.

Efforts to establish a domestic technology industry provide CIOs with an opportunity for proactive engagement with governments. They must localize specific initiatives into countries that have the best integration between local expertise and access to government co-innovation support.

3. Achieve necessary military capability

The growing digitalization of national military and security operations will limit the availability of some technologies within various countries. Enterprises and CIOs are impacted by the emerging sphere of cyberwarfare, as well as the digitalization of existing warfighting and security technologies.

CIOs can no longer count on the availability of technology used by the enterprise for its operations in any country in which it operates and will likely be faced with restricted and mandated suppliers. To minimize disruptions, they must establish a vendor and technology risk center of excellence, chartered with a regular assessment of the exposure of key suppliers to evolving government restrictions.

4. Exert direct control over the governance of cyberspace

National competition for control over the governance of cyberspace will impact the operations of multinational enterprises. As digital technology weaves itself through all aspects of society, nations are seeking to ensure that their own technologies reflect and support their core values and their citizens. Governments are increasingly concluding that they need a protected national digital infrastructure.

The machinations by governments for control over cyberspace governance are beyond the influence of CIOs, but they will have profound impacts on a business’ ability to operate internationally. CIOs can advance the executive team’s understanding of cross-national competition for control over cyberspace and the impacts to their enterprise’s operations by leading an annual cyberspace environmental update briefing.

The economy runs on trust – The Synack 2021 Trust Report

 960 640 Stuart O'Brien
By:
0
0

By Jennifer Bennett, Synack

The Synack 2021 Trust Report 

The pandemic has accelerated initiatives to digitally transform operations, and drove efforts to implement Zero Trust security for remote workforces. Reinforcing cyber resilience continues to be top of mind in organizations, firms, and societies, and goes hand in hand with trust.

The 2021 Trust Report is Synack’s essential guide for CISOs, CIOs, security practitioners, C-suite and board executives to understand how to measure security, determine risks and build trust with data and insights on the state of different industries and sectors of the economy.

In its fourth volume, the authoritative global report shares data from the most trusted brands based on thousands of security tests conducted by the world’s most skilled ethical hackers, The Synack Red Team (SRT). The report spotlights the different industries and sectors of the economy and reveals new insights into how critical organizations are prepared to fight ransomware and other digital threats and stay resilient.

Average Industry ARS rating by years
(As published in previous Trust Reports)

Industry 2019 2020 2021
Government 47 61 64
Healthcare 60 56 61
Financial Services 57 59 58
Technology 46 55 57
Ecommerce 48 47 57
Retail 45 46 55
SLED 46 50 49
Consulting/Business & IT Services 53 48 52
Manufacturing/Critical Infrastructure 70 45 50

ARS rating based on data from the Trust Report: 2019. Data through January 2019
ARS rating based on data from the Trust Report: 2020. Data through July 2020
ARS rating based on data from the Trust Report: 2021. Data through April 2021.

The report data is based on Synack’s patented Attacker Resistance Score (ARS)™ Rating and includes a macro industry comparison that demonstrates how the most trusted organizations use the ARS rating and how to use the rating to benchmark attacker resistance against other industries.

All too often, vulnerabilities leave organizations dangerously exposed. Last year, the US-CERT Vulnerability Database recorded nearly 17,500 vulnerabilities—a record number for the fourth year in a row. More than a third— 16%—of vulnerabilities found in 2020-April 2021 by the Synack Red Team (SRT), our global network of highly skilled and vetted security researchers were considered critical. Beyond that, the SRT saw a 14% increase over the past two years in authorization and permission vulnerabilities, which can give attackers access to the most sensitive networks and systems.

According to Synack’s CEO, Jay Kaplan: “We’re facing a global cybersecurity crisis. Some organizations are doing the right thing, creating effective defense strategies and being proactive. Others are simply checking boxes. But the nature of today’s threat requires an aggressive and assertive approach,” said Jay Kaplan, CEO and Co-Founder of Synack. “The Trust Report and the ARS are vital tools for understanding the gaps in any organization’s security plan, and can be used as a tool for CISOs and other security leaders to prioritize security efforts and focus on the most pressing threats and vulnerabilities first.”

The increased sophistication of today’s threats makes the CISO even more vital. On top of digital transformations, organizations faced punishing nation-state hacks with cyber attacks continuing to rise in 2021. Going forward, the role of the CISO and security teams will continue to evolve and expand. In fact, 55% of enterprise executives plan to increase their cybersecurity budgets in 2021 and 51% are adding full-time cyber staff in 2021.

“Testing—when it comes to security, safety, and resilience—makes all the difference in the world,” wrote Ritesh Patel, Security Principal at bp, in the foreword to the 2021 Synack Trust Report. “Measurements such as the Attacker Resistance Score (ARS) keep us honest and informed. The ARS lets us constantly assess our performance and compare how we’re doing across sectors. It’s a strong indicator that bp is performing above industry average, which sends a clear and powerful message within the organization that security—and trust—are essential in everything we do at bp.”

Read on to learn how the most trusted brands in the world measure security and build trust while diving into the different industries and sectors of the economy.

Synack leads the industry in finding the most critical and dangerous vulnerabilities in customers’ digital assets and apps, giving them the insight necessary to prevent attacks as found in our report’s key findings.