Carrie Pallardy, Contributing ReporterMarch 27, 20255 Min ReadMichael Ventura via Alamy Stock PhotoThe US General Services Administration (GSA) announced plans for an overhaul of the Federal Risk and Authorization Management Program (FedRAMP). The new approach, dubbed FedRAMP 20x, will lean into automation to make authorization simpler, easier, and cheaper while continuously improving security, according to the GSA press release.InformationWeek spoke to four leaders in the private sector about the anticipated changes to FedRAMP, the potential impact, and how CIOs at government contractors can prepare.The ChangesFedRAMP was first established in 2011, about midway through Jonathan Alboums 11-year government career. He held multiple senior IT positions within the government, including CIO of the United States Department of Agriculture (USDA) before making the switch to the private sector in 2018, giving him exposure to FedRAMP as both buyer and service provider.Since the inception of the program, GSA has been trying to continue to make it better.I really see these changes as a continuation of those overarching efforts, Alboum, currently the Federal CTO at ServiceNow, tells InformationWeek. ServiceNow provides an AI platform, and it has 100 authority to operate (ATO) letters on file with FedRAMP.FedRAMP 20x has five main goals. The first focuses on automating the validation of FedRAMP security requirements. Under this new framework, more than 80% of requirements could transition to automated validation.Related:The second goal aims to reduce documentation requirements if companies pursuing FedRAMP authorization can demonstrate their existing best practices and security policies.Continuous monitoring is also one of the primary objectives of FedRAMP 20x. The updated model is promising a simple, hands-off approach that that leverages secure by design principles and automated enforcement.Through FedRAMP, GSA has played a role between contractors and government agencies. FedRAMP 20xs fourth goal emphasizes more direct relationships.A major objective is to reduce third-party involvement of the FedRAMP team in favor of more direct agency-provider interactions, Shrav Mehta, CEO of Secureframe, an automated compliance platform, explains in an email interview. Secureframe intends to pursue authorization under the new FedRAMP model.The final goal centers on innovation. Under FedRAMP 20x, companies will undergo automated checks and be able to make changes without additional oversight, granted they follow an approved process for doing so.As is often the case, more automation comes with the possibility of fewer staff. Federal News Network reports that FedRAMPs program management will be staffed by a few federal employees.Related:The Potential ImpactWhile the FedRAMP authorization process could look quite different with more automation, the underlying intent remains the same.You're always going to have a set of guardrails, a set of compliance rules that everybody's going to have to play by, says Kevin Orr, federal president for RSA, an identity security solutions company.RSA ID Plus for Government is FedRAMP authorized, and Orr has coached a number of companies through the process. He has seen firsthand how long it can take. It's anywhere from 18 to 24 months, he shares. I've been through this four times.Increased automation that cuts down on the amount of paperwork, time, and labor involved in achieving FedRAMP authorization could result in a less expensive endeavor.Today, there are nearly 400 FedRAMP authorized services, according to the FedRAMP marketplace. If the process becomes more efficient, and less expensive, more companies might be interested in pursuing authorization.The byproduct of that could be greater competition. [It] could be greater availability of capabilities that just don't exist today in the government sphere, says Alboum.Related:Continuous monitoring could offer advantages over a manual audit-based approach. We develop software and capabilities in a continuous manner. We're constantly improving them. So, a continuous authorization management approach is really much more appropriate, says Alboum.The hope is that continuous monitoring will lead to a more robust cybersecurity posture across the cloud-based tools in use within government agencies.There is optimism among companies that have achieved FedRAMP certification in the past. Sumo Logic, a cloud-native, machine data analytics platform, achieved FedRAMP Ready designation in 2019 and FedRAMP Moderate authorization in 2021.We need to maintain rigor in how we're evaluating technology to ensure that it's a secure solution for government agencies. But ultimately we're very welcoming of efficiencies gained throughout the process, Seth Williams, the companys field CTO, tells InformationWeek.What Comes Next?The promise of a less burdensome FedRAMP authorization process is exciting for government contractors, but there are still unknowns.We're a little bit in the wait and see [mode] because the devils in the details Exactly how are we going to do continuous monitoring? Orr asks. I don't think anybody really wants the government inside your network telling you what you do. But at the same time, we all stand up and sign up for a security pledge to make the nation a [safer] place. So, somewhere in between is probably the truth, and we'll see what comes out of it.It also remains to be seen how automation is applied and how it works in practice. What will the impact of reduced FedRAMP staffing be? What will more direct relationships between government agencies and contractors look like?The future of FedRAMP is likely going to be shaped with input from industry stakeholders. FedRAMP working groups will gather input from industry, ensure equal access to information, encourage pilot programs, and provide technical guidance before formal public comment and release, according to the GSA press release.GSA notes that low-impact service offerings will not require agency sponsorship under FedRAMP 20x, but relationship building will still be important as FedRAMP evolves. Some of that connection will be formed within those working groups. And contractors who want to work with government agencies will need to demonstrate the value of their service offerings.It's one thing to say, I want to work with the government, or I have the capability to work with government. Well, how does it provide value to a government agency? says Alboum. Relationships are still going to be very important, especially as we go through this period of significant change.How can government contractors, and companies eager to secure government customers for the first time, prepare?For government contractors, success will depend on their ability to provide immediate, comprehensive security insights and adapt to more dynamic compliance expectations, says Mehta.About the AuthorCarrie PallardyContributing ReporterCarrie Pallardy is a freelance writer and editor living in Chicago. She writes and edits in a variety of industries including cybersecurity, healthcare, and personal finance.See more from Carrie PallardyReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

The question is no longer "Are we compliant?" but "Are we truly resilient?"

Brian Bronson, Chief Executive Officer, Orion InnovationMarch 27, 20252 Min ReadAleksey Odintsov via Alamy StockWe need to do something with AI. This familiar refrain came from a client recently but with an unusual twist. Instead of developing their AI LLM as quickly as possible, they wanted to build a governance framework first to guide their AI initiative.This conversation sparked an important realization: Strategic AI governance, when done right, serves as a powerful technology enabler.The pressure to adopt AI has reached a fever pitch; organizations feel they dont exist if theyre not doing AI. However, this pressure often leads to rushed implementations that can damage a business or product roadmap rather than enhance it.A healthcare provider that we recently spoke with learned this the hard way.After rushing out with a new AI transcription system to keep pace with a competitor, the system had to be shut down when they discovered it inadvertently included sensitive patient information in meeting summaries.The takeaway: Successful AI implementations share a common thread. They treat governance as an acceleration framework, not an obstacle. This requires fundamentally rethinking how we approach technology governance.Strategic ReviewsTraditional yes/no governance approaches don't work for AI. A more effective strategy focuses on a development program that creates clear pathways to deployment based on risk levels and business impact. For example, projects using established AI models with limited customer impact can move through a rapid approval process, while those involving sensitive data or custom AI development receive a more thorough review. A financial services client adopted this model with remarkable results; their teams quickly identified the appropriate governance pathway for each AI project, eliminating the uncertainty that typically slows implementation.Related:Regular strategic reviews prove crucial. Brief, focused assessments of new AI capabilities and their business impact help catch potential issues early while identifying new opportunities. Beyond bureaucracy, it's about creating feedback loops that accelerate safe deployment while driving innovation. Teams can spot potential issues before they impact operations, transforming governance from a checkpoint into a competitive advantage.The most successful organizations have made their governance programs into strategic assets. The key question shifts from How fast can we implement AI? to How can our governance program enable faster, safer AI adoption?Start With the Business CaseA critical starting point is clear business objectives rather than technology. When teams propose AI implementations, the first question should be, What specific business process are we trying to enhance? This clarity helps build focused governance around real needs rather than hypothetical risks.Related:The enterprises succeeding with AI aren't those moving the fastest; they're moving strategically. Instead of viewing governance as a necessary burden, they should see it as a way to accelerate their AI strategy. Effective governance enables sustainable innovation that minimizes risks. In an environment where everyone feels pressured to claim they do AI the real competitive advantage comes from doing it strategically and systematically.This insight from that initial client conversation holds true: Strategic AI governance, properly designed, becomes the very engine that drives innovation forward.About the AuthorBrian BronsonChief Executive Officer, Orion InnovationBrian Bronson is CEO of Orion Innovation, a leading digital transformation and product development services firm with over 6,400 associates worldwide. A seasoned technology industry executive, Brian previously served as EVP of US Telecom, Media, and Entertainment at Capgemini, and led Radisys as President & CEO through a strategic transformation. With over 25 years of global leadership experience, Brian focuses on helping organizations maximize the impact of next-gen technologies like GenAI to drive innovation and growth.See more from Brian BronsonReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

Lisa Morgan, Freelance WriterMarch 27, 20258 Min ReadNils Ackermann via Alamy StockData silos have been plaguing organizations since before the data analytics gold rush. Sadly, data silos remain an issue in many organizations, which calls into question the reliability of AI outputs.Data silos are making it much harder for agents to get unified insights based on a holistic view of the data about an object of interest, such as a customer or an employee, or just a single user, says Michael Berthold, CEO and co-founder of data analytics platform provider KNIME. For example, agents struggle with isolated data sources, [like] a human having to go to the CRM to see information about a company and the current contract history, then go to the support system to find out more about ongoing technical issues, and then also check the online forum to see if employees of the customer posted something there.According to a recent Gartner survey, 63% of organizations either do not have or are unsure if they have the rightdatamanagement practices for AI. In fact, Gartner predicts that through 2026, organizations will abandon 60% of AI projects unsupported byAI-ready data.How Data Silos Form and What to Do About ThemTool vendors are trying to make the flow of data between systems easier by providing integrations with other tools. Similarly, an agent will benefit from having one place to go to get information about a customer.Related:Michael Berthold, KNIMEMichael Berthold, KNIMEIn an ideal world, all data would be integrated. That was the promise of data warehouses years ago, and its still what is being promised. Especially companies with more legacy data and systems will continue to have data silos, says Berthold.AI models require high-quality data to deliver optimal performance. Poor data leads to underperforming models, which can cost organizations tens of millions of dollars or more, according to Gordon Robinson, senior director, data management R&D at data and AI solution provider SAS.Inconsistent data across silos means different parts of an organization may track similar data independently, leading to discrepancies and the lack of a single source of truth, says Robinson. Data silos also can lead to incomplete AI model training. When AI models are trained on fragmented data rather than a comprehensive dataset, they fail to reach their full potential and deliver optimal insights.Josh Weinick, a sales engineer at AI-powered cybersecurity automation platform Blink Ops has seen cases in which a chatbot is unable to provide accurate customer support because it doesnt have access to sales or product data living in another departments separate system.Related:Most silos are caused by a mix of legacy infrastructure, organizational culture and inconsistent data standards. When teams cling to their own systems and definitions, or when older technology doesnt integrate well with modern AI platforms, its easy for silos to form, says Weinick. Mergers and acquisitions can also play a role. Newly acquired business units often bring their own tech stacks, which stay isolated unless leadership prioritizes integration.Without leadership buy-in and a culture of data sharing, departments tend to guard their data.Ashwin Rajeeva, co-founder and CTO at enterprise data observability company Acceldata says data silos restrict AIs access to complete, high-quality data, which leads to biased models, inconsistent insights and unreliable automation.Fragmented datasets make it difficult for AI agents to understand context, reducing their effectiveness in decision-making and business impact, says Rajeeva. Eliminating silos is essential for AI to scale, improve efficiency and deliver meaningful enterprise value.The root causes of the data access problem are legacy infrastructure, multi-cloud environments, decentralized data ownership and weak governance.Related:A data-first AI strategy focused on governance, interoperability, and observability is key. Enterprises should implement automated data quality checks, real-time monitoring and lineage tracking to ensure AI models operate on accurate, consistent data. Aligning data strategy with business objectives and fostering cross-functional collaboration accelerates AI adoption and impact, says Rajeeva.Gokul Naidu, senior manager at SAP says silos can cause gaps in model training and may require manual consolidation or cross-team requests.By the time information is merged, it may already become outdated, slowing the feedback loop for AI driven optimizations and reducing potential ROI, says Naidu. When I wear a FinOps hat I see that silos obscure the value of unit economics, such as cost per transaction, cost per user, and limit the ability to measure how each service or feature contributes to overall business value.In his view, cultural resistance to sharing, a lack of standards and governance, legacy apps and technical debt contribute to data fragmentation, making it difficult to establish a unified data strategy. To overcome them, he suggests doing the opposite, which is promoting a culture of sharing, having a unified data strategy, and using automation and observability.Paul Graeve, CEO at IT system data services provider The Data Group points to SaaS systems. Specifically, organizations are not investing the time, energy, and money necessary to load SaaS data into a data warehouse where the organization can own the data, clean it, and effectively use the data for any important business initiative.Your data is locked away in all these SaaS platforms scattered around the globe. This can be scary considering your data is your most valuable asset, says Graeve. The only way you can effectively and efficiently use your data for AI, analytics, portals -- for any initiative -- is to consolidate all your data into a one-version-of-the-truth data warehouse. Until you have your data in one place where you can see it, fix it, enrich it and efficiently use it, youre going to struggle successfully implementing any AI initiative.Paul Graeve, The Data GroupPaul Graeve, The Data GroupArmando Franco, director of business modernization services at TEKsystems Global Services, says data silos limit access to comprehensive training data, reducing model accuracy, and introducing inconsistencies due to conflicting governance and duplication. They also create inefficiencies in automation and decision-making, as AI agents require real-time access to unified data. Additionally, fragmented data poses security and compliance risks, potentially leading to regulatory violations if governance is not properly enforced.These challenges stem from outdated IT infrastructure, business unit fragmentation, and a lack of a unified data strategy, says Franco. Legacy systems were not designed for interoperability, while different departments using specialized tools create barriers to integration. Without centralized governance, enterprises struggle with inconsistent data management, and siloed AI initiatives lead to duplicated efforts and conflicting model outputs. Addressing these issues requires modernizing IT systems, fostering cross-team collaboration, and implementing a cohesive data strategy.Why Some Enterprises Struggle More Than OthersThe longer an organization exists, the more likely it is to be struggling with data silos.If a company has been around for a while, it will have different tools and systems, and the act of unifying it all is doomed from the start. Even worse, if that company bought a couple of other companies in recent years that brought along their own tools and data solutions, says KNIMEs Berthold. Dont dream of waiting for the famous data warehouse to solve everything. Dont try to put a bandage on the problem by starting to copy around data so it all creates a data swamp in one central location.Instead, its important to have a data integration, aggregation and analytics layer in place that allows everybody and AI agents to access a unified view. Berthold says organizations should ensure the technology in that layer is well-documented so future colleagues can understand its functionality and update it as data moves or new data sources are added.According to SAS Robinson, data silos within organizations often form around products or business functions, so many organizations still struggle to unlock the full potential of their data.The best way to overcome these challenges is by implementing a strong data governance framework within your organization. With increasing regulatory demands and the rising frequency and cost of data breaches, robust data governance is no longer a choice -- its a necessity, says Robinson. A successful data governance program starts with understanding what data you have, assessing its quality and tracking how it is used across the organization.Additionally, techniques like entity resolution can help create a single, unified view of data by integrating information from disparate silos into a centralized repository. However, many organizations have yet to invest in strong data governance. Meanwhile, AI governance is emerging as a crucial focus, especially as new AI regulations continue to evolve.Effective AI governance must be built on a solid foundation of robust data governance, says Robinson. If you havent invested in data governance or your current platform lacks robustness, this should be your top priority. Its no longer optional. Its a fundamental necessity for any data-driven organization today.In addition to that, Blink Ops Weinick says organizations should prepared to invest in modern data integration and metadata management and put strong security and governance frameworks in place from the start, so fears around compliance or breaches dont create massive delays.Most importantly, focus on cultivating a cross-functional mindset, says Weinick. Demonstrate quick wins by bringing together two siloed data sets to address a pressing business problem, then celebrate and scale those successes across the enterprise.About the AuthorLisa MorganFreelance WriterLisa Morgan is a freelance writer who covers business and IT strategy and emergingtechnology for InformationWeek. She has contributed articles, reports, and other types of content to many technology, business, and mainstream publications and sites including tech pubs, The Washington Post and The Economist Intelligence Unit. Frequent areas of coverage include AI, analytics, cloud, cybersecurity, mobility, software development, and emerging cultural issues affecting the C-suite.See more from Lisa MorganReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

[Virtual Event] Cyber Resilience in 2025: How to Keep Business Moving When Everything Else is Collapsing

