Challenges For CTOs In 2023

Uploaded on 2023-05-09 in NEWS-Cybersecurity News, JOBS-Careers, FREE TO VIEW

The scope of work challenges facing modern-day CTOs involves a multitude of often critical scenarios. The function of the CTO began as an offshoot role from the CIO office, with the CTO’s primary focus on implementation of technology alone. And today, the implementation function remains - and encompasses an ever-growing list of responsibilities.

Because alongside delivery of hardware and software infrastructures, modern CTOs also deal with cyber security, cloud platform enablement, data management, artificial intelligence, mobile apps, and a host of other functions. That’s before consideration of external factors and variables that the CTO manages, some of which, left untouched, have the propensity to disrupt and impact business operations.  

Effectively managing this range of functions also means exhibiting a wide range of appropriate character skills. The ever-increasing pace of technology advances means that CTOs need to exhibit first class communication, negotiation and analytical skills. After all, they are the main digital warriors within organisations.  According to a survey by IT research firm Gartner, successful CTOs must be able to speak the language of both technology and business as it is the CTO who decides which IT will deliver competitive edge, increase productivity and offer differentiation. This means that customer experiences, user experiences and digital transformations all fall within the CTO’s daily remit. And given that technology today has permeated into every business function, CTO’s now work actively with every department.  

Being such an essential cornerstone of any businesses’ strategy, the role of a CTO is increasingly high-profile and in high demand, with CTO job vacancies up 27% in the last 3 years alone. 

But whilst increasingly sought-after, what are the types of complex tasks that CTOs currently face daily? 

Top of the list, not least because of the dramatic uptick in cyber threats and ransomware incidents - up 38%³ in 2022 - is responsibility for managing cybersecurity. This is an increasingly complex job, set against a constant stream of new cyber threats, both internal and external. The landscape has become exacerbated recently as increasing amounts of business-critical data and apps now reside outside of former secure physical on-premise IT facilities. 

As the power of new technologies emerge, CTOs are the ones responsible for keeping pace with advances and for facilitating appropriate user case adoption pathways. As key recommenders of new digital enablement, CTOs first need to assess viability, impact and security ramifications. Whole industry sectors have sprung up with previously unseen ferocity around AI, IoT, Cloud, DevOps and blockchain. The pace of change has been relentless, and CTO’s must determine if and how these technologies can be effectively integrated into their own organisation’s operations. 

All these tech advances need to occur and co-exist alongside current IT infrastructures – often in legacy systems.

Many organisations are still reliant and are adequately working from previous generations of systems and applications. CTOs take daily decisions on how to manage, maintain and upgrade legacy equipment. Often, they retain elements and modernise where possible, upgrading with as little disruption to day-to-day operations. Such re-invention of legacy systems is a delicate management act of identifying, extending and repurposing hardware that can still be used successfully. Such complex extensions can thankfully be planned alongside reputable TPM (Third-Party Maintenance) partners, who, working in partnership with the CTO, work out cost and resource projections for and against continued use, including maintenance costs, patching routines and fixing security and performance concerns. 

The fourth challenge that CTOs face is adapting to external global and local factors. Extremely prevalent in the last three years, when CTOs became work enablement heroes as they provided IT amidst global lockdowns. Then came facilitation of re-inventing work cultures – from mandatory home working through to hybrid working– and more recently, back into working from company facilities. Each twist in the pandemic journey and its subsequent aftermath, carried extra-ordinary demands upon CTOs, many of whom switched to cloud based service provision almost overnight. Then came waves of global supply chain issues meaning dramatically increased hardware lead-times and restricted supply. And the final stings arrived in 2022, with dramatic shortages of qualified IT staff, and gross inflation costs for things like data centre energy consumption. 

On skilled IT staff, it’s a constant challenge for CTOs to attract and retain top tech talent. The STEM skills shortage gap means the demand for skilled tech professionals continues to press. Successful CTOs rely on teams of qualified staff to deliver and enable their tech vision, so attracting and retaining great staff in the highly competitive tech industry is challenging and attrition rates are high. Of course, once recruited in position, CTOs need to devise rewards and recognition to encourage stable and successful working teams. This includes ongoing training, evaluation and encouragement of new skills and when skills aren’t available internally, good CTOs aren’t afraid to outsource specialist roles and projects as needed, including sourcing highly trained external engineers, developers and consultants. 

