Challenges For CTOs In 2023

Uploaded on 2023-05-09 in NEWS-Cybersecurity News, JOBS-Careers, FREE TO VIEW

The scope of work challenges facing modern-day CTOs involves a multitude of often critical scenarios. The function of the CTO began as an offshoot role from the CIO office, with the CTO’s primary focus on implementation of technology alone. And today, the implementation function remains - and encompasses an ever-growing list of responsibilities.

Because alongside delivery of hardware and software infrastructures, modern CTOs also deal with cyber security, cloud platform enablement, data management, artificial intelligence, mobile apps, and a host of other functions. That’s before consideration of external factors and variables that the CTO manages, some of which, left untouched, have the propensity to disrupt and impact business operations.  

Effectively managing this range of functions also means exhibiting a wide range of appropriate character skills. The ever-increasing pace of technology advances means that CTOs need to exhibit first class communication, negotiation and analytical skills. After all, they are the main digital warriors within organisations.  According to a survey by IT research firm Gartner, successful CTOs must be able to speak the language of both technology and business as it is the CTO who decides which IT will deliver competitive edge, increase productivity and offer differentiation. This means that customer experiences, user experiences and digital transformations all fall within the CTO’s daily remit. And given that technology today has permeated into every business function, CTO’s now work actively with every department.  

Being such an essential cornerstone of any businesses’ strategy, the role of a CTO is increasingly high-profile and in high demand, with CTO job vacancies up 27% in the last 3 years alone. 

But whilst increasingly sought-after, what are the types of complex tasks that CTOs currently face daily? 

Top of the list, not least because of the dramatic uptick in cyber threats and ransomware incidents - up 38%³ in 2022 - is responsibility for managing cybersecurity. This is an increasingly complex job, set against a constant stream of new cyber threats, both internal and external. The landscape has become exacerbated recently as increasing amounts of business-critical data and apps now reside outside of former secure physical on-premise IT facilities. 

As the power of new technologies emerge, CTOs are the ones responsible for keeping pace with advances and for facilitating appropriate user case adoption pathways. As key recommenders of new digital enablement, CTOs first need to assess viability, impact and security ramifications. Whole industry sectors have sprung up with previously unseen ferocity around AI, IoT, Cloud, DevOps and blockchain. The pace of change has been relentless, and CTO’s must determine if and how these technologies can be effectively integrated into their own organisation’s operations. 

All these tech advances need to occur and co-exist alongside current IT infrastructures – often in legacy systems.

Many organisations are still reliant and are adequately working from previous generations of systems and applications. CTOs take daily decisions on how to manage, maintain and upgrade legacy equipment. Often, they retain elements and modernise where possible, upgrading with as little disruption to day-to-day operations. Such re-invention of legacy systems is a delicate management act of identifying, extending and repurposing hardware that can still be used successfully. Such complex extensions can thankfully be planned alongside reputable TPM (Third-Party Maintenance) partners, who, working in partnership with the CTO, work out cost and resource projections for and against continued use, including maintenance costs, patching routines and fixing security and performance concerns. 

The fourth challenge that CTOs face is adapting to external global and local factors. Extremely prevalent in the last three years, when CTOs became work enablement heroes as they provided IT amidst global lockdowns. Then came facilitation of re-inventing work cultures – from mandatory home working through to hybrid working– and more recently, back into working from company facilities. Each twist in the pandemic journey and its subsequent aftermath, carried extra-ordinary demands upon CTOs, many of whom switched to cloud based service provision almost overnight. Then came waves of global supply chain issues meaning dramatically increased hardware lead-times and restricted supply. And the final stings arrived in 2022, with dramatic shortages of qualified IT staff, and gross inflation costs for things like data centre energy consumption. 

On skilled IT staff, it’s a constant challenge for CTOs to attract and retain top tech talent. The STEM skills shortage gap means the demand for skilled tech professionals continues to press. Successful CTOs rely on teams of qualified staff to deliver and enable their tech vision, so attracting and retaining great staff in the highly competitive tech industry is challenging and attrition rates are high. Of course, once recruited in position, CTOs need to devise rewards and recognition to encourage stable and successful working teams. This includes ongoing training, evaluation and encouragement of new skills and when skills aren’t available internally, good CTOs aren’t afraid to outsource specialist roles and projects as needed, including sourcing highly trained external engineers, developers and consultants. 

Spotlighting the responsibilities and challenges of a CTO wouldn’t be complete without detailing the impact of the cloud on all organisations. The gamechanger behind the world’s IT infrastructures in the last 10 years, cloud computing has become all pervasive in the adoption of the latest gen apps and services, moving compute, processing and storage out of the physical data centre and into a third-party cloud hosted service. For CTOs, the real challenge before any such planned and demanding migration is to ensure services and data remain sustainable, scalable, and secure within the cloud. They also need to be realistic about the perceived long-term cost savings. Cloud repatriations due to high egress charges have become normal, so detailed planning and calculations need to occur first. CTOs also need to carefully detail which cloud provider has the best suitable security protocols and the most streamlined migration processes.