James M. Connolly, Contributing Editor and WriterMarch 26, 20258 Min ReadCagkan Sayin via Alamy Stock[This article was updated on March 26, 2025, with more recent content]Those wondering about the role of the CIO in the digital age need only look at the keyword in the middle of the title: Chief "information" officer. The corporate world actually isnt just about being digital or data driven. That digital data represents what the organization actually knows: Information about itself, its customers, and its employees, and how that organization does business moving forward.So, the CIO that some organizations virtually locked in the data center for years is today involved in everything from payroll to cybersecurity, e-commerce to environmental, social and governance (ESG) initiatives. Their domain extends from coders to clouds.Oh, and the CIO is also now the point person for AI initiatives and defending against AI abuse.This Quick Study takes a look at the role of the CIO these days as recorded by the writers who contribute to InformationWeek. The roles and responsibilities have changed dramatically and surely will continue to shift as the job itself morphs in the years ahead.CIOs, Their Jobs, and the Expanding C-SuiteCISOs in 2025: Evolution of a High-Profile RoleOver the past decade, the chief information security role has evolved from being a supporting position under the CIO or chief risk officer to a core member of the executive team.Emotional Intelligence: An Often-Overlooked IT Leadership SkillStrengthening your emotional intelligence can help you become a more effective and respected leader. Getting started is as easy as mastering a few key attributes.Changing Role of the CIOChief information officers need to lean into the leadership aspects of their role to deal with ongoing changes. Here are five strategic areas to focus on in your job.The CIO Playbook, and the Seldom Run Plays with Big PayoffsIf you want to move beyond just being a CIO in an organization, you have to stretch your boundaries.Bridging the Divide: How to Foster the CIO-CFO PartnershipBuilding a future-proof enterprise through strategic leadership collaboration between the chief information officer and chief financial officer, says the CIO of Workiva.First Days on the Job as a CIOBecoming chief information officer is a goal for many IT professionals. But what do you do when you finally get there?Why Some Newer C-Suite Titles FailCorporate C-suites continue to expand, but the success rate of the newer positions depends on many things.The Value of the Fractional Chief Technology OfficerA fractional CTO can be a great solution to help limit risk, manage teams, and develop cost-effective strategies to help meet the technology demands of an evolving business.Achieving CIO Balance: IT Meets the Business WorldCIOs are being pushed to deliver value to the business and stay on top of technical issues. How can they do both?Todays Blueprint for CIO success: A Shift in MindsetChief information officers can help lead organizations through todays complex macro environment, if they broaden their purview to areas that deliver business outcomes faster.Lessons from Banking on the Role of the Chief Risk OfficerBy using cutting-edge data, analytics, and AI technology, chief risk officers can help their organization drive more effective risk-management strategies.Hey, CIO, We Need AIThe CEO/CIO Dynamic: Navigating GenAI ImplementationBy working together, CEOs and CIOs can fully leverage the benefits of generative AI to drive innovation, improve efficiency, and stay competitive in the market, says KPMG.Leading as a Future-Ready CIO in an AI-Driven WorldCompanies are rethinking their partnership structures, with ecosystems leading as transformative new business models across various industries.How CIOs Can Navigate Their Jobs in the AI EraThe sudden and explosive popularity of AI among the public surprised many, including CIOs. With changing tech priorities, where should CIOs be prioritizing their efforts to be successful? The CIO of Experio offers a look.Reshaping the CIO's Playbook for the AI AgeIn this landscape of rapid change, the impact of generative artificial intelligence (GenAI) on the role of the chief information officer is profound and far-reaching, according to EY.Fake News, Deepfakes: What Every CIO Should KnowAI advances are making fake news and deepfakes easier than ever. Most organizations arent prepared enough, yet.How Will AI Change the CISO Role?Artificial intelligence arms both defenders and threat actors, rapidly reshaping the cybersecurity landscape. Inevitably, the chief information security officer role must adapt to keep up.How CDAOs and CIOs Can Divide Data and Analytics ResponsibilitiesThe division of responsibilities between CDAOs and CIOs is often disputed, which can create tension and hinder operations, Gartner says. A better approach is to split the work and collaborate as peers.How, When, and Why to Hire a Chief AI OfficerTo develop an effective AI strategy, organizations should consider hiring a permanent CAIO who can align AI initiatives with long-term goals.CIOs and the Great Talent CrunchTaking a Deep Dive into People SkillsThe fundamental people skills -- or chops -- are communicating, collaborating, being a team player, and listening, with the ultimate goal as connecting.Do Women IT Leaders Face a Glass Cliff?Are organizations more likely to promote women to top IT management posts during hopeless crisis situations? Apparently, yes.4 Ways to Create a Workplace that Fosters Diverse LeadersResearch finds that there arent enough women in leadership positions. Here are four ways leaders can create a workplace that fosters more diverse leaders.Soft Skills: The Ultimate Force Multiplier for ITAs the job market shifts and new doors open, its critical for IT leaders to hire talented tech pros who are empathetic, forthcoming, and invested in helping the end user through their work.CIOs, Innovation, Their Budgets and ROIThe Case for a Fractional CIOWhat is a fractional CIO and when does hiring one make sense versus taking on a full-time executive?IT Leaders as Advocates for Continual ChangeWhile IT leaders have their finger on the pulse of tech advances, its crucial to work closely with business leaders ensuring strategy is aligned with business outcomes.CEOs Deploy CIOs for Digital LeadershipSuccessful CIOs must become agents for change, bolster their collaboration prowess and adopt a business first mindset, as CEOs lean on them to lead digital transformation.CIOs and the Right Tech in the Right Place5 Ways a CIO Can Assess the IT Landscape in a New RoleOnce settled into a new workspace and role, IT leaders can begin to assess how their new department works (and doesn't) in five key areas.ITs Key Role in Planting ESG EffortEnvironmental, social and governance (ESG) is an emerging area of focus for companies that could loom large in the future. How can CIOs plan for this today?CIO Compensation May Soon Be Tied to Green Data CentersLike it or not, the potential of green data center savings puts CIOs on the front line in the fight for sustainability.The Voices of Today's CIOsIntel CIO Motti Finkelstein on C-Suite Communication, Sustainable AI, and FutureFinkelstein must lead the chip giants IT team as the company embarks on its sprawling and ambitious foundry goals.Technology Leadership: The Sky Isnt the LimitHere are six lessons that flying taught me about being a leader, says the CIO of Nutanix.Former Microsoft CIO Jim DuBois Dishes On AI and Future of ITThe industry veteran and author looks beyond hype around generative language models as businesses begin adopting emerging technologies at a feverish pace.Q&A: Aflac US CIO Shelia Anderson Talks AI, Data, and CloudAutomating claims processing and other functions currently see more play with the insurer than ChatGPT, but Aflacs AI journey is still underway.Q&A: US Patent and Trademark Office's CIO on Cloud and DevSecOpsJamie Holcombe talks about developing a software factory drawing upon DevSecOps methodology and GitLab to help it modernize software development within his agency.About the AuthorJames M. ConnollyContributing Editor and WriterJim Connolly is a versatile and experienced freelance technology journalist who has reported on IT trends for more than three decades. He was previouslyeditorial director of InformationWeek and Network Computing, where heoversaw the day-to-day planning and editing on the sites. He has written about enterprise computing, data analytics, the PC revolution, the evolution of the Internet, networking, IT management, and the ongoing shift to cloud-based services and mobility. He has covered breaking industry news and has led teams focused on product reviews and technology trends. He has concentrated on serving the information needs of IT decision-makers in large organizations and has worked with those managers to help them learn from their peers and share their experiences in implementing leading-edge technologies through such publications as Computerworld. Jim also has helped to launch a technology-focused startup, as one of the founding editors at TechTarget, and has served as editor of an established news organization focused on technology startups at MassHighTech.See more from James M. ConnollyReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

Lisa Morgan, Freelance WriterMarch 26, 20257 Min ReadJacob Lund via Alamy StockLow-code/no-code platforms have given rise to the citizen developer -- a power user of tools such as Microsoft Excel. In other cases, this person tends to be someone who needs an immediate solution, has an idea in mind, and isnt afraid to try something new to turn their dream into a reality.Citizen developers arent a threat to professional developers because they dont understand software architecture and the hand-written code it would take to customize the app. Theyre simply a less expert member of the workforce who happens to understand the context of a task, workflow or technology, and are motivated to make improvements on their own.In many cases, citizen developers arent left to their own devices. Theyre using wizards and visual tools instead of writing lines of code. In some organizations, citizen development has been enabled by IT and developers in a way that benefits both professional and citizen developers.For example, a citizen developer might build a solution that may eventually need a professional developers expertise to take it to the next level. The beauty of the center of excellence approach is that professional developers can spend more time on difficult problems while citizen developers solve the simple ones. If the organization has standardized on a platform, then handoffs between citizen developers and professional developers are seamless. It is common, however, for enterprises to use more than one low-code/no-code solution.Related:The best citizen developers have some traits in common, though their roles may differ. A proactive mindset and a love of learning help.Traits of An Effective Citizen DeveloperBrett Smith, distinguished software developer at data and AI provider SAS, believes effective citizen developers are usually subject matter experts on the business problem and possess a basic understanding of programming concepts. They are also problem solvers who are self-motivated and have a growth mindset. Notably, they can learn new skills quickly and are not afraid to experiment with new technologies.Citizen developers have a deep understanding of the business problem and the domain. They [can] communicate effectively with IT teams, which helps to ensure the solutions they develop are aligned with the needs of the business, says Smith. It's critical that enterprises provide citizen developers with the tools and resources they need to be successful. This includes access to training and support, as well as creating a culture that encourages innovation and experimentation.Related:Brett Smith, SASBrett Smith, SASNick Vlku, VP of product growth at end-to-end AI search and discovery platform provider Algolia, says citizen developers hold different roles such as product managers, project managers, designers and analysts, to name a few. One common trait is that they're intensely solution-oriented with an intrinsic drive to tackle business challenges, he adds.I've witnessed this firsthand, like watching a non-technical product manager who taught themselves SQL simply because they needed better answers to their data questions, says Vlku. These individuals are natural problem solvers who take initiative. Rather than waiting for help, they actively search for no-code solutions or teach themselves low-code approaches they find online.Their ability to focus on solving the problem at hand will become even more valuable with the rise of AI-assisted development tools and coding applications, Vlku says.Citizen developers will naturally incorporate these advances as additional tools to help them achieve solutions more efficiently, says Vlku.However, the enterprise also has a role to play. Vlku says enterprises should actively support and cultivate citizen developers, as they represent highly valuable employees who prioritize efficient problem-solving.Related:There's a notable challenge: these individuals often undervalue their technical capabilities, placing software engineering on a pedestal that makes them doubt their own abilities or feel uncomfortable embracing their problem-solving approaches, says Vlku. Organizations need to take specific actions to nurture this talent.First, enterprises should explicitly recognize and reward this initiative during performance reviews, acknowledging the solutions delivered and the innovative approaches used to achieve them. Second, they should streamline access to necessary tools and platforms.While determined citizen developers might find ways around organizational barriers, removing these obstacles upfront will encourage more employees to step into this role, says Vlku. This support is particularly important because citizen developers tend to doubt their technical legitimacy despite their demonstrated ability to deliver solutions. By creating an environment that actively validates and enables their efforts, organizations can help overcome this self-doubt and expand their pool of effective citizen developers.Karl Threadgold, managing director at Oracle NetSuite provider Threadgold Consulting, says the most effective citizen developers tend to have four defining traits: a problem-solving mindset, a strong understanding of business operations, a willingness to collaborate with IT and a hunger for learning.The most successful citizen developers deeply understand their organizations workflows, pain points and inefficiencies. They dont just automate processes for the sake of it; they focus on solving real business challenges, says Threadgold. Rather than working in isolation, they engage with IT teams to ensure their solutions are scalable, secure and aligned with governance policies. Given how quickly no-code and low-code tools are evolving, top citizen developers continuously upskill to stay ahead.The reason successful citizens outperform their peers is that they create solutions that are technically sound and strategically relevant.They dont just build the bare minimum, says Threadgold. They go above and beyond and build what the organization needs to thrive. Their ability to communicate with IT teams also helps prevent shadow IT issues, ensuring their applications integrate seamlessly into the broader tech landscape.The enterprise also has a role to play here, which is enabling this broader base of problem-solvers.Many enterprises still take a passive approach to citizen development. [They assume] that providing access to low-code tools is enough -- it's not, says Threadgold. They need to provide clear training structures, chances for people to work alongside experienced developers, and have clear collaboration frameworks in place. These people are often hungry to learn and develop their skills, so enterprises need to put structures in place to help them thrive. Without clear governance, training and collaboration frameworks, businesses risk ending up with fragmented, unsustainable solutions.How Citizen Development Is EvolvingAI capabilities have been added to all types of software, including low-code/no-code platforms. According to SASs Smith, adding AI helps citizen developers solve more complex problems. It also helps them write more code, faster -- but its double-edged sword.The increase in the amount of code a citizen developer produces could introduce more bugs and vulnerabilities than normal. There is a risk of overwhelming test and security teams with sheer volume of code to review and test, says Smith.Fundamental skills in AI, security and testing will support citizen developers in creating better applications and help avoid the introduction of bugs and vulnerabilities. Additional skills in project management and communication aid citizen developers in working effectively with IT teams to ensure that solutions are aligned with business needs.Algolias Vlku believes citizen development is still at the innovators stage.The proliferation of low-code and no-code tools is helping those without technical backgrounds bring their areas of search expertise directly into search platform development with less reliance on developers and engineers, says Vlku. Gen AI tools may also be accelerating this trend. Eventually, we foresee pre-built agents will be prepared and ready to support development, and citizen developer roles will be to invoke those agents.Nick Vlku, AlgoliaNick Vlku, AlgoliaHowever, like professional developers, citizen developers should understand the basics of AI and how it can help them.Citizen developers should focus on understanding and leveraging AI-powered development tools, as these represent a significant new frontier in problem-solving capabilities. The current technology landscape offers AI solutions that can assist with UI development and troubleshooting, presenting opportunities to enhance productivity even further, says Vlku.Rather than viewing AI as a separate skill to master, citizen developers should approach it as an extension of their existing problem-solving toolkit. By staying informed about and experimenting with these emerging tools, they can amplify their ability to deliver solutions efficiently.Threadgold says his organization sees citizen development moving beyond simple workflow automation to more complex applications integrating AI, data analytics, and API-driven solutions.With this shift, new skills such as data literacy, AI and automation, and APIs and integrations are critical. Citizen developers should understand how to effectively work with structured and unstructured data, use the AI tools included in low-code/no-code platforms and ensure solutions connect with enterprise systems.Citizen development is more than just helping non-technical staff to build applications. Its about helping people improve their skills and create a culture of innovation, says Threadgold. With the right support, enterprises can harness this movement to drive real business transformation.About the AuthorLisa MorganFreelance WriterLisa Morgan is a freelance writer who covers business and IT strategy and emergingtechnology for InformationWeek. She has contributed articles, reports, and other types of content to many technology, business, and mainstream publications and sites including tech pubs, The Washington Post and The Economist Intelligence Unit. Frequent areas of coverage include AI, analytics, cloud, cybersecurity, mobility, software development, and emerging cultural issues affecting the C-suite.See more from Lisa MorganReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

John Edwards, Technology Journalist & AuthorMarch 26, 20255 Min ReadLiubomyr Vorona via Alamy Stock PhotoA long-dormant IT project that suddenly springs back to life can be both welcome and challenging. Teams must be reassembled, abandoned timelines reconfigured, and technologies and methodologies updated to reflect current practices and standards.The best way to launch a project revival is to look backward. "Conduct a thorough project reassessment to identify the root causes of delays, then re-prioritize deliverables using a phased, agile-based approach," suggests Karan Kumar Ratra, an engineering leader at Walmart specializing in e-commerce technology, leadership, and innovation. "Start with high-impact, manageable milestones to restore momentum and stakeholder confidence," he advises in an online interview. "Clear communication, accountability, and aligning leadership with revised goals are critical."Shanna Rahming, senior vice president of managed services for SDI Presence, an IT consulting and managed services provider, and former CIO for the State of Nevada, agrees that it's important to understand what actually caused the delay. Was it a lack of resources, such as funding, skills, tools, hardware, or staff? "After you know why it's off track, you can then determine what needs to be done to get the project completed," she advises in an online interview.Related:Once the delay's cause has been clearly defined, seek information and insights from the original team, Rahming advises. "Then the stakeholders and executives need to have that information communicated to them."The next step should be performing a root-cause analysis. "Identify whether the delay stemmed from unclear requirements, technical debt, resource gaps, or scope creep," Ratra says. "Engage stakeholders, document findings, and reset priorities based on what delivers the most value in the shortest time."Team RebuildingIts usually best to retain past core team members who understand the projects history and complexities but augment the team with new expertise where gaps exist, Ratra says. "Fresh perspectives often drive innovation and problem-solving, while experienced team members ensure continuity."Recall past team members, yet supplement them with new members with similar skills and project experience, recommends Pundalika Shenoy, automation and modernization project manager at business consulting firm Smartbridge, via email. "Outside perspectives and expertise will help the team."While new team members should be welcomed, try to retain at least some past contributors to ensure project continuity, Rahming advises. Fresh ideas and insights may be what the legacy project needs to succeed but try to retain at least some past contributors to ensure project continuity, Rahming advises. "The new team members may well bring a sense of urgency, enthusiasm and skills ... that weren't present in the previous team at the time of the delay."Related:Avoiding MistakesThe biggest mistake team leaders make is rushing into execution without first addressing root causes. "Restarting a project without fixing systemic issues, such as poor communication, unrealistic timelines, or unclear scope, can lead to repeated failures," Ratra warns. IT leaders must also avoid setting overly ambitious goals. "Start small, show progress, and scale up."Its easy to focus on simply catching up with deadlines or scrambling to get back on track, but if the underlying issues aren't addressed, the same problems will likely surface again, cautions Anbang Xu, founder of JoggAI, an AI-based video platform provider. "IT leaders sometimes ignore team dynamics, communication issues, or technical debt in favor of focusing on just getting the project finished," he explains in an email interview. "This can create a cycle of delay, further burnout and, ultimately, project failure."Related:Shenoy says the two big mistakes he repeatedly sees are adding additional resources without understanding the real issues and overcommitting without team consensus.Final ThoughtsTransparency and trust are essential for successful project recovery, Ratra says. "Leaders should foster an open culture of accountability and communicate realistic goals with stakeholders." Leveraging automation tools and using AI-driven project monitoring can also help identify bottlenecks early, ensuring the team remains on track and responsive.To keep the relaunched project on track, it's important to establish and monitor a detailed communication plan that regularly shares critical information with team members, Rahming says. There should also be buy-in from technology and business stakeholders.Build a unified staff culture that's committed to succeeding or failing as a team, Shenoy says. "Encourage transparency and active collaboration across the team and stakeholders."Managing delayed projects requires a deep understanding of adaptability and resilience, Xu observes. "In a fast-moving field, like AI, setbacks are inevitable," he notes. "But the ability to pivot, reassess, and lead your team with confidence makes all the difference."About the AuthorJohn EdwardsTechnology Journalist & AuthorJohn Edwards is a veteran business technology journalist. His work has appeared in The New York Times, The Washington Post, and numerous business and technology publications, including Computerworld, CFO Magazine, IBM Data Management Magazine, RFID Journal, and Electronic Design. He has also written columns for The Economist's Business Intelligence Unit and PricewaterhouseCoopers' Communications Direct. John has authored several books on business technology topics. His work began appearing online as early as 1983. Throughout the 1980s and 90s, he wrote daily news and feature articles for both the CompuServe and Prodigy online services. His "Behind the Screens" commentaries made him the world's first known professional blogger.See more from John EdwardsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