Spotlighting the responsibilities and challenges of a CTO wouldn’t be complete without detailing the impact of the cloud on all organisations. The gamechanger behind the world’s IT infrastructures in the last 10 years, cloud computing has become all pervasive in the adoption of the latest gen apps and services, moving compute, processing and storage out of the physical data centre and into a third-party cloud hosted service. For CTOs, the real challenge before any such planned and demanding migration is to ensure services and data remain sustainable, scalable, and secure within the cloud. They also need to be realistic about the perceived long-term cost savings. Cloud repatriations due to high egress charges have become normal, so detailed planning and calculations need to occur first. CTOs also need to carefully detail which cloud provider has the best suitable security protocols and the most streamlined migration processes.

Lastly data. Data breaches continue to be one of every CTOs worst nightmares, ensuring that their organisation doesn’t fall foul of data privacy, compliance and data hacking. Accidental data breaches and nefarious cybercrimes, cause the biggest fallouts. Constant vigilance to cyber hygiene, cyber risk identification and adherence to incident management planning are critical and make organisations less susceptible.

Some CTOs will have the luxury of accessing a dedicated CISO, but often they themselves will retain responsibility for cyber threats, including that of motivating organisation-wide cyber cadences to try to prevent impact from employee attacks like phishing.

CTOs also need to adhere with increased data privacy regulations such as GDPR and HIPAA, while still being able to collect and use data effectively in order to provide personalised services to deliver competitive edge. 

Being a CTO in 2023 has to be recognised as one of the most demanding yet fulfilling executive roles on the Board. Not least because of the raft of growing challenges, but also from accountability. Modern-day CTOs are expected to deliver results and analytics back to management that clearly demonstrate ROI on their elected technology investments and in doing so, show that they have minimised tech inefficiencies and accurately tracked value to spend ratios.

Chris Carreiro is CTO of Park Place Technologies

You Might Also Read:

Under Pressure - Can CISOs Avoid Burnout?:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Encryption, Security & Privacy
Insurers Must Pay Merck's $1.4B Losses For NotPetya »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

GlobalSign

GlobalSign

GlobalSign is an identity services company providing cloud-based, PKI solutions for enterprises needing to conduct safe commerce, communications, content delivery and community interactions.

CLUSIS

CLUSIS

CLUSIS is an association for the information security industry in Switzerland.

NTNU Center for Cyber & Information Security (NTNU CCIS)

NTNU Center for Cyber & Information Security (NTNU CCIS)

NTNU CCIS is a national centre for research, education, testing, training and competence development within the area of cyber and information security.

D3 Security

D3 Security

D3's Smart SOAR platform is at the forefront of the security automation revolution, helping clients around the world to rapidly identify, analyze, and resolve advanced threats.

Exonar

Exonar

We enable organisations to better organise their information, removing risk and making it more productive and secure.

ThreatQuotient

ThreatQuotient

ThreatQuotient delivers an open and extensible threat intelligence platform to provide defenders the context, customization and collaboration needed for increased security effectiveness.

Achtwerk

Achtwerk

Achtwerk manufacture the security appliance IRMA for critical infrastructures and networked automation in production plants.

Thrive

Thrive

Thrive delivers the experience, resources, and expertise needed to create a comprehensive cyber security plan that covers your vital data, SaaS applications, end users, and critical infrastructure.

LOGbinder

LOGbinder

LOGbinder eliminates blind spots in security intelligence for endpoints and applications.

Marlabs

Marlabs

Marlabs is a Digital Technology Solutions company that helps companies adopt digital transformation using a comprehensive framework including Digital Automation, Enterprise Analytics and Security.

Seadot Cybersecurity

Seadot Cybersecurity

Seadot offer cybersecurity services to organizations with a high demand for regulatory compliance and security.

ProLion

ProLion

ProLion provides Data Integrity solutions that ensure organisations’ data remains secure, compliant, manageable and accessible.

Wib

Wib

Wib is an API security leader. We are the only company providing a solution for the entire API development lifecycle.

Entro Security

Entro Security

Entro is the first holistic secrets security platform that detects, safeguards, and enriches with context your secrets across code, vaults, chats, and platforms.

Qevlar AI

Qevlar AI

Qevlar AI empowers SOC teams, to eliminate redundant tasks and refocus on what truly matters - making the most of every employee within the SecOps team.

Control D

Control D

Control D is a modern and customizable DNS service that blocks threats, unwanted content and ads - on all devices.