Summary: You probably came into this year with a plan. You knew which challenges to address and which technologies to adopt. Then, the pandemic emerged and changed everything. As a result, CIOs and IT leaders face more challenges than ever. What challenges can we expect in 2021? In this article, we examine 5 challenges facing CIOs and IT leaders going into next year.
Then, COVID hit and changed everything. All of a sudden, you had different challenges. You had urgent challenges. The pandemic forced everyone to reevaluate their digital solutions. Many say it was the single biggest driver of digital transformation.
As we look towards the future, I’m sure I speak for most businesses when I say that our perspective has changed. We’re not looking through the ‘same-old’ lens. We’re looking through a lens of uncertainty.
Does anyone truly know what will happen in 2021? Of course not. But, we still must plan the best we can. We still must take the information we have, identify the biggest challenges, and how we plan to approach them. So, what are the biggest challenges facing CIOs and IT leaders in the next year? In this article, I attempt to answer that question and share some thoughts on how to address those challenges.
1. Security in the age of remote workersThe pandemic turned the business world into a remote working environment. Many were unprepared. They threw together temporary solutions to cope with remote workers.
But…what if remote workers are the new normal? What if another pandemic hits and we’re forced work from home again? It’s quite likely that the new ‘normal’ will be something in between the pre-COVID world and today’s remote work environment.
The problem: The move to remote work has also brought an increase in cyberattacks. According to these statistics, ransomware attacks increased by 50% in the third quarter of 2020. According to this article, hackers have been exploiting the pandemic with COVID-related phishing attacks.
The challenge: How are you going to secure your network when it has expanded to remote employees? Going forward, how can you ensure that employees can work securely from anywhere?
“The biggest challenges we’ve seen this year have been a result, or rather, an unintended consequence of organizations that quickly shifted to working from home in light of COVID-19,” says Nathan Little, Senior Vice President of Digital Forensics & Incident Response at Tetra Defense. “Countless organizations made tough decisions regarding their networks, and what we’ve seen is that getting a remote workforce connected quickly took precedence over getting them connected securely. A typical office or campus environment has a stronger defense against threat actors than a typical home network, and threat actors have been able to capitalize on that. The majority of cases that we’ve seen in just the past few months have resulted from vulnerabilities via remote access connections. As remote work will probably continue well into 2021, it’s important to address security challenges starting here first.”
How to address this challenge
In 2021, we can’t assume that remote work is temporary. It’s time to re-examine what constitutes a ‘corporate network’. With company-owned devices residing in employee’s homes, your security focus should start with remote access.
“The highest priority is to secure remote access for employees,” explains Little. “We’ve seen numerous organizations fall victim to ransomware via an exploited Windows Remote Desktop Protocol (RDP) session, which allows threat actors to not only access an internal network but also move within it and implement their own tools/settings/privileges. One of the most important, and also the most cost-effective ways to improve security posture would be to update all tools and software, and ideally, setting up automatic updates. Being sure to pay attention to firewalls, exchange services, or anything that can be accessed from the outside world (the public internet) to the internal network can help thwart a threat actor. For a more technical safeguard, we recommend securing access to a remote workforce via a Virtual Private Network (VPN) and protecting each user account with Multi-Factor Authentication. If access to an organization’s network is only protected with a set of username/password credentials, we’ve seen repeatedly that this is not enough. Threat actors have the means to attempt brute force attacks or buy credentials on the dark web, so MFA becomes a required second barrier to protect all accounts that access a network. These safeguards are meant for CIOs or IT leaders; they are what can keep technological infrastructure protected, while security awareness training can keep employees protected and aware of the latest threats.”
2. Being asked to do more with reduced budgets
Way back when in-person events and conferences were a thing, we’d attend a few CIO conferences every year. We’d speak with CIOs about their goals and challenges.
Can you guess the biggest challenge that we heard time and time again? CIOs are constantly asked to deliver more value with limited resources and insufficient budgets. They talked about specific solutions that they needed to deliver but lacked the resources to handle.
I can’t imagine that issue has magically fixed itself this year. Rather, it got worse. CIOs are being asked to do even more…with fewer resources.
“IT budgeting is challenging even at the best of times but the global pandemic will make the critical activity even more difficult for CIOs,” says Dileep Jacob, Senior Vice President – Global Operations at ReachOut Suite. “With uncertainty on the horizon, CIOs will have to re-prioritize tech investments and focus on more pressing needs during these trying times. Quoting the 2021 State of IT – Spiceworks Ziff Davis report, 31% of organizations believe in revenues to decrease from 2020 – 2021. The areas of focus would majorly be updating outdated IT infrastructure to avoid security breaches, embracing scalable cloud solutions, optimizing existing operations to support a remote workforce, and investing in online backup solutions and productivity software. Unlike the previous years, investing in experimental projects leveraging emerging technologies, hardware spending, and other non-core IT spend will take a backseat.”
How to address this challenge
To overcome this challenge, I recommend focusing on two areas: First, find ways to get more out of your existing resources. I know…that sounds vague. If you’d like to read practical tips, here’s an article I wrote a few years back on the topic.
