After years of prioritizing digital transformation and focusing on innovation, many CIOs are reporting that their No. 1 goal now is supporting operational efficiency.

CIO.com’s 2023 State of the CIO report, its 22nd such annual survey, showed that more CIOs today are seeing improved operational efficiency as the top imperative.

Some 45% of respondents listed “increasing operational efficiency” as a business need driving their IT agenda, propelling it to the top spot on the list of business initiatives driving IT budgets today, besting other critical business needs such as increasing cybersecurity protections, furthering transformation, and even improving profitability.

But IT leaders say there a host of other business needs shaping IT initiatives today that are not only nearly as important as driving operational efficiency but are frequently supportive of it.

That’s what Matt Mead, CTO of the technology modernization firm SPR, sees in the market.

“Driving efficiency is very much on everyone’s minds,” he says, while quickly adding that CIOs are investing in technologies that help them address multiple business needs. He cites automation as a case in point, noting that the technology can transform processes as well as improve customer and employee experiences, all while creating more efficient operations. Cloud migrations and data analytics projects do much the same, Mead says.

Top 15 business needs driving IT spend

The State of the CIO survey asked 837 IT leaders and 201 line-of-business (LOB) participants a range of questions regarding their current and future IT strategies, with 56% reporting that they expected their overall IT budgets to increase this year. In terms of business initiatives driving their IT spending this year, the top 15 enterprise needs are:

Increasing operational efficiency: 45%

Increasing cybersecurity protections: 44%

Transforming existing business processes: 38%

Improving the customer experience: 36%

Improving profitability: 27%

Increasing employee productivity: 25%

New product development: 22%

Increasing topline revenue for the business: 20%

Developing new digital revenue streams: 19%

Improving/optimizing the employee experience: 19%

Enhancing hybrid work technologies: 18%

Improving talent acquisition/retention: 17%

Meeting compliance requirements: 16%

Monetizing company data: 14%

Adhering to environmental, social and governance (ESG) standards: 11%

The top portion of this year’s list varies from last year’s findings in notable ways, with increasing cybersecurity protections having been the top business need driving IT budgets in 2022, followed by increasing operational efficiency, improving customer experience, transforming existing business processes, improving employee productivity, and improving profitability.

The shifts suggest that a portion of enterprises are moving on somewhat from last year’s protection posture in favor of revamping business processes and increasing efficiencies, and that the pandemic’s lens on employee productivity is giving way to an eye on profitability as economic headwinds rise.

Business pressures drive IT

Multiple CIOs across various industries say their IT agendas line up with the State of the CIO Report findings.

Woody Groton, the CIO for Draper, a nonprofit research and development organization, until April 2023, says the IT strategy he had put in place is a testament to that.

“Operational efficiency and profitability and productivity all tie into the business pressures we’re all seeing,” he says, adding CIOs continue to hear calls for IT to help reduce costs and drive efficiencies. “There’s a renewed focus on all this; that’s something I’m experiencing.”

But Groton says the pressure for operational efficiency isn’t about identifying technologies that can help slash costs — as had been the case in the past. Instead, the imperative is to determine how IT can improve operational efficiency while also meeting other key business needs, such as transforming processes and improving customer and employee experiences, he says.

The IT plans Gorton had implemented for 2023 at Draper called for moving the company from an on-prem ERP system to a software-as-a-service option; Groton says such a move enables business units to update existing business processes, with the expectation that the company will enjoy both transformation and improved operational efficiency as a result.

Groton’s IT strategy called for moving other systems to the cloud to gain efficiencies, spur additional process transformations, and boost the company’s cybersecurity posture — all top business priorities at Draper that correspond to the CIO.com research findings.

Automation efforts, such as robotic process automation (RPA), and implementing software with built-in AI capabilities are other key initiatives, given their ability to shift workers away from mundane time-consuming tasks to higher-value activities, thereby generating further efficiencies and improved user experiences, Groton says.

As Draper CIO, Groton also focused on meeting the company’s push for maturing its cybersecurity posture. To that end, Draper adopted a zero-trust security model, with IT implementing various technologies, such as network detection and response (NDR) software to support that defense-in-depth strategy.

Draper’s continuing drive to maximize its use of data also meant more investments in business intelligence and analytics tools, Groton says, while its ongoing hybrid work environment necessitates ongoing investments in technologies that support and improve both worker experience and productivity.

Max Horne, CIO and senior vice president of Colonial Savings in Texas, has a similar list of business objectives to fulfill. He specifically listed operational efficiency, cybersecurity, and “projects that can help us bring more business in” as top drivers at Colonial.

Maturing the bank’s data and analytics program and improving customer experience are also top business objectives today, Horne says, noting, however, that these items are perennial priorities, with their rankings on the priority list changing mainly based on fluctuations in economic and business conditions.

“I find my project portfolio has always had those things in it,” Horne says.

Addressing multiple business at once

Other research shows a similar list of business imperatives shaping the IT agenda this year.

The IT Priorities: 2023 report, conducted by research and consulting firm Frost & Sullivan for tech company GoTo, surveyed 1,000 IT decision-makers and found that growing revenue was the No. 1 business objective for the year and that 83% of surveyed organizations intended to achieve that growth by acquiring more customers. Improving operational efficiencies was second on the list of business objectives, followed by reducing costs and increasing customer satisfaction.

Meanwhile, Snow Software’s 2023 IT Priorities Report found that reducing IT costs topped the list, followed by reducing security risks, delivering digital transformation, adopting new technologies to improve day-to-day operations, and driving company growth.

CIOs say they’re working to collectively address those multiple and often overlapping needs.

That’s the case for James Pennington, vice president, CIO, and HIPAA security officer at Southwell, a nonprofit healthcare system in Georgia.

He lists the business need to accelerate growth, strengthen the workforce, and reduce expenses as his top drivers for IT spending. He also cites the Southwell’s commitment to safety and quality as a top business need shaping IT today.

“As with most of the healthcare provider market, we are struggling to rebound to pre-pandemic volumes and revenue. Most of our technology initiatives are based on tangible ROI and/or maximization of our legacy investments. As such, our strategy centers around innovative solutions leveraging key strategic vendors in order to capitalize value,” he says.

Micha Albertijn, CIO of Meat&More, a vertically integrated Belgium-based company that incorporates food production and processing as well as distribution and retail activities, says he, too, is working to meet multiple business needs of near equal importance.

First, Meat&More is pushing for operational excellence. “The more efficient and effective our processes are, the better our company is running,” Albertijn says. “This can be translated to how we offer digital solutions to our employees and customers and vendors.”

The other two main drivers are becoming more customer-centric and containing spending, which means benchmarking activities from a financial point of view and working to “right size” in terms of budget, he says.

IT is working on various initiatives to support those business imperatives, with several IT projects delivering value in all three areas, Albertijn says, pointing to his team’s work with the sales and marketing department on data-driven know-your-customer projects, which help Meat&More be more customer-centric while supporting top-line growth and efficient use of marketing and sales spend.

“A topic that was already high on our agenda before my arrival but today is even far higher on the agenda is cybersecurity,” Albertijn adds. “We feel due to circumstances and also due to recent events that cybersecurity is asking for far more attention.”