Nathan Eddy, Freelance WriterMarch 25, 20255 Min ReadMohd Izzuan Roslan via Alamy StockFinance and IT leaders are shifting their approach to retaining top technology talent as traditional methods of salary increases and financial incentives alone are proving insufficient.This is prompting companies to focus on career development, workplace culture, and employee engagement.Meanwhile, demand for tech talent remains strong as companies across industries continue to prioritize hiring, according to CompTIAs latest analysis of US Bureau of Labor Statistics data.With demand outpacing supply in key areas like AI and cybersecurity, businesses are competing for top talent while also increasing job postings to meet future workforce needs and tech professionals are expecting meaningful growth opportunities.Chief financial officers and HR leaders must work together to implement strategies that prioritize professional development, mentorship, and internal mobility.Professional Growth Prioritized Over Pay One of the most effective ways to retain IT professionals is by offering clear career development pathways.According to TEKsystems State of Digital Transformation Report, 82% of digital leaders are poised to reskill or upskill their workforce.Cosmin Pitigoi, CFO at Flywire, emphasizes that employees are more engaged when they have continuous opportunities to strengthen their skills and expand their experiences. One of the best ways to keep top talent engaged is to have a clear professional development pathway and provide them opportunities to keep strengthening their skills and rounding out their career experiences, he says in an email interview.Related:Leslie Deutsch, vice president of people strategy at TEKsystems, says upskilling has become a major priority. Offering continuous learning and upskilling programs helps employees feel valued and invested in, she explains via email.Mentorship also plays a key role in this strategy, with Pitigoi stressing the importance of both formal and informal mentoring relationships to provide long-term career guidance.Ive benefited from a doors always open philosophy in my career and pay that forward in my current role, he says.He says when IT professionals feel they have support and guidance, they are more likely to stay engaged with their employer.Collaboration Between IT, Finance LeadersBalancing cost control with investments in professional development requires close collaboration between IT and finance teams.Both Deutsch and Pitigoi emphasize that talent retention should be viewed as a strategic investment rather than an expense.Related:Organizations should be leveraging data and analytics to understand how development is impacting productivity and have that inform any investment, Pitigoi says.Deutsch highlights the importance of forming cross-functional teams that include IT, finance, and HR stakeholders.These collaborations ensure that professional development investments align with both financial and operational goals, maximizing their impact on workforce retention.Another key aspect is fostering an owner mindset among employees, where individuals take responsibility for improving efficiency and identifying new ways to work smarter.Flexible Work, Internal Mobility, and Employee RetentionBeyond professional development, flexibility in work arrangements continues to be a crucial factor in IT retention.Remote work and hybrid models are now expected benefits rather than perks; IT professionals, in particular, value autonomy and flexibility in managing their workloads.Implementing hybrid work models that allow employees to balance in-office and remote work is essential, Deutsch says.Internal mobility also plays a significant role in keeping employees engaged.Deutsch and Pitigoi both stress that organizations must create clear pathways for employees to move into new roles and take on greater responsibilities.Related:As part of this, organizations should encourage leaders to allow their best talent to move on to other roles, which is hard to do, but best for allowing talent to develop through diverse opportunities, Pitigoi says.This approach not only keeps employees engaged but also reduces the need for costly external recruitment.Deutsch adds that companies should structure internal mobility programs with well-defined career pathways and transparent role expectations.Creating clear pathways for career advancement within the organization encourages employees to take on new roles and responsibilities, she says.CFOs, CIOs, and HR Leaders Shape Talent RetentionRetaining IT professionals requires collaboration across multiple leadership roles.According to Deutsch, CIOs, CFOs, and HR leaders each play a unique part in crafting effective retention strategies. CIOs drive technological advancements and provide necessary tools, CFOs align financial resources with retention strategies, and HR leaders create a positive workplace culture, she says.Pitigoi says he agrees, adding that product and data analytics leaders also contribute by identifying innovation opportunities and ensuring that investments align with business needs.A few key factors of success are having a clear collaboration framework between departments, making data-driven decisions together, and having clear role accountability with implementation, he says.Consistent communication among these stakeholders ensures that employee experience remains a top priority.Overcoming the Challenges of a Culture-Driven Retention ModelHowever, shifting from a pay-driven retention model to one focused on engagement and culture comes with challenges.Employees accustomed to salary increases as a primary motivator may take time to adjust to a new approach that prioritizes career development and well-being.Prioritizing engagement and well-being over financial incentives requires open communication and transparency, Deutsch says.Organizations must build trust by explaining why they are making these changes and how employees will benefit in the long run.Recognition and rewards programs are also effective in reinforcing engagement; while salary growth may be slowing, companies can still show appreciation through meaningful recognition initiatives.Implementing systems that recognize and reward employee contributions in meaningful ways fosters a sense of appreciation and belonging, Deutsch says.Pitigoi emphasizes the importance of enabling employees to focus on high-value work. Employees who feel they are making an impact are more likely to stay with their organization.Investing in systems, automation, and tools helps your best talent focus on doing work they enjoy rather than more mundane tasks, he says.Measuring the Success of New Retention StrategiesFor companies transitioning to culture-driven retention strategies, measuring success is critical.Deutsch suggests using employee engagement surveys, tracking professional development participation, and analyzing internal mobility rates. HR leaders can deploy surveys to measure how happy and productive employees feel at the office, she says.If employees are using professional development resources and moving into new roles, it indicates that the strategy is working.Pitigoi notes that financial metrics also play a role: Organizations should assess how investments in career development impact recruitment and retention costs. If done right, investments in flexible work, upskilling, and internal mobility can have a direct impact on lowering external recruitment costs, he says.About the AuthorNathan EddyFreelance WriterNathan Eddy is a freelance writer for InformationWeek. He has written for Popular Mechanics, Sales & Marketing Management Magazine, FierceMarkets, and CRN, among others. In 2012 he made his first documentary film, The Absent Column. He currently lives in Berlin.See more from Nathan EddyReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

Applications are developed and installed, but few companies evaluate them for true usefulness. Think in terms of the abilityof an app to deliver tangible and optimized value to the end business.Some of the characteristics of tangible, optimized value for applications include:Is the application easy for people to use?Does the application perform consistently well, with a minimal need for maintenance?Is all the functionality that an application contains fully used?What measurable gains does the application provide to the business?Is the application scalable?Ive visited with IT departments and asked them about these application usefulness questions. I cant think of one of them that told me that they checked for usefulness beyond making sure that user friendliness and ease of navigation were present in app user interfaces. To a lesser degree, they looked at how many times an application needed to be fixed or maintained.Does Usefulness Really Matter?The Merriam Webster dictionary defines usefulness as: The quality of having utility and especially practical worth or applicability.Almost every new IT application that is deployed has utility, applicability and some practical worth, but is that all there should be to useful?Related:Here is a real-life example:A healthcare company has a very user-friendly web portal that delivers a self-service feature for customers. Customers fill out their names, phone numbers, email addresses, and physical addresses for identity verification and mail/credit card verification. But that app overlooks that there are rural and some urban customers who get their mail at a postal box, and not at their physical address. These customers need two address entries on the form. There is no way for these customers to work with the online app, and they have to call a human agent, because the app isnt able to handle the exception.There are other situations as well, like the financial analytics report that was supposed to test-drive all risk scenarios, with a drill-down into the details. Yet, that is only being partially used to get a top-level picture. Or there is the workflow automation in a warehouse that was supposed to deliver a 30% savings in human labor, but it's failing the business because the automation is incapable of addressing special handling requirements, and humans must jump in.Most CIOs have seen examples like these in their own companies. Unfortunately, the hard realities of heavy IT workloads make considering the idea of true application usefulness more aspirational than practical.Related:Despite this, however, there are several practical steps that organizations can take.Building Usefulness into Application DevelopmentTo improve application usefulness without incurring significantly more expense and work hours for IT and the user side of the business, here are five simple steps that can be taken to improve app usefulness:1. Understand the business for today and for the future. Its common practice in projects to define the business metrics that an application should deliver, and then to measure expectations against performance once the app is in production. This telltale production feedback gives insights as to how well an app is delivering the business value that was promised.Beyond metrics, however, you can create more business usefulness by ensuring that senior developers, business analysts and user project members are well versed in the particulars of the business for which the app is being developed. They not only should understand the business strategies and pain points for today, but also that they are projecting what the business strategies and pain points will be in the future.IT can accomplish two important things if it emphasizes business thinking during the application development process: That the app will be highly relevant and responsive to business needs today; and that the app will be constructed in a way that it can be extended or scaled for future anticipated needs that will prolong the apps useful life.Related:2. Learn from your help desk and your customer service center. The maintenance and enhancement tickets and requests coming into the IT help desk from users, and the feedback and customer surveys that front-facing customer service agents get, can inform IT and users about where the organizations pain points, and process failures are; and how new applications can eliminate these pain points.The idea is to bring help desk and customer service data into initial application design meetings so lessons learned can be incorporated into upfront application design. In this way, the risks of pain point and process failure repetitions can be lowered, and usefulness can be enhanced.3. Meet regularly with middle management. Middle managers are the movers of daily operations. They have their boots on the ground, they know the internals of the business, and they know where applications have failed them in the past. IT leaders should make it a point to meet with these managers often and to cultivate good working relationships. This builds a cooperative spirit and improves everyones working knowledge of the business and IT.4. Include training in project plans.Training should be projectized and redefined as a QA function. If the training is performed and users are then tested on how well they learned and can execute an apps total functionality, business value and app usefulness will increase.5. Stress workflow and app simplification in all development efforts. Workforce critical thinking and basic comprehension skills are declining, and businesses are feeling this. Its all the more reason to simplify applications and also the business processes that they enable.Applications are more rapidly adopted when users understand and feel confident using them. The sooner apps are adopted, the sooner that they can begin paying dividends to the business.

Lisa Morgan, Freelance WriterMarch 25, 20258 Min Readdesigner491 via Alamy StockTodays professionals are under constant pressure to improve their efficiency as the pace of business accelerates. Burnout is a common thing as workers try to multitask across several platforms and communication channels, often simultaneously, amid personal challenges such as caregiving and in-office politics. Notably, burnout symptoms differ, depending on whether employees work from home (WFH) or have been subject to return to office (RTO) mandates.Burnout differs between settings and how an employee is working, says Nicole Issa, founder and licensed psychologist at The Center for Dynamic and Behavioral Therapy. Remote workers can experience burnout due to a lack of work-life boundaries, social isolation and the pressure to be constantly available via tech. Office-based employees often struggle with long commutes, loss of autonomy, and workplace stressors such as micromanagement or rigid schedules. Both environments become a perfect storm for burnout, but the triggers do differ.Justina Raskauskiene, human resource team lead at ecommerce marketing platform Omnisend, agrees.How burnout manifests depends on the work environment, says Raskauskiene. Remote workers often risk blurring the lines between work and personal life, feeling like they [must] always be on, or unable to distance themselves from work. All of this makes it more likely theyll work overtime. Plus, its no secret that fewer in-person interactions often equal poorer emotional well-being. In-office employees, on the other hand, may struggle with burnout due to a demanding company culture, excessive workloads or even the stress of a mandatory RTO policy. Reduced flexibility always carries the risk of contributing to employees stress and dissatisfaction.Related:Many employees are now in the sandwich generation -- caregiving for children, parents or both.As our population ages, more and more employees will become caregivers. This isnt just a personal crisis; its a ticking time bomb for our economy, says Jennifer Fink, community educator at Alzheimer's Association. Seventy three percent of employees have some sort of caregiving responsibilities. Employees with caregiving responsibilities cost their employers an estimated 8% - an additional $13.4 billion per year! By creating a caregiving-friendly workplace, organizations can unlock employee potential, reduce frustration and boost their bottom lines. [C]reating a caregiving-friendly culture isnt expensive especially when the return on the investment is considered.Related:Katie Roland, chief human resources officer at KCSA Strategic Communications, says burnout occurs when employees feel they are giving more than they are getting.It can happen because they are actually overprogrammed and dont feel compensated enough, or because they are working in a hostile environment and are masking all day, says Roland. It can be because they have responsibilities in life and at work, and they do not have the flexibility to manage both the way they feel they need to, making them feel constantly inadequate. Essentially, burnout is exhaustion.Many seasoned leaders are instinctively doubling down on RTO, implementing technology to oversee productivity, and demanding respect.What organizations need to understand is that employees who are trusted to do their job, and manage their life as needed, will produce far more for you than someone you try to control and monitor, says Roland. Nobody likes to be micromanaged. Instead figure out how to partner with your employees to find solutions that work on both ends.What HR/Hiring Managers Should Do About ItSusan Snipes, head of people at Remote People, says HR leaders need to be prepared to address burnout in all its forms for both in-office and remote team members.Related:Flexibility is the word of the day! Flexibility should be incorporated into all aspects of the employee experience from benefits to policies and procedures, says Snipes. Benefits like hybrid work, flexible schedules, and mental health days go a long way toward preventing employee burnout.Nicole Issa, The Center for Dynamic and Behavioral TherapyNicole Issa, The Center for Dynamic and Behavioral TherapyThe Center for Dynamic and Behavioral Therapys Issa suggests that chief human resources officers (CHRO) and hiring managers could approach burnout as a strategic issue rather than individual failings.This means being proactive about identifying risk factors and offering flexibility where possible, says Issa. Trying to build a company culture that prioritizes well-being should be top of the list for companies now. For remote employees, organizations should set clear expectations around availability, encourage a digital detox and provide routes for social connection. For in-office workers, offering hybrid working models, focusing on meaningful in-person collaboration and ensuring workload balance is key.Utilizing Data Is Also ImportantAbsenteeism, tardiness, lack of vacation usage, etc. all can help identify the potential issue -- there may be an issue with individuals or potentially managers, says Fran Maxwell, global lead at business consulting firm Protiviti. If they have a robust people analytics function, they can proactively determine which employees could start to become burnt out and can work with their managers to proactively support their employees. This would include looking at time, assuming the organization tracks time, or more simply looking at vacation time accrued and taken.MDR provider Expel discovered that quantifying workloads creates a common language between technical teams and business leaders. According to Amy Rossi, chief people officer at Expel, the most effective solution combines data with empathy.Organizations need metrics to identify burnout risks objectively, but they also need leaders who understand the human elements at play, says Amy Rossi, chief people officer at Expel. By adapting capacity utilization formulas to track workloads, teams can turn burnout from an abstract concern into concrete data that can inform staffing, scheduling, and resource allocation decisions. This approach has revolutionized how we manage and reduce burnout across both remote and in-office settings.Omnisends Raskauskiene says HR can monitor employee sentiment and job satisfaction through surveys and by encouraging leaders to keep an eye on employees moods.Educate them how to notice early burnout signs and react appropriately, says Raskauskiene We also encourage managers to hold regular one-on-ones, where both sides can share any struggles or concerns. Ultimately, it comes down to fostering a culture of open communication and direct feedback.In addition to establishing clear work hour timeframes, Omnisend promotes emotional well-being initiatives, such as offering psychological support and funding therapy.Provitis Maxwell recommends that leadership model the right behaviors and ensure they demonstrate that taking time away from work is both encouraged and important. He also says organizational leaders should ensure managers are properly trained on spotting burnout signs and how to prevent and support employees that are showing symptoms.However, leaders need to be patient.Fran Maxwell, ProtivitiFran Maxwell, ProtivitiBe intentional and start with leaders. Clearly articulate the expected behaviors at each level within the organization and hold each other accountable for those behaviors, says Maxwell. It is important to remember that its not going to change overnight, and people need to be communicated to, at a minimum, seven different times before the change will sync in.Alzheimer's Associations Fink warns that caregiving is tough -- a juggling act that can drain a person emotionally, physically and financially.When youre constantly putting out fires for others, your own well-being often takes a backseat. Neglecting yourself hurts everyone, says Fink. Thirty to 40% of caregivers struggle with depression and emotional stress. Theyre more likely to be in poor health, which means higher healthcare costs for your company. Taking care of your caregivers just makes sense. Its an investment in your people that always pays off in the end.For WFH employees, Mike Szczesny, owner and vice president at EDCO Awards & Specialties, recommends having clear working time boundaries and promoting the need to step away from the desk for regular breaks to alleviate always-on fatigue. Also promote virtual activities that build up a sense of belonging in the team and align goals for a greater purpose.For in-office employees, organizations should shift their attitudes toward working hours and consider more flexible hybrid arrangements. They should also create work environments that make people more productive while also enabling them to relax and provide reassurance to address issues concerning being present in the office for long periods of time.He also says active internal organizational strategies for preventing burnout should include regular pulse surveys, encouraging use of mental health services, and granting employees the freedom to customize their job.People operations or talent acquisition leaders and all other leaders must act with compassion, candor and genuine appreciation of their employees actual requirements, says Szczesny. Applying bespoke solutions, encouraging collaboration and giving control to employees can improve resilience and productive behavior that is sustainable over the long term.Lisa Sterling, chief people officer at survey and people analytics company Perceptyx, says organizational leadership should be open and direct about burnout.Talking about the symptoms and signs openly demonstrates to people that its important and top of mind. Further, it is important to establish clear expectations as well as boundaries, so people know what to expect. Leaders [must] demonstrate the desired behaviors first and foremost, says Sterling. Create a space for individuals to lean on and receive support from one another. By fostering these relationships people can leverage each other and share their feelings and thoughts with one another which can lead to a culture of empathy and fostering a sense of belongingness.What Happens When Burnout Is IgnoredIgnoring burnout can be very costly to an organization, and it doesnt always take the form of quiet quitting.Ignoring burnout will eventually have costly consequences for businesses when its not dealt with, says The Center for Dynamic and Behavioral Therapys Issa. Employees who feel unsupported will disengage, leading to quiet quitting and high turnover. The best employees are often the first to leave when they feel undervalued or overworked. This can set off a vicious cycle of higher workloads and reduced morale.Instead, companies should be creating a culture of psychological safety where employees feel heard and supported.A company's negligence in fixing persistent burnout patterns will result in lower employee output, greater employee attrition and a lesser reputation for the firm as an employer, says EDCO Awards & Specialties Szczesny. Not addressing burnout during these times of vigorous competition for talent may translate to the loss of valuable employees to firms that take their health and wellbeing seriously.About the AuthorLisa MorganFreelance WriterLisa Morgan is a freelance writer who covers business and IT strategy and emergingtechnology for InformationWeek. She has contributed articles, reports, and other types of content to many technology, business, and mainstream publications and sites including tech pubs, The Washington Post and The Economist Intelligence Unit. Frequent areas of coverage include AI, analytics, cloud, cybersecurity, mobility, software development, and emerging cultural issues affecting the C-suite.See more from Lisa MorganReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

