Alain Sanchez, CISO and Senior Evangelist, Fortinet Europe, Middle East and Africa (EMEA), discusses the changing role of the CIO in the Middle East and Africa (MEA), Digital Transformation initiatives and why ideal CIOs are leaders as much as technologists.
CIOs have been under exceptional pressure in 2020 due to the combined effects of on-going Digital Transformations and massive changes in the business processes and traffic flows resulting from an impressive number of employees working from home. They had to do a lot more with, at best, flat resources and budgets. Those of them that had never tested their contingency plans found themselves somewhere between firemen and emergency strategists. As a result, they realised that they had to empower more people from their teams to deal with the day-to-day running of the information system so that they themselves could focus more on the strategic aspects of the roles such as technology innovation monitoring. As many of them did not have this shift planned, they just could not spare enough time to look outside the box.
That as it maybe, CIOs have to adopt a return on investment (ROI) attitude in order to prove more than ever the immediate business benefits of any investment. We saw a tremendous interest from executives for our methodology return on investment on security (ROSI) and many of them have extended the approach to networking investments, another proof point of the merger of security and networking that Fortinet calls security-driven networking. The office of the CISO of Fortinet also has the mandate to help CIOs acquire this financial culture that enable them to fight with the right weapons when it comes to ask for more budget and resources.
Even though Digital Transformation and technological innovation are priority for many organisations in MEA CIOs are not spending a lot of time on this because they have had to deal with a huge number of emergencies, fixing access issues, insuring Business Continuity no matter what, in a context where recruitment processes where slowed down if not completely stopped. Those who could actually think out of the box found in new offerings such as SASE and secured SD-WAN, innovative ways to rationalise their infrastructure and align their management platforms with the company operational priorities. Remember, whatdoes not exhaust you makes your stronger, could be a good way of depicting these innovative CIOs that could spare some time exploring new avenues.
Even in this era of accelerated Digital Transformation initiatives by some enterprises, CIOs and IT teams still face challenges as they develop their own Digital Transformation strategies. The main pitfall seems to be to start from the tools and finish with the users. This result in resistances that are later very difficult to overcome. On the contrary as internal and external users are involved from the design to the testing and then to the deployment, they become informed advocates of the innovation which significantly accelerates the adoption scheme. Ignoring security in the first phases of design is probably one of the most lethal mistake that a CIO can make. This was already true previously, but has become paramount since the confinement.
The ideal CIO is a leader as much as a technologist, so the first thing to prioritise is people. The second is a permanent eye on the company strategic agenda, any IT evolution must be directly linked to one of the business KPIs of the company. This last challenge being a genuine career opportunity for CIOs as they realise that seeing the network is seeing the business. Visibility is not a bit and bytes thing anymore, but a necessary condition to execute and document the success of the company strategy.
Given the rapid pace of change in the IT and technology sector, it’s critical that CIOs know that what serves identified business objectives gets immediate C-level and stakeholders attention. Also what mitigates the risk of disruption, cyberattacks or business discontinuity becomes high priority. This requires a new level of relationship between the CIO and the other members of the board. In fact, by being able to translate various options of development into risk scenarios, the CIO role changes radically. Formerly an execution mechanism, the CIO becomes a genuine enabler of innovation.
Today, the rise of Artificial Intelligence and particularly Machine Learning has solved the paradox between efficiency and risk. But this is only true when adopting a holistic vision of cybersecurity. This year will enter in the IT history books as the year when the concept of best-of-breed ended. The idea that you could shop for point solutions and leave the integration for later is over because no CIO has the time, resources, nor the willingness to enter the integration nightmare anymore.
With CIOs expanding management and revenue-generation responsibilities and cementing their roles as business leaders, it is crucial that they also pay attention to empowerment, training and earn trust. If the pandemic has had one effect on organisations it is to flatten them. Fast decision, taken by knowledgeable people as close as possible to the Edges of the company where customers’ requirements emerge are the building blocks of the next generation of CIO organisations.