SoundOff: What's keeping CIOs awake at night


Spear-phishing has evolved into whale-phishing, data breach incidents are soaring and everyone seems to be running company data over their personal smartphones. At the same time, IT departments are being asked to do more for the business than ever before with less resources. It's enough to keep the mellowest of CIOs from sleeping through the night. In the latest installment of our annual Halloween feature, CIOs from the public and private sectors share the scariest things they're facing this season.

There is a lot more that gets me up in morning than keeps me up at night, but if I had to pick the biggest challenge on the horizon, it would be the combination of most workers knowing they can be productive outside the office and the fact that by 2015 mobile devices will outnumber humans.

Knowing as a CIO it is my responsibility to increase productivity and performance for the organization and believing collaboration and information sharing is key--couple this with the above (people demanding to work from everywhere on just about any kind of device you can imagine)--all has me chanting "identity management" and "elasticity of computer resources" in my sleep--I have the feeling I will be taught multiple lessons I had no intention of learning in the near future--an adventure I look forward to.

- Ira Levy, CIO, Howard County, Md.

The scariest thing facing me this Halloween season is our continuing brain drain and our inability to hire equally qualified people at the salary levels the state is willing to pay. As the unemployment rate in West Virginia trends downward, private industry is hiring our most qualified and talented individuals. This is in addition to our 7 percent normal turnover due to retirements. 

- Kyle Schafer, CIO, West Virginia

Of course, top priority for any CIO is data security within his/her infrastructure boundaries keeping us up at night. This leads to logging and access control across every tier of our infrastructure, particularly in regulated environments. We must ensure our enterprise staff verifies that data is encrypted everywhere it may be accessed and media no longer in use properly is decommissioned upon exit.

We are constantly under escalating pressure to innovate while at the same time protecting our assets against rising security threats and managing an increasing amount of hardware, software and information. Training and having the appropriate staff to ensure that vulnerabilities are mitigated or remediated immediately tends to be a challenge. These are nightmares keeping this CIO awake in protecting our perimeter from potential intrusions, denial of services and data integrity.

- General Kearney, Jr., Network 11 Chief Information Officer, Department of Veterans Affairs

I have great confidence in my team and am able to sleep *fairly well* at night, barring any earthquakes, calls related to security events or major system outages. With that being said, given the dynamic nature of technology and the continued effort to lead a cutting edge IT organization, there are always planned and current initiatives and other ongoing business activities which can be challenging. With the proliferation of mobile devices and savvy employees using these devices for business-related activities, the risks associated with unmanaged, insecure devices on our network is a constant topic of discussion within my organization. The need to balance conducting business on these devices and the potential accompanying risks of intellectual or sensitive property leakage is a concern. 

Another area of recent attention is the proliferation of social media and personal storage applications which allow employees to hold discussions and share or store data. Ensuring employees follow policies and guidelines in their use of these means Informatica does not inadvertently disclose sensitive information outside the company, or introduce security risks. I could go on with other concerns such as staffing, retention, globalization, mergers and acquisitions, but for now I'm sleeping pretty soundly.

- Tony Young, CIO, Informatica

The role of the CIO is to ensure that the enterprise makes the best use of information as possible--and this responsibility is directly related to the appropriate use of information technology. The CIO's stewardship of enterprise IT falls into two general areas of activity: assuring that the IT systems function to maintain the business processes, and maintaining a vision and strategy for the continual exploitation of emerging technologies to achieve future business goals. As CIO of IEEE, I leverage my experience in effectively forecasting IT industry trends to be undaunted by the latter task. However, no matter how much effort is devoted toward the former one, it is theoretically impossible to assure that all systems will always run flawlessly--there's always a scenario that hasn't been accounted for, and that is awaiting the moment that you least expect it to rear its haunting head. Thus, the scariest part of being a CIO is the unknown--that is, the unknown bug, the unknown use case, the unknown scenario that, when you think all is well and stable, suddenly takes you by surprise and wreaks havoc, even just temporarily, on your ability to keep the business information systems running.

- Alexander J. Pasik, CIO, IEEE

Change Management is an extremely important task for continuity. Changes in technology architecture, relationship managers, or support groups can all cause hiccups in our overall ecosystem--surprise changes with our service partners can keep me up at night. The majority of these partners have a SaaS or web delivery model that is provisioned with core control by the provider. Our service architecture is constructed of scalable and portable services with competitive advantages in each functional space from performance reporting and custodian services, to trade-away execution, and so on. Fortunately, our partnership network of service providers is extensive. We work closely with all of our partners to anticipate change, keeping our operations streamlined.

- John Stuart, CIO, Beverly Hills Wealth Management

Related Articles:
SoundOff: What we've learned about the cloud in 2011

SoundOff: What keeps CIOs awake at night? [2010]