Consequently, he and his IT team are spending more resources in that area, with money going to improving the team’s security skills and implementing next-generation security tools such as those that use AI to deliver more effective threat detection and response.

Focusing on the enterprise mission

CIOs say such intense focus on business needs — and aligning IT spending and the overall IT strategy to them — has become critical for enterprise success.

Bryan Kennedy, director of museum technology and digital operations at the Science Museum of Minnesota, speaks to that point, saying that the museum’s executive team is focused on “using technology to drive forward its mission.”

For Kennedy, that means investing in technologies such as automation and AI-based tools to streamline operations with an eye toward delivering efficiencies — echoing a familiar refrain.

It also means moving more workloads to the cloud, which is both helping the museum to transform processes while also cutting costs. And it means investing in data and analytics to help the museum become more data-driven — with the goal of using those insights to understand where it can grow and how it can move further into the digital space.

At the same time, Kennedy — like his CIO colleagues in other industries — says he has seen his business-side colleagues become more committed to maturing the museum’s cybersecurity posture. Kennedy has invested in various security technologies — including a password management tool and cloud access security brokers — as he moves the institute to a zero-trust security model.

Kennedy’s priorities mirror other findings in the 2023 State of the CIO survey, which noted that CIOs this year anticipate their involvement to increase in cybersecurity (70%), data analysis (55%), data privacy (55%), AI/machine learning (55%), and customer experience (53%).

The study further found that most respondents (77%) believe the visibility of the CIO role will continue to be elevated within their organizations. Already, 38% of LOB respondents consider the CIO as a strategic advisor who proactively identifies business needs and opportunities with another 25% viewing the CIO as a consultant who is evaluating and advising on business needs and technology choices.

Budget, Budgeting, Business IT Alignment, IT Leadership, Technology Industry

Traditionally, content delivery networks (CDNs) were used to cache files close to consumers, enabling media publishers to stream video and gaming software to customers as quickly as possible, and allowing high-stakes web application providers to deliver web pages equally fast.

Eventually, application and content owners found these networks had use beyond caching that enabled digital experiences to be better, safer, and more personalized and profitable. The market responded with edge platforms, an evolution of CDNs that can handle the compute and data workloads that were historically the domain of data centers and clouds. Edge platforms are now a fundamental part of every consumer-facing business’s digital stack.

How does this evolution from traditional CDN to an Edge platform help businesses and improve consumer experiences?

Benefit 1: holistic security protection

With the proliferation of on-premise, cloud, and SaaS systems, technology leaders are struggling to protect an increasingly diverse and expanding attack surface area from bad actors. Further, leaders often tend to overcompensate by implementing chains of security solutions, creating single points of failure, and adding latency and performance bottlenecks between security layers. Given that the average web page generates 65-70 requests on mobile and desktop, and latency accumulates with every page, performance, in turn, is negatively impacted.

The distributed nature of modern applications across multiple clouds, on-prem data centers, and SaaS tools means that the traditional notion of a security perimeter is no longer applicable. To ensure holistic protection, organizations must adopt an edge-enabled solution that can be present across all these environments, otherwise, routing all traffic through a central office using VPNs can cause undesirable latencies and network costs.

By moving security to the edge – in front of cloud providers, application, and storage servers – your infrastructure and data is protected wherever it lives.

Benefit 2: increased consumer experience with speed and AI-driven personalization

Generally, the closer you can move compute to the user, the faster your application will be. Edge computing enables companies to push components of web applications down to the edge of the network and even into the consumer’s device, speeding up page loads on web and mobile devices.

To do so requires intelligent predictive prefetching, which anticipates what actions, data or content the consumer will need next, and pushes the info to their browser or mobile device in anticipation of the request. This effectively makes web pages and mobile screens load instantly.

In addition to speed, the edge can be the ideal layer to implement personalization informed by first-party data or AI algorithms. Organizations can use the knowledge of their end users’ preferences, keywords searches, and geolocation to display products that are relevant to the user in real time.

Benefit 3: reduced costs

Nearly 75% of executives consider edge computing a strategic investment, in part due to the lower cost of bandwidth. Edge computing allows local data centers to crunch their own data instead of sending it to a central data center or the cloud. By processing locally, the amount of transmitted data across the network is greatly reduced, resulting in less bandwidth and connectivity.

Remote servers or data centers act independently, regardless of outages or connectivity to the central data center. Removing dependency on a central network allows digital businesses to be more available and agile in constantly changing markets.

Edgio

To realize true cost savings from the edge requires a balanced approach. Sometimes, it’s more efficient to compute a workload in the cloud and cache it to multiple edge nodes, instead of having all nodes execute redundant work. That’s why it’s important to use a holistic application platform, such that of Edgio’s, that allows you intelligently leverage the capabilities of both the cloud and edge for peak performance and cost optimization.

Conclusion

Edge platforms are taking the market share of traditional CDNs and cloud providers for their wider range of use cases and advanced capabilities. Businesses are improving their security posture, performance, and consumer experiences, while reducing overall costs from edge compute and AI capabilities, real-time responses, and intelligent migration of workloads.

Edgio is a global edge network with an integrated developer-friendly platform designed to offer the highest levels of performance and protection for digital content, boosting overall revenue and business value.

Digital Transformation

Like most CIOs you’ve no doubt leaned on ROI, TCO and KPIs to measure the business value of your IT investments. Maybe you’ve even surpassed expectations in each of these yardsticks.

Those Three Big Acronyms are still important for fine-tuning your IT operations, but success today is increasingly measured in business outcomes. Put another way: Did you achieve the desired results for your IT investments?

For more than a decade, IT departments derived business value from cloud computing—public, private and maybe hybrid. Of late, concerns about the public “cloud-first” approach have emerged to challenge business value and skewer ROI, TCO and KPIs. And it drew the curtain on a critical reality: IT profiles are much more complex.

A more thoughtful approach to procuring and managing assets is needed to help hurdle the challenges posed by those diverse estates. To understand how to get there, it helps to first unpack how we got here.

When Diminishing Returns Become Budget Busters

For years enterprises scrambled to build applications in public cloud environments; there was legitimate business value in rapid innovation, deployment and scalability, as well as unfettered access to more geographical regions.

“Cloud-first strategy” became a cure-all for datacenter impediments, as well as an IT leader’s tentpole for digital transformation.

More recently some organizations have reported diminishing returns from their public cloud implementations. Some companies calculated savings after moving from public clouds to on-premises—or cloud repatriation. Others conducted apples-to-apples comparisons of public cloud versus on-premises costs.

In some instances, poor implementation and faulty configurations were the culprits for deteriorating ROI, TCO and KPI values. Collectively these factors have dulled the initial sheen of agility and innovation around the public cloud.

The reality is the decision to put applications in the public cloud or on-premises systems is not an either-or argument; rather, it requires a nuanced conversation, as consultant Ian Meill points out in this sober assessment.

Smart Workload Placement is Key

Meill is right. The real argument about where to allocate applications to generate business value is around the most appropriate location to place each workload. Because, again, IT environments are far more complex these days. They’ve become multicloud estates.