Lastly data. Data breaches continue to be one of every CTOs worst nightmares, ensuring that their organisation doesn’t fall foul of data privacy, compliance and data hacking. Accidental data breaches and nefarious cybercrimes, cause the biggest fallouts. Constant vigilance to cyber hygiene, cyber risk identification and adherence to incident management planning are critical and make organisations less susceptible.

Some CTOs will have the luxury of accessing a dedicated CISO, but often they themselves will retain responsibility for cyber threats, including that of motivating organisation-wide cyber cadences to try to prevent impact from employee attacks like phishing.

CTOs also need to adhere with increased data privacy regulations such as GDPR and HIPAA, while still being able to collect and use data effectively in order to provide personalised services to deliver competitive edge. 

Being a CTO in 2023 has to be recognised as one of the most demanding yet fulfilling executive roles on the Board. Not least because of the raft of growing challenges, but also from accountability. Modern-day CTOs are expected to deliver results and analytics back to management that clearly demonstrate ROI on their elected technology investments and in doing so, show that they have minimised tech inefficiencies and accurately tracked value to spend ratios.

Chris Carreiro is CTO of Park Place Technologies

You Might Also Read:

Under Pressure - Can CISOs Avoid Burnout?:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Encryption, Security & Privacy
Insurers Must Pay Merck's $1.4B Losses For NotPetya »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Kudelski Security

Kudelski Security

Kudelski Security is an international cybersecurity company providing innovative, independent and tailored security solutions for large enterprise and public sector clients.

Sumo Logic

Sumo Logic

Sumo Logic simplifies how you collect and analyze machine data so that you can gain deep visibility across your full application and infrastructure stack.

CyberDegrees.org

CyberDegrees.org

CyberDegrees.org aims to provide top-notch information for students seeking Cyber Security education and career guidance.

Global Incubator Network Austria (GIN Austria)

Global Incubator Network Austria (GIN Austria)

GIN Austria is the connecting link between Austrian and international startups, investors, incubators and accelerators with a focus on selected hotspots in Asia.

Chicago Quantum Exchange (CQE)

Chicago Quantum Exchange (CQE)

Chicago Quantum Exchange is an intellectual hub and community of researchers with the common goal of advancing academic and industrial efforts in the science and engineering of quantum information.

Informer

Informer

Informer provides an Attack Surface Management SaaS platform alongside penetration testing services. We combine machine learning and human intelligence to reduce cyber risk.

CyberRisk Alliance (CRA)

CyberRisk Alliance (CRA)

CyberRisk Alliance is a business intelligence company created to serve the rapidly evolving cybersecurity and information risk management marketplace.

Conference on Applied Machine Learning in Information Security (CAMLIS)

Conference on Applied Machine Learning in Information Security (CAMLIS)

CAMLIS is a venue for discussing applied research on machine learning, deep learning and data science in information security.

CyberPeace Foundation

CyberPeace Foundation

CPF is a think tank of cybersecurity and policy experts with the vision of pioneering Cyber Peace Initiatives to build collective resiliency against CyberCrimes and global threats of cyber warfare.

FPG Technologies & Solutions

FPG Technologies & Solutions

FPG Technology is a technology solutions provider and systems integrator, specializing in delivering IT Consulting, IT Security, Cloud, Mobility, Infrastructure solutions and services.

Celebrus

Celebrus

Celebrus Fraud Data Platform, by D4t4 Solutions, works with existing fraud structures to augment functionality and turn fraud management into true fraud prevention.

BlueSteel Cybersecurity

BlueSteel Cybersecurity

BlueSteel is a compliance consulting firm that leverages deep system, data and application expertise to build sustainable cybersecurity solutions.

Gen Digital

Gen Digital

At Gen™, our mission is to create technology solutions for people to take full advantage of the digital world, safely, privately, and confidently – so together, we can build a better tomorrow.

Nerds On Site

Nerds On Site

Nerds On Site provide on-site & in-home IT and technical support, managed IT services, and cyber security through our collaborative team of highly-trained IT and Security professionals.

Secur-Serv

Secur-Serv

Secur-Serv is a security-first managed services provider. We provides Managed IT, Managed Print, Managed Device, and Cybersecurity services to companies of every size.

Jersey Cyber Security Centre (JCSC)

Jersey Cyber Security Centre (JCSC)

Jersey Cyber Security Centre is the jurisdiction's Cyber Emergency Response Team (CERT) and national technical authority for cyber security.