Nathan Eddy, Freelance WriterMarch 24, 20255 Min ReadWavebreakmedia Ltd FUS1407 via Alamy StockCloud storage was once hailed as a cost-effective solution for businesses, but hidden fees and unpredictable costs are causing widespread financial strain.More than half of businesses globally have experienced IT or business delays due to unexpected cloud storage expenses, and 62% of organizations exceeded their cloud budgets last year, according to a report from Wasabia.As chief information officers and IT leaders reassess cloud spending, many are looking for new strategies to prevent waste, improve forecasting, and better manage their data storage policies.Soumya Gangopadhyay, technology strategist at EY, points to a lack of financial transparency and poor forecasting as key reasons why cloud costs spiral out of control. Certain issues arise when organizations dont track IT costs in a way that enables breaking out expenses to support analysis or forecasts, he says. Data egress fees, complex storage tiering, and sudden spikes in data processing all contribute to budget overruns.He cautions that without clear visibility into usage and cost structures, companies would struggle to predict expenses, leading to unforeseen financial burdens.Egress Fees, Over-Provisioning Drive Up CostsOne of the biggest financial pitfalls in cloud storage is egress fees, the costs incurred when transferring data out of a cloud providers ecosystem.Related:These fees, often overlooked in budgeting, can add up quickly and disrupt IT operations.Will Milewski, senior vice president of cloud infrastructure and operations at Hyland, notes businesses frequently underestimate the impact of egress fees. With regulatory shifts like the European Data Act prompting major providers to adjust these fees, organizations are still challenged by unanticipated usage that drives up costs, he says via email.He explains IT leaders can mitigate these impacts by consolidating data within a single ecosystem, employing intelligent tiering strategies, and utilizing data compression or deduplication techniques.Beyond egress fees, companies are also over-provisioning cloud resources, paying for storage they dont fully utilize.Many organizations, eager to embrace cloud agility, end up spending more than necessary due to a lack of integrated visibility across their data assets.Cost overruns often stem from over-provisioning, unpredictable data growth, and the complexity of managing diverse data workloads, Milewski says. By leveraging unified platforms, companies can streamline workflows, improve forecasting, and right-size storage needs.Related:The Challenge of Cloud Cost TransparencyWhile cloud providers offer cost management tools, many organizations find pricing models too complex to navigate effectively.Gangopadhyay explains some cloud providers obscure costs through complicated pricing structures, making it difficult for IT teams to plan accordingly. Not all providers offer robust tools for forecasting costs based on usage patterns, which is another factor organizations should consider when working with a cloud provider, he says.Milewski echoes this concern, pointing out that cloud providers are offering more AI-driven cost management tools, but expertise is required to use them effectively. Were seeing cloud providers introduce reserved pricing models, savings plans, and AI-driven cost dashboards, he says. However, many pricing structures remain complex, requiring organizations to build in-house expertise or partner with specialized vendors.Without dedicated cost management teams or external partners, businesses often struggle to fully optimize cloud spending.IT Leaders Take Control of Cloud CostsCIOs and IT leaders can execute several proactive measures as they look to regain control of their cloud budgets.Related:Gangopadhyay suggests implementing real-time monitoring tools, resource tagging taxonomies, and predictive analytics to improve cost forecasting. Organizations need to have a clear understanding or adherence to existing capabilities and performance -- without it, engineering workload performance can be a challenge, he says.By leveraging historical data and automating governance policies, businesses can eliminate waste and prevent unexpected cost spikes.Milewski advises companies to audit their storage policies and shift to a more strategic, tiered approach. Optimizing storage begins with aligning data policies to actual usage, he says. Prioritizing high-performance tiers for critical content while shifting less-accessed data to real solutions ensures cost efficiency without compromising performance or compliance.He also highlights automation and AI-driven insights as key tools for identifying redundancies and reducing expenses.Another crucial step is building a chargeback model that aligns IT costs with business strategy.Gangopadhyay says he believes organizations should implement chargeback mechanisms that assign storage costs to individual business units, making cloud expenses more transparent.Developing an enterprise chargeback strategy ensures that cloud spending is directly tied to business objectives, he says.By making business units accountable for their storage usage, companies can drive more responsible cloud consumption.The Future of Cloud Cost ManagementAs cloud storage pricing evolves, IT leaders must stay ahead of emerging trends to keep costs under control.Gangopadhyay says he expects increased competition among cloud providers, which could lead to more dynamic pricing models. We can expect to see more providers adopting real-time usage-based pricing and offering incentives for eco-friendly storage options, he says.Companies that embrace flexible budgeting practices and sustainable cloud solutions will be better positioned to navigate shifting cost structures.Milewski predicts that AI and automation will play a bigger role in optimizing cloud spending.The cloud storage landscape is evolving toward more dynamic, consumption-based pricing models, he says. Businesses will need to embrace FinOps practices, leveraging advanced analytics and automated tools, to adapt to these trends.FinOps, or cloud financial management, is becoming increasingly critical for organizations aiming to turn unpredictable expenses into predictable, manageable investments.Gangopadhyay stresses the key to reducing waste is aligning cloud costs with business goals.Reducing cloud expenses comes down to aligning business goals with business costs, he says. Organizations can better identify and eliminate unnecessary or redundant data by implementing automated policies, conducting regular audits, and establishing clear retention guidelines.Milewski underscores the importance of staying ahead of pricing trends and investing in cost optimization strategies.By leveraging automation, real-time monitoring, and AI-driven insights, companies can ensure that their cloud investments remain both strategic and cost-efficient.Businesses that combine modern infrastructure with intelligent cost management can empower themselves to navigate future challenges effectively, he says.About the AuthorNathan EddyFreelance WriterNathan Eddy is a freelance writer for InformationWeek. He has written for Popular Mechanics, Sales & Marketing Management Magazine, FierceMarkets, and CRN, among others. In 2012 he made his first documentary film, The Absent Column. He currently lives in Berlin.See more from Nathan EddyReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

John Edwards, Technology Journalist & AuthorMarch 24, 20255 Min ReadTetra Images, LLC via Alamy Stock PhotoThe cloud has come a long way over the past five years. The technology has undergone a succession of radical upgrades and transformations that have surprised even many of the technology's strongest advocates.As cloud service providers and adopters move into the next half-decade, here's a look at five important ways that the cloud has advanced since 2020.1. Zero-trust architecture emergesAs organizations move more workloads to the cloud, often in response to the existential demands of a high-velocity digital economy, traditional perimeter-based security models have failed to keep pace with the dynamic, distributed nature of traditional digital architectures, says Nigel Gibbons, a director and senior advisor at cybersecurity services firm NCC Group, in an email interview. "Amid these challenges, the concept of zero trust emerged alongside the secure by design cornerstone principle, fundamentally reappraising identity, access and trust within cloud environments."Previously, security strategies relied on guarding a static network perimeter. Once inside the corporate network, users, devices, and services were often trusted by default. Zero trust, by contrast, assumes no inherent trust and evaluates each request as if it comes from an untrusted network. "In cloud settings, where applications, data, and users reside across numerous remote endpoints, zero trust ensures that each interaction is strictly verified, regardless of location or prior access," states Gibbons.Related:Gibbons observes that zero trust has also accelerated improvements in identity and access management solutions, such as multifactor authentication, single sign-on, and just-in-time access, with adaptive access policies built on continuous adaptive risk and trust assessment principles becoming standard practice.2. FinOps standardizes cloud spendingThe FinOps organization and the implementation of FinOps standards across cloud providers has been the most impactful development over the last five years, states Allen Brokken, head of customer engineering at Google, in an online interview. This has fundamentally transformed how organizations understand the business value of their cloud deployments, he states. "Standardization has enabled better comparisons between cloud providers and created a common language for technical teams, business unit owners, and CFOs to discuss cloud operations."The FinOps framework helps organizations understand exactly what they're spending, how they're spending it, and where they're spending it. "This enables better demand shaping, whether through moving workloads to spot instances or improving committed use management," Brokken says.Related:3. Public cloud adoption democratizes accessWidespread adoption of public cloud architecture has been one of the most important developments of the past five years, says Lloyd Adams, president of enterprise application software firm SAP North America.The public cloud has democratized access to technology and increased accessibility for organizations across industries that have faced intense volatility and change in the past five years, Adams observes via email. "This innovation has facilitated a new level of co-innovation and enabled new business models that allow companies to realize future opportunities with ease."Public cloud platforms offer adopters immense benefits, Adams says. "With the public cloud, businesses can scale IT infrastructure on-demand without significant upfront investment." This flexibility comes with a reduced total cost of ownership, since public cloud solutions often lead to lower costs for hardware, software and maintenance.Public cloud adopters also reap the benefit of immediate access to cutting-edge technologies, such as artificial intelligence, machine learning, and analytics. "The cloud's flexibility and speed have enhanced agility and innovation, enabling companies to experiment with new ideas and bring products to market faster," Adams says.Related:4. Security as code arrivesSecurity as code, in the form of DevSecOps, leverages a collection of cloud native technologies and methods. "This has not only shifted security into the delivery team, it allowed security to scale as an embedded consideration, rather than an external force that development and infrastructure teams feel like they need to resist or operate around/within," says Travis Runty, CTO of public cloud at Rackspace Technology, in an online interview.Security as code is an example of hyper-converging skillsets and teams, further enabling natural awareness and ownership, Runty states. "It's a great example of a technology creating velocity, changing the way teams are structured, and ultimately reducing overall business risk".Having the ability to incorporate security into core and real-time infrastructure deployments has allowed teams to leverage security as a strength, and enforce it without fail, Runty says. "This enforcement can include general security best practices, compliance considerations, protecting credentials, or other sensitive information -- even managing internal design and architectural standards."5. Serverless computing arrivesServerless computing has emerged as a key cloud innovation, helping organizations become more agile while accelerating time-to-market, minimizing infrastructure overhead, and optimizing cloud costs, says Farid Roshan, global head of AI at data and digital engineering solutions firm Altimetrik.In response to specific events, serverless platforms work to execute small, stateless code segments known as functions. "These functions simplify scaling and reduce the complexity of computing resources, which are allocated only for the functions execution duration, eliminating the need for pre-provisioned infrastructure," Roshan says in an email interview.With serverless computing, engineering teams are freed from managing servers, operating environments, and scaling mechanisms. "This allows engineers to focus on innovation, building scalable, cost-efficient applications by shifting operational overhead to cloud providers," Roshan concludes.About the AuthorJohn EdwardsTechnology Journalist & AuthorJohn Edwards is a veteran business technology journalist. His work has appeared in The New York Times, The Washington Post, and numerous business and technology publications, including Computerworld, CFO Magazine, IBM Data Management Magazine, RFID Journal, and Electronic Design. He has also written columns for The Economist's Business Intelligence Unit and PricewaterhouseCoopers' Communications Direct. John has authored several books on business technology topics. His work began appearing online as early as 1983. Throughout the 1980s and 90s, he wrote daily news and feature articles for both the CompuServe and Prodigy online services. His "Behind the Screens" commentaries made him the world's first known professional blogger.See more from John EdwardsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

TechTarget and Informa Techs Digital Business Combine.TechTarget and InformaTechTarget and Informa Techs Digital Business Combine.Together, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities.Are CIO Plans for AI and the Cloud Permanently Joined Together?Are CIO Plans for AI and the Cloud Permanently Joined Together?Will the development of these resources proceed in tandem at enterprises, or must CIOs evolve these technologies with separate strategies?Joao-Pierre S. Ruth, Senior EditorMarch 24, 2025As substantial plans to invest in AI and the cloud take shape, do CIOs at enterprises want to develop both resources together to maximize the potential they offer? Is it necessary for them to operate on dual or shared paths of evolution for these technologies to deliver? Should they favor one technologys use and deployment over the other?Leadership at enterprises may have hard choices to make on the resources they put toward their technology implementations. What if a CIO is caught in a circumstance where they only have the means -- whether it is a constraint on personnel, time, or money -- to truly invest in cloud or AI, but not both? Where should they put in their energies?Luiz Domingos, CTO for Mitel; Jon Kuhn, senior vice president of product for Delinea; Anshu Jain, co-founder and CTO with Outmarket AI; and Steve Williams, CISO, NTT DATA, tackled that and other questions in this episode of DOS Wont Hunt.Where does the conversation start in the C-suite on how to balance the development and investment into the cloud and AI? What is at stake if CIOs cannot steer the IT strategy to support cloud and AI? How far behind could a company fall if they dont pursue both technologies vigorously?Listen to the full episode here.About the AuthorJoao-Pierre S. RuthSenior EditorJoao-Pierre S. Ruth covers tech policy, including ethics, privacy, legislation, and risk; fintech; code strategy; and cloud & edge computing for InformationWeek. He has been a journalist for more than 25 years, reporting on business and technology first in New Jersey, then covering the New York tech startup community, and later as a freelancer for such outlets as TheStreet, Investopedia, and Street Fight.See more from Joao-Pierre S. RuthReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

Kathryn Murphy, Senior Vice President of Product, TwilioMarch 21, 20254 Min Readhirun laowisit via Alamy StockTrust is the foundation of any relationship, whether between individuals or between businesses and their customers. Philosopher Friedrich Nietzsche once said, Im not upset that you lied to me, Im upset that from now on, I cant believe you.While his words may evoke thoughts of interpersonal relationships, they resonate equally in the business world, where trust in technology plays an increasingly vital role.The rise of conversational AI -- spanning chatbots and LLM-powered virtual agents -- is reimagining how people interact with businesses. This isnt just a fleeting trend; its a transformative shift. The market, valued at $5.8 billion in 2023, is projected to soar to $31.9 billion by 2028, according to IDC. That growth underscores the pivotal role this technology will play in redefining customer engagement for every business.But heres the catch: Trust is everything. One poor interaction can unravel months of goodwill, sowing seeds of doubt and eroding confidence. As Nietzsche cautioned, a single misstep can resonate deeply, and businesses can ill afford to lose the faith of their customers.The secondary challenge -- and what many businesses learned over the course of last year -- is that scaling a flashy conversational AI demo to meet the needs of a live customer environment is far from easy.Related:Below are some actionable tips for businesses to effectively build trust with their conversational AI customer engagement.Establish Clear, Customer-Centric GoalsWhen deploying conversational AI, even small missteps can lead to significant consequences, tarnishing a brands reputation and eroding customer trust. A strong foundation when implementing any AI solution begins with clear goal setting. Before rolling out their initiatives, businesses must prioritize the customer and recognize that AI is just a tool for enhancing their experience, rather than a solution in itself.Identify Potential Pain PointsOne of the most frequent sources of customer frustration lies in poor human-to-AI handoffs in conversational AI situations. When escalations lead to a loss of context or require customers to repeat information, their experience can quickly sour. To avoid this, businesses should establish clear protocols for transitioning conversations to live agents, ensuring all relevant information is seamlessly carried over. Without this, frustrations may escalate into doubts about the reliability of the service, jeopardizing trust altogether.Continuously Monitor to Improve ExperiencesRelated:Equally important is the practice of ongoing monitoring and optimization. By consistently collecting feedback, organizations can refine their conversational AI implementation, improving results and growing customer satisfaction. These efforts signal a commitment to continuous improvement, a cornerstone of building and maintaining trust.Feedback loops play a vital role in enhancing large language model (LLM) performance over time. Actively building and testing these loops, alongside robust escalation workflows, ensures customer concerns are addressed. A common misstep that organizations make is deploying AI systems that lack empathetic conversation management. Integrating AI-driven sentiment analysis can bridge this gap, allowing models to guide interactions with greater sensitivity.Minimize Bias Through PersonalizationTo provide a positive customer experience -- one that increases engagement and brand affinity -- businesses also need to ensure conversational AI solutions deliver consistent, unbiased and personalized support. With increasing levels of scrutiny paid to large language models and how information is culled, bias can be minimized by leveraging a customer data platform with unified profiles for a personalized experience.Related:For example, bias may surface if an AI agent provides differing responses based on perceived gender or cultural background, such as assuming certain tasks or preferences are linked to one gender. Regular audits are essential to identify and mitigate such issues, especially when this technology is still in its early stages. Adopting a test and learn approach can further refine these systems and create more authentic and human-like interactions.Lead With TransparencyTransparency is another cornerstone of building trust. Customers should always know when they are engaging with an AI agent. Clearly labeling these interactions not only prevents confusion but also aligns with ethical best practices, reinforcing the integrity of the customer experience.Should an organization fall victim to a scenario where AI systems fail to meet customer expectations, honesty is the best policy. Be truthful about the limitations or errors of AI and provide quick resolutions through escalation to live agents. Nobody wants to dramatically scream REPRESENTATIVE!!! to themselves and into the ether when looking for a solution to their concerns.Closing ThoughtsTrust, once broken, is challenging to regain. As Nietzsche reminds us, the erosion of trust leaves behind doubt, making it harder to rebuild relationships. For conversational AI, this means every interaction is an opportunity to strengthen -- or weaken -- customer confidence. By avoiding common pitfalls, prioritizing transparency, and continuously optimizing AI systems, businesses can build lasting trust and foster meaningful customer relationships.The call to action is clear: Businesses should begin by auditing their current conversational AI solutions, identifying gaps in trust-building measures, and implementing best practices that foster confidence and engagement from the very first interaction.About the AuthorKathryn MurphySenior Vice President of Product, TwilioKathryn Murphy has over 20 years of experience in product management, design and engineering with a deep domain in retail, commerce, payments, customer data platforms and multi-channel marketing. Kathryns focus has always been on using technology to improve the customer experience. As the SVP of Product and Design at Twilio, she leads the team focused on accelerating Twilios communications and data capabilities.See more from Kathryn MurphyReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

