Challenges For CTOs In 2023

The scope of work challenges facing modern-day CTOs involves a multitude of often critical scenarios. The function of the CTO began as an offshoot role from the CIO office, with the CTO’s primary focus on implementation of technology alone. And today, the implementation function remains - and encompasses an ever-growing list of responsibilities.

Because alongside delivery of hardware and software infrastructures, modern CTOs also deal with cyber security, cloud platform enablement, data management, artificial intelligence, mobile apps, and a host of other functions. That’s before consideration of external factors and variables that the CTO manages, some of which, left untouched, have the propensity to disrupt and impact business operations.  

Effectively managing this range of functions also means exhibiting a wide range of appropriate character skills. The ever-increasing pace of technology advances means that CTOs need to exhibit first class communication, negotiation and analytical skills. After all, they are the main digital warriors within organisations.  According to a survey by IT research firm Gartner, successful CTOs must be able to speak the language of both technology and business as it is the CTO who decides which IT will deliver competitive edge, increase productivity and offer differentiation. This means that customer experiences, user experiences and digital transformations all fall within the CTO’s daily remit. And given that technology today has permeated into every business function, CTO’s now work actively with every department.  

Being such an essential cornerstone of any businesses’ strategy, the role of a CTO is increasingly high-profile and in high demand, with CTO job vacancies up 27% in the last 3 years alone. 

But whilst increasingly sought-after, what are the types of complex tasks that CTOs currently face daily? 

Top of the list, not least because of the dramatic uptick in cyber threats and ransomware incidents - up 38%³ in 2022 - is responsibility for managing cybersecurity. This is an increasingly complex job, set against a constant stream of new cyber threats, both internal and external. The landscape has become exacerbated recently as increasing amounts of business-critical data and apps now reside outside of former secure physical on-premise IT facilities. 

As the power of new technologies emerge, CTOs are the ones responsible for keeping pace with advances and for facilitating appropriate user case adoption pathways. As key recommenders of new digital enablement, CTOs first need to assess viability, impact and security ramifications. Whole industry sectors have sprung up with previously unseen ferocity around AI, IoT, Cloud, DevOps and blockchain. The pace of change has been relentless, and CTO’s must determine if and how these technologies can be effectively integrated into their own organisation’s operations. 

All these tech advances need to occur and co-exist alongside current IT infrastructures – often in legacy systems.

Many organisations are still reliant and are adequately working from previous generations of systems and applications. CTOs take daily decisions on how to manage, maintain and upgrade legacy equipment. Often, they retain elements and modernise where possible, upgrading with as little disruption to day-to-day operations. Such re-invention of legacy systems is a delicate management act of identifying, extending and repurposing hardware that can still be used successfully. Such complex extensions can thankfully be planned alongside reputable TPM (Third-Party Maintenance) partners, who, working in partnership with the CTO, work out cost and resource projections for and against continued use, including maintenance costs, patching routines and fixing security and performance concerns. 

The fourth challenge that CTOs face is adapting to external global and local factors. Extremely prevalent in the last three years, when CTOs became work enablement heroes as they provided IT amidst global lockdowns. Then came facilitation of re-inventing work cultures – from mandatory home working through to hybrid working– and more recently, back into working from company facilities. Each twist in the pandemic journey and its subsequent aftermath, carried extra-ordinary demands upon CTOs, many of whom switched to cloud based service provision almost overnight. Then came waves of global supply chain issues meaning dramatically increased hardware lead-times and restricted supply. And the final stings arrived in 2022, with dramatic shortages of qualified IT staff, and gross inflation costs for things like data centre energy consumption. 

On skilled IT staff, it’s a constant challenge for CTOs to attract and retain top tech talent. The STEM skills shortage gap means the demand for skilled tech professionals continues to press. Successful CTOs rely on teams of qualified staff to deliver and enable their tech vision, so attracting and retaining great staff in the highly competitive tech industry is challenging and attrition rates are high. Of course, once recruited in position, CTOs need to devise rewards and recognition to encourage stable and successful working teams. This includes ongoing training, evaluation and encouragement of new skills and when skills aren’t available internally, good CTOs aren’t afraid to outsource specialist roles and projects as needed, including sourcing highly trained external engineers, developers and consultants. 