The second area of focus: Communication. As explained below, you must have clear communication with company leadership and provide data-driven facts on the impact of potential budget cuts.
“As many companies have had their bottom line affected by the pandemic, IT is often a target for quick budget cuts,” says Aaron Swann, vCIO at InfoSystems and host of the podcast, ‘IT Coach for Growing Businesses’. “At the same time IT departments are also being asked to provide even greater resources such as work from home access, virtual collaboration and tighter security. To overcome this challenge, communication with company leadership is vital. Provide data on how cuts being considered will affect operations so that these decisions are made with an informed view. Work with business leadership to set objectives for IT and then set budgets accordingly, rather than letting the budgets drive what is/is not possible.”
3. Preparing for uncertainty2020 was like a pop quiz for businesses around the world. It forced them to answer a couple of crucial questions: How prepared are you for the unknown? How quickly can you adapt to change?
I’d love to say that 2021 will be better. But…who really knows? Will it be business as usual or will we still deal with the fallout from 2020? Will business ever get back to the way it was before this year? Who knows.
That’s the whole point. Nobody can say with any level of certainty how things will play out in the next few years. This is the new reality, and CIOs must prepare for it.
“I would say that the main challenge is the level of uncertainty,” says Vladimir Lugovsky, UI Bakery CEO & Co-Founder. “COVID-19 has affected a lot of industries quite seriously. It has also changed the way people think, behave, and communicate. As a result, more businesses will have to re-evaluate their business strategies.”
How to address this challenge
How do you prepare for uncertainty? Focus on agility. If you don’t know what’s going to happen, put yourself in a position to move quickly and adapt. Give employees the tools they need to move quickly. As explained below, self-service tools should be a key part of your strategy.
“Companies need to finally embrace agility,” says Ivan Kot, Senior Manager at Itransition. “They need to cast off long-term plans and predictions once and for all and adopt short-term planning models and real-time analytics to see and react to even the smallest changes. Scalability should be a key ingredient when developing platforms and tools in order to allow for growing or shrinking depending on the situation. All employees who closely deal with data within their responsibilities should master self-service analytical tools to be able to visualize data, spot anomalies, and present these insights to their teams.”
4. Adapting to the rise of self-service development tools
As mentioned in a recent article, low-code development platform adoption is on the rise over the last few years. Forrester estimates that spending on low-code tools will exceed $20 billion in 2022.
How did COVID impact low-code? As explained in this article, it only drove low-code adoption up even further. As companies rushed to find solutions that would help adapt to this year’s changes, many gravitated towards low-code.
Why? Low-code platforms cut development time in half and give self-service development options to end users. For those needing to quickly adapt to COVID realities, low-code was the ideal solution.
While this is all well and good, CIOs must now adapt to low-code within their organization. Low-code can certainly be a force for good, provided that CIOs place proper restrictions on low-code users.
“Low-code platforms offer opportunities to automate business processes more rapidly than ever before,” says John McIntyre of HotPMO Ltd. “But these are being picked up by teams outside of IT, who are developing their own solutions. Whilst empowering your workforce can be a force for good, CIOs will have to consider how to maintain a watchful eye on such initiatives to ensure that citizen programmers do not accidentally breach policies, or end up creating complex processes that are wholly reliant on that one member of the team who happened to be a ‘bit of a techie’.”
How to address this challenge
The answer lies in data control. The central strategy of the CIO or IT leader should be to ensure data is available where required, but access is secure and traceable. With this approach, the IT department locks down the data and gives users access to self-service development tools. The users can build the necessary applications over that data, without placing the data at risk. In this way, IT still maintains control over the business data, while giving business units the ability to meet their own needs.
5. Adapt to 5GBy now, you’re probably familiar with the concept of 5G. It’s the fifth generation of cellular networking, slowly replacing 4G networks. It’s been in the works for years, but is now seeing widespread rollout.
The main advantage: 5G brings download speeds that are 20x faster than 4G networks.
But, (much) faster internet is just the tip of the iceberg. Once 5G is deployed, it will trigger a series of trends. For instance, we’ll see an uptick in IoT, AR/VR, self-driving cars, remote work, and much more. 5G will be the catalyst for many trends and technologies.
“IT Leaders need to upgrade their systems to accommodate new technologies birthed by 5G technology,” says Yaniv Masjedi, CMO at Nextiva. “The existence of 5G technology means that companies would have to update their current digital tools and network to better versions.
Cyberterrorists and hackers will use 5G technology to infiltrate protected systems, so organizations should also reinforce themselves with 5G-reliant tools to safeguard their data and privacy.
When organizations fail to upgrade, they become easy targets for cyberterrorists. When attacked, the chances are high that the infiltration would be successful.”
How to address this challenge
Your response to 5G largely varies by company. I can’t give you specific guidelines to follow as every business is different. However, my message to you is this: Don’t ignore 5G. Look into ways that your business can adapt to and capitalize on this technology.
Of course, this list of challenges could easily be much longer. Would you add anything? If you would like to add anything to this list, I’d love to hear it. Feel free to share in the comments.