To accommodate an accrual of disparate applications, you’re likely running a mix of public (probably more than one) and (maybe) private clouds in addition to your traditional on-premises systems. You might even operate out of a colo facility for the benefits cloud adjacency affords you in reducing latency. Maybe you manage edge devices, too.

Workload placement is based on several factors, including performance, latency, costs, and data governance rules, among other variables. How, where and when you opt to place workloads helps determine the business value of your IT investments.

For example, you may elect to place a critical HR application on-premises for data locality rules that govern in which geographies employee data can run. Or perhaps you choose to offload an analytics application to the public cloud for rapid scalability during peak traffic cycles. And maybe you need to move an app to the edge for speedier data retrieval.

Of course, achieving business value via strategic workload placement isn’t a given. There is no setting them and forgetting them.

As you navigate the intricacies of workload placement, you face many challenges such as: Economic uncertainty (the market is whipsawing); deficit in IT talent (do you honestly recall a time this wasn’t an issue?); abundant risk (data resiliency, cybersecurity, governance, natural disasters); and other disruptions that threaten to crimp innovation (long IT procurement cycles and slow provisioning of developer services).

You can try to tackle those challenges with a piecemeal approach, but you’ll get more value if you deploy an intentional approach to running workloads in their most optimal location. This planning is part of a multicloud-by-design strategy that will enable you to run your IT estate with a modern cloud experience.

A Cloud Experience Boosts Business Value

As it happens, an as-a-Service model can help deliver the cloud experience you seek.
For instance, developers can access resources needed to build cloud-native applications via a self-service environment, freeing up your staff from racking and stacking, provisioning and configuring assets to focus on other business critical tasks.

To help you better align cost structure with business value, pay-as-you-go consumption reduces your reliance on the rigorous IT procurement process. This cloud experience will also help you reduce risk associated with unplanned downtime, latency and other issues that impact performance and availability SLAs aligned to your needs.

Leveraging such a model—and in conjunction with trusted partners—IT departments can reduce overprovisioning by 42% and support costs by up to 70%, as well as realize a 65% reduction in unplanned downtime events, according to IDC research commissioned by Dell1.

Dell Technologies APEX portfolio of services can help you successfully manage applications and data spanning core datacenters to the edge, as well as the mix of public and private clouds that comprise your multicloud environment. This will help you achieve the business outcomes you seek.

Regardless of where you opt to run your assets, doing so without a modern cloud experience is bound to leave business value languishing on your (or someone else’s) datacenter floor.

Learn more about our portfolio of cloud experiences delivering simplicity, agility and control as-a-Service: Dell Technologies APEX.

[1] The Business Value of Dell Technologies APEX as-a-Service Solutions, Dell Technologies and IDC, August 2021

Cloud Management

Generative AI such as ChatGPT has of late captured the imagination of business leaders across industries. While enterprise IT orgs by and large are taking a measured approach, some early movers are showing impressive results.

CarMax’s IT team, for one, has been working with Microsoft and OpenAI to leverage GPT-3.x for business value even before ChatGPT became a household name.   

That is why the omnichannel used-car retailer earned a coveted spot on the 2023 CIO 100 Award list: for its early, innovative use of a nascent AI technology that led to a spike in page views as well as higher SEO ranking and placement that drove substantial business growth.

CarMax EVP and CITO Shamim Mohammad, the brains behind his company’s digital transformation and AI push, would not specify how much money CarMax has netted from its AI investments and Microsoft Azure OpenAI Service to date, but the increased customer traffic no doubt has had an impact on revenue, while the cost implications of leveraging AI have also contributed to the bottom line, he says. 

“We would have had to have hired tens or maybe hundreds of content writers and taken years to generate this content,” says Mohammad. “We were able to do this literally in a matter of hours.”

The combination of CarMax’s revolutionary digital business model applied to the used-car business with revolutionary AI tools available to all makes for powerful and profitable business outcomes. Despite the current overall economic slowdown, CarMax’s Q4 2022 revenues rose 48.8% to $7.7 billion compared Q4 2021, with revenues for fiscal 2022 increasing 68.3% to $31.9 billion overall.

First-mover AI benefits

CarMax’s IT leaders and IT staff were experimenting with OpenAI’s GPT-3.x natural language model on pilots before Microsoft’s well publicized $10 billion investment in the nonprofit at the outset of 2023.  

In this early use case, the CarMax team employed GPT 3.5’s enhanced “iteration on prompts” to feed scrubbed and formatted data for thousands of used cars into a DaVinci model. Following that, a small dataset was sent for editing and fine-tuning and the content was pumped into the DaVinci model for mass publishing and consumer consumption.

Because use of the DaVinci natural language model itself requires fewer data scientists , which are scarce and super expensive, CarMax was also able to realize IT cost benefits, in addition to content creation savings.  

“The model’s ability to learn with just a few examples of intended outputs, a process called few-shot learning, helps CarMax’s 60-plus product teams use the models without requiring additional teams of data scientists,” according to a CarMax representative.

Creating car research content using AI eases the car purchasing process for consumers and the content creation process for editors. But perhaps most important, it drives an order of magnitude more inventory, eyeballs, reviews, and sales for CarMax.com. This is due to CarMax’s use of the cloud-based OpenAI API natural language model, which enables the extraction of millions — not thousands — of keywords.

As a pioneer, CarMax is reaping the early benefits of what will likely be a major business driver across the globe, one analyst says.

“As the use of generative AI becomes more widespread, it is causing significant disruption in many industries and sectors,” says Ritu Jyoti, group vice president of AI and automation research at IDC. “CarMax was at the forefront of embracing generative AI responsibly in partnership with Microsoft and has been a successful industry disrupter that has transformed the process of buying a used car.”

Looking forward

This is just the beginning, says Mohammed. Although he would not specify how CarMax is currently using the enhanced GPT-4 models released in March 2023, he is moving full steam ahead streamlining content creation for car research pages and scaling its use of GPT to help make buying a used car “effortless,” he says, adding that CarMax programmers are working on new aspects of the customer experience and will use GPT to gain efficiencies within the company. 

“My team is using the latest version for some other use cases, but we haven’t gone public yet,” he says. “That’s the way my team works. They like to experiment and try new things in a controlled way.”

Mohammed started the cloud journey and digital transformation when he became CIO of CarMax in 2014. Everything CarMax does that is new is done on the cloud but the company still has a small data center that will eventually be phased out.

Customer security is critical for CarMax, Mohammad says. The company claims Microsoft Azure’s security, compliance, reliability, and other enterprise-grade capabilities are what enables the company to scale its use of AI to enable the extraction of keywords and “filter out any harmful content in the user reviews.”

As a Microsoft Azure shop, CarMax relies on Azure Data Lake, an essential component of the company’s AI output, the CIO notes. “Data is the core of everything we’re doing because it feeds our machine learning algorithm that feeds our AI capability,” he says.

In fact, the blueprint CarMax has created within Azure can also be used by other companies, according to CarMax representatives.

CarMax is continuing to experiment and innovate using Azure OpenAI and GPT but Mohammad insists he is putting in place strong governance to ensure that machine learning and automation is used by its programmers in a disciplined manner to fulfill the company’s business goals.