The boom in AI has virtually eclipsed technologies like augmented reality (AR) and virtual reality (VR). Nevertheless, there are still good reasons to keep AR and VR on the IT strategic roadmap.AR is so named because it can embellish the physical world with digital artifacts. VR goes one step further by immersing participants in an alternate world of virtual experience.There are a number of AR/VR use cases that are working in business.The retail and real estate industries use AR and VR technologies to give customers a preview of how a household item would look in their home. It also can give would-be buyers a virtual walkthrough of a vacation home that they are considering purchasing that is thousands of miles away.Building engineers and inspectors use AR with the help of special glasses that display blueprints of electrical wiring that they can superimpose upon a finished wall in a structure; the military uses VR to simulate battlefield scenes for trainees; and baseball players use AR/VR to improve the mechanics of their swings.The CIOs Position on AR/VR TodayFor CIOs, AR/VR is taking a backseat to artificial intelligence, which Statista sees as exceeding $1.8 trillion in business investment by 2030. Consequently, there is little left in most IT budgets for anything else.Related:CIOs also know that most AR/VR investments cant be done on the cheap. AR/ VR implementations often require significant customization to achieve the right fit for specific business cases, and they can require expensive investments in headgear, workstations and other hardware.Finally, its not always easy to justify an AR/VR investment. While an AR/VR investment might be close to mandatory when the military is training personnel to disarm bombs on a battlefield, its not that easy to justify AR/VR simulations for more mundane use cases.Collectively, these circumstances have put AR/VR on the IT back burner, but it doesnt mean that they dont deserve a spot on IT's strategic roadmap.Where AR and VR Could Play in a BusinessAdecco, a corporate recruiter, reported in 2023 that 92% of executives think that American workers aren't as skilled as they need to be. And the World Economic Forum expects that 39% of skills will be outdated by 2030. At the same time, younger employees entering the workforce are less likely to learn by reading manuals, and more likely to further their learning through AR, VR and other visual technologies.This makes workforce education a prime area for AR/VR utilization. In addition, many of the skills that must be learned by employees across a wide swath of industries are somewhat generic (for example, the basics of lending for a financial institution, or the fundamentals of waste management and collection for sanitation workers). So, it is possible that more generic and cost-effective AR/VR offerings can be used without much need for company-specific customization.Related:Schools are already integrating AR/VRinto their curricula, and there is no reason that companies cant do the same to help address their employee skills shortages.Another AR/VR use case that has been used successfully is in retail sales where AR/VR can simulate product experiences in a virtual environment. With AR/VR, a prospect can experience what a trip to Belize would be like or do a visual walkthrough of a beach home in Miami. A customer can try on a sweater virtually, or they can see how a new dining room table looks like in their home.All these examples are already in play and generating revenue in e-commerce markets, where it is important for customers to experience what it would be like to own or experience something that they cant physically see or touch. The value proposition for using AR/VR in retail is further sweetened because companies dont have to invest in special hardware. Instead, customers can use the AR/VR on regular home computers and mobile devices.Related:New product development is one more area where companies are adopting AR/VR. Constructing physical prototypes of new products that may not work is expensive and time-consuming. If new product designs and simulations can be generated with 3D modeling and AR/VR, the technology investment may be worth it.AR/VR TrendsLooking forward, it is reasonable to expect that AR/VR use will expand in the areas where it is already gaining a footing: education/training, retail sales and product development.Also, there are three AR/VR trends that CIOs should note:Cloud-based AR/VR. A user can put on a wireless headset and use AR/VR from the cloud if the computing requirements for the app arent overly intensive. Education and training AR/VR in most cases would work in this scenario, although there might be a need to invest in more bandwidth.Better ergonomic experiences for users. AR/VR headgear is clunky and uncomfortable. Vendors know this and are at work at creating more wearable and tetherless headsets that deliver a better ergonomic experience to users. That lighter, more agile hardware could also lead to lower costs.A focus on security and governance. AR/VR vendors havent paid much attention to security and governance in the past, but they will in the future because enterprise customers will demand it, and the enterprise market is too big to ignore.Wrap-UpWhile AR/VR technology isnt front-and-center in technology discussions today, it could emerge in the future as a way for companies to streamline education and training, improve new product development and times to market, grow retail revenues, and even simulate scenarios. For example, it could be used for a disaster recovery operational failover in a simulated scenario.AR/VR are not todays hot technologies, but they should nonetheless be listed in IT strategic plans, because they are logical extensions of more corporate virtualization. Plus, they can address several of the persistent pain points that companies continue to grapple with.

John Edwards, Technology Journalist & AuthorMarch 21, 20256 Min Readtanit boonruen via Alamy Stock PhotoJust about everybody agrees that AI is an essential business tool. This means that it's now time to give the technology the status it deserves by creating a business unit that's completely dedicated to deploying innovative AI applications across the enterprise.An AI innovation unit serves as an organizational hub for designing and deploying AI solutions, as a catalyst for adopting and integrating of AI, and as a focal point for AI business exploration and experimentation, says Paul McDonagh-Smith, a senior lecturer in information technology and executive education at the MIT Sloan School of Management. "By spinning-up an AI innovation unit, your company can accelerate its digital transformation, sustain competitiveness, and create a culture of innovation," he explains in an online interview.McDonagh-Smith believes that an AI innovation unit can help convert the AI's potential into enhanced product offerings and customer experiences, unlocking new revenue streams and creating a competitive advantage. "Your AI innovation unit will also provide a space and a place to combine AI research and responsible application of AI to help you minimize risks while maximizing benefits."Mission GoalsAn AI innovation unit's mission should be to coordinate, plan, and prioritize efforts across the enterprise, says Steven Hall, chief AI officer at technology research and advisory firm ISG. "This can include ensuring the right data assets are used to train models and that proper guardrails are established to manage risks," he recommends in an email interview. Hall adds that unit leaders should also work toward keeping relevant individuals in the loop while prioritizing use cases and experiments.Related:An AI innovation unit should always support sustainable and strategic organizational growth through the ethical and impactful application and integration of AI, McDonagh-Smith says. "Achieving this mission involves identifying and deploying AI technologies to solve complex and simple business problems, improving efficiency, cultivating innovation, and creating measurable new organizational value."A successful unit, McDonagh-Smith states, prioritizes aligning AI initiatives with the enterprise's long-term vision, ensuring transparency, fairness, and accountability in its AI applications. "An effective AI innovation unit also increases the flow of AI-enhanced policies, processes, and products through existing and emerging organizational networks."Carolyn Nash, chief operations officer for open-source software products provider Red Hat, says her firm recently established an AI innovation unit when enterprise leaders recognized that AI had become a top IT strategy priority. "This newly-formed team is now focusing on putting the appropriate infrastructure foundations in place for AI to be developed at scale, and in a cost-efficient manner," she explains in an online interview. Part of that work, Nash notes, includes identifying and creating productivity use cases.Related:Leadership RequirementsAn AI innovation unit leader is foremost a business leader and visionary, responsible for helping the enterprise embrace and effectively use AI in an ethical and responsible manner, Hall says. "The leader needs to understand the risk and concerns, but also AI governance and frameworks." He adds that the leader should also be realistic and inspiring, with an understanding of the hype curve and the technology's potential.The unit should be led by a chief AI officer (CAIO), or an equivalent senior executive with expertise in both AI technology and strategic business management, McDonagh-Smith advises. "While this leader possesses a strong understanding of data science, machine learning, and innovation strategy. alongside finely-tuned leadership skills, this individual also needs to be adept at bridging technical and non-technical teams to ensure AI that initiatives are practical, scalable, and personalized to business goals."Related:Team BuildingMcDonagh-Smith recommends staffing the AI unit with a multidisciplinary team that combines the capabilities of data scientists, machine learning engineers, and software engineers, as well as AI ethicists, HR experts, UX /UI designers, and change management specialists. "This will provide the diversity of perspective and expertise necessary to fuel and drive your AI innovation unit forward."Nash observes that there will also be times when it becomes necessary to seek advice and support from other enterprise stakeholders, particularly when collaborating on projects with elements that lie beyond the main team's skills and knowledge. She adds that the unit should focus on addressing existing business issues, not seeking new problems to solve. "Proactively capturing requirements from strategic leaders across the business -- HR, marketing, finance, products, legal, sales -- is critical to ensuring the AI unit is correctly focused."ReportingMcDonagh-Smith recommends that the AI innovation unit's leader should report directly to the enterprise C-suite, ideally to the CEO or chief digital officer (CDO). "This reporting structure ensures that AI initiatives remain a visible strategic priority and are seamlessly integrated with broader business goals," he says. "It also allows for clear communication between the unit and top-level leadership, helping to secure the necessary support for scaling successful AI-forward projects across the organization."A Collaborative CultureAn AI innovation unit requires a collaborative culture that bridges silos within the organization and commits to continuous reflection and learning, McDonagh-Smith says. "The unit needs to establish practical partnerships with academic institutions, tech startups, and AI thought leadership groups to create flows of innovation, intelligence, and business insights."McDonagh-Smith believes that the unit should be complemented by a strong governance framework that will allow it to manage AI risks, uphold ethical standards, and ensure AI deployments that align with enterprise values and societal responsibilities. "By introducing regular impact assessments and transparent reporting on AI initiatives, you'll build trust both internally and externally ... and establish your team as a leader in evolving business practices."About the AuthorJohn EdwardsTechnology Journalist & AuthorJohn Edwards is a veteran business technology journalist. His work has appeared in The New York Times, The Washington Post, and numerous business and technology publications, including Computerworld, CFO Magazine, IBM Data Management Magazine, RFID Journal, and Electronic Design. He has also written columns for The Economist's Business Intelligence Unit and PricewaterhouseCoopers' Communications Direct. John has authored several books on business technology topics. His work began appearing online as early as 1983. Throughout the 1980s and 90s, he wrote daily news and feature articles for both the CompuServe and Prodigy online services. His "Behind the Screens" commentaries made him the world's first known professional blogger.See more from John EdwardsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

SECON & eGISEC 2025 is underway, showcasing a large and diverse array of both physical and cybersecurity innovations and products. While there is a comprehensive display of advancements in traditional physical security measures and cybersecurity products, its the integration in the converged security realm thats arguably gaining the most attention, particularly in critical sectors. By all accounts, the depth of information in the latest security developments at the exhibition is complemented by the width of diversity in products and innovations.In particular, we plan to focus on AI-driven privacy protection, enhancing security in cloud environments, and the latest trends in pseudonymization and anonymization technologies. Additionally, understanding how privacy protection solutions are applied across various industries is a key objective, as real-world case studies provide valuable practical insights, said Lee Hyejun, Associate at EASYCERTI, a provider of AI, big data, and cloud-based privacy protection and privacy data solutions and an exhibitor at the event.Beyond its booth at the exhibition, EASYCERTIs Senior Researcher, Seunghoon Yeom will be delivering presentations at the conference within. The first, on March 20th is on the topic of latest trends and countermeasures in privacy protection. The second presentation is on the following day and covers standards pertaining to securing personal information and verification processes.Related:There are over 400 exhibitors taking part in the exhibition and the displays are enticing and informative. The variety of security issues addressed by this years new product offerings cover the gamut of known vulnerabilities with no previously known countermeasures.There are no known solutions to prevent paper document leaks around the world. Through exhibitions like this, we hope to show people that such a solution exists and the increasing number of companies and organizations are using our solution: docuBLOCK, said Myungshin Lee, CEO of ANYSELL Co., Ltd. and an exhibitor at the event.The event spreads over 28,000 m of space and is expecting more than 30,000 visitors from around the world. The products and innovations on display cover the gamut of security sectors including edge devices with on-device AI, converged security, cloud and IoT security, smart city security, automotive security, and maritime security, among others.One of the key solutions we will be presenting at SECON & eGISEC 2025 is real-time log and file encryption. This technology encrypts data the moment it is generated making it essential for industries such as finance, public sector and medical fields where both security and real-time processing are critical, said Haeun JI at iNeb Inc, a provider of encryption and data security and an exhibitor.Related:A comprehensive conference and seminar program is happening inside of SECON & eGISEC 2025. The program was developed in collaboration with prominent institutions and industry leaders. It features over 100 sessions across 30+ tracks. Attendees can join discussions on critical topics such as industrial security, advanced CCTV management, aviation protection, counterterrorism tactics, personal data privacy, and other pressing security concerns.This years key security issues featured at the exhibition include:Edge devices with on-device AI (local AI)Convergence of cybersecurity and physical securityEvolving zero-trust security modelIntensifying software supply chain security threatsCyber fraud as a service (Qshing)Cybercrime targeting youth and social media restrictionsConcerns on whether cloud security platforms and cloud service platforms can continue to coexist independentlyHidden risks in old "new" technologiesRelated:Event organizers cited as examples of hidden risks: Cloud services have suffered from human errors, leading to unintended data leaks. Similarly, ChatGPT has raised serious concerns, as users often unintentionally expose sensitive information through interactions with the AI. These risks have prompted ChatGPT bans in several countries.However, risks are growing in other areas, too, even across entire industries. For example, the financial industry is intensely attractive to thieves and fraudsters.YH Database Co., Ltd. has introduced newly released products to buyers every year since 2013, mainly introducing financial security and informatization solutions.This year, the company is showcasing AI-specialized products, including y-SmartChat, y-SmartData, and y-MobileMonitorSDK3.0, said Kim JungWon, senior executive director of YH Database.For example, y-SmartData can be used not only as an abnormal transaction detection system, FDS, that can prevent financial accidents through voice phishing and fake bank accounts, but also as an internal audit control system, ADS, that can detect and prevent illegal money laundering, and AML, a money laundering prevention system, that can detect and prevent illegal money laundering, Kim added.Attendees appear universally eager to check out possible solutions for these and the other top security issues of the day. Exhibitors are just as eager to demonstrate their technological breakthroughs and checkout the competition.Aircode expects many customers to look for an alternative solution in response to the relaxation of network separation regulations, said Yunsang Kim, presales vice president at Aircode, and also an exhibitor at the event.AirCode will be launching a browser-based virtualized web isolation product (AirRBI) that we believe is competitive in terms of functionality and efficiency compared to other solutions. And also, Aircode want to check and learn what web isolation solutions are available on the market and what features they have, added Yunsang. Aircode is also presenting a talk on Secure Web Browsing inNetwork-Separated Environments at the conference program within the exhibition.It can be difficult to choose which exhibits to visit and which presentations and keynotes to attend. Thats because there is such diversity in security topics and products.At SECON & eGISEC 2025, AhnLAb will showcase its latest security solutions built upon 30 years of comprehensive security expertise. Additionally, we are hosting booths for our subsidiaries -- NAONWORKS, Jason, and AhnLab CloudMate -- where participants can explore each companys specialized technologies in OT/ICS (industrial control system), AI, and MSP (managed service provider), as well as their synergy with AhnLab, said Junghyun Kim, Marketing Director at AhnLab, Inc. and an exhibitor at the event.The exhibition runs from March 19 to 21 and is held at Hall 3-5 in Kintex, Korea.

Attribution can be a tricky process. In the case of a DDoS attack, threat actors often employ botnets to direct a high volume of traffic to a target, overwhelming that network and disrupting its service.After outages at Xcaused allegedly by a DDoS attack, plenty of people asked who was responsible. Elon Musk cast blame on Ukraine, Politico reports. Cybersecurity experts pushed back against that assertion. Meanwhile, Dark Storm, a pro-Palestinian group, claimed responsibility, further muddling attempts at attribution.A botnet is generally a network of compromised computers. In essence, they [a victim] are being hit from different IP addresses, different systems. So, you really can't actually pinpoint that it came from this specific location, which makes it difficult to identify root cause, explains Vishal Grover, CIO at apexanalytix, a supplier onboarding, risk management, and recovery solutions company.How should CIOs and CISOs be thinking about attribution and their own approach when they are faced with navigating the aftermath of a cyberattack?Vishal GroverVishal GroverThe Importance of AttributionAttribution is important. But it isnt necessarily the first priority during incident response.The concern that I probably would have as a CISO is addressing the vulnerability that allowed them in the door in the first place, says Randolph Barr, CISO atCequence Security, an API and bot management company.Related:Once an incident response team addresses the vulnerability and ensures threat actors arent lingering in any systems, they can dig into attribution. Who executed the attack? What was the motivation? Getting the answers to those questions can help security teams mitigate the risk of future attacks from the same group or other groups that leverage similar tactics.Of course the larger the company and the more widespread the disruption, the louder the calls for attribution tend to be. When you have a large organization like X, there's going to be a lot of people asking questions. When other folks get involved, then attribution becomes important, says Barr.For smaller organizations, attribution may be a lower priority as they leverage more limited resources to work through remediation first.How to Tackle AttributionIn some cases, attribution may be quite simple. For example, a ransomware gang is likely to be forthright about their identity and their financial motivations.But threat actors that step into the limelight arent always the true culprits. Sometimes people claim publicly that they did it, but you can't really necessarily confirm that they actually did it. They just may want the eyes on them, Barr points out.Related:Attribution tends to be a complicated process that takes a significant amount of time and resources: both technical tools and threat intelligence. Whether done internally or with the help of outside experts, the attribution process typically culminates in a report that details the attack and names the responsible party, with varying degrees of confidence.Sometimes you might not get a definitive answer. There are times when you won't be able to determine the root cause, says Grover.Attribution and Information SharingAttribution can help an individual enterprise shore up its security posture and incident response plan, but it also has value to the wider security community.That's one of the primary reasons that you go and attend a security conference or security meeting. You definitely want to share your experiences, learn from their experiences, and understand everybody's perspective, says Grover.Threat intelligence and security teams can collaborate with one another and share information about the groups that target their organizations. Threat intel teams might also pick up information about planned attacks on the dark web. Sharing that information with potential targets is valuable.Related:We build those relationships so that we know that we can trust each other to say, Hey, if our name comes up, please let us know, says Barr.Not all companies have a culture that facilities that kind of information sharing. Cyberattacks come with a lot of baggage. Theres liability to worry about. Brand damage. Lost revenue. And just plain embarrassment. Any one of those factors, or a combination thereof, could push enterprises to err on the side of silence.We're still trying to figure out, as security professionals, what is it that would allow for us to have that conversation with other security professionals and not worry about exposing the business, says Barr.

