A few weeks ago, I co-hosted a meeting with Gamiel Gran of the venture capital firm Mayfield Fund. It was held in Washington, DC, and the 25 or so CIOs in attendance represented the remarkable diversity of the nation’s capital. There were, of course, CIOs from the government sector, but there were also CIOs from the private sector, including business-to-consumer, business-to-business, and business-to-government companies. In preparation for the session and throughout our afternoon together, it was interesting to see the themes that were of greatest interest to the group. The top five themes covered were:
- Establishing a Culture of Innovation
- Maturing Data Governance and Maintenance
- Getting Real Value out of the Cloud
- Staying on Top of the Evolving Threats Related to Cybersecurity
- Containers and Microservices as the Driver to IT Agility
Establishing a Culture of Innovation
It was interesting to see innovation as the top theme, and furthermore, it was interesting to see that CIOs from across the aforementioned sectors each had significant roles to play in guiding or driving innovation on behalf of their institutions. The government CIOs indicated that the need for detailed requirements for most projects in the government often runs counter to developing a culture of innovation. One government CIO noted, “In government there’s a tendency to stick 2,000 requirements on something, slowing down the process.” He went on to indicate that this creates a need for innovation workarounds, as people with great ideas will sometimes work on them on their own time, trying to get to a proof-of-concept without going through the traditional channels. There is a need in government to adopt the concept of the innovation lab, with a separate set of people with a separate mandate together with different skill sets, processes, and technologies, the extent to which each are possible.
Another recommendation offered by the CIO of a federal IT provider was to “build innovation improvement process into department budgets.”
Others worried that there is too much of a desire to institutionalize innovation rather than free it of constraints. Those constraints may come in the form of stringent processes and detailed requirements, but it also can come in the form of budgetary constraints. The CIO of a large international financial institution noted that the traditional annual planning cycle with capital expenditures and operating expenditures fixed for an annual period no longer makes sense. “Capex and Opex and the annual planning don’t fit this new world, as it slows down the ability to deliver quickly.” It was widely acknowledged that the annual budgeting cycle is not likely to be thrown away across organizations any time soon, so CIOs must make the case to create an innovation budget that is budgeted without specific projects fully formed when the budget is set.
Maturing Data Governance and Maintenance
The CIO of a federal IT provider summed up the challenge on data governance and data maintenance by saying, “We hear about lots of data solutions, but we still aren’t seeing progress on data management. Cleaning data, data management, etc. This is not [adequately] a part of the offerings we see from new companies. That’s the disconnect [between us and Silicon Valley].” Another CIO who is an SVP at a large healthcare firm noted, “Some people refer to data as the new oil of business. It is really the new crude oil. The question is how you turn it from a commodity into something refined that you can get value out of.”
One of the issues has been the paucity of talent related to data governance and maintenance to say nothing of data analysis more generally. This requires partnering wisely with firms who can provide contracted resources while one hires and trains their way to developing these skills. It also means choosing solid technologies that can help advance this discipline further.
Getting Real Value out of the Cloud
The predominant feeling among the CIOs present was that the cloud is the present and the future. The question is, as the CIO of a leading higher education software company put it, “How do we continue the journey from intermediate architecture to full cloud? How do we get the org to move faster now that cloud et al enables this?” The pace with which companies make this leap is correlated to the amount of technical debt that the company has assumed. There are some who still doubt the economics of the cloud, stating that the cloud is “your stuff on someone else’s hardware.” That said, the flexibility, the interoperability, and, in fact, the security of the cloud tend to be superior.
The CIO of a major federal agency noted that many CIOs ask themselves, “How we can move our legacy apps to the cloud?,” when they should be asking, “How we can get new business value out of it?” Part of the issue is that too many people make the move for cost reasons alone, and the payback on a cloud transformation can take some time, as the process of migrating data and shutting down redundant systems can actually lead to a spike in costs in the near and medium term. Therefore, naysayers who indicate that the costs will increase are right in the short-term, but it requires steadfast leadership to accomplish the efficiencies over the long-term.
Staying on Top of the Evolving Threats Related to Cybersecurity
Naturally, security was a major point of conversation, and a high priority for everyone in attendance. The CIO of a medical non-profit noted that a challenge is preparing for cyber-attacks “when the rules change as you play the game.” Members of the government sector reflected admirably about how advances in the private sector are happening at such a pace that the intelligence community is more enthusiastically partnering with startups than in the past.
An interesting trend that has emerged has been advances of the chief information security officer in the corporate structure. Long a direct report to the CIO, some are becoming peers to the CIO, with some reporting directly to CEOs, such is the perception of the strategic importance of security.
Several participants noted the need to develop a culture of security. So many breaches begin with bad hygiene and issues with internal personnel, often without any intention of wrongdoing. Remaining vigilant, regularly updating training protocols, and measuring the effectiveness of these efforts is increasingly important.
Another participant noted that “establishing a strong internal security culture can help combat insider security threats.” The cultural point, and the requirement that IT teams and companies more generally foster training while documenting protocols is essential.
Containers and Microservices as the Driver to IT Agility
The last trend highlighted is the move to microservices and containers, Each suggest an architecture that enables the continuous deployment of complex applications by ensuring they are loosely coupled. I noted in the gathering as I often do when speaking with CIOs of larger institutions that are, say, a generation or more in age, that issues of legacy culture, process and technology represent an existential crisis for CIOs. Microservices and containers are an ingredient to be used toward future proofing the technology aspect.
Peter High is President of Metis Strategy, a business and IT advisory firm. His latest book is Implementing World Class IT Strategy. He is also the author of World Class IT: Why Businesses Succeed When IT Triumphs. Peter moderates the Forum on World Class IT podcast series. He speaks at conferences around the world.