Let’s assume you run a mid-sized or large company. If you do, you need to read this. If you’re a Chief Information Officer (CIO) at one of these companies, you also need to read this. As Tom Friedman reminds us in his superb Thank You for Being Late: An Optimist’s Guide to Thriving in the Age of Accelerations, environments are changing at warp speed and everyone must continuously and immediately adjust – or suffer unpleasant consequences.
Many CIOs, especially the long-tenured ones, are understandably products of their education, training and experience. But times have changed, and what were once technology acquisition, deployment and support “best practices” are irrelevant to the trajectories of today’s world. Some executives react to changes; very few proactively embrace – or create – them.
So if you’re a CEO, COO or CFO, or the Chairperson of a Board of Directors, here’s how to kill – or coronate – your CIO. If you’re a CIO, here’s how to avoid the guillotine and ascend to the digital throne. Yes, this is a test, but there are only ten questions.
- Loosen Up
Tight control of technology assets is no longer realistic – or remotely effective. Technology is now diffuse. It’s likely that many employees in the lines of business already know as much about new technology as the CIO and his or her team. Not about how to buy and support networks or desktops, but about the role that augmented reality and automated reasoning might play in your product marketing efforts. The deeper you enter the cloud, the more control you cede to your cloud providers. If CIOs threaten to fall on their swords rather than share control over technology assets, let them. This is a huge test for CIOs and their teams. Industry trends point clearly to shared governance – whether CIOs like it or not. Where are you on the control scale? The more control you concentrate, the less effective your technology platform will be. Everyone should federate control with the business units; centralization is a remnant of the 20th century – even though most companies still centralize control! There should be business unit CIOs (with some such title) responsible for strategic technology applications and investments – not the enterprise infrastructure, which should remain with the enterprise CIO and the company’s technology providers. By the way, cloud delivery of infrastructure and applications has already loosened things up and cloud providers are now part of everyone’s governance team regardless of how CEOs, COOs, CFOs or CIOs see the world.
While many CIOs and CTOs derive much of their corporate power from the management of the computing and communications infrastructure, it’s way past time to share control with off-campus and off-shore infrastructure acquisition, deployment and support vendors. The good news is that computing and communications infrastructure has become commoditized and cost-effective. Multi-channel infrastructure strategy is now a core competency of all companies that need to support an increasingly mobile and distributed workforce. If your CIO, CTO or CISO insists that infrastructure should be home-schooled, it’s time to find some new teachers and some good public or private clouds.
If your CIO insists on maintaining – and even enhancing – legacy applications, you should find a new one. I realize there are always “good” arguments for living in the past, but CIOs who fail to aggressively lead their companies out of Desert Legacy are failing their companies. They all know it’s only a matter of time before the sand shifts and sinks under their feet. CIOs should launch applications rationalization projects and see them through to their obvious (though often politically incorrect) outcomes. No money should be spent on enhancing aging applications: phase them out! CEOs, COOs and CFOs need to hold their CIOs accountable for egregious acts of professional laziness. The same is true of new applications. Before any new in-house application development project is approved, it should be vetted against existing functionality in packaged applications, especially applications the company already owns or leases from the cloud or from applications their cloud providers are offering that the company is not currently leasing. New application development is an empire-building strategy: the more developers CIOs, CTOs and CISOs have writing new applications that the business says it needs, the bigger their army. CIOs, CTOs and CISOs know this strategy well. CEOs, COOs and CFOs must remain vigilant about empire building and aggressively counter-attack. CEOs, COOs and CFOs must continuously track software spending ratios and resist the messaging that clever CIOs use to justify their applications development empires: “the business made me do it.”
CIOs that shortchange innovation – as recent SIM data suggests they’re already doing (it’s #17 out of 19 on the investment list) – should be fired. Digital transformation is real and permanent. CIOs should be integral members of all transformation teams. They should be identifying and piloting emerging and potentially disruptive technologies based on business rule/process/model transformation opportunities. They should be briefing executives about technology trends and especially what their competitors are doing with emerging/disruptive technologies. They should establish some form of innovation center of excellence — though not too formal and definitely without fanfare. Their teams should be wide and deep in the technologies most likely to impact their companies.