Andy Lunsford, Matt HartleyMarch 20, 20254 Min Readsyahrir maulana via Alamy StockThe reality of the current cyber environment is harsh, and no matter how well-funded or how skilled a security team may be, theres a good chance theyre not quite as prepared as they think.Verizons most recent Cost of a Data Breach Report found that more than 10,000 breaches were reported last year, exposing over 8.2 billion records.With an average cost nearly $5 million, you can imagine the toll of mega-breaches that are making global headlines. The true financial and reputational toll of a breach is incalculable.While its tempting to think that experience and planning can shield an organization from an attack, the simple fact is that incidents happen. No matter an organization's size, malicious actors target networks for financial gain or strategic advantage. Cybercriminals and nation states are relentless, skilled and constantly evolving. For most companies, its not a matter of if they will face a breach but when. Despite best intentions, no company is prepared for the moment that when turns to now.There are several misconceptions fueling an inflated sense of security. Only by acknowledging these limitations can organizations begin to effectively address the challenges when its their turn under the gun.Our Plan Will Guide Us Safely Through a CrisisRelated:Incident response (IR) plans have been an essential component of most companies cybersecurity strategy for a long time. But when an attack takes place and the rubber meets the road, many IR plans tend to be overly strategic and somewhat theoretical, lacking real value for security teams on the ground who are trying to mitigate the impact. In practice, they often fall short because the plan does not include the detailed information necessary to address the chaotic, real-world nature of a cyberattack and the high-stress decision-making that takes place when an attack occurs.When talking with firms specializing in cybersecurity, we hear the same thing almost without exception: Weve never once used a companys IR plan as part of our process. These plans often are too high-level, updated once a year at best, and predominantly focus on broad, strategic directives. When an attack occurs, the immediate need is for clear, actionable steps that reflect the dynamic, evolving nature of the breach, not just an outline of who should be informed and when.We Nailed Our Tabletop Exercise, So Were ReadyWhile tabletop exercises are valuable tools for familiarizing teams (and especially leadership) with incident scenarios, they fall short when it comes to executing in the face of the complexities of a real-world attack.Related:Its hard enough to gather multiple departments -- legal, compliance, IT, public relations and senior leadership, to name a few -- with their own priorities and spread out across multiple locations and time zones during times of real crisis. Now, imagine trying to get a half-day block into calendars for what many of the employees who are needed for the tabletop to be effective -- are likely to write off as an inconsequential training exercise. To maximize participation and secure critical buy-in from across departments, organizations should consider hybrid or staggered exercises that mimic the complexity of live incidents.When the time comes, most internal teams -- no matter how recently theyve had their last training -- will default to what they know. In times of crisis, people will inevitably drop everything and start executing. That often means they do it without planning or following existing procedures, if those even exist. Worst Case: We Break Glass and Experts Come to RescueMany organizations fall prey to the heroic expertise fallacy. Thats the belief that if something catastrophic happens, expert third parties who are external incident response teams, lawyers, and consultants will swoop in and save the day. While third-party experts are certainly skilled at what they do, it takes costly time to develop the understanding that will allow them to be effective.Related:Additionally, during large-scale cyber incidents, your company is not the only one calling for help. If multiple organizations are affected, external IR teams and law firms may be overwhelmed, with larger companies -- often with bigger budgets -- taking precedence. Its a harsh reality: Expert help is often in high demand, and when everyone faces the same crisis, response times can be slower than anticipated, even if youre paying through the nose for it.Building Cyber Resilience in an Unpredictable LandscapeNo organization is truly prepared for a cyber incident. Attacks are unpredictable, messy, and fast-moving, and no amount of planning can fully eliminate the risks. That said, proactive planning is critical in reducing potential incident impacts. Successful organizations recognize the inherent uncertainties and complexities of a breach, even a small one, and take steps to prepare much more thoroughly.The goal isnt to achieve perfect preparation. Thats impossible. Rather, its to build resilience, flexibility, and the organizational muscle memory to respond effectively when the inevitable occurs.About the AuthorsAndy LunsfordChief Executive Officer and Co-Founder, BreachRxAndy Lunsford is CEO and co-founder of BreachRx, provider of the first intelligent incident response platform designed for the entire enterprise. Prior to founding BreachRx, Andy spent 15 years in privacy law and large-scale commercial litigation. Andy co-founded BreachRx to transform incident response and reporting into a routine operational business process while shielding C-level executives from personal liability. Andy has a BA from Washington and Lee University, a JD from the University of Arkansas, and an MBA from the Wharton School of the University of Pennsylvania.See more from Andy LunsfordMatt HartleyChief Product Officer and Co-Founder, BreachRxMatt Hartley is co-founder and chief product officer of BreachRx. He is a 20+ year innovator in cyber security, threat intelligence, cyber warfare, and information operations. Prior to BreachRx, he was a Senior Vice President of Engineering at FireEye and Vice President of Product at iSIGHT Partners, where he held a variety of other leadership roles. Matt previously served in the US Air Force in the Air Intelligence Agency and Air Force Information Warfare Center. After leaving the military, he led research and development teams creating disruptive and next generation cyber and information security, cyber warfare, and information operations technologies at Sytex Inc. and Lockheed Martin's Advanced Technology Labs. Matt holds a CISSP and a Bachelors and Masters in Computer & Systems Engineering from Rensselaer Polytechnic Institute.See more from Matt HartleyWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

The Trump Administration is making big changes faster than any other modern president. The movement of many kinds of levers -- tariffs, buyout packages, government layoffs, and more are disrupting the status quo, and the effects will affect tech companies and enterprise chief information officers.Like the pandemic, the extreme and rapid changes require extreme organizational agility, Monte Carlo simulations, an open mind, and a CIO unafraid to lead. As with all major changes, organizations need to have a strong vision and the ability to execute it within the context of changing circumstances.Organizations Will Depend More on MSPsJonathan Lerner, president and CEO at MSP InterVision Systems, believes deregulation will create a lot of confusion.Its about your customers, the people you work with every day, who are going to have a lot of questions right now, says Lerner. Small business owners, CIOs and people just trying to keep their systems running smoothly will be asking their MSPs, How does this affect my data, network security, and software updates? How will I continue to innovate and better serve in a period of uncertainty? In this business, our job is to simply provide stable, reliable business solutions, and these kinds of rapid changes make that harder.Related:InterVision Systems will focus on strengthening its security and compliance expertise to stay a step ahead. Lerner says his company will be spending a lot of time helping its customers understand the new rules and how to adapt to them.Jonathan Lerner, InterVision SystemsJonathan Lerner, InterVision SystemsWere going to have to be flexible, focusing on sustaining strong relationships, listening to our customers and providing clear, practical advice focused on outcomes to drive their strategy, says Lerner. I hope this leads to less red tape so that businesses can thrive. But, in the meantime, my advice to anyone in our field, especially MSPs, is to be prepared to become a guide.Businesses Will Also Turn to ConsultantsJenny Rae Le Roux, CEO at consulting industry news publisher and business skills training company Management Consulted, says while there are always economic winners and losers, the consulting industry is the canary in the coal mine for who is who.Outsized demand for services from one sector [or] function usually indicates robust growth or big challenges in the broader economy, says Le Roux. The sectors that will grow in 2025 [are] supply chain, healthcare, and cloud services. The losers [will be] businesses that focus on DEI, ESG, and federal government consulting work.Related:There is also a strategic shift occurring among clients that is driving demand for more consulting assistance.Jenny Rae Le Roux, Management ConsultedJenny Rae Le Roux, Management Consulted2025 is bringing with it a reordering of traditional business cycles. Typically, firms think about macro business cycles in eight-year increments. The first four years are focused on growth, and the second four years are focused on cost optimization, says Le Roux. As AI and trade policy transform the way the world does business, clients are now asking firms to help them deliver on a dual mandate: Drive growth and optimization simultaneously. This is a meaningful driver of increased demand for consulting services.Data Security Will Remain a PriorityArnaud Treps, CISO at Salesforce data security platform Odaseva, expects that some companies will find themselves unprepared for policy changes and will be forced to scramble to catch up.Organizations that arent proactive or are incapable of rapidly pivoting in the face of shifting regulatory environments will suffer, says Treps. Regardless of changes in regulations, policy, or administrations, underlying security challenges remain. Even if there are fewer regulatory requirements, security threats dont just disappear if the regulations do. As a result, data security investments will be driven more by business needs rather than investing in security just because regulations require companies to do so.Related:Odaseva is encouraging its customers to implement the strongest security and management capabilities, so that regulatory or policy changes don't require exponential or rapid scaling up of data security and management approaches.We will carefully monitor policy changes and identify trends, while continuing to offer products and services to our customers that allow them to independently secure their data at the highest level and achieve agility so they can pivot as necessary based on policy and/or geopolitical changes, says Treps.Of course, its unclear where regulations, policy, and geopolitics are headed in the short term and long term.Arnaud Treps, OdasevaArnaud Treps, OdasevaSecuring and managing SaaS data is the most important thing you can do in the face of regulatory uncertainty, says Treps. Understanding your data model and how employees, third parties, fourth parties, and customers all interact with it puts you in the best possible position to navigate regulatory changes as they emerge.Accessibility Will SufferJosh Miller, co-CEO at media accessibility company 3Play Media, the leader in media accessibility says with the Trump administrations focus on abolishing DEI and a suit filed by 17 states against Section 504 of the Rehabilitation Act, there is obvious risk to the accessibility space.As a vendor that provides accessibility services, we are close to the impact on people with disabilities, vendors that provide accessibility services [and] businesses that have prioritized accessibility and are now questioning whether they still should or need to, says Miller. Ultimately, it would be naive to think that the current political climate wont have a negative impact on accessibility. Some businesses will deprioritize making their websites, products and spaces accessible.Federal enforcement of accessibility law may wane, but individual or independent litigation and state enforcement will persist. People with disabilities will continue to fight for their right to access, and many organizations will continue to support them.Miller says 3Play Media began pushing into the video localization space to expand itsfootprint beyond accessibility. In the accessibility space, the company plans to support Canadian and upcoming EU accessibility regulations under the European Accessibility Act (EAA), where enforcement is still a priority. It will also continue to support the many U.S. customers that prioritize compliance with accessibility laws, making sure their services are accessible to the millions of U.S. with disabilities.Energy Companies Will Have Uneven ImpactsChris Black, CEO at GridX says most of what happens in the electric and gas utility space is decided state by state. It's both a blessing and a curse when selling to utilities companies because they answer to different state regulators with different objectives. This means his company is more subject to state-level decisions than national ones.Companies like GridX that work in the back-of-house operations of utilities are treated more like infrastructure investments than anything else. Utilities make decisions on 20-year cycles, not four-year political terms, says Black. When utilities invest in grid infrastructure, they're planning for decades, which gives us some insulation from the political winds of the moment.However, not everyone in the utility tech space is so fortunate. Certain areas, such as residential energy-efficiency credits and offshore wind players, should have a plan B in place because they rely on federal support and are frequently tied to green messaging that may be less favored in the current climate.For companies traditionally emphasizing environmental benefits, you can still achieve the same positive impacts while shifting your communications to highlight cost savings and reliability,says Black. Getting people to shift their energy usage away from peak times aligns with clean energy and renewables goals, even if you're not leading with an environmentalmessage.The biggest challenge will be prioritization. For example,a utility may have requests for $30 billion in infrastructure projects but can only fund $8 billion of it.Those tough choices will become even more critical, and companies that can demonstrate immediate economic value will be at an advantage. For those in areas that feel more vulnerable to administrative changes, now's the time to focus on complementary offerings or pivot to aspects of your business that are less dependent on federal priorities, says Black. The fundamentals haven't changed: Utilities must deliver reliable service and modernize aging infrastructure. Companies that help them do this more efficiently will continue to find opportunities, regardless of who's in Washington. Just be prepared to frame your value in terms that resonate with the moment while staying true to your core mission.Bottom LineSome CIOs will be harder hit than others by the changes the current administration is making. This has been true of any administration. However, the speed of change this time around is unprecedented, so organizations need to focus on, organizational agility partnering with consultants and vendors that can help them weather the shifts while meeting the demands of customers.

Ebrahim Alareqi, Principal Machine Learning Engineer, IncortaMarch 19, 20254 Min ReadCagkan Sayin via Alamy StockTechnology is transforming every industry, but the biggest roadblock isnt the technology itself -- its communication. Engineers and executives often dont speak the same technical language, which means big ideas get lost in translation, budgets get wasted, and projects fail before they even get off the ground. Thats where what I like to call tech translators come in. They connect the dots, helping technical teams and leadership stay aligned.I know this struggle all too well. At my previous job at Volvo, I led AI initiatives and saw firsthand how technical ideas were misunderstood in executive meetings, leading to misalignment and missed opportunities. This experience highlighted the need for better communication between technical and business teams. Recognizing this challenge, I decided to deepen my understanding of business by pursuing an MBA, which gave me the tools to communicate technologys impact in a way that resonates with executives. That decision completely changed my approach, and its why I believe tech translators are critical to every company investing in data and technology.If you want to future-proof your career and make a bigger impact, heres how you can become an indispensable tech translator.1. Learn the business basicsRelated:Too often, tech teams build amazing solutions that never get adopted because they dont tie back to business priorities. Understanding core business principles -- finance, operations, and strategy -- helps you connect the dots between technology and real-world results.At Volvo, my team worked on an AI-powered recommendation system for the online cars configurator. While we focused on accuracy and relevance from a technical perspective, business leaders cared more about cost savings and efficiency. Once we demonstrated how much the system could reduce stockout of cars, it became a priority.My tip: A few online business courses, some reading on corporate finance, or even an MBA can go a long way in strengthening your ability to bridge the gap between technology and business. In this case, knowledge is power --and connection.2. Be a bridge between tech and strategyBeing a tech translator means having a foot in both worlds. You need to understand the business objectives while also keeping up with technical developments. That means showing up to both business strategy meetings and technical standups.At my current company, I work with product managers, engineers, and marketing teams. I help marketing craft messaging thats both engaging and accurate while ensuring our data and automation strategies align with business needs.Related:My tip: Sitting in on meetings outside your core team -- whether it's product roadmap discussions, business reviews, or shadowing sales calls -- can help you understand customer pain points and the bigger business picture. Offer to explain technical projects to business leaders and vice versa.3. Make technology understandable through storytellingEven the most technical discussions benefit through storytelling.Humans remember stories more than raw data, and in a room filled with both technical engineers and business leaders, finding the right balance is key.For example, rather than simply stating, We reduced processing time from weeks to days, tell the story of a customer who struggled with inefficiencies, how a specific integration challenge was solved, and what that meant for their business.This approach maintains technical depth while making a tangible impact.My tip: Structure technical discussions as narratives.Whether its a case study, an engineering challenge, or a breakthrough, frame the details within a story that connects the dots for everyone in the room.4. Stay ahead of tech and business trendsTechnology is evolving fast and staying relevant means keeping up with both technical advances and business trends. I balance deep dives into research with staying plugged into industry conversations to make sure I see the full picture.Related:I run internal knowledge-sharing sessions where we break down new trends and discuss how they apply to our business.My tip: Staying ahead means keeping up with research papers, following business news, and participating in industry forums. Engaging with different perspectives can provide valuable insights into emerging trends. Consider exploring a mix of sources -- hackathons where young developers adopt zeitgeist technologies, technical blogs, leading tech publications like MIT Technology Review, and innovation-focused communities. Following influential thinkers on social media and monitoring leaderboards on platforms like Hugging Face and Hacker News can also help you stay ahead. The more perspectives you have, the better.The most successful professionals in the data-driven future wont just build systems.Theyll be the ones who can explain them, align them with business goals, and push them into real-world use. Becoming a tech translator isnt just a nice skill -- its a game-changer for your career.For companies, the message is clear: If you dont have tech translators, youre wasting your technology investment. For individuals, the opportunity is huge. Master these skills, and youll be indispensable in any data-driven organization.About the AuthorEbrahim AlareqiPrincipal Machine Learning Engineer, IncortaEbrahim Alareqi is a principal machine learning engineer at Incorta. With a PhD in Computational and Data-Enabled Science and Engineering and an MBA, he specializes in making data science and business strategy work together. Connect with him on LinkedIn.See more from Ebrahim AlareqiWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

Pam Baker, Contributing WriterMarch 19, 20257 Min ReadAndyS via Alamy StockIts hard to survive a layoff or a firing. Its tougher now than ever given the long hiring cycles and the growing number of ghost jobs. Adding to the unemployment chaos are the massive White House and DOGE firings as well as expected upticks in layoffs correlating with a spike in tariffs. The future looks bleak for the unemployed.Layoffs arent just numbers but a form of economic trauma, says Lars Nyman, CMO of CUDO Compute, a platform that powers many AI programs.Right now, the job market feels like an obstacle course rigged against the people running it. Generative AI isnt a magic bullet and actually takes many jobs, but if you use it right, it can tilt the odds back in your favor, Nyman adds.But how do you use AI right to get another job. Here are eight ways to apply GenAI to your advantage.1. AI as exorcist: expelling ghost jobs from your job huntGhost jobs arent a fluke. They are an actual business strategy for companies seeking to accomplish goals that often have nothing to do with hiring anyone now.A whopping 40% to 50% of job postings are ghost jobs, meaning roles companies never intend to fill but leave up to look busy or fish for future talent. Generative AI tools can analyze patterns in job postings to flag likely fakes. Red flags would be vague descriptions, recycled listings, and positions staying open forever. If youre seeing those, move on, says Nyman.Related:Use general generative AI tools like ChatGPT, Claude, Gemini, Copilot, or Perplexity AI to weed out ghost jobs. Sample prompts for GenAI tools connected to the Internet: A ghost job is a job opening announcement which the company does not actually plan to fill now or maybe ever. The following are indicators that a job announcement is a ghost job: vague descriptions, recycled listings, and positions staying open (listed or relisted) for longer than 3 months in a one-year period. Analyze the following job announcement to determine whether it is a legitimate job opening or a ghost job [copy and paste job description here].2. AI as scam buster: identifying scam job postingsDesperate times call all the predators forth to feast on desperate people. Watch out for fake jobs. You might apply, be interviewed, get hired, fill out the onboarding forms with your personal data including your social security number and bank details. After that theres only crickets. Youve been scammed. This job didnt exist.AI can help identify fake jobs posted by scammers. But do research job listings further, too. AI can get you a false red or green flag.Related:Feed the job posting text into AI, asking it to flag suspicious phrases or inconsistent requirements, says Sam Wright, head of operations and partnerships at Huntr.You can add flags to the prompt too, like asking AI to check the email or web address in the job announcement against the web address and emails of the company advertised. Add any other red flags too, so AI can make a better assessment.3. Use AI to automatically fill out job application formsAutofill helps fill out some fields on online forms, but not very many. That leaves you to fill out the rest of job application forms online. If youre smart and playing the numbers, youre filling out a lot of job applications. That means entering the same data over and over and over again. AI can do that for you and much faster!I used this extension called: Simplify Jobs, it allowed me to fill most of the job applications within one minute, which allowed me to apply to 30+ jobs within an hour. Generally, it takes 15-30 minutes for each application if you manually do it, says Devansh Agarwal, senior machine learning engineer at Amazon Web Services.I set up LinkedIn alerts for the companies and job types that I was interested in and every day I would receive mails with job posting alerts. Then I would use Simplify Jobs to apply to these roles, Agarwal adds. He also says that all the views he expressed in this article are his own and do not reflect his current or previous employers.Related:4. Use AI to tailor resumes and cover lettersYou can use a generative AI tool to create your resume. When creating your resume, you need to be precise, as the recruiters spend less than 10 seconds looking at one. You need to write your experiences in the correct format, it takes time and is complicated to do it yourself. ChatGPT can help you rephrase things and write them in the proper format, says Agarwal.But then be sure to use AI to repurpose your resume and cover letter to fit the exact requirements for each job application. Go the extra mile and prompt the GenAI tool to use keywords that will trigger the AI on the other side to conclude an exact candidate match.You can automate job applications, and without looking like a bot. There are tools like LazyApply that mass-send applications, but the value is in using AI to customize your resume and cover letter -- producing quality, accurate material at scale, says Nyman. AI can tweak tone, highlight specific achievements, and adjust language to better suit company culture.5. Use AI to boost your LinkedIn reach so more employers see youPosting often on LinkedIn is a great way to build your following and profile views which can be helpful to your job search.During a job search there isnt enough time to focus on posting content on LinkedIn but since it is the primary platform for job search it is important to increase your network on it. People use GenAI to post things on LinkedIn and increase their reach, by using GenAI it barely takes any time to create the posts so you can continue to focus on job search and interview preparation, says Agarwal.6. Use AI for practice in mock interviewsIt can be hard to think of a good answer to an interview question on the spot. Some people find it helpful to prepare ahead of time by interacting with GenAI tools in mock interviews or as career coaches.Tools like ChatGPT or Gemini can simulate interview Q&As, giving you feedback and potential follow-up questions -- helping you feel more confident and prepared, says Agarwal.Dont forget to use AI to do your homework on the company before the interview too.Sometimes you need to review certain topics just before the interview, searching for notes online is time consuming and often times they are not concise. In this situation, you can ask LLMs to explain the topic and provide the important concepts in this topic with examples. This is extremely useful and can save hours of time, says Agarwal.7. An extra AI tip for government employees and their supportersMass government layoffs have led to mass despair with little recourse other than the courts. While youre waiting for your case to be heard, it may be helpful to connect with your federal representatives.You can use AI tools to write a series of emails that you, your family, your church, your friends, and community supporters can send daily to government representatives and hotlines. Changing the message to reflect the feelings and concerns of each person sending it or simply changing the wording some to keep the message fresh over time is a good use of AI. Who knows, maybe a congressman will help you get your job back. Its worth a try.8. Use AI to automate everything you can in the job search processYou dont have to limit your use of AI to the things on this list. Take notice of the things youre doing manually in the job search -- especially if youre doing the same thing repeatedly. Whatever those steps are, the odds are that you can use AI tools to do it automatically for you. Give it a shot and see where it leads.Weve seen job seekers slash hours off their application process by harnessing generative AI for resumes, cover letters, and mock interviews, leaving them more time to handle the real-life challenges that come with a layoff, says Wright.About the AuthorPam BakerContributing WriterA prolific writer and analyst, Pam Baker's published work appears in many leading publications. She's also the author of several books, the most recent of which are "Decision Intelligence for Dummies" and "ChatGPT For Dummies." Baker is also a popular speaker at technology conferences and a member of the National Press Club, Society of Professional Journalists, and the Internet Press Guild.See more from Pam BakerWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

