Before CIOs look to take advantage of shiny new technologies and introduce disruption into business strategy, they should ensure that the core—cybersecurity, infrastructure, cloud, and more—is stable and robust.
If you exercise using weights, you’ve no doubt heard a trainer’s advice to strengthen your core: Without a stable core, you can have trouble completing even one deadlift regardless of
View the 2018 CIO Survey collection
Explore the infographic
Read the next chapter: "Industrializing innovation"
Subscribe to receive Leadership content
your leg and arm strength. The same can be said of digital and emerging capabilities—without a strong technology stack, they may struggle to reach their potential.
When we asked CIOs which technology areas will have the most impact on their businesses in the next three years, most selected front-end technologies: digital, data and analytics, and emerging technologies (see figure 19). But many also recognized that these initiatives should be built on a strong technology foundation that incorporates cyber, modernized legacy systems, and cloud computing.
Cyber has generally become shorthand for security and privacy, topics that can discomfit even the most seasoned executives. Many organizations maintain a reactive stance to cyber; resources are focused on protection and prevention, realized through enforcement of compliance to standards, policies, and implementation patterns.
C-suite executives often focus on the shiny side of digital: new technologies that can transform customer experiences, drive product innovation, and boost business performance. But these likely represent only the tip of the digital iceberg.
CIOs need to consider identifying and understanding what is below the surface. Core technologies serve as a foundation for a business’s digital strategy. And a deliberate, systematic approach to innovation can enable the business to proactively harness disruptive capabilities.
Yet many organizations still view security and data privacy as an operational expense (see figure 20). Only about half of those surveyed say their organizations treat security as a strategic investment that is needed to protect business-critical operations or personal information. Digital vanguards—perhaps because they are further along in their digital journey—are more likely than baseline organizations to view cyber as a strategic asset (57 percent versus 49 percent).
However, this doesn’t mean that organizations are turning a blind eye to security and the broader topic of risk; most CIOs (53 percent) report that cyber topics were discussed at their most recent meetings with the board. And 69 percent of respondents report having a very good or complete understanding of cyber-related changes and investments needed for digital initiatives. “It’s hard to measure the value of cyber prevention,” says Dave Naisby, CIO of the Commonwealth of Pennsylvania’s Employment, Banking, and Revenue Delivery Center. “However, once you get people to recognize the potential consequences, they understand the need to invest in it.”
A more strategic view is likely needed, evolving beyond cyber to involve other dimensions of “risk”—including regulatory and compliance, operational risk, financial risk, and even reputational risk. This last piece hints at an emerging topic of tech ethics as well as the ongoing debate on the social impact, ethics, and morality of technology adoption.
Containing risk is no longer just an operational concern—it’s a board-level business issue and strategic imperative for many organizations. Stakeholders at all levels should understand the opportunities and risks associated with digital initiatives. Leaders should proactively balance protecting the organization with adopting new business models and strategies.
Many CIOs recognize that their legacy systems lack the agility needed to innovate and scale. Most (64 percent) are rolling out next-generation ERP or modernizing legacy platforms to address the limitations of existing systems. “If you don’t have high-performing infrastructure, then forget about projects and initiatives,” says Mike Tartakovsky, CIO of the US National Institute of Allergy and Infectious Diseases. “No one will trust you without solid infrastructure—that’s the core.”
Compared to baseline organizations, fewer digital vanguards (47 percent) are focused on ERP, perhaps because they have completed foundational investments. Digital vanguards are also less likely than baseline organizations to be involved with supply chain and finance transformation (see figure 21).
Many CIOs are confident in their ability to drive legacy modernization efforts; 65 percent report a good or complete understanding of the changes and/or investments required. However, as enterprise leaders, CIOs should consider extending their understanding beyond implementation to applying the modernized infrastructure to support enterprise growth and business transformation.
To create a competitive edge, we’re looking beyond our own four walls and working with our product teams to determine how analytics and other emerging technologies can be applied to new products and services for our end customers. — Johnson Lai, CIO, NuVasive
Business acceptance of all things cloud is likely a significant driver of digital transformation, and it’s growing. Ninety percent of CIOs report that their organizations use cloud computing. This is just the beginning: They expect cloud investments will double as a percentage of IT spend over the next three years, leaping from 22 percent to 44 percent. Nearly one-third of CIOs (32 percent) report using cloud infrastructures for critical business applications.
Scalability (75 percent) and business agility (72 percent) remain the primary drivers for cloud adoption (see figure 22). While CIOs in past surveys expressed concern about protecting business data and operations in the cloud, their worries appear to be dissipating. Thirty-four percent of those surveyed now see cloud as a way to enhance security.
For many CIOs (44 percent), cost reduction is a primary motivation for cloud adoption. In one-on-one interviews, though, many CIOs cautioned that without appropriate governance processes to oversee enterprisewide cloud spending, total cost could actually increase. This is a real concern; according to our survey, only about one-fifth of CIOs say their organizations have structured processes for measuring the impact of technology investments.
To support digital, CIOs should consider balancing investments in both front-end and back-end systems. The business case for standalone back-end investments can be a hard sell, but increasingly, there is a common understanding that companies must invest in core technologies such as cyber, modernized core systems, and cloud to support their digital ambitions. As such, investments in these core technologies should not be viewed as standalone expenses but, rather, should be tightly and strategically integrated with investments in customer-facing digital technologies.