“It’s not the wild west,” he says. “We have a good sense of what are the guardrails and what are the ways we’re going to be leveraging AI. How we deploy and utilize AI needs to be very much consistent with who we are a company.”

Artificial Intelligence, CIO 100, Digital Transformation

Despite economic uncertainty, the 2023 State of the CIO survey from Foundry reports that the vast majority of CIOs (91%) expect to maintain or increase their tech budget this year. The technologies driving these investments include data analytics, AI, and other means to improve the customer experience, as enterprises seek to drive new revenue to modernize legacy environments. 

Security and risk management are also atop the list for most CIOs this year, having been cited as a top 5 tech investment by 40% of IT leaders surveyed in the report. 

Meanwhile, developers are skilling up in cloud, blockchain, and machine learning, which Stack Overflow CTO Jody Bailey says are three of most searched topics by developers getting up to speed on in-demand technology.

“Technical questions around blockchain have increased by over 80% every year since 2010, cloud questions by over 50%, and machine learning questions by nearly 50%,” Bailey says. “We’re seeing an upswing in questions about languages like Python and Java Script that fuel interactive tech, including machine learning, that thrive in cloud environments.”  

All these technologies have the potential to disrupt the business world, or are already doing so, as technology disruption is often the result of converging existing technologies rather than the introduction of something completely new, says Sanjay Macwan, CIO and CSO at Vonage, who sees several current technologies merging to create new gains.

“Convergence of rapidly advancing 5G wireless capabilities, cloud computing coupled with edge computing, and AI advances are ripe for disruptions across industries and use cases,” Macwan says.

Read on to see which technologies will shake up the status quo in the next year. 

AI to upend data privacy and security

The widespread use of AI is prompting the need for guidelines and protections around its use, especially in areas such as education where interest is high and young people are involved.

Stanford’s Artificial Intelligence Index reports the US is leading the world in AI investment: “In 2022, the $47.4 billion invested in the US was roughly 3.5 times the amount invested in the next highest country, China ($13.4 billion). As AI technologies have become increasingly ubiquitous, this education is being embraced at the K-12 level.”

“The explosive popularity and interest in artificial intelligence will continue into 2023,” says Tim Pritchett, engineer operations manager at Matrix Integration. “Issues of data privacy with minors and validity of information generated by AI are already moving into the foreground of the technology discussions around AI.”

Jeetu Patel, executive vice president and general manager for security and collaboration at Cisco Systems, cites another area of concern: AI will drive sophisticated new security threats this year.  

“AI will enable more advanced scams, including incidents of identity theft and convincing deep fakes,” he says. “Despite the tremendous positive impact AI can have, it’s more critical than ever that the industry ensures responsible and ethical use cases, guidelines are implemented, and, when appropriate, restrictions win out.”

And while AI will keep security pros on their toes, Vonage’s Macwan says the technology can, to a certain degree, be part of the solution.

“I’m excited to see significant adoption of AI-enabled automation across all enterprise workflows and processes,” Macwan says. “For example, ‘ask-IT’ and ‘ask-security’ chatbots that can answer and guide employees to fulfill many of their routine IT and security needs with ease and with accuracy.”  

Generative AI to unlock new value from data

AI advances, in particular around generative AI solutions such as ChatGPT, will also shake up how enterprises address a key strategic imperative: getting the most from their data.

John Goodson, CTO of CCC Intelligent Solutions, specifically sees promise in areas where deriving insights from large amounts of data previously required a lot of manual manipulation.  

“Underlying AI technologies such as ChatGPT and other generative AI tools, SageMaker, Azure AI, and others will be foundational in allowing innovators to quickly solve hard problems to disrupt vertical market processes,” Goodson says. “Most of these tools require little ramp-up time to get started with powerful impact. Where data is not structured or is more difficult to leverage, more sophisticated AI approaches will continue to dominate, causing disruption.”

Rahul Subramaniam, CEO at CloudFix, expects entire new product categories to emerge from large language models built by the likes of OpenAI, Google, and AWS — something that may help enterprises unlock hidden value in the vast troves of unstructured data in their stacks.

“Businesses have been looking to unleash insights from all their data,” Subramaniam says. “The challenge is the ability to assimilate this vast amount of data and summarize that knowledge into something actionable or useful. Until recently, this was nearly impossible. Large language models have made solving this much more feasible today.”

Chatbots to finally prove their CX/EX power

Chatbots are frequently heralded as an efficient way to handle internal requests and assist external customers, but they have yet to live up to the promise for many customers. Evan Huston, chief digital officer at Saatva, says this year should bring much-needed improvements in this area. 

“AI chatbots have turned a corner and will disrupt the market,” Huston says. “Chat is an early solution for AI language models, but we will see it expand more broadly to content and marketing applications. SEO today is still largely based on human keyword analysis aided by intelligence tools, then human-drafted content targeting those keywords. AI will advance enough to automate this process. By the end of 2023, new AI-language model applications will emerge beyond chat, changing our approach to online content.”

CloudFix’s Subramaniam also sees a turning point for this area, and again, points to large language models driving the improvements across various types of data businesses collect.  

“Up until now, products limited themselves to domain-specific knowledge and languages, and answering questions meant building specific dashboards for specific users and queries,” Subramaniam says. “I foresee chatbots using these new models to answer questions that require data from finance systems, CRMs, support platforms, and a variety of other internal solutions, negating the need for hand-built semantic models or needing to explicitly state where the data should be fetched from or how it should be joined with other data — delivering answers more efficiently to both customers and employees.”

Blockchain to build up business use cases

Blockchain financial products are another area that could be disruptive in the near future, says Evgeny Fil, CTO at EOS Data Analytics.

“There are many challenges in the traditional finance system that make it clunky for end users,” Fil says. “Things like centralization, with a single point of failure, lengthy know-your-customer and anti-money laundering procedures, high fees, and friction are big defects of the legacy financial system. Blockchain technology can allow for decentralized financial services — like liquidity providing — with all KYC/AML done almost instantly on blockchain and with lower fees.”

And, according to the State of the CIO survey, IT leaders expect the market to remain tight for blockchain expertise, as with other highly in-demand technologies, such as cybersecurity and data science and analytics.                                           

“The global blockchain in telecom market will reach $16.48 billion by 2030, growing by 62.8% annually over 2020-2030,” according to a report from Pragma Market Research. “The market is driven by rising security concerns, high demand for fraud management, 5G implementation, and the increasing number of blockchain consortia.”

Digital tech to drive healthcare transformation

As a lasting result of the COVID pandemic, healthcare technology is ripe for disruption, says 1Path Chief Customer Officer Luca Jaboellis, especially in remote or otherwise underserved areas. The digital transformation of health services is creating opportunities for better, faster, and more personalized care.

“Telemedicine and remote healthcare services have led to a revolution in the way patients are accessing healthcare,” Jaboellis says. “With the use of teleconferencing and remote monitoring, doctors and clinics can provide timely and efficient care. Hospitals are becoming increasingly dependent on emerging technologies, too. From electronic medical records systems to handheld tablets for every staff member, the key is to stay ahead of the curve and be a leader in this new era.”