John Edwards, Technology Journalist & AuthorMarch 19, 20255 Min ReadDenis Putilov via Alamy Stock PhotoArtificial intelligence, video surveillance, facial recognition: Today's IT leaders must struggle with an increasing number of ethical dilemmas. While innovation supports business growth, it also creates opportunities for potential abuse.IT leaders lead because they already have an important combination of procedural knowledge and ethics expertise, states Jonathan Beever, an associate professor of ethics and digital culture at the University of Central Florida. "IT leaders benefit, like we all do, from continued literacy building as new technologies and techniques challenge ethical understanding," he adds in an email interview.An ethical IT department operates with transparency, integrity, and accountability, while balancing the needs of the business and its customers, says Mike Lebron, senior IT director at photography and imaging firm Canon USA. "This involves not only adhering to regulatory standards, but also proactively addressing ethical considerations that may arise from the use of technology," he notes via email. "By fostering an environment where ethical conduct is prioritized, IT departments can help build trust both internally within the organization and externally with customers and partners."First StepsAn important first step is embracing the classical adage of knowing thyself, Beever says. "What values guide you personally?" He explains that values shape decisions implicitly and making values explicit helps leaders understand their own actions and decisions.Related:Beever, who is also the director and co-founder of the UCF Center for Ethics, advises IT leaders to question the values that guide their department. "Are these clear and transparent to all stakeholders?" Also consider what possible conflicts might arise between individual values and department commitments. "Finally, what ethical decision-making strategies can help navigate those possible conflicts."Codes of ethics provide guidance at the organizational level. Yet broader strategies, such as principlism, suggest key ethics principles of beneficence, nonmaleficence, respect for autonomy, and justice offers attributes that cut across departments/cultures/disciplines, Beever says. "Since interdisciplinary work is essential for IT departments, maybe now more than ever shared ethics principles can help communication about values across boundaries."Success in the digital era hinges on trust and an ethical approach to all aspects of IT operations fosters this trust, Lebron says. "Trust builds a virtuous cycle that enhances collaboration and strengthens relationships," he explains. When stakeholders, including employees, customers, and partners, feel confident that an organization's IT operations are guided by strong ethical principles, they're more likely to engage positively and collaborate effectively, potentially creating a stable and sustainable path forward.Related:Trust is also the foundation of customer loyalty, and an ethical IT approach is key to maintaining and strengthening that foundation, Lebron advises. "Organizations that embrace ethical practices may experience quicker decision-making, resilience, and long-term sustainability."Leadership ValuesEthically literate individuals are necessary to build ethical cultures, Beever says. "There seems to be a traditional corporate move to train top-down, as if regulations and rules could govern ethical behavior," he observes. Beever notes that professional ethics codes, such as the one created by The Association for Computing Machinery, push against this trend by directing responsible individuals. "But what opportunities do IT departments give their workers to develop the skills required to analyze, understand, and implement the principles of those codes?" he asks. "An ethical IT department would couple procedural literacy to ethics literacy, in support of an ethical culture."Related:Ethical considerations should be factored into every aspect of digital projects, from data privacy and cybersecurity to AI and automation, Lebron says. "Ethical IT practices help ensure that technology is used responsibly and unintended consequences that could negatively impact customers are avoided," he notes. "By doing so, organizations can mitigate risks, enhance their reputation, and drive more meaningful innovation." Lebron believes that the trust that's built from ethical IT practices can move the needle in all aspects within an organization, creating a competitive edge, a true force multiplier.Responsibility and accountability for technology outcomes -- including failures -- are key to building trust between stakeholders and IT, Lebron says. "Ethical vendor selection means you choose partners who align with your organizations ethical standards," he explains. "Accessibility and inclusivity in technology allows you to create products and services that consider people with disabilities so that everyone benefits."Ethics SuccessEthical practices should not come solely from within the IT department, Lebron advises. "They should also be shaped by those whom IT serves and supports." Engaging with a diverse set of stakeholders -- including employees, customers, partners, and community members -- helps ensure that ethical standards reflect a wide range of perspectives and needs.Inclusivity not only builds trust but also helps create more comprehensive and relevant ethical guidelines, Lebron says. Furthermore, open communication channels allow the continuous exchange of ideas, fostering a culture of transparency and mutual respect. "By embracing diverse inclusion and active communication, IT departments can ensure that their transformation efforts are well-informed, equitable, and truly supportive of all stakeholders."About the AuthorJohn EdwardsTechnology Journalist & AuthorJohn Edwards is a veteran business technology journalist. His work has appeared in The New York Times, The Washington Post, and numerous business and technology publications, including Computerworld, CFO Magazine, IBM Data Management Magazine, RFID Journal, and Electronic Design. He has also written columns for The Economist's Business Intelligence Unit and PricewaterhouseCoopers' Communications Direct. John has authored several books on business technology topics. His work began appearing online as early as 1983. Throughout the 1980s and 90s, he wrote daily news and feature articles for both the CompuServe and Prodigy online services. His "Behind the Screens" commentaries made him the world's first known professional blogger.See more from John EdwardsWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

Like foreign student exchange programs, a regular exchange program betweentheITteamand end user departmentsin which an IT business analyst spends six weeks in an end-user area doing end- user work, and a person from the end-user area spends six weeks in IT, canbuild bench strength and collaborative relationships between IT analysts and business users.Yetmanywho have tried this idea have exited with mixed results. What are thepitfalls, and is there a way to run an employee exchange program that delivers quality outcomes for everyone?First, WhyDo it?Cross-disciplinary team building and the development of empathy andunderstanding of the business and ITacross departmentsare the driving forces behind user-IT employee exchanges. Youcantteach practical company business acumen to IT staff withtextbooksand college courses. IT needs boots on experience in user departments, where business analysts directly experience the day-to-day process problems and pain points that users do.End users who take a tour of duty in IT have a chance to see the other side, which must plan carefully about how to integrate and secure software, while users complain that application deployments are taking too long.On paper, there is virtually no one in userdepartmentalor IT management whothinksthat employee exchange is a bad idea.So,why havent these exchanges been widely embraced?Related:PitfallsThere are several reasons why employee exchanges between users and IT have faltered:1. The time commitmentWhetheryoureinIT or end-user management, exchanging an employee who is fully trained in your department for another employee who will be a trainee,at best,is not an easy sacrifice to make. There are projects and daily work toaccomplish. Can your department afford an employee exchange that could compromise productivity when you might already be running lean?2. Lack of management commitmentThe user-IT employee exchange starts out strong, with both user and IT management highly enthusiastic about the idea. Then, an unexpected priority comes up on either the user or IT side, and the manager who is affected says, Imsorry.Imgoing to have to pull back my employee from the exchange because we have this important project to get out.Iveseen this scenario happen. Employees get pulled out of the exchange program, and in good faith their managers try to reengage them in the exchange once a crisis has been resolved, but the continuity of the exchange has been interrupted and much of theinitialeffort is lost.Related:3. Failure to set attainable goalsOften, users and IT will agree to an employee exchange with a loose goal of immersing employees in different departments so employees can gain a better understanding of the company.The employees, and those whom they work with in their new departments, arent really sure about what they should be focusing on.When the exchange period ends, no one is exactly sure about what knowledge has been gained, and theycantexplain it to upper management, either.4. Lack offollow upDid the employees in the exchange come back with value-added knowledge that is aiding them in new projectsthatthey are doing? Most managers I speak with who have done these exchanges tell me thattheyrenot sure.One way to be sure is to check in with employees after they complete exchanges to see whattheyrelearned, and howtheyreapplying this new knowledge to their work. For example, if an IT employee goes to accounting to learn about risk management and works six weeks with the risk group, does the employee come back with new knowledge that helps them develop more insightful analytics reports for thatgroup?5. Lack of practicalknow-howLack ofknow-howin running employee exchanges goes hand in hand with the failure to set attainable goals,or to follow up.The managers who are best in these areas are individuals who have backgrounds in teaching and education, but not everybody does.Related:When you exchange employees for purposes of knowledge transfer and growth of business understanding, setting goals and staying with and following up the process are fundamental to execution. Unfortunately, many managers who try exchanges lack skills in these areas.6. Employee transfer requestsMany managers fear that the employees they send to other departments might like the work so well that they request a permanent transfer! This is a major fear.Doing anEmployeeExchangeGiven the pitfalls,itssmall wonder that employee exchange programsarentaggressively pursued,but thatdoesntmean that theydontwork.Wheredothey work?1. Companies that want to improvetheiremployee retentionSeveral years ago, a major appliance manufacturer offered an internal program where employees could sign up for projects outside of their regular businessareas andget time to work on the projects. Other companies have followed suit. This outside of the department work unlocked employee creativity and career growth opportunities. It improved employee morale, which in turn reducedemployee churn. In 2024, overall employee churn at US companies was at 20%, orone in five employees. With a tight job market, companies want to reduce churn, and expanding employee work experiences and knowledge is one way to do it.2. Organizations thatrequirecross-trainingThe military is a prime example of this. Recruits are trained in a variety of different functional areas todeterminewhere theybestexcel.3. Not-for-profit entitiesCredit unions and other not-for-profit entities have historically been great proving grounds for employee exchange programs because of their people orientation. Upper and middle managers are genuinely committed to the idea of employee growth through cross-training. The not-for-profit culture also promotes resource sharing, so managers are less resistant to the idea that they could lose a valuable employee to another department because the employee likes working there.4. When clearobjectivesare set, andfollow-upis doneAn employee exchange requires clearobjectivesto succeed atan optimallevel. For example, youdontsend an IT staffer over to accounting to learn clerical processes of closing the month-end financials and reporting them to management. Ifitstaking finance three days to do the month-end close, you send an IT employee over to learn the process and the process obstacles, and todeterminewhyitstaking finance three days instead of one day to do the close. The hope is that the employee returns to IT and works on the tech side of the process so the month-endclosingcan be done in one day. That'sa clear business win.SummaryFor managers who are uncomfortable with employee exchanges, it might be best not toattemptthem. But for those who can see the benefits of these exchanges, and who can answer a solid yes to their commitment levels, employee exchanges can work extraordinarily well for everyone involved.

Toxic workplaces have been a prevailing theme in the zeitgeist for decades -- the phrase was first used in a 1989 nursing leadership guide. Discussion of workplace dissatisfaction reached a fever pitch with the advent of social media. Disgruntled workers took to the web, sharing their experiences of abusive managers, unrealistic expectations, grueling hours -- and a plethora of more minor complaints as well.Thus, it might be argued, the meaning of the term has been diluted. Surely, there are differences between being regularly berated by a supervisor for insignificant infractions or refusals to acknowledge an employees personal commitments and the occasional request for overtime or expectations of inconvenient social conventions.Even if the intended meaning has drifted, the discourse on workplace toxicity has identified a range of prevailing tendencies that have severe consequences both for employees and the organizations they work for. Cybersecurity is no exception -- and toxicity appears to be particularly pernicious in this profession for a variety of reasons.It is likely exacerbated by the cybersecurity shortage -- small teams are expected to carry heavy workloads, and their managers bear the brunt of the consequences for any failures that occur. This zero-failure mentality results from a siloed structure in which cybersecurity professionals are isolated from other parts of an organization and expected to carry the entire burden of protection from attacks without any assistance. Individuals are blamed for events that in reality result from institutional failures -- and those failures are never addressed.Related:This is exacerbated by a general lack of people skills among managers and poorly executed communication. These factors lead to a bullying managerial culture, demoralized staff, burnout, high turnover rates -- and ultimately, a greater likelihood of breaches.Here, InformationWeek looks at the factors contributing to toxic cybersecurity environments and the steps that CISOs and other IT leaders should take to correct them, with insights from Rob Lee, chief of research at cybersecurity training company SANS Institute; and Chlo Messdaghi, founder of responsible AI and cybersecurity consultancy SustainCyber.Tech Over PeopleOne of the first organizational mistakes that can lead to toxicity in the cybersecurity workforce in an emphasis on packaged solutions. Slick marketing and fast-talking salespeople can easily lead anxious executives to purchase supposedly comprehensive cybersecurity packages that offer assurances of protection from outside attackers with very little work or additional investment. But even the most well-designed package requires maintenance by cybersecurity professionals.Related:Ninety percent of the cybersecurity market is product based, Lee says. You can have an amazing Boeing strike fighter, but you still need a pilot to run it.The failure to understand the demands of this work can lead to underfunded and understaffed departments expected to keep up with unrealistic expectations. CISOs are thus compelled to pressure their employees to perform beyond their capabilities and toxicity soon results.Siloed SecurityEven in cases where cybersecurity teams are reasonably funded and given a degree of agency in an organizations approach to protecting its assets, their efficacy is limited when the entire burden falls to them. If an organization does not implement top-down practices such as multi-factor authentication and education on phishing scams, it regularly falls to the cyber team to clean up preventable messes. This can shift focus from other proactive measures.There are conflicts when the organization is trying to enable innovation and freedom, Lee says. Security still has to do monitoring and restrict access.Related:Siloes develop within cyber teams themselves, too. Teams focused on compliance, risk assessment, and operations may have very different priorities. If they are not in regular communication, those priorities cannot be reconciled. This leads to further conflict and inefficiency.Resources Versus RealityThe availability of both staff and funding can negatively affect a cybersecurity work environment. Tiny teams faced with massive defense tasks are likely to feel overburdened and underappreciated, even under the best management. Understaffed cyber teams are frequently the result of underfunding.Chlo Messdaghi, SustainCyberChlo Messdaghi, SustainCyberWhen you go to like the board or the executive team, theyll say No, its not needed. We don't need more funds, Messdaghi relates. They dont understand why security is important. They see it as setting money on fire.One study found that cybersecurity budgets were only expected to increase by 11% from 2023 to 2025 despite the exponential rise in threats, putting the onus on already strained cybersecurity teams to make up the difference. These unrealistic expectations are likely to lead to employees being burned out.But that is not the whole picture: Burnout also comes from bad leadership. Burnout is not caused by the amount of work you have. Its about leadership and a lack of communication, Messdaghi argues.Toxic Personalities in ManagementToxicity trickles down -- from management to the most junior of employees, no matter the industry. This appears to be particularly true in cybersecurity. One of the worst traits in upper management appears to be apathy -- simply not caring much about cybersecurity at all.This can lead directly to underfunding or band aid solutions that leave teams scrambling to compensate. These types of executives dismiss admonitions to implement password security procedures and phishing tests across the organizations, considering them to be meaningless exercises.When cyber teams do raise relevant issues with management, they may be dismissed or treated as irritations rather than people who are attempting to do their jobs. Further, when errors do occur, they are pinned squarely on these underfunded and understaffed teams.Cybersecurity team leaders themselves can contribute to toxic environments, even if upper management is supporting solid practices. Micromanaging employees, publicly or privately abusing them with demeaning or profane language and refusing to listen to their concerns can lead to disengagement, adversarial relationships and decreased performance.Research has identified such managers as petty tyrants, so involved with their own sense of importance in the organizational scheme that they feel entitled to these behaviors. Their behaviors may more directly affect their subordinates due to the small size of many cyber teams -- their toxicity is not diffused across many employees and their handful of subordinates bear the brunt.These behaviors may be further exacerbated by the shortage of skilled cybersecurity employees -- someone who is able to manage a team on a technical level remains valuable even if they lack people skills and do so in an abusive fashion.And some leadership toxicity may simply be the result of managers not being enabled to do their jobs. CISO burnout is extremely real, Lee says. There are a lot of people saying, Im never doing this job again.When good managers leave due to toxicity from their superiors, the effects can be devastating for the entire organization. Theyll take half the team with them, Lee says.Toxic Tendencies in Cyber TeamsAs poisonous as the behaviors of executives and managers can be, some of the toxicity in cybersecurity workforces can come from within the teams themselves.A prevailing toxic tendency is the so-called hero complex -- highly skilled employees shoulder enormous workloads. This can lead to resentments on both sides of the equation. The hero may resent what they perceive to be an unfair burden, carrying the weight of less-invested employees. And other employees may resent the comparison to heroes, whose work ethic they feel unequipped to match. Some heroes may become bullies, feeling entitled to push others out of their way in an effort to get their work done, and others may feel bullied themselves, forced to shoulder the consequences of the incompetence of their colleagues.This personality type may be prevalent in cybersecurity teams due to the history of competition in the industry, beginning with early hackers. Hierarchies based on achievements -- such as medals -- have been reinforced by the entry of ex-military members into the workforce.The prevalence of these personality types has, likely unintentionally, led organizations to feel comfortable with understaffed cybersecurity departments because the work does ultimately get done, even if it is only by a few people working under unsustainable pressures. But it also creates single points of failure: When one hero finally slips up, the whole enterprise comes crashing down.Blaming and ShamingBlaming individuals for security events is a hallmark of toxic cybersecurity culture. While events can often be traced to a single action by an employee, those actions are typically the result of a defective system that cannot be attributed to one person.The zero-intrusion mindset that prevails among executives who do not understand the cybersecurity landscape can exacerbate the blame game. Intrusions are a near inevitability, even in scrupulously maintained environments. Coming down on the people who are responsible for containing these events rather than congratulating their effective work at containing them is going to result in resentment and anger.Rob Lee, SANS InstituteRob Lee, SANS InstituteTheres this assumption that someone did something wrong, Lee says. There are no medals awarded for stopping the intrusion before it does something devastating.This type of behavior can have even further consequences. Employees who know they will be excoriated if they make a mistake or have been faulted for the mistakes of others are likely to conceal an error rather than bring to the attention of their superiors, which is likely to make a potential breach even worse.There are always going to be people who are curious and want to work on improving themselves, Messdaghi observes. And then youre going to have people who are going to blame others for their wrongdoings.Effects on EmployeesToxic cybersecurity environments can have substantial effects on the physical and mental health of employees. Stress and anxiety are common, in some cases leading to more severe consequences such as suicidality. One study of the industry found that over half of respondents had been prescribed medication for their mental health. Conflicts, infighting and bullying can increase in a vicious feedback loop according to research by Forrester.These factors can result in apathy toward the job, leaving the team and eventual exit from the industry entirely. Nearly half of cyber leaders are expected to change jobs this year according to a 2023 Gartner report. Simultaneously, unrealistic performance expectations lead to further staffing problems. There may be little interest in entry level employees due to their perceived lack of skills even as more experienced staff head for the door.And stress is only growing -- 66% of cybersecurity professionals said their job was more stressful than it was five years ago according to a 2024 survey.Risks Created by ToxicityAccording to a study by Bridewell, 64% of respondents to a survey of cybersecurity professionals working in national security infrastructure saw declines in productivity due to stress.The apathy, annoyance, stress, and eventual burnout that result from toxic cybersecurity workplaces create prime conditions for breaches. Errors increase. Team members become less invested in protecting organizations that do not care about their well-being. Rapid turnover ensues, decreasing team stability and the institutional knowledge that comes with it.A 2024 Forrester report found that teams who were emotionally disengaged from their work experienced almost three times as many internal incidents. And those that lived in fear of retribution for errors experienced nearly four times as many internal incidents. These conditions exacerbated the risk of external attacks as well.Fixing the ProblemAddressing toxicity in cybersecurity is a tricky proposition -- not least due to the vagueness of the term. Distinguishing toxicity from acceptable workplace pressures is highly subjective.CISOs and IT leaders can institute a number of practices to ensure that cyber teams are getting the resources and support they need. Regular meetings with superiors, anonymous surveys and open conversations can elicit useful feedback -- and if that feedback is actually implemented, it can create more positive and productive conditions.Even the best cyber managers can only do so much to address unrealistic pressures and failures across the organization that result in risk. If resources and time are not allocated appropriately, toxicity is likely to fester despite the best efforts of everyone involved.People who are open and good communicators -- these are the best qualities I see, Messdaghi says. They dont need to be super technical. They just need to just be there to support the employees and get them what they need.

