Scary Stories to Tell CIOs in the Dark
Vijay Sankaran
Chief Technology Officer and Head of Digital Solutions | AI, Data, and Software Thought Leader
This time of year, we all seem to love a good scare. But technology leaders will probably agree that it’s not witches, or zombies, or ghosts that keep us up at night: What scares us the most are some very real threats that we’ve either faced down already or will likely need to contend with at some point in the course of our career.
Here are my picks for the three scariest things that keep CIOs up at night:
Massive Systems Outages
Here’s a nightmare scenario for you: The clock strikes 9:30am Eastern. The eager bell-ringer hits the button. And… nothing. None of your clients can place a trade. Worse, they can’t even access their accounts. There’s a massive system-wide outage, and no one knows why, or what to do to fix it. The call centers become jammed with calls from angry clients. With each moment that passes, your clients and your firm are losing money. Your cell phone rings, and you already know, but you look anyway. Yup, it’s your CEO calling.
Doesn’t matter who, where, or what you are: If you have a website, it is at risk of downtime. As the cloud becomes a bigger and bigger part of companies’ technology infrastructure, reliability becomes ever more critical. Consider the example of Australia’s Virgin Blue airlines who, in 2010, experienced a massive outage that disrupted travel for 50,000 passengers and cost the company a reported $15 to 20 million. The cause? A systems outage at the cloud provider powering its tech.
Outages happen, and they will always happen. But as a leader, it’s your job to minimize both the likelihood and the potential impact of an outage. You need to expect the unexpected. Closely and continuously evaluating your tech partners and their offerings, having backups for your backups, and making sure that employees on the front lines are well prepared to work with clients should the worst case come to pass, will all go a long way in ensuring the likelihood is low and the impact is minimal.
Over-Budget Programs
Congratulations! You’ve built something beautiful. It’s perfect. It’s exactly what your clients want. And to deliver it, you went way over your budget. Not ideal.
Being a leader in technology means you need to be responsible in delivering what your clients need, but not at the cost of the health of your organization. When it comes to resourcing, negotiations can be difficult. And if you feel like you have more than what you need to get something done, chances are, your company isn’t being as diligent in its spending as it should be. Staying within budget helps keep the organization healthy. But sometimes you get blindsided, or you hit roadblocks, and only some additional budget will set you back on course.
Of course, in those scenarios, you need to be prepared to call upon your expertise as a leader to ask the fundamental questions: Is it really worth approaching my CEO/board/other to receive additional funds? What’s the impact for clients, and for our bottom line? Where else in the overall budget might we have a little excess? Trust your instincts be prepared to either advocate strongly or let it go.
Cybersecurity Incidents
An unfortunate truth is that while advances in technology have made great things possible, they have also made some very bad things possible. Bad actors have tools in their arsenal now that would have been unimaginable a decade--or even five years--ago. Consider a recent incident in Europe, where authorities believe a sophisticated hacker used AI to mimic the voice of a German holding company’s CEO and successfully extracted more than $240,000 from a UK-based subsidiary CEO. With the emergence and rapid improvement of “deepfake” image synthesis technology, someday, such AI-powered fraud could be possible with video chat. Who among us would be scrupulous enough to avoid falling victim to a scammer who looks and sounds just like a beloved relative or trusted friend? In the future, these are pitfalls we’ll need to learn to avoid.
As the CIO of an organization trusted by millions of clients, cybersecurity is paramount to the health of my organization and to my position. The stakes are high, to say the least. But as a leader, I have to accept and embrace the fact that the task of keeping our systems and data secure is work that will forever remain ongoing, and it’s not something I can take on alone. What I can do, and what I have done, is hire a whip-smart team, make sure they have the tools and resources they need to safeguard against threats as best we can, and work closely with my fellow leaders to create a culture of compliance and security awareness across our firm.
When you lead a technology organization, no matter the size of your company or client base, you’re taking on a big responsibility, and that can be scary. We’re all human, and humans are fallible. But with a good head on your shoulders and a great team around you, you can afford to get some good sleep at night.
Vijay, very well written and thanks for sharing. They all sound like real experiences than some scary stories ??. Given that we are in the era of massive Digital Transformation, every CIO should also live the scary scenario of their company becoming complacent and being overtaken by a startup with disruptive innovation using technology. When you are CIO of an established business, it is challenging to keep the current systems on and also be strategic about future. CIOs are not just implementors of business strategy anymore, they have lot to offer to shape the business strategy as well.
My favorite bedtime scary stories to CIOs in addition to these scary ones Supply Chain Risk ( including IT supply chain ) and Shadow/Rogue IT Risk.
CIO of PriceSmart, the only operator of membership warehouse clubs in Central America, the Caribbean, and Colombia
5 年Sounded quite familiar :)
Well written and hits the key points so well.