The cloud is a CIO’s best friend. CIOs should move more and more of their infrastructures, applications and (minimal) development activities into the cloud. If they resist, they should be fired. CEOs, COOs and CFOs should demand strategies for phased and then complete migration to the cloud. If necessary, private clouds can provide gateways to public clouds, but the journey must proceed along specific timelines. Cloud optimization and analytics should become new core competencies and the CIO’s team must be masters of cloud service level agreements (SLAs) and cloud container technology to assure agility across cloud vendors. All technology decision deployment decisions should require a quantitatively compelling business case for and against the cloud. Once in the cloud, users should be charged by the drink. Continuous applications rationalization should involve decisions around SaaS.
CIOs that do not aggressively champion the importance of cybersecurity must go. If your CIO doesn’t invest heavily in cybersecurity they should be fired. If CEOs, COOs and CFOs fail to invest heavily in cybersecurity, they should be fired. It’s astonishing that in 2016, over 50% of companies surveyed by SIM did not have a CISO. If you are the CEO, COO or CFO of any of these companies, you should be fired. Why so harsh? Because there are no greater threats to your company’s survival than digital ones.
CIOs should spend as little and as much money on technology as they can procure. It all depends on how they spend the money. They should allocate increasing dollars to IaaS, SaaS and, if they must, PaaS. They should allocate significant resources to emerging and disruptive technologies. They should be held accountable to spending by functional area, not by spending as a % of revenue or even spending technology-by-technology. The best spending metric is not technology spending as a percentage of revenue or even spending as a percentage of specific industry revenues. The best metric is technology spending across functional areas that measures an organization’s commitment to leveraging the right technology at the right time. Such metrics would reveal – ideally – that companies are, for example, spending more and more on digital marketing, more on automated customer service and more on intelligent systems to manage and optimize the customer journey. If your CIO doesn’t keep score this way, then he or she is probably tenured, tired and loathe to change. As more and more functional areas – like finance, marketing, customer service, product development, supply chain management and payment processes, among so many others – go digital, why wouldn’t technology budgets rise more aggressively and non-technology functional budgets fall? (While operational technology budgets also fall.)
The alignment problem is an excuse for poor bi-directional communication. CIOs, COOs and CFOs need to make their needs clear and CIOs, CTOs and CISOs need to listen and, ideally, understand business problems nearly as well as their business partners do. This is not a difficult process. CIOs that complain about how hard it is to “align” should be replaced, because it’s a tactic designed to just blame someone else for their shortcomings. The same is true of whole technology teams, especially ones that frequently blame the lines of business for their inability to articulate their requirements – when obvious requirements are staring them in the face. If they’re unwilling to make eye contact with what’s staring them in the face, they need to look elsewhere.
If your CIO is a loner, fire him or her. If your CIO is “quiet” and unassuming, fire him or her. Low profile CIOs that hide in their offices need to go. CIOs that do not have personal relationships with the lines of business need to go. Successful CIOs are smart, communicative, persuasive, domain knowledgeable and personable. If they lack any of these skills, send them to charm school, or replace them.
I cannot understand why the number of internal technology professionals is increasing anywhere. Given the cloud-based acquisition, deployment and support options we have today, why is the number of internal technology employees rising? How in the world is the industry’s “involuntary turnover” rate only 2.7%? The number of employees is a measure of efficiency. If the number of technology employees is increasing, CEOs, COOs and CFOs should suspect empire-building inside their companies. There’s no reason why the number of internal technology professionals should not decrease as CIOs, CTOs and CISOs make more and better use of the cloud, as the number of customized software applications decreases and as infrastructure commoditizes.
Kill or Coronate?
The criteria are clear. Smaller, leaner, innovative technology organizations should be created and managed by personable CIOs steeped in domain knowledge. If CIOs satisfy these criteria, coronate them immediately, but if they fail, replace them tomorrow.
Source: SANS ISC SecNewsFeed @ March 5, 2017 at 05:51PM