Call 0330 332 6217

What keeps a CIO awake at Night?

Posted by bugfinders on Friday 21 October 2016

The role of a CIO has changed dramatically since its  manifestation nearly a decade ago. The role of a CIO was typically carried out by an IT head, however, now the role has evolved to the next generation involving many other responsibilities and is now being carried out by heads technical of procurement all the way through to heads of security.

Barbara Gomolski, research Vice President of Gartner recently stated, "Probably less than 20% of the CIOs who I work with have multiple roles and multiple titles, but if you think back only a couple of years, the role title was under 5% of top tier IT titles, so CIO’s are a growing trend."

CIO’s worlds are becoming an integral and ever evolving part of internal and external corporation data strategy across organisations effecting most of its employees and customers. Here, we have considered a few of the trepidations that we believe are keeping CIO’s awake at night and what they could do in these cases, in order to get a better night’s sleep…


Attacks on mobile platforms and other non-traditional payment systems are becoming a more common occurrence within enterprise organisations. Smartphones continue to become the preferred source of authentication for many financial transactions and malware authors have now increased their efforts to steal funds from consumers' Apple Pay, Google Wallet and other mobile payment systems.

When attackers have learned to infiltrate consumer’s mobile wallet they can potentially tap into your corporate networks for those Smartphone owner’s work; emails, contacts, authentication measures and apps that access the corporate network from the phone can become a phenomenal source of intellectual property. Internal information and other confidential business materials could become easily obtainable.  It is vital to test your website and payment gateways to ensure you are minimising the risk of an attack to the corporate network.

Digital skills shortage

As most medium and large organisations move towards hybrid operating models, the digital skills set required by the internal IT team has not kept pace with the external, rapid digital growth that their customers require and expect. Inside many large FT100 companies, the speed of the internal IT and the IT Team has not kept pace with the speed of the outside technological landscape.

Marc Snyder, Managing Director of KPMG’s CIO advisory practice mentions, “In the past, if you looked at a CIO’s background and experience, it was 80 percent technology and perhaps 20 percent business. Now it is increasingly reversed — because the CIO needs to know where the business opportunities are, and how technology can play its role, and to communicate these effectively with the board, executive management and leadership. It also means knowing the risks and potential exposures to the business.”

The bottom line is that existing CIO’s are having to change and upskill on the job to meet the ever expanding needs of the business and the ever evolving technological landscape. In many instances CIO’s are having to outsource and use alternative IT and professional service mechanisms to get where they need to be from a data and compliance perspective.

Shadow IT

On the one hand, CIOs can turn a blind eye to the growing problem of shadow IT and continue to provision cloud services as they have been, which, it seems clear enough, is not meeting the needs of end users.

Alternatively, CIOs and other enterprise captains of industry could rethink how their organisations approach IT on a fundamental level and consider setting up new governance structures that would help bridge the gap between lines of business and the tech department.

Shadow IT also plays a larger part in Security breaches inside large organisations across HR, Marketing and Development departments as more departments request and have specific needs from the IT roadmap - making the ever evolving responsibility of a CIO more complex as the CIO now has to navigate under the skin of every element of the organisations maze of applications and IT systems.

Ensuring all systems internal and external are tested thoroughly is key to minimising enterprise risk or failure.

Web testing