WWW.INFORMATIONWEEK.COM
Things CIOs and CTOs Need To Do Differently in 2025
Lisa Morgan, Freelance WriterDecember 18, 202410 Min ReadOrazio Puccio via Alamy StockIts that time of year again: the time when journalists and vendors make predictions and IT leaders set priorities for the new year. In a lot of ways, the stakes are high, given a new US presidential administration and the active conflicts in various parts of the world. What will happen to the economy and IT budgets? What will all the unrest equate to in terms of business continuity and cyberattacks?As the world and technology become increasingly complex, CIOs and CTOs need to figure out what that means to the organization as well as the IT department. Loren Margolis, faculty, Stony Brook University, Women Leaders in STEM Program, warns that IT leaders need to proactively combat cybersecurity threats that continue to become more sophisticated.To proactively combat [cyberattacks], leaders must think like them, says Margolis. Questions to ask [include] What are our potential openings and soft spots? What are our competitors doing to combat them? If I were a nefarious operative, what would I do to breach our system?She also says CIOs and CTOs need to get ahead of machine learning to increase customer satisfaction, reduce costs and increase efficiency. In addition, IT leaders should consider the skill gaps in their workforce.Related:Keep ahead or at least on top of the cybersecurity, artificial intelligence, and data analytics skills that are needed. Acquire talent and develop that talent so your company remains competitive, says Margolis. Find ways to use [AI and analytics] to become even more agile so you remain competitive. Also embrace them as opportunities to train and develop your workforce. Make sure your organization is a place where great tech talent can come to develop and use their skills.The following are some other priorities for 2025.1. Increase value deliveryJoe Logan, CIO at cloud-native knowledge platform iManage believes CIOs and CTOs will be focused on driving cost to value, especially when it comes to security.Because the nature of the threat that organizations face is increasing all the time, the tooling thats capable of mitigating those threats becomes more and more expensive, says Logan. Add to that the constantly changing privacy security rules around the globe and it becomes a real challenge to navigate effectively.Also realize that everyone in the organization is on the same team, so problems should be solved as a team. IT leadership is in a unique position to help break down the silos between different stakeholder groups. The companies that master cross-functional problem-solving tend to drive higher value than those that dont.Related:2. Ensure AI investment ROIIn 2024, many organizations discovered that their AI investments werent paying off as expected. As a result, AI investments are shifting from rapid innovation at any cost to measurable ROI. Heading into 2025, Uzi Dvir, Global CIO at digital adoption platform WalkMe says CIOs and CTOs will face increased pressure to justify AI investments in the boardroom.Change management is emerging as a crucial factor for companies to fully realize the benefits of their AI investments and companies are gravitating towards more intuitive, human-centric AI, says Dvir. Faced with more and more AI apps, employees are asking themselves if its worth the time and effort to figure out how to use these new technologies for their specific roles. In response, enterprises are now prioritizing better visibility into AI adoption [and identifying] areas ripe for optimization and enhanced security.As always, the path to AI mastery doesnt lie in technology advancements alone. Companies that actively start investing in and addressing change management will reap the true rewards of their technology investments.3. Overcome budget limitationsRelated:Every IT leader is under pressure to improve efficiency and time to market while reducing costs. As is typical, theyre being asked to do more with less, and do it faster, but in 2025, theyll increase their usage of AI, machine learning, and low-code/no-code platforms to improve efficiency.We are expecting to realize a 10% to 20% improvement in developer productivity via the use of products like GitHub Copilot and Amazon Q. Our current run-rate usage of these products has us bringing in the equivalent of an entire products code base worth of AI-generated code every year, says Steven Berkovitz, CTO of restaurant technology solutions company PAR Technology. We also expect these tools to help our developers focus their time on the hard and novel problems and spend less time on the repetitive tasks of development. We particularly expect this to help accelerate starting new projects and products as much of the boilerplate work can be automated.However, many developers hesitate to use AI for fear of job loss.I think [job loss] concerns are overstated, and developers should be embracing the tooling to improve their efficiency versus fighting I,says Berkovitz. [AI] will make them better, faster developers, which makes them more valuable to companies, not less.4. Strengthen cybersecurityCybersecurity threats are becoming more sophisticated, necessitating stronger defense mechanisms. Unfortunately, the digital services enterprises use to innovate are also utilized by threat actors to exploit.Strengthening cybersecurity measures will protect company assets and build trust with customers and partners, says Rob Kim, CTO at technology services and solutions provider Presidio. Challenges include the scarcity of skilled professionals in emerging technologies [including] Gen AI, data/lake house modernization and cybersecurity. Ensuring data privacy and regulatory compliance in a rapidly evolving legal landscape can also be complex.5. Deal with the lingering talent shortageThe World Economic Forum found theres a global shortage of nearly 4 million professionals in the cybersecurity industry as demand continues to increase. That shortage follows a 12.6% growth rate in the cybersecurity workforce between 2022 and 2023. Highly regulated industries, such as government and healthcare, are among those experiencing the greatest cybersecurity workforce shortages, which presents unique challenges.This same narrative has been repeating for years: businesses are moving to the cloud and facing tighter compliance regulations while budgets remain tight and security threats grow more serious, says Jim Broome, president and CTO at information security services company DirectDefense. It all requires more staff with advanced skill sets and an ability to learn and adapt to constant changes, which can lead to burnout.Expect the trend to continue.6. Ignite innovationCIOs and CTOs face several risks as they attempt to manage