Simon Ninan, Senior Vice President of Business Strategy, Hitachi VantaraMarch 17, 20254 Min ReadCagkan Sayin via Alamy StockGenerative AI has incredible potential to improve productivity and drive innovation across domains and sectors. But the challenge to enterprises is twofold as cost and carbon footprint complicate the path forward.GenAI models require growing volumes of data and storage, and the graphics processing units (GPUs) on which GenAI relies to move and process data require an enormous amount of energy to run. The complexities of price and power drain that result from the massive amounts of data and GPUs are a huge hurdle for enterprises seeking to create a greener, more sustainable future.This has important implications for hyperscalers and other enterprises that operate data centers, as well as for businesses, communities, and all living things across the planet.Despite barriers to early adoption, GenAI is here to stay. Software developers, support staff, and consumers are already using GenAI, which will only surge with greater applications and adoption, thus becoming as common as mobile devices.That said, sustainable data centers will be critical for GenAI expansion and the world.I predict that sustainable data centers will become mandatory in the next five years.Here are five steps to help your enterprise build a sustainable data center:Related:1. Address data managementData is the lifeblood of GenAI applications, so its important for enterprises to have data management systems and strategies that provide access to the right data at the right time.Application data may reside on premises, in the cloud or the edge. Ensure that your data management strategy enables you to access data from whichever platform suits your needs at the optimal cost and in a secure manner. This will contain costs, limit your risk, and help you differentiate your business.To address the rapidly growing data volume of GenAI, you should also explore compression technology, which can store the same data, with 60% less footprint, decreasing your need for power and lowering your carbon emissions.Distributed, dark data is another challenge. With so much data in so many places, you may not know where all of your data resides. Address that by using data cataloging, compliance, ediscovery and governance solutions to understand what data you have, where it sits, and how to integrate data to reduce waste and use your data to drive business results.Data governance and compliance can be tricky given the rapidly intensifying complexity. Many organizations lack the skills, industry knowledge and expertise to tackle this alone. Engage with a partner with deep industry knowledge that has baked that knowledge into their tools.Related:2. Explore your data storeOptimal data management will help you strike the right balance between the data storage and processing you need to support your GenAI applications and your sustainability commitments.Dont store multiple copies of data. Only hang on to the data that your business really needs.Keep the most important information in hot storage. Put the data for which you dont have an immediate need in cold storage, which will reduce your costs and lower your carbon footprint.Select a data storage solution that is highly engineered for performance and sustainability. Validate the solution by reviewing what independent third parties say about its sustainability.3. Process data where it livesData movement consumes time and power, so avoid unnecessarily moving data.Ensure you have the technology to process data close to the source and use metadata management to access what you need and transport only the data you need to move.4. Implement liquid cooling systemsGenAI attracted 100 million users in less than two months after launch, and an Enterprise Strategy Group study sponsored by Hitachi Vantara indicates that 97% of enterprises see GenAI as a top five priority. But the massive GPU infrastructure needed to power GenAI applications generates a lot of heat in data centers.Related:Over the years, companies have tried to cool equipment by doing everything from submerging data centers in the ocean to locating data facilities in remote parts of the world like Iceland.However, you dont need to dive deep or travel far to cool your data center. Instead, you can use liquid cooling, which can.5. Take a holistic approachRapidly growing data, GPU requirements and data centers -- and the complexity, risk and environmental impacts they entail -- make sustainability more important than ever.The green data center of the future will be simple, smart, secure, self-healing, scalable and sustainable. It calls for a holistic approach that addresses server, software and storage efficiency, employs the right mix of sustainable energy sources, and uncovers opportunities to use innovations and eco-friendly solutions to make the best use of data and limit carbon footprint.When companies and data centers are more sustainable, everybody benefits. The world becomes a better place, customers enjoy better outcomes and businesses grow stronger.About the AuthorSimon NinanSenior Vice President of Business Strategy, Hitachi VantaraSimon Ninan is senior vice president of business strategy, responsible for developing and driving aligned execution of Hitachi Vantaras business strategy for the short and long term, with the goal of maximizing customer and stakeholder value, while driving growth, innovation and market leadership.Simon holds a Bachelor of Engineering degree in Information Science and an MBA in Strategy and International Business. He resides in the Bay Area, where he enjoys reading, writing, hiking and the occasional 3D jigsaw puzzle. He also volunteers with Kontagious, a non-profit organization that provides mentorship to immigrant students.See more from Simon NinanWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

Shane Snider, Senior Writer, InformationWeekMarch 17, 20254 Min ReadInset profile photo of Red Hat CIO Marco Bill provided by company.imageBROKER.com / Alamy Stock Just one month into his new role as chief information officer, Red Hats Marco Bill is already helping the company reach for the stars -- literally. From a unique space collaboration, to helping businesses navigate their AI ambitions, to rolling with quickly emerging technologies, Bill is forging ahead in his new role.The Raleigh N.C.-based open-source software giant recently announced a new collaboration with Axiom Space to run a data center on the International Space Station. The mission will launch this spring and Red Hats Device Edge will power Data Center Unit-1, enabling hybrid cloud applications and cloud-native workloads -- in outer space.Axiom says the effort will allow data center customers to have access to satellite data closer to the source, making transmission quicker and more efficient. Bill says the collaboration was an opportunity for Red Hat to innovate in a new space.It was a mutual interest, Bill says of the space project. We dont really have a space mission at Red Hat, but its obviously a use case that fits very well with us and what we do. Its very intriguing. For us at Red Hat, its good to be exposed to these new environments. We always learn and we can improve our products.Axiom says its Orbital Space Center (OBC) will have tangible benefits, including reducing delays by utilizing cloud storage and edge processing infrastructure, allowing for faster and more secure connections in orbit. Reducing latency in space will allow quicker access to orbital data sources for terrestrial users, the company says.Related:(Editors Note: Be sure to check out this weeks DOS Wont Hunt Podcast, which features a panel discussion about data centers in exotic locations, including space).Earthly AI AmbitionsBack on Earth, Red Hat is facing more terrestrial issues, like the sudden AI arms race sparked by booming enterprise interest in generative AI (GenAI). Like any company, Red Hat is balancing increasing AI infrastructure costs.The development of AI is definitely our big mission, Bill says. We want to be a leader there and thats where the budget goes from a company perspective. I have to provide infrastructure there -- the data is important as well, so Ive got to follow that. I have to provide an environment with the right GPUs, right?CIOs struggling to balance budgets with priorities can learn from Red Hats process, Bill says. I do spend quite a bit of money on the whole transformation of data, because thats where we were lagging. So, we cleaned this up over the last two years And then theres not much budget left, right? So, you really have to work with the business and identify the priorities.Related:CIOs need to place a high priority on AI, Bill says. The biggest advice I would give to other CIOs is not to ignore AI or to find excuses why AI doesnt work in their environment. Dont ignore this. [AI] is bigger than the internet when it came around and companies who ignored the internet arent around anymore. Dont find excuses, really double down and find ways to experiment. Finding that right use case is important, but this is not hype.Securing Open SourceMany IT leaders may struggle with the option of open-source solutions as they struggle with increasing cybersecurity threats. They may see open-source software as a risky proposition, despite benefits in cost and innovation. Bill says CIOs can take advantage of the open-source value proposition and maintain a strong security stance.We have a whole cyber team engaged globally 24/7 and theyre engaged in the communities, he says. When you have a good team of people, you can mix open source. In our culture, if you have a lot of open-source engineers, they want to have some freedom. I cannot give them a Windows laptop and lock it down -- youve got to give them environments they can actually work with in the open-source community. But you still need to control it. Thats one of the biggest challenges.Related:Red Hat and the Future of TechFor Bill, the next several years of tech will bring more diversity in cloud infrastructure and placement. You will have some applications running on the ground, you will have some in the public cloud, and youll have data centers in space. Youll have to be on different footprints, and that can be for geopolitical reasons or because of cost. So being on a hybrid-cloud infrastructure is really important.And that infrastructure will usher in a new era of AI, where companies can begin reaping benefits and seeing a return on investment.There is so much we can do with AI, Bill says. With Red Hat, our infrastructure is important. Linux is still important to us. Thats our foundation with open source and having the Kubernetes platform. How do those work together? How do they work on a hybrid cloud and enable AI? There will be a lot of evolution with the large language models thats the future that we see.About the AuthorShane SniderSenior Writer, InformationWeekShane Snider is a veteran journalist with more than 20 years of industry experience. He started his career as a general assignment reporter and has covered government, business, education, technology and much more. He was a reporter for the Triangle Business Journal, Raleigh News and Observer and most recently a tech reporter for CRN. He was also a top wedding photographer for many years, traveling across the country and around the world. He lives in Raleigh with his wife and two children.See more from Shane SniderWebinarsMore WebinarsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

Is putting a data center under the ocean or in orbit just a novelty or a future-forward idea?

As chief information officers race to adopt and deploy artificial intelligence, they eventually encounter an uncomfortable truth: Their IT infrastructure isn't ready for AI. From widespread GPU shortages and latency-prone networks to rapidly spiking energy demands, they encounter bottlenecks that undermine performance and boost costs.An inefficient AI framework can greatly diminish the value of AI, says Sid Nag, vice president of research at Gartner. Adds Teresa Tung, global data capability lead at Accenture: The scarcity of high-end GPUs is an issue, but there are other factors -- including power, cooling, and data center design and capacity -- that impact results.The takeaway? Demanding and resource-intensive AI workloads require IT leaders to rethink how they design networks, allocate resources and manage power consumption. Those who ignore these challenges risk falling behind in the AI arms race -- and undercutting business performance.Breaking PointsThe most glaring and widely reported problem is a scarcity of high-end GPUs required for inferencing and operating AI models. For example, highly coveted Nvidia Blackwell GPUs, officially known as GB200 NVL-72, have been nearly impossible to find for months, as major companies like Amazon, Google, Meta and Microsoft scoop them up. Yet, even if a business can obtain these units, the cost for a fully configured server can cost around $3 million. A less expensive version, the NVL36 server, runs about $1.8 million.Related:While this can affect an enterprise directly, the shortage of GPUs also impacts major cloud providers like AWS, Google, and Microsoft. They increasingly ration resources and capacity, Nag says. For businesses, the repercussions are palpable. Lacking an adequate hardware infrastructure thats required to build AI models, training a model can become slow and unfeasible. It can also lead to data bottlenecks that undermine performance, he notes.GPU shortages are just a piece of the overall puzzle, however. As organizations look to plug in AI tools for specialized purposes such as computer vision, robotics, or chatbots they discover that theres a need for fast and efficient infrastructure optimized for AI, Tung explains.Network latency can prove particularly challenging. Even small delays in processing AI queries can trip up an initiative. GPU clusters require high-speed interconnects to communicate at maximum speed. Many networks continue to rely on legacy copper, which significantly slows data transfers, according to Terry Thorn, vice president of commercial operations for Ayar Labs, a vendor that specializes in AI-optimized infrastructure.Related:Still another potential problem is data center space and energy consumption. AI workloads -- particularly those running on high-density GPU clusters -- draw vast amounts of power. As deployment scales, CIOs may scramble to add servers, hardware and advanced technologies like liquid cooling. Inefficient hardware, network infrastructure and AI models exacerbate the problem, Nag says.Making matters worse, upgrading power and cooling infrastructure is complicated and time-consuming. Nag points out that these upgrades may require a year or longer to complete, thus creating additional short-term bottlenecks.Scaling SmartOptimizing AI is inherently complicated because the technology impacts areas as diverse as data management, computational resources and user interfaces. Consequently, CIOs must decide how to approach various AI projects based on the use case, AI model and organizational requirements. This includes balancing on-premises GPU clusters with different mixes of chips and cloud-based AI services.Organizations must consider how, when and where cloud services and specialty AI providers make sense, Tung says. If building a GPU cluster internally is either undesirable or out of reach, then its critical to find a suitable service provider. You have to understand the vendors relationships with GPU providers, what types of alternative chips they offer, and what exactly you are gaining access to, she says.Related:In some cases, AWS, Google, or Microsoft may offer a solution through specific products and services. However, an array of niche and specialty AI service companies also exist, and some consulting companies -- Accenture and Deloitte are two of them -- have direct partnerships with Nvidia and other GPU vendors. In some cases, Tung says, you can get data flowing through these custom models and frameworks. You can lean into these relationships to get the GPUs you need.For those running GPU clusters, maximizing network performance is paramount. As workloads scale, systems struggle with data transfer limitations. One of the critical choke points is copper. Ayar Labs, for example, replaces these interconnects with high-speed optical interconnects that reduce latency, power consumption and heat generation. The result is better GPU utilization but also more efficient model processing, particularly for large-scale deployments.In fact, Ayar Labs claims a 10x lower latency and up to 10x more bandwidth over traditional interconnects. Theres also a 4x to 8x reduction in power. No longer are chips waiting for data rather than computing, Thorn states. The problem can become particularly severe as organizations adopt complex large language models. Increasing the size of the pipe boosts utilization and reduces CapEx, he adds.Still another piece of the puzzle is model efficiency and distillation processes. By specifically adapting a model for a laptop or smartphone, for example, its often possible to use different combinations of GPUs and CPUs. The result can be a model that runs faster, better and cheaper, Tung says.Power PlaysAddressing AIs power requirements is also essential. An overarching energy strategy can help avoid short-term performance bottlenecks as well as long-term chokepoints. Energy consumption is going to be a problem, if it is not already a problem for many companies, Nag says. Without adequate supply, power can become a barrier to success. It also can undermine sustainability and boost greenwashing accusations. He suggests that CIOs view AI in a broad and holistic way, including identifying ways to reduce reliance on GPUs.Establishing clear policies and a governance framework around the use of AI can minimize the risk of non-technical business users misusing tools or inadvertently creating bottlenecks. The risk is greater when these users turn to hyperscalers like AWS, Google and Microsoft. Without some guidance and direction, it can be like walking into a candy store and not knowing what to pick, Nag points out.In the end, an enterprise AI framework must bridge both strategy and IT infrastructure. The objective, Tung explains, is ensuring your company controls its destiny in an AI-driven world.