Spotlighting the responsibilities and challenges of a CTO wouldn’t be complete without detailing the impact of the cloud on all organisations. The gamechanger behind the world’s IT infrastructures in the last 10 years, cloud computing has become all pervasive in the adoption of the latest gen apps and services, moving compute, processing and storage out of the physical data centre and into a third-party cloud hosted service. For CTOs, the real challenge before any such planned and demanding migration is to ensure services and data remain sustainable, scalable, and secure within the cloud. They also need to be realistic about the perceived long-term cost savings. Cloud repatriations due to high egress charges have become normal, so detailed planning and calculations need to occur first. CTOs also need to carefully detail which cloud provider has the best suitable security protocols and the most streamlined migration processes.

Lastly data. Data breaches continue to be one of every CTOs worst nightmares, ensuring that their organisation doesn’t fall foul of data privacy, compliance and data hacking. Accidental data breaches and nefarious cybercrimes, cause the biggest fallouts. Constant vigilance to cyber hygiene, cyber risk identification and adherence to incident management planning are critical and make organisations less susceptible.

Some CTOs will have the luxury of accessing a dedicated CISO, but often they themselves will retain responsibility for cyber threats, including that of motivating organisation-wide cyber cadences to try to prevent impact from employee attacks like phishing.

CTOs also need to adhere with increased data privacy regulations such as GDPR and HIPAA, while still being able to collect and use data effectively in order to provide personalised services to deliver competitive edge. 

Being a CTO in 2023 has to be recognised as one of the most demanding yet fulfilling executive roles on the Board. Not least because of the raft of growing challenges, but also from accountability. Modern-day CTOs are expected to deliver results and analytics back to management that clearly demonstrate ROI on their elected technology investments and in doing so, show that they have minimised tech inefficiencies and accurately tracked value to spend ratios.

Chris Carreiro is CTO of Park Place Technologies

You Might Also Read:

Under Pressure - Can CISOs Avoid Burnout?:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Encryption, Security & Privacy
Insurers Must Pay Merck's $1.4B Losses For NotPetya »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Brookings Institution

Brookings Institution

The Brookings Institution is a nonprofit public policy organization. Cyber security is covered within the various study areas.

TZ-CERT

TZ-CERT

TZ-CERT is the National Computer Emergence Response Team of Tanzania.

Zurich

Zurich

Zurich’s Security and Privacy policy is designed to manage financial and reputational costs as a result of a breach of network security or unauthorized access or release of private information.

Rambus Security Division

Rambus Security Division

Rambus Security Division solutions span areas including tamper resistance, content protection, network security, mobile payment, smart ticketing, and trusted provisioning services.

HvS Consulting

HvS Consulting

HvS Consulting is a specialist information security company offering a full range of services including IT security architecture, ISO 27001 audits, Pentesting, Security monitoring and Training.

CYSEC Academy

CYSEC Academy

CYSEC Academy offer cyber certifications, cyber assurance and cyber defense training, hands-on learning training modules, public, private and bespoke training courses.

CETIC

CETIC

CETIC is an applied research centre in the field of ICT. Key technologies include Big Data, Cloud Computing, the Internet of Things, software quality, and trust and security of IT systems.

Kingsley Napley

Kingsley Napley

Cyber crime is an area of growing legal complexity. Our team of cyber crime lawyers have vast experience of the law in this area.

Nuspire

Nuspire

Nuspire provide services to protect your network with best-in-class managed detection and response, allowing you to stay focused on managing your business.

Search Guard

Search Guard

Search Guard® is an Open Source security suite for #Elasticsearch and the entire #ELK stack that offers encryption, authentication, authorization, audit logging and multi tenancy.

Microland

Microland

Microland’s delivery of digital is all about making technology do more and intrude less for global enterprises. Our services include Cloud & Data Center, Networks, Cybersecurity and more.

Apptega

Apptega

Apptega is an award-Winning Cybersecurity and Compliance Platform. Our mission is to make cybersecurity and compliance easy for everyone.

NTT Group

NTT Group

NTT offers agile, scalable technology services to bring it all together seamlessly, securely, and sustainably. We help you adopt a holistic security approach across your network, clouds, applications.

VectorRock

VectorRock

Save Your Business From Cyber Criminals. We specialize in uncovering cyber risks which threaten your organization and fixing them.

Varutra Consulting

Varutra Consulting

Varutra Consulting is an Cyber Security Consulting, Solutions and Training services firm, providing specialized security services for software, mobile and network.

Certcube Labs

Certcube Labs

Certcube Labs provide a broad range of services in the areas of Assessments, Development, Risk Advisory, Blockchain, Forensics Investigations, Managed Security Solutions, and IT Security Trainings.