According to the World Economic Forum, the pandemic caused investments in the healthcare industry to nearly double to $57 billion in 2021, led by telehealth and mental health. “Tech companies are increasingly focusing on healthcare, while digital health startups are also growing rapidly,” the agency reports. “There is also growing attention being paid to data — better aggregation and analysis is enabling more informed insights and potentially also prediction and disease modelling. Meanwhile, AI is being used to support areas including diagnosis, clinical decisions, monitoring and treatment, and workflow. AI-assisted medical imaging is already in use, and many drug companies are exploring AI-assisted drug development.”

Sustainable tech to become an enterprise priority

Sustainability is top of mind for IT leaders, as well as their colleagues and customers in 2023. It’s an area where leading organizations are innovating new ways to do well by doing good. “Investments in sustainable technology also have the potential to create greater operational resiliency and financial performance, while providing new avenues for growth,” according to a Gartner report on strategic technology trends for 2023. 

“The biggest disruptor in industry this year probably isn’t technology at all,” says Peter Zornio, CTO at Emerson. “Many of our customers are finding the business case for sustainability is critical to having an actionable path, similar to their experience with digital transformation a few years ago. At the intersection of the ways things have always been done to the tech-powered vision of tomorrow, this new architecture will create boundless automation that democratizes data so companies can optimize their business and sustainability performance.”

Keith Fritz, director of solutions architecture at QuesTek, specifically sees improvements in storing renewable energy as a potential disruptor in the making for this year.

“There are a number of players on the verge of disruptive battery technology,” Fritz says. “It’s not quite here yet, but 2023 could be the year we see a tremendous leap forward in battery size and capacity that could have implications for all sorts of industries.”

IoT to mature and converge

The past few years have brought a surge of IoT applications, says Preethi Janardhanan, lead product manager at Rapid Finance. And IoT is an area that’s making gains as it matures and converges with other technologies.   

“We are seeing the influence of IoT across industries,” Janardhanan says. “Retailers are increasingly using IoT to streamline the shopping experience and make it more efficient and automated. IoT enables supply chain managers to get a good end-to-end picture of the process and timelines. And as security and fraud prevention become more and more critical, IoT devices allow banks and fintechs to identify the customer with more accuracy and confidence.”

The current economic slowdown caused research firm IoT Analytics to reduce its projections for growth in the market by 5%, yet still estimate enterprise spending will grow by 19% in 2023. The firm also noted IoT projects tend to be resilient amid tech layoffs: “Many IoT projects could get a boost by the influx of highly skilled software engineers that are victims of startup and tech layoffs. The long-term growth potential of the IoT enterprise market is resilient and expected to reach $484 billion in 2027.”

Artificial Intelligence, Cloud Computing, Digital Transformation, Emerging Technology, Healthcare Industry, Internet of Things, IT Strategy, Manufacturing Industry, Video, Virtual Reality

Technology innovation is happening at breakneck speed, creating new opportunities and threats for companies of all sizes and industries. At the same time, ever-evolving macroeconomic conditions are pressuring leaders to drive business outcomes against tighter margins.

While today’s business climate certainly feels like a test for the survival of the fittest, your goal should not be to just survive, but rather to thrive. In this new reality where a bank can go under in two weeks, and new innovations are fundamentally changing our ways of life (e.g., ChatGPT) the speed with which businesses are able to respond to changing market dynamics and customer needs is critical.

In a world where companies are defined by the digital services they can deliver, software agility IS business agility, and in turn results in better business outcomes.

Software agility translates to teams being able to quickly build and deploy applications in order to address changing customer needs, create new revenue streams, and scale to meet demand. Software agility also means that if the organization would like to leverage a new technology to innovate and remain competitive, teams can easily deliver an app that does just that.

However, as organizations rush to adopt cloud computing, Kubernetes, and open source software, they are faced with a sprawling landscape of tools and services that can be overwhelming and costly. And while it’s inspiring to behold the innovation happening around us – or as Stephen O’Grady from RedMonk called it “an embarrassment of riches” – developers can find themselves suffering from “analysis paralysis” and even worse, having to stitch their favorite tools and services together, taking time away from writing code and delivering those applications that run the business and delight the end users.  

Instead of tools serving to enhance productivity, today’s developers are caught in a tangled web of tools and services just to support their day-to-day. Additionally, this has added to the complexity of managing apps and infrastructure in a multi-cloud environment, where teams have to control costs, ensure performance, and manage consistent security policies across these diverse and distributed environments. Businesses with a multi-cloud environment also face a growing number of IT silos that can lead to inefficiencies and increased risk. And, as is increasingly common in today’s tightening labor market, a lack of skilled professionals adds yet another layer of difficulty. The complexity of today’s digital systems has multiple points of friction that need to be addressed if we are to achieve true business agility.

Organizations need a new approach – establish a common platform supported by a platform engineering function to unify application delivery and management across different apps and clouds. This will help in optimizing application development and operations, and strengthening security and compliance. What we are finding is, for developers to be successful and productive, they need: 1. A common data platform, 2. A seamless, self-service experience with minimal hand-offs and separation of concerns 3. Strong knowledge of open source technologies.

With our comprehensive Tanzu and Aria platforms, VMware has become a trusted partner to help organizations become more agile and responsive in software development. Delivering accessible, developer-friendly experiences and IT operational management is core to our DNA. With the depth and breadth of our technologies, alongside the consulting expertise of Tanzu Labs, we help organizations transform their methodologies and practices as well. We deliver near real-time insights across the application lifecycle with simplified, streamlined, and powerful solutions for developers, platform engineering and cloud operations teams to seamlessly provision, monitor, secure, and optimize apps across multiple clouds and their entire app portfolio.

We help customers across nearly every industry – from retail and healthcare to financial services and the public sector – build a culture that empowers developer productivity to enable the delivery of better, more secure software so they can meet changing market dynamics and customer expectations.

When there’s a market condition, how it impacts your business – whether positively or negatively – depends on how fast you can change, move, and adapt. At a time when organizations are pressured to perform and achieve business outcomes more efficiently than ever, now is the time to accelerate app delivery and digital transformation efforts. The best defense is an optimized and more productive offense. Change is inevitable, as we’ve learned in the last few years. So now and in the months and years ahead, it’s imperative for organizations to continue on their journeys to be future-ready for the next disruption.

To learn more, visit us here.

Software Development

More countries are adopting laws designed to protect the privacy of citizens and local entities by defining how data can be securely collected, stored, and used. Many organisations are re-evaluating how to comply with the changing geo-political landscape and privacy/security regulations, which requires defining some relevant concepts:

Digital sovereignty – the ability to have full control over your own digital destiny – the data, hardware, and software that you rely on and create1…in other words individuals owning their own data and controlling it’s use.

Data residency – the physical and geographic location where data and meta-data is stored and processed.

Data sovereignty – data is subject to the privacy laws and governance structures within the nation or jurisdiction where data is collected, stored, processed, and used.

Jurisdiction – a legal authority over data centers and clouds aligned to national standards and supported by national government.

Data sovereignty laws are designed to protect the personal data of citizens or residents by controlling who can potentially have access. This keeps any sensitive data out of the hands of other countries and jurisdictions.

