The hot topic at this time of year is inevitably a retrospective of successes and the hopeful prediction of what is to come. Challenges will always exist but the key is can you answer how resilient you are because it is this that will absorb the shocks when they come. How challenges are approached and addressed by businesses will be the barometer for their rate and status of digital transformation. This does point at who? IT leaders are well aware of the technological challenges but who else is? Business leaders have to face a culture change that brings them into the conversation beyond driving business goals. Problem solving will no longer be the sole domain of those executing. A move towards changing corporate culture is looking like a reality for success in the long run. Prioritization and being transparent about expectations are also essential. So what is actually keeping IT leaders up at night? For the nth consecutive year coming in at the top spot it is security threats, data breaches and privacy. No surprises there but a concern that is becoming more urgent is the simplest one. Are there enough highly skilled digital hands on deck?
“There are risks and costs to a program of action — but they are far less than the long range cost of comfortable inaction.”
Security threats, data breaches and privacy
The security risk problem is not a new one and not likely to go away anytime soon. In fact it is quite likely the activity will remain but the methods will change. The guerilla mentality is a probability where hackers who once used to go for the high hanging fruit will start to pick holes at the simple vulnerabilities that have been overlooked. They will also start making lateral moves which involve third party vendors and partners for example. The lesson here is to be vigilant about not just your own business vulnerabilities but that of anyone you do business with let’s call it your IT supply chain. Getting clear about what needs to be done, plugging those gaps is a better cost effective solution than continuous security monitoring. Fine for bigger organizations who can factor that into their budgets, but the downside for the larger business is the reputational damage a breach or attack can cause and that’s before the financial implications are even considered. This brings me back to my point of bringing the business leaders into the equation, having them educated on what the actual language of such damage means from a financial perspective will be crucial Csuite and board members will be more integral with the help of a solid IT governance strategy. The flashy hacking methods of yesterday being replaced with more surreptitious tactics will see a rise in malicious software and ransomware will likely gain more traction creating a headache for IT leaders. Will this segue into nominating individuals solely dedicated to dealing with malicious attacks autonomously?
“A business will have good security if its corporate culture is correct. That depends on one thing: tone at the top. There will be no grassroots effort to overwhelm corporate neglect.”
As the digital growth seems to be on an exponential curve and with that comes the data explosion the concerns about data governance are glaringly obvious. So much so this was anticipated by the EU GDPR and the California Consumer Privacy Act (CCPA) who act as an island of calm in the chaos. Organizations that have not already started to comply with these regulations must know they cannot avoid doing so. In fact the signs point to penalties for not safeguarding data across all data environments.
Prioritization, managing expectations and staffing
The increasing pressure on IT leaders to deliver correlates to technological leaps. Already stretched teams working on projects as well as firefighting problems will naturally look to their leadership peers to collaborate on decision-making and therefore share in accountability if and when deadlines slip. The latter simply moves events on from painful mishap to troubleshooting solution through reorganization of tactics. This prioritizing of projects can happen at any time, though most logically done at the start, it helps to be flexible enough to accommodate the change on the single project as well as determining the fate of every other project in the pipeline. It would be rather pessimistic to assume that all prioritization is a waste because that is not the case, I refer to the prudence of business leaders when it comes to counting the cost in time and resource and knowing how to choose the best value priority when it comes to pecking order. This primary prioritization if not the secondary or revised prioritization borne of missed deadlines.
Softening the blow of a missed deadline comes in the shape of managing expectations, these too are more logical at the beginning of a project. Under promising and over delivering will always be preferable to the converse. It might seem like a simplistic view but being honest about what can be achieved give or take the intangibles that always crop up, is always best. It helps hone focus and actually buys extra time to expedite a project to a faster conclusion. Using a modern agile approach is wise as it places the higher risk project elements at the initial stages of the project life cycle, ensuring any failures can be sidestepped sooner rather than later.
“One of the tests of leadership is the ability to recognize a problem before it becomes an emergency.”
If this past year has been any indicator then the shortage of skilled digital talent is not exaggerated. Finding the right talent is difficult and there is an increasing reliance on freelance/contract workers to fill the gap. This trend is likely to continue this year as is remote/telecommuting. Though there is a distinct benefit to such workers primarily their flexibility and ability to react fast and the larger pool of talent they offer, they represent a challenge that cannot be overlooked. Namely the vulnerabilities they bring to the company particularly personal and sensitive data. It is something IT leaders need to weigh up when it comes to deciding what they need for the long term and if that will guide them towards automated solutions via AI operations.