Return to site

What Keeps CxOs Up At Night

What CxOs have in common and why Information Assurance matters

· Digital Business,Business Strategy,Business Value of IT,Thought Leadership

"I need [IT] to move from the back of the bus, where it traditionally sits, to the front of the bus…and it’s traveling fast."

- Angela Ahrendts ex-CEO of Burberry

(conversation with her CTO)

I've had pleasure to talk to many CxOs over the recent years and collate what I think would be the key challenges for them in the new era of IT Industrialisation and Digitisation. Having in mind the burden of the new regulations, pervasiveness of data, and ubiquitous computing things have moved on drastically and requires a fresh perspective how businesses are run and transformed.

The term Digital is largely overused and should be replaced with “the-way-how-we-do-business-today”. Digital stands for - demonstrating value, competitive advantage, risk taking culture as the new forefront of the modern business strategy. Inspiration, vision, value creation, and insight seeking are putting pressure on organisations and the creatures of habit reluctant to change - it is about being able to adapt or become extinct. The same applies to vendors.

As the organisations are catching up with digital world - vendors have to follow and realise the potential of addressing the challenges below. Vendors need to help organisations to hire new talent, re-skill existing employees and fill skills gaps by looking to build a trusted ecosystem of partners. If you’re not intimately involved or you don’t understand the challenges below, whether you’re a vendor or an end-organisation CxO, then you should be worried, extremely worried…

The CxO of today - putting Data at the heart of Digital Business

My PoV: a good information management and governance delivers, by default, good information security, privacy, quality and stewardship.

Strategic goals:

  • Understand information
  • Make Information open and transparent
  • Manage information
  • Protect information
  • Monetise information

Figure 1: The new forms of IT and business capabilities required to drive the business growth and transformation

broken image

Image source: Gartner

Paradigm shift exposes the modern CxO suite to new challenges and they arriving from the two opposite view points:

  1. Risk-reduction driven, such as Chief Information Security Officer, or 
  2. Opportunity/value-driven, such as Chief Digital Officer

Lately we have the role of Chief Data Officer, historically being risk-reduction focused gearing towards opportunity/value creation for the business, essentially being in a hybrid role, generating revenue as well as protecting revenue.

I'm a Chief Executive Officer and I want to know...

  • How do I transform the business?

  • How do I run the business more efficiently?

  • How do I grow the business?

I'm a Chief Data Officer and I want to know...

  • What is the business value of data?
  • How do I manage data as an asset?
  • How do I manage data that crosses organisational boundaries?
  • How do I keep up with information lifecycle changes?
  • How do I maintain an inventory and ontology of key information assets?

I'm a Chief Digital Officer and I want to know...

  • How do I create new values from business information?
  • How do I monetise information assets?
  • How do I create new digital channels to market and build digital relationships with customers?
  • How do I embed IT in (physical) products?
  • What information services I need to enhance the customer experience?
  • What new information products, services and business lines I can build to sell information (previously regarded as a byproduct)

I'm a Chief Information Officer and I want to know...

  • How do I maintain order in heavily regulated and litigious world where privacy, compliance, litigation and regulatory requirements causing a proliferation of business processes?
  • How do I keep up with new information types and sources - driven by the 5V’s?
  • Do I have the right technology, processes and people skills to address the above?
  • How do I quantify financial value of information assets, as if they were a balance sheet asset?
  • How do I measure the benefits that each type of information asset generates for our organisations?
  • How do I reduce cost and complexity throughout the enterprise?

I'm a Chief Information Security Officer and I want to know...

  • How do I consistently secure multiple sources of data, across silos?
  • Rapid adoption of public clouds, personal devices, big data and changing work patterns are conflicting to regulatory requirements for data access control - how do I address this?
  • How do I protect data as an asset whilst allowing collaboration and processing inside and outside the traditional organisational perimeter?
  • How do I address new threats emerging from adoption of new, emerging technologies and services?
  • How do I measure effectiveness of risk and security controls in my organisation?
  • Do I have the right skills, processes and technology to ensure timely detection, prevention and reporting of data breaches to satisfy regulations?

I'm a Chief Privacy Officer and I want to know...

  • How do I understand what Personally Identifiable Information (PII) is held and processed by my organisation?
  • How do I map/translate Privacy requirements to technology, processes and controls?
  • How do I provide an evidence that my organisation is adequately protecting the PII?
  • How do I engage with the business and provide oversight and monitoring of the data protection programme and compliance with the regulations?
  • How do I provide evidence for notification and communication of personal data breaches to authorities?