For example, the New York Times reports an executive order is in progress that is meant to prevent countries like China from gaining access to US data. Two other countries require that data on their citizens remain only within national borders.

To ensure data sovereignty, rules may require that all related data, such as metadata, also resides locally. But location of data alone isn’t enough to ensure that data is only subject to the local legal jurisdiction. Enterprises especially operating outside of the US in EU and other regions, are extremely concerned about the authority of the US Cloud Act. The 2018 US Cloyd Act allows US federal law enforcement to compel US-based technology companies to provide requested data stored on company servers, regardless of whether the data is stored in the US or on foreign soil.

That means complying with data sovereignty laws while using a US-based public cloud provider for sensitive data might not be possible or suitable to comply with local jurisdictional requirements. The Centre for European Policy Studies (CEPS) estimated that 92% of the Western world’s data is currently stored in the US and over 100 countries now have data sovereignty laws.

The European Union’s General Data Protection Regulation (GDPR) has inspired similar regulations in other jurisdictions. GDPR requires all businesses who operate in or have customers in the EU to change how they collect, handle, and store personal data.

With the ever-changing landscape of data protection laws, the increased risk of data breaches and evolving attack vectors there is growing concern about sensitive national, corporate, and personal data being subject to the control of foreign authorities and companies.

Organisations that run afoul of these laws risk fines or lawsuits. As of May 2022, over 900 fines have been issued for GDPR violations, the largest of which topped $877m (€746m).  The penalty for noncompliance can be steep, with fines of up to €20m (or 4% of worldwide turnover from the prior financial year).

Alongside protecting the way in which personal data is secured and used, many data sovereignty laws also restrict where data can go. For example, lawmakers in India are debating what types of citizen data are allowed to leave the country’s borders. This has caused issues for some multi-national companies who are unable to transmit data outside of a local jurisdictions. It can also impact international trade if data-sharing treaties between countries aren’t negotiated.

The effort to protect data as a new strategic asset is creating a clear need for sovereign clouds to secure and use data sensibly.

Customers want all the benefits of cloud but also need to meet the rapidly growing and changing data privacy laws while organisations need to protect data in the cloud against evolving cyberattacks.

As these laws impact business operations, organisations are seeking better ways to comply with data sovereignty laws and mitigate compliance risks. They need a way to store and process data locally and securely using a platform that is free from outside interference.

As a result of all this, the need for carefully architected sovereign clouds has gone mainstream and VMware is powerfully positioned to expand its multi-cloud strategy with VMware Sovereign Cloud.

The benefits of VMware Sovereign Cloud

A common benefit of sovereign clouds for cloud providers and customers is compliance. Cloud providers can obtain compliance with local regulations and their appropriate jurisdiction through the construction of sovereign clouds. Customers gain the assurance their privacy is maintained, and their data is stored, secured, and protected in their specific jurisdiction, by a partner with oversight and expertise in local laws and regulations.

Sovereign cloud providers can also accelerate local business growth by securely expanding into government data and developing a national capability for digital infrastructure and resilience. As the data economy becomes a vital national interest, sovereign states need a digital capability that prevents them from becoming dependent on foreign powers and operators for processing their own data.

VMware Sovereign Cloud providers can help customers fully unlock the true value of protecting their national, corporate, and personal data by ensuring:

ALL data (customer data and meta data) remains on sovereign soil

Compliance with established and constantly changing privacy laws

Autonomy with digital suppliers to guarantee continuity of digital services

All customer information is being managed appropriately with prevention from foreign access

VMware Sovereign Cloud providers offer a cloud service that is designed specifically to meet data sovereignty requirements. It provides flexibility and scale for data storage and processing while complying with residency and sovereignty requirements.

Find out more with the Sovereign Cloud Solution Brief or locate a VMware Sovereign Cloud provider today.

Cloud Management, Cloud Security, Data Management, Data Privacy, VMware

Gartner projects that spending on information security and risk management products and services will  grow 11.3% to reach more than $188.3 billion this year. But despite those expenditures, there have already been at least 13 major data breaches, including at Apple, Meta and Twitter.

To better focus security spend, some chief information security officers (CISOs) are shifting their risk assessments from IT systems to the data, applications, and processes that keep the business going.

“If you look at security from a purely technical perspective, it’s easy to get lost in, `I need to have this shiny object because everyone else has it,’” says David Christensen, VP and CISO at benefits administration software provider PlanSource. “The reality is often the most popular or well-known new security solution can waste money and slow the business, especially if it doesn’t align with business goals. And even if it helps secure one part of the business, it may not be the part of the business or business process that creates the most risk or is most important.”

Don Pecha, CISO at managed services provider FNTS, agrees, adding: “Each business unit of the company might have unique considerations, and unique compliance, regulatory, or privacy applications, and each business may have unique risks for the board or C-suite to consider.”

Frank Kim, CISO-in-residence at venture capital firm YL Ventures, and fellow at the SANS Institute, cites the case of one CISO who was fired after suggesting costly endpoint detection, and response and incident response programs considered not stage appropriate for such a startup. “Their focus was on survival and revenue growth,” Kim says. “He didn’t realize his job was not just to suggest a bunch of new security capabilities, but business enablement.

A new definition of value

Aligning security with the business goes beyond traditional methods of justifying security spend, such as warning of consequences from hacks or trying to prove ROI. For internal enterprise security teams, Kim says to accept that security is a cost center and demonstrate how the CISO manages total cost of ownership over time. This might include updating CFOs and CEOs on specific cost reduction, such as reducing spend with a security vendor, finding a less expensive product to fill a security need, or improving internal metrics such as the average cost to mitigate a vulnerability, adds Tyson Kopczynski,SVP and CISO at financial services provider Oportun.

Christensen further suggests explaining how security can cut costs or increase productivity. For example, he says, web application firewalls don’t only protect applications but cut networking costs by reducing spurious and malicious traffic. Also, adopting zero-trust architecture and secure access service edge technologies can help boost productivity by freeing users from manually deploying virtual private networks to access resources or interrupt meetings when their VPN fails.  

Kopczynski adds that CISOs can uncover such improvements with questions such as whether their organization is using all the functions in a security tool, if those features overlap with other tools, and whether the organization is paying too much for licenses or for too many licenses. Ways to maximize value include considering tools that perform multiple security functions, or running penetration tests, attack simulations, or offensive security campaigns that prove a tool can repel high impact attacks, he says. For example, he uses the Titaniam encryption engine to support several data protection use cases, as well as security tools provided by cloud providers such as Amazon and Microsoft. “We also look at generic cloud security solutions that provide multiple sets of protections, versus addressing one particular use case,” he says.

At global marketing agency and consulting firm The Channel Company, security considerations are deeply embedded in business strategy and budgeting, says CIO Rik Wright. This ranges from the need to meet the European Union’s GDPR to complying with security requirements from customers.

Averting threats is also part of the security value equation at the firm, which uses managed services provider GreenPages both for infrastructure and to help meet its security needs. Wright says he’s seen some companies spend potentially business threatening amounts up to $20 million after a ransomware attack, so preventing such losses, he says, represents very real value.

Understanding business needs

Aligning security spend with business needs starts with understanding what is most important to business managers.