technology, privacy, ROI, security, talent and technology integration. According to Joe Batista, chief creatologist, former Dell Technologies & Hewlett Packard Enterprise executive, senior IT leaders and their teams should focus on improving the conditions and skills needed to address such challenges in 2025 so they can continue to innovate.Keep collaborating across the enterprise with other business leaders and peers. Take it a step further by exploring how ecosystems can impact your business agenda, says Batista. [F]oster an environment that encourages taking on greater risks. The key is creating a space where innovation can thrive, and failures are steppingstones to success.7. Understand customers better and remain curiousJust about every organization believes they are customer-centric and know their customers, but actual customer experiences often tell a different story. Batista advises getting to know customers and the customers customers to move beyond superficial engagement. To do that, IT leaders should map customers journeys, experience the customer journey for a day, hold regular insight sessions to dig deeper into customer needs, research the customers world and be consistently available to customers.By doing this, you can build a future-forward learning team. Understanding what skills, knowledge and connections you may need a year from now allows you to start learning and growing today. This initiative-taking approach will help you face future changes with confidence and readiness, says Batista. If I could offer one piece of advice to a peer for 2025, it would be simple: STAY CURIOUS! Curiosity drives us to ask the important why and how questions, leading to deeper analysis and more creative solutions. Embrace not knowing as an opportunity to learn. Explore new interests and make it a habit to question your assumptions about people, situations, or ideas.8. Unearth novel insights about dataWith the explosion of unstructured data, CIOs and CTOs need better insights into it. Such insights are key for managing the lifecycle of data from creation to archiving. Insights are also critical for ensuring the most appropriate data is included in data lakes and data lake houses that support new AI/ML workloads.In 2025, the amount of unstructured data stored in both public cloud and private cloud environments will continue to grow, says Carl D'Halluin, CTO at hybrid cloud data services provider Datadobi. Its no longer realistic to ignore the fact that, in most organizations, data lives in a hybrid environment and global data management is required.9. Cloud adoptionCIOs and CTOs in remote-based industries such as maritime, and oil and gas have been slower to adopt cloud technologies than their peers in other industries. However, that is changing as the result of satellite connectivity.Data processing teams will be able to work remotely, with minimal physical infrastructure, says Andrew Lunstad, CTO of ocean data platform Terradepth. This shift will reduce the need for physical equipment on-site or on vessels, freeing up costly space and allowing teams to work from virtually anywhere.Another driver is the desire to accelerate data availability and minimize the risk of loss or damage to physical hard drives. However, adopting cloud-based processes requires sound change management because it potentially challenges long-standing practices.10. Enable extreme agility to weather shifting geopolitical threatsIn the wake of the election, Lou Steinberg, founder and managing partner of cyber research incubator CTM Insights (CTM), says CIOs and CTOs should expect geopolitical changes that will change threat actors behavior.Our defenses need the agility to adapt. Where you operate and your industry, should dictate what you do next, says Steinberg, who outlines the following scenarios:Russia may diminish its threat against the US given President-elect Trumps more favorable relationship with President Putin and European support for the war in Ukraine will likely dictate if the same holds true there. An emboldened Russia might increase DDoS attacks against western leaning states in the Balkans, Georgia, and Moldova while increasing the use of AI generated disinformation campaigns throughout Western Europe. Ransomware will continue to hit from multiple sources, but ransomware from Eastern Europe is generally less prevalent in nations that the Kremlin views as friendly.The Middle East may drive more cyberattacks against nations that seemingly support Israel. If Iran and Israel engage more significantly, regional groups will likely increase DDoS and hacktivist activities to draw attention to their cause. At the same time, Iran may seek to increase the cost of supporting Israel through unattributed attacks against critical Western infrastructure such as power generation, municipal water and dams.North Korea and the Trump administration could rekindle discussions that could lead to reduced sanctions, thereby reducing the DPRK's interest in financial theft. If they no longer see a Trump administration as one who negotiates in good faith, financial attacks will continue, and DDoS attacks could increase against American allies South Korea and Japan.Chinas likelihood of conflict is increasing. To date, it primarily focused on data theft, intelligence gathering and preparing for cyber-war, all of which rely on stealth. Should the US impose sanctions that cripple its economy, or should they decide to take Taiwan by force, stealthy behavior could be replaced by something much noisier. Backdoors could be used to disable critical infrastructure in banking, power generation and distribution, communications, etc. In the event of armed conflict with Taiwan, significant attacks against US infrastructure could be used to blunt its ability to intervene.None of these are guaranteed, but all are plausible. What's certain is that adversaries have interests, and their tactics reflect them, says Steinberg. Defenders need to consider how to adjust to a changing landscape as the threats change, or risk investing in immaterial controls at the expense of what's now needed. Buckle up, it's likely to be a bumpy ride."About the AuthorLisa MorganFreelance WriterLisa Morgan is a freelance writer who covers business and IT strategy and emergingtechnology for InformationWeek. She has contributed articles, reports, and other types of content to many technology, business, and mainstream publications and sites including tech pubs, The Washington Post and The Economist Intelligence Unit. Frequent areas of coverage include AI, analytics, cloud, cybersecurity, mobility, software development, and emerging cultural issues affecting the C-suite.See more from Lisa MorganNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also LikeWebinarsMore WebinarsReportsMore Reports
0 Comments 0 Shares 13 Views