How CIOs can support business resilience in uncertain times

Today, nearly every major decision an organization makes will flow through the CIO, and often, the CISO. 

From organizational structure to revenue opportunities to risk management — they’re all about digital transformation, cybersecurity, and your customer experience. The way technology leaders invest and plan today will determine the trajectory of your organization for the next half-decade, or more. 

We spoke to a number of leaders in technology to identify the lessons that will arm your organization against the big unknowns the global economy is facing. Here are some of those hard-won lessons to ensure you’re positioning your organization for resilience.

1. CIOs must advocate for the role of technology in your organization with business leadership 

We know that the CIO role is more critical than ever in determining the success of an organization. That became especially clear after the COVID-19 pandemic. Resilient organizations had CIOs who enabled remote work, migrated operations to the cloud to realize savings, and found new ways for technology to support productivity. 

And that’s why businesses expect to continue spending on technology, as the global economy faces another phase of uncertainty. One survey from CNBC shows that more than three-quarters of senior tech leaders expect their organization to spend more on technology investments in 2022.

Yet, many CIOs struggle to build the relationships and leadership to ensure those investments are supported across the organization. In fact, Gartner found that only 30% of CFOs and CIOs have a collegial and business-centric relationship. 

“Inflationary headwinds are raising the stakes for CFOs to ensure that digital investments deliver productivity improvements and business outcomes that can offset margin erosion,” Randeep Rathindran, vice president of research in the Gartner Finance Practice, said in the report. 

CIOs who succeed in making an impact drive technology change and investment, as a result of their relationships. 

For example, global financial leader ING recognized that it was imperative to build a new cloud-technology based financial messaging system to facilitate financial transactions between banks, customers, and third parties. 

“We chose Elastic because we wanted to future-proof the mission-critical payments processing platform with a widely used technology that scales well as we add more customers and increase load,” said Lieven Merckx, a technical lead at ING. 

“Choosing this solution was natural because ING’s global headquarters is working on providing the Elastic Stack as a Service to the rest of our organization to capitalize on the many use cases and value that can be achieved with Elastic.”

This transformation wouldn’t have been possible without executive leadership that was steeped in the impact rapid workplace transformation would have on the company’s employees, customers, and business partners.

2. Businesses go to the cloud for resilience

The cloud has become the hub for digital resilience. 

The cloud, when properly secured and configured, is a place where redundancy, availability, and security are converging into a solution that is impossible for big iron or on-prem systems to match. In fact, many organizations are starting to benefit from managing multiple cloud systems — more than three-fourths of enterprise organizations use two cloud systems, and roughly a quarter have implemented three or more.

Leading CIOs have stopped putting off the inevitable — and realizing its value.

Even banks, and other highly-regulated industries, have realized that they were holding themselves back by insisting on maintaining their own data centers and servers — adding untold expense and headache to their bottom line, not to mention the risk that some unnoticed, unpatched minor service ends up being a massive invitation to a data breach that compromises their reputation. 

Consider the Log4j2 vulnerability. Elastic’s engineers leapt into action to provide guidance and software patches even as the details of the exploit were still being disseminated to DevSecOps engineers responsible for their own hardware and software maintenance.

If security underlies every decision a CIO makes then, across every dimension of the business, they must practice the discipline of resilience. And as CIOs are coming to realize, for the sake of their employees, their customers, and their very survival as businesses, there is no more resilient place for their data to be than on the cloud.

3. Consider cybersecurity risks — and your CISO — with every big decision

Information security is top of mind for every single CIO — whether it is in their domain or not — because at the end of the day, technology systems and customer information will be impacted. The risks are only ramping up; the costs are growing greater. Between hacker collectives and nation-states engaging in cyber espionage and outright warfare, CIOs know all their carefully considered strategic planning and decision-making can be upended by one rogue breach of systems or theft of data. 

With this truth in mind, CIOs have to build systems that are resilient — and resistant to threats they might not even be aware of. And they have to find talent to fill key roles to do it. Critical to this endeavor is greater collaboration with your CISO. 

[Read more on cybersecurity solutions for a riskier world.]

4. Strike a balance between innovation and governance

CIOs have to balance innovation with risk, optimization with regulation. For instance, you can’t unlock data without considering how it will be used, and what sovereignty might apply.

The pressure can come from all directions: customers, the board, and employees engaging in shadow IT. Somehow, CIOs have to keep tabs on all of it. CIOs are on watch to keep the business from breaking down due to insufficiently considered technology choices — or failure to empower those in the organization responsible for business outcomes. Breaking down silos has become a key strategy.

In one recent report, IT decision-makers allocated application security tools to 48% of development teams — folks not traditionally responsible for cybersecurity — in 2020, compared to just 29% in 2015, according to 451 Research. CIOs are already breaking down the silos between observability and security to create better governance. 

[Read more on the future of DevSecOps — how IT ops and cybersecurity are changing.]

Advanced enterprise search capabilities can also eliminate blind spots and add an important layer of risk governance.

At the heart of every successful enterprise today sits a tactical, strategic, and empathetic technology leader.