Kim recommends using a “risk = impact x likelihood” formula, and understanding on a scale of 1 to 10 what your most important processes and assets are. “Your financial data might be a 10 but your HR data might be a seven as it’s not a business differentiator,” he says. “Just using a simple scoring rubric to your risk calculation helps to bubble up what the priorities are.”

Besides business, Christensen says CISOs must also consult IT to understand the administrative burden a new security technology might impose, and all the areas in which a security tool could be used to maximize its value. He uses the Secure Web Gateway from dope.security to not only control access, but to understand what information and Web sites users are accessing, and the potential risks they expose the business to.

Industry standard frameworks can also provide a common language and structure for risk assessment, like the NIST (National Institute of Standards and Technology) cybersecurity framework. “It’s simple enough that it’s not necessary to be a security practitioner to understand it, but it models your maturity and helps to relate that to business stakeholders,” says Christensen, adding it’s also based on industry standards rather than the CISO’s opinions, and is continually updated to reflect new risks.

Different security frameworks are best for different industries, says Pecha. “If I’m in government, I’m going to align with NIST,” he says. “If you’re a global business, use the ISO/IEC 27000 family of standards. It’s not necessary to be certified, but be compliant and understand what the controls are in order to understand your partner’s security needs as well as your own.

Scott Reynolds, senior security and network engineering manager for manufacturer Johns Manville, uses the ISA/IEC 62443 standard to create a common understanding between business managers, security experts and suppliers about common terms such as the “zones” of assets that share common security needs. “This process also shows we agree on the same level of risk for the entire zone, and not just each asset in the zone,” he says. “The weakest link in the zone will impact all the assets within it.”

Over at media creation and editing technology provider Avid Technology, Dmitriy Sokolovskiy, its CISO and CSO, uses NIST’s Cybersecurity Framework to measure the maturity of his security processes, and the Center for Internet Security’s top security controls for specific tactical guidance, which, he says, highlight, low-hanging fruit that businesses can easily address in their infrastructure.

Applying caution with benchmarks

Several CISOs were skeptical about using benchmarks to compare their security spend with others. That’s because, they say, companies may define security spend differently or have different needs. They also say benchmarks often don’t describe how and why organizations allocate their security budgets. As a result, they use benchmarks as a rough guide to budgeting, relying primarily on their own risk assessments.

But Kim warns CISOs against refusing C-level requests for benchmarking. “It’s not unreasonable to ask for a benchmark,” he says. “A chief financial officer couldn’t say, ‘We can’t compare our earnings-per-share with others in the industry.’” Provide benchmarks, he says, but as one part of a wider explanation of how your security spend compares with others, the challenges the organization faces, and how you’re reducing the total cost of ownership of security over time.

CISOs should describe current threats and attacks,” says Pecha, and supply alternatives to remediate them. It’s then up to the board and the C-suite to decide what’s acceptable and what needs to be done to manage the overall risk to the business, he says, because only they have the clout to drive change.

Insisting a business executive formally accept a business risk, even in writing, often convinces them to agree instead to the proposed security spend. When Sokolovskiy has insisted such signoff, “Without fail, so far the business unit was actually driven to lower the risk themselves because they own it,” he says.

A business-focused approach can also spur efforts by security and business teams to identify opportunities to increase efficiency and save money, says Christensen, such as by eliminating redundant systems and processes. “With business alignment, you have no choice but to find unique and innovative ways to solve problems that are generated by how the business operates,” he says.

Application Management, Budgeting, CIO, CSO and CISO, Data and Information Security, IT Leadership, Security

When I graduated from college, I worked as an assembler language programmer for Sears. At that time, Sears was the world’s largest retailer and it was just beginning to use the new System 360 from IBM. IT was looked upon as a group of techies that performed some unexplainable job that was supposed to revolutionize the business. Beyond that, the senior executives across the business knew little of us nor did they want to know.

Ever since then, IT has been accused of being too technology-oriented. But much has changed. We have seen more CIOs being recruited from outside of IT to inject business knowledge into IT, and many IT leaders themselves have pursued MBAs for the same reason. Despite this, many non-IT executives still don’t understand how to work effectively with IT, nor do they believe doing so is part of their job. It is up to CIOs to change this narrative so that companies can maximize the value of IT.

To do my part in helping convince business leaders they must play a role in IT, I stepped directly into the business executive pipeline, volunteering to guest lecture in the MBA program at a local large university. The title of my presentation has been “Digital Transformation Strategy,” subtitled “How to effectively exploit the IT resource to gain sustained competitive advantage.”

When I present to future MBAs, I focus on four central issues that business executives most often get wrong about IT.

Where IT should report

The initial point of discussing organizational structure is to educate those most likely to be aspiring for corner offices that the CIO needs to report to the CEO or COO. To often CEOs have positioned IT to report to some other executive, oftentimes the CFO, and according to CIO.com’s State of the CIO survey, 18% still do. This decision is often made because IT is viewed as a cost center. Putting IT under the CFO, the company will likely have financially sound systems but perhaps not the ones the company strategically needs.

When the CEO doesn’t think IT is important enough to get top-level attention, that message filters down to the rest of the corporation. IT is not viewed to be as important as Sales, Finance, Manufacturing, Operations, or Marketing — dangerous in a highly competitive environment where efficient or innovative systems can spell the difference between the corporation’s success or failure.

Who should determine the IT agenda

All of senior management must be involved in achieving consensus on the IT agenda, not just the CIO. This can be achieved only by establishing a committee of all CEO direct reports whose job it is to achieve consensus on the annual IT agenda.

It’s a fool’s errand to think the CIO is smart enough to understand the needs of each department in a modern, complex corporation and be able to determine the overall priorities. This must be in the job description of every executive who reports to the CEO. Without this committee, there is a danger that the IT agenda will not be aligned to the corporate objectives.

What IT’s role is in corporate strategic planning

Next, the company’s top executives must ensure that the CIO participates in the corporate strategic planning process. In this role, the CIO brings to the table any emerging technologies that could be adopted and what their impact could be on the corporation — especially with respect to the competitive environment the company faces.

This is vital input to the planning process that could ultimately affect the entire corporation and must be incorporated from the start.

What role the business plays in systems development

Systems development is another important area executives need to understand. The systems IT develops will not be used by IT; rather, they will become integral to the requesting department. It is important, therefore, that management understand the processes involved in proposing the system, estimating the cost, determining the ROI, producing the deliverables, changing the specifications and time frames, and measuring the system effectiveness. After all, the completed system may impact sales projections, departmental costs, and individual incentives, to name a few.

Management must also assure that the people in the user organization are given the time and recognition to do the work required to develop the precise specifications of the system. Without this understanding, tomorrow’s MBAs will fail to maximize the true value of IT.

Additional notes for future business leaders

There are several other areas that the corporation’s executives need to be aware of to effectively understand the IT organization:

They should be aware that IT staff need to continually attend industry events and take training courses to stay abreast of new developments.They should realize that a dual career path in IT that rewards technical expertise and not just the management of people is a requirement for success of IT as an organization.They must support the idea that you never buy your last computer and that we must continually stay up-to-date with new hardware and software trends in the industry.They must also be willing to participate in business continuity planning to be ready if any major outage is experienced.

