Many CIOs like myself have had an opportunity to see a paradigm shift in how IT has shaped business and, consequently, the role of CIOs as well as the role of the IT department—from the 1980s to the current date. So within our own professional carrier span, we have seen the transformation of the role of CIOs and the challenges for the CISOs.
If one rolls back the clock, even in the 80s, we did witness the long wait list to get landlines and to get point-to-point data circuits. Fast forward to today, the monopoly has given way to competition and also the technology has shaped up for faster realization; it enables anytime, anywhere access and always-on connectivity.
The way to transact business has changed so dramatically, one could safely say that technology per se has been the game changer — to influence the pace and impact of change in how an enterprise works and how its ecosystem of partners collaborate. Consequently, this has shaped the new role and responsibility of the new age CIO.
CIOs like me have walked the IT space of 2 to 3 decades with the mainframes, dial up and slow speed modems and low bandwidth with CRTs; and we are now seeing the transition to desktops, and then laptops with digital and high speed routers and Internet et al. The technology overdrive and the churn that happens has indeed impacted life styles of people and the work practices and consequently, the way the current day CIOs need to handle the pressure points in much lesser time frames.
The mobiles and pads and phablets and touch screen laptops are all competing in the workplace and it is a tough call for the CIO, to decide which would be the ideal platform and form factor to sustain corporate apps and mobile apps. With BYOD or CYOD of enterprise procured and managed devices, the complexity of satisfying staff in the workplace is very challenging. With big data, cloud, virtualization, mobility, social networks and Internet of Things all competing for space, with the current day business leaders seeking a direct participation in services, the current day CIO sometimes is forced on a tight rope walk to balance business interests and technology roadmap conceived for the enterprise, and of course, the limitation of budgets hanging as the proverbial sword over the head.
The ecosystem has more interplay than at any time with enterprise business and time to market and for the enterprise to be competitive and turnaround times that are shrinking. As innovation and technology largely shapes the roadmap and sustainability of the enterprise in the market place, the current day CIO needs be a positive thinker and a good strategist. He needs to have a full understanding of business and the market forces to bring to the table, to leverage innovation and technology for an accelerated growth and customer experience. Agility with leading edge technology and an open mindset with a reasonable risk appetite is the hallmark for today’s CIOs.
Like CIOs, the role play for CISOs has also equally become too challenging. In the earlier era of closed networks, areas of incursion was reasonably identified and ring fenced. But as we have passed through the decades, IT security challenges have equally grown. The business needs today, anytime and anywhere access, with commercial transactions being carried out using internet and now through mobiles as well. Both customers and the current day staff expect social networks to aid business and business interactions. This consequently is creating a challenge to allow at the workplace, ready access to social networking sites which were a taboo in the enterprise access policy! Now, the CISO needs to figure out how to ring-fence servers and applications, and yet allow the enterprise and customers to be seamlessly engaged.
In today’s world, the severity and the spread of security attacks on the customer and enterprise data is fraught with very tough calls and challenges to manage. We do witness even so called secure networks and enterprises having been compromised, and have witnessed a large number of credit cards details or mails and data files being stolen, We have also seen enterprises, customers and sometimes even the government getting compromised because of security breaches.
The threat to the IT landscape for an enterprise is always real and out there. People strive to break in for different reasons and triggers, and no CISO can safely say that there would be no breaches to worry for the business. Many enterprises are yet to have IT security as a practice and with the complex security requirements, this discipline needs a focus from the corporate with adequate budgets and engagement of executive management, to give the support that IT security practice demands. IT security NOC needs to be in place with an active 24X7 monitoring.
Francis Rajan is CIO, Bangalore International Airport Limited