Top 5 threats for IT leaders

With a continued increase in most kinds of cyber threats and with cyber attacks on the rise, IT leaders have a lot to worry about. Here are several threats for IT leaders to keep at front of mind:

Cyber security

Every organization is an IT organization, whether or not IT is the “business” of the organization. For a modern organization, every step involves technology, from taking orders, managing projects, issuing invoices, receiving payment, and communicating with stakeholders. It’s impossible to keep moving forward without the IT infrastructure.

That is why cyber security remains the top risk for IT leaders, as it has been for many years. To reduce this risk, consider your organization’s disaster recovery plan. Identify critical people and vendors, critical systems and applications, your RTO and RPO, and your vendor’s DR plan. Also consider how to design for redundancy and fail-over to minimize disruption, but also plan for how you will return to normal after an outage. IT leaders should also work with other organizational leaders to consider how departments might provide some level of business continuity in the event of an outage.

Data exfiltration

As the old saying goes, “Data is the new oil.” For some organizations, data supports decision making. Other organizations may trade on the value of data, such as providing analysis or making predictions. Businesses that trade on data may collect vast amounts of personal information about their users, such as via apps or usage data.

Consider how to keep this data safe. At the top of this priority list should be ways that data might be exfiltrated from the organization, either intentionally or unintentionally. The unintentional loss is most concerning today, especially considering how many ways people put data into third party systems without considering what data those systems might collect.

Organizations that deploy AI should ensure safeguards are in place to prevent accidental data exfiltration. For example, using general-purpose AI for tasks such as coding could result in training the AI on your code. Instead, consider bringing an AI system in-house, as a private AI system. If relying on a third party for AI delivery, carefully review contract language so the vendor cannot train their AI on what users enter into it, so you do not lose your intellectual property through AI.

Strategic planning

Many IT leaders find themselves unable to make long range plans, claiming that “IT changes too rapidly” for strategic plans beyond the next year or the next few years. But organizations that don’t plan for the future will instead find themselves in the “passenger seat” instead of in the “driver’s seat.”

Despite changes in the IT landscape, IT leaders need to keep their eye on the big picture and their role in making that happen across the larger organization. At best, IT leaders may think long term by extrapolation: they imagine what next year might look like, then the year after that, and the year after that. Each step is a 1-year horizon, and they “plan” by adding additional 1-year steps to the plan.

I find it is easier to interpolate than extrapolate. Imagine an end goal, and then fill in the gaps from your current location to your destination. When planning for the future, consider your organization’s guiding principles, which will usually be defined by the Board or other senior executive level. Also consider your own goals, what actions to take, and how to measure their effectiveness.

Decision making

With so many options on the table, IT leaders can find themselves facing difficult decisions. When in a tough spot, some organizations make a well-intentioned decision to fully analyze the problem, so they can make the best decision for the organization. While this is an excellent goal, it can sometimes lead to analysis paralysis where you are unable to take the next step due to overthinking all the available options, and taking into account too many variables.

Ron McFarland highlighted 4 factors in open decision-making that can help IT leaders to move forward in a decision. Consider these factors:

1. Quality: Does the decision successfully address a particular issue and actually resolve it? Does the outcome of the decision match what we’d hoped for?
2. Speed: How quickly are decisions made and executed?
3. Execution: How efficiently is the implementation and execution process of the decision managed?
4. Effort: What is the expense of time, energy, and assets to achieve what was decided? Is it too much or too little?

IT leaders should stay involved in critical decision-making, but should find ways to empower employee decision-making by encouraging team members to speak freely and honestly, and supporting staff to be courageous enough to be different. Identify team members who are committed to achievement, while providing accountability for whatever is decided.

Maintaining perspective

Keeping everything moving in a large organization can feel like juggling fire. This “noise” can distract IT leaders and actually prevent good decision making. When you are distracted by the details, it’s difficult to stay focused on the big picture. Everything becomes an “issue of the day.”

Consider the 4 qualities of IT leaders and how these qualities or priorities need to change at different levels in the organization. For example, your staff need to exercise technical skills. As the senior IT leader, CIOs and IT Directors need to practice their strategic skills, and leverage their interpersonal relationships to get there. Consider how to find your focus and what unnecessary tasks you are holding onto that should be delegated to your team. To succeed, you need to realize when to let go of your previous duties.