One final thing. I would like to see companies participate in post-implementation studies to determine whether the new system achieved its objectives and ROI and what could be done to do a better job in the future. This would require time on both IT and the end-user departments but it would go a long way to improving results.

These are the topics discussed with the MBA students to help them understand their role in IT when they achieve C-level status in the corporation. I would strongly recommend that current CIO’s and their senior staff develop plans to present these ideas to their peers. My book The 9 1/2 Secrets of a Great IT Organization has the subtitle “Don’t Do IT Yourself.” This collaborative process across the business-IT divide, if successful, will go a long way to maximizing the potential of information technology for the good of the corporation overall.

Business IT Alignment, IT Leadership

IT is no longer perceived as a cost factor or a pure support function at many organizations, according to management consultancy 4C Group’s Markus Matschi. And the digitization push during the pandemic accelerated this. But despite such advances, the question of the value contribution of IT isn’t always clearly answered. “Due to the increasing relevance and added value of IT in companies, it’s essential for CIOs to not think in terms of costs, but value contributions,” says Matschi.

In a joint study with Markus Westner and Tobias Held from the department of computer science and mathematics at the University of Regensburg, the 4C experts examined the topic by focusing on how the IT value proposition is measured, made visible, and communicated. From many discussions with CIOs and current data, they developed a process model for practice.

“To develop a practical approach, it was important for us to understand the current challenges of the CIOs together with scientific findings and then integrate them,” says Martin Stephany, another consultant at 4C. 

Although the discussion has been ongoing for a long time both in science and practice, there’s often disagreement on the basics. “It starts with the fact IT value contribution is defined in various ways and there’s no uniform understanding or definition of it in companies,” adds Westner.

Because the contribution to value and innovation is often unclear, employees from business-related departments perceive IT as a black box and can’t always judge what it does and what added value it entails. This is also why some companies appoint a CDO to close the gap of value contribution between business and IT.

IT must be able to show the departments and the management team their possibilities and the added value, says Heiko Weigelt, CIO of Funke Media Group. But because it’s determined by the respective stakeholders and not by IT itself, transparency and understanding are necessary in both directions.

A challenge for determining the value contribution is the selection of suitable key figures. According to the study, IT departments today primarily use technical and IT-related metrics. That is legitimate, but in this way, there’s no direct connection to the business.

Plus, there’s often a lack of affinity for meaningful KPIs, both in IT and in the specialist departments, says Jürgen Stoffel, CIO at global reinsurer Hannover Re. Therefore, in practice, only a few metrics suitable for both sides would be found, and the result is the IT value proposition is often unseen.

“A consistent portfolio of metrics coordinated with the business would be helpful,” says Thomas Kleine, CIO of Pfizer Germany, and Held from the University of Regensburg adds: “Companies have to get away from purely technical key figures and develop both quantitative and qualitative metrics with a business connection.”

In order to make progress along this path, the consultants developed a process model with several development and evaluation phases, using current scientific findings and speaking to CIOs. They also tested the concept in a German mechanical engineering company. This resulted in a process model consisting of six steps, with which the IT value proposition can be measured and communicated.

1. Analysis of business goals and business environment

The consultants raised concerns that many CIOs start with their own metrics without knowing what’s vital to the business. IT managers should first look at the business goals and the business environment since without knowing goals and market trends, it’s difficult to link added value with IT.

2. Analysis of stakeholders

The next step is thorough analysis of stakeholders with continuous and organized management since it’s key for CIOs to identify and prioritize key stakeholders. Then they should talk to them individually and find out what their goals are and where IT can help. “CIOs should act as stakeholders’ partners in these discussions,” says Stephany, adding that the core question must be: “How can IT create added value so we can become better together?”

3. Modeling the business capabilities

In order to create a common basis for discussion, more transparency is needed at the interface between business and IT, the study authors explain. Business capabilities structured in a business capability map (BCM) can serve as a starting point. It all revolves around what the company is doing today and where does its future potential lie. “The BCM can be the central tool for discussions with stakeholders,” explains Matschi. In this way, companies could find out for themselves which business capabilities are differentiating and how IT can support them.

4. Model the business-IT relationships

Based on the BCM, dependencies and relationships between business and IT can be made visible. CIOs can demonstrate how and where their IT provides concrete support today and in the future. This serves as a starting point for measuring IT value proposition. In this way, maximum transparency is achieved and, according to the authors, the IT black box is solved.

Christian Büchner, CIO of SachsenEnergie, has already gained BCM experience: “At SachsenEnergie, we work with a BCM that’s arranged according to business-related departments and all of our more than 600 applications, or IT capabilities, are assigned to these business capabilities,” he says. 

Christian Graf, CIO at toy manufacturer Schüco, is taking a similar approach. The points of contact with IT are mapped and managed along the digital customer journey.

5. Measure the value proposition

“We’ve learned in our discussions and from scientific findings that there is no general, standardized measurement with definitive key figures,” says Matschi. “Each measurement is individual and dependent on the stakeholder and the business case under consideration.”

Against this background, the consultants developed a 3×3 matrix structured according to IT- and business-oriented key figures. Both quantitative and qualitative measurement approaches are presented in order to measure the value contribution individually for a stakeholder or a business scenario. Depending on the focus of the activity (operation, projects, innovation) and business architecture (IT capabilities, business capabilities, business goals), different types of added value can be derived, behind which there are certain metrics.

Discussions with the CIOs made it clear where the hurdles lie in the measurement. It’s particularly difficult to measure the IT value added, for example, in day-to-day operations, especially in network or workplace ​​commodity IT services, says Holger Blumberg, CIO at mechanical engineering company Krones.

6. Planning the communication

Once the value contribution is identified in its respective forms, the next step is well-planned communication. CIOs should consider what information they want to provide to whom. From 4C’s point of view, the form of presentation is also decisive for success, which must look different for qualitative metrics than for quantitative ones.

In order to get more added-value visibility, and find out where IT can provide even better support, CIOs go different ways. Kleine from Pfizer Germany, for example, introduced IT ambassadors in the departments that support communication. Büchner, CIO of SachsenEnergie, relies on the additional role of “demand managers,” or IT employees with business skills who act as an interface between IT and business, and take care of the communication with the department.

The sum of its parts

Discussions with CIOs have shown that the process model can be used in practice. Krones CIO Blumberg, who helped develop the model with his team as a practical partner, reports on successful piloting and success in cooperation with stakeholders. In addition, the survey revealed other useful results that could help make the IT value contribution more tangible. Matschi and Held add there’s no single value behind it, but a conglomerate of metrics. These can be of a qualitative or quantitative nature that ultimately show how satisfied stakeholders in the departments are with IT. It’s important to connect facts with perceptions, and that metrics are measured in dimensions that are relevant for respective stakeholders. The bottom line is it’s about shared success across departmental boundaries. Both IT and business departments should be able to see how IT affects business performance, so neither can create value on their own. In the end, it’s the combination of IT and organizational skills that counts.

(This post is based on an article from our sister publication CIO Germany.)

Business IT Alignment, CIO, IT Leadership