Main content

CIOs shouldn't let the business rule the digital roost – have an opinion and get involved

Derek du Preez Profile picture for user ddpreez July 14, 2014
Gartner warns that CIOs need to be ready to advise on the latest and greatest in digital, but equally a new Digital Risk Officer should be appointed to handle digital security at an executive level.

With the emergence of digital across the enterprise, the common perception that the technology function is just a closed guard, back-office responsibility

Businessman multitasking
that is only consulted when things go wrong, and which has a reputation for saying no to user requests, is being challenged. And CIOs are faced with a power battle as a result. Gone are the days when business leads needed to consult the IT department to get their hands on some useful tools; buyers can now go out and purchase what they like directly from the cloud and make decisions independently from the CIO. Marketing and other customer facing departments are getting, and spending, budgets on digital. Whether they should be doing this or not is another question, but business buyers are more often than not the ones driving the digital innovation and CIOs are increasingly being left to just manage and stabilise the back-office platforms.

However, Gartner has issued some advice that argues that CIOs need to decide how they will position their IT organisation in relation to some of the core emerging technologies. The analyst house states that CIOs should get stuck in, form an opinion, guide and support the development of digital – if they want to have any say in front office tech going forward. And I have to agree – CIOs should become the digital consultants for departments that want to get buying, rather than just trying to keep control within the four walls of IT. It's not sustainable and it's unrealistic.

Vice president and Gartner fellow, Hung LeHong, said:

The IT organization is used to owning and supporting "back office" and infrastructure technologies. Digital business technologies support the "front office" and operations and may be emerging technologies that are not commonly part of the IT agenda.

Regardless of the eventual stance, we believe CIOs should have an opinion, and should participate in innovating and in testing the business cases for these technologies in the early stages.

Many companies are looking to digital business technologies as their next source of competitive advantage. There is too much at stake — in both business value and technology investment — for CIOs to stay in the margins.

According to Gartner, CIOs need to build up their knowledge around the following emerging technologies and to understand and address how they can be used within an enterprise to create new business models:

  • The Internet of Things (IoT) – This is a biggie. Going forward, most endpoints on the corporate network are likely to be 'things', rather than machines or mobile devices. And Gartner estimates that the IoT is set to deliver productivity improvements and new revenue streams of $9 trillion by 2020. However, the analyst house also warns that the evolvement of the IoT will create political tension between operations, product development IT. Gartner states:

Consumer-centered IoT (such as the connected home) has few legacy deployments and therefore, CIOs can get in on the ground floor, influencing outcomes and contributing to the technology selections. Industrial-centered IoT also has many opportunities, but CIOs will need to approach these with a lighter hand, because there is likely to be a pre-existing body of technology invested over many years, or even decades, by engineering and operations groups. 

CIOs will need to navigate these political challenges carefully and plan for the resources and skills they will need to span operational and technology projects.
  • 3D printing – An area that CIOs should not underestimate. Gartner believes that at the very least 3D printing will remain a niche market in manufacturing, but it also has the transformational potential to widely impact global trade. Basically, it could mean products don't have to be imported anymore and supply chains could be drastically flattened. CIOs need to have a position on how transformational (or not) 3D printing will be in their industry and their enterprise and make moves to address it.
  • Human augmentation and wearable tech – Wearables have the potential to improve employee effectiveness, safety and health through some clever monitoring and handy applications. However, the idea of 'bring your own wearables' (as with BYOD) will require clear policies, guidelines and governance. Human, legal, social and ethical issues should also be a serious consideration.
  • Robotics and autonomous machines – Gartner believes that newer generation robots can change the cost equation, with the purchase cost approximately equivalent to the annual earnings of a minimum wage employee. However, CIOs need to be aware of the benefits beyond savings on labour, where there could also be less machine wear, shorter lead times, greater safety and less downtime.
  • Cognitive machines – These are basically very clever machines. Like, human clever. They are getting to the stage now where they can handle decision-making tasks that previously had required a level of judgement only human were thought to be able to handle – carrying out jobs such as news writing (weep). Although daunting to employees currently doing these repetitive tasks, Gartner believes that CIOs should look for ways to complement these tasks with the machines, rather than replace the human employee. But the use of cognitive machines has significant impact on brand perception, so the decision to use them should be a question for the board and the CEO too.

Gartner's LeHong said:

The extent to which CIOs will ‘own’, operate and support digital business technologies is undefined, so the time is right to evaluate and pioneer new approaches.

However, given that IT has pretty much always taken responsibility for information management and security – where does this responsibility lie now in a new digital world? Although Gartner reckons CIOs should be weighing in on digital decision making, it believes that the digital risk should be managed by a new role at the enterprise level – it should be a business risk management role, rather than a technical one that is stuck within IT. Getting people to understand this, however, will be the challenge.

Gartner predicts that by 2017, one third of large enterprises engaging in digital business models and activities will also have a digital risk officer (DRO) or equivalent. And by 2020, 60 percent of digital businesses will suffer major service failures due to the inability of the IT security team to manage digital risk in new technology and use cases. Paul Proctor, VP and distinguished analyst at Gartner, said:

Digital risk officers will require a mix of business acumen and understanding with sufficient technical knowledge to assess and make recommendations for appropriately addressing digital business risk. 

Many traditional security officers will change their titles to digital risk and security officers, but without material change in their scope, mandate and skills, they will not fulfil this role in its entirety.

The DRO will report to a senior executive outside of IT, such as the chief digital officer or the COO, and they will manage risk at an executive level across

the business units, working directly with peers in legal, privacy, compliance, digital marketing, digital sales and digital operations. The impact of this new structure of digital risk governance on IT, according to Gartner, is likely to largely be cultural. Where getting employees to understand that digital risk isn't the same as back-end technology risk. Proctor said:

By 2019, the new digital risk concept will become the default approach for technology risk management. Digital risk officers will influence governance, oversight and decision making related to digital business. This role will explicitly work with non-IT executives in various capacities to better understand digital business risk and facilitate a balance between the need to protect the organization and the need to run the business. 

However, the cultural gap between IT and non-IT decision makers presents a significant challenge. Many executives believe technology — and therefore technology-related risk — is a technical problem, handled by technical people, buried in IT. If this gap is not bridged effectively, technology and consequent business risk will hit inappropriate levels and there will be no visibility or governance process to check this risk.

A grey colored placeholder image