Of all the workplace issues keeping CIOs up at night, three in particular are worrisome for IT executives: security, downtime and talent acquisition, according to a December 2014 study of 276 U.S. CIOs and executive IT professionals commissioned by Sungard Availability Services (Sungard AS).
Security Threats Put Businesses at Risk
Due to the increasing frequency and complexity of cyber attacks, security ranks highest among IT concerns for CIOs. More than half of survey respondents -- 51 percent -- believe security planning should be the last item to receive budget cuts in 2015, according to survey results.
While external security threats are top of mind for IT professionals, internal threats are often the root cause of security disasters. Nearly two-thirds, or 62 percent of the survey respondents cited leaving mobile phones or laptops in vulnerable places as their chief security concern, followed by password sharing (59 percent). These internal security challenges created by employees led 60 percent of respondents to note that in 2015 they would enforce stricter security policies for employees.
"As much as you try to protect from outside threats with virus and spam filtering, security patches and updates using the most advanced technology, it still comes down to the fact that users must be responsible for their own and the company's security -- they are the first line of defense, especially against phishing and similar breach attempts," says Ric Jones, CIO of LifeShare Blood Centers, which provides blood and blood services across a three-state region in the southern U.S.
Educating users in an attempt to help them change their behavior will be a major focus for Jones in 2015, he says. "The biggest difficulty CIOs, like me, face is changing user behavior to help them stick with compliance on security best-practices. We work on educating the user on what to do and what not to do. Do they click on that attachment? Do they send their login and password to that unknown person? We are focused on making sure they understand the implications of their behavior on the entire organization's security," Jones says.
Downtime Damages Reputations
Following security, downtime is also a major concern for CIOs, according to the survey. Disaster recovery and continuity services can be expensive, but 42 percent of survey respondents reported that their disaster recovery plans are vital to their organizations and should be among the last line items cut from 2015 IT budgets. Survey respondents believe that the damage to an enterprise's reputation far outweighs the monetary costs associated with these recovery and continuity services.
"Disaster recovery and continuity are two things you just can't cut from your budgets, and I feel they're some of the most underappreciated vendors we work with. So much of budget planning for these services comes down to trust between a CIO and a CEO and others in the C-suite. There must be open and honest communication between all the parties involved so when we go to other executives they understand the absolute necessity of these services, and that we as CIOs are accurately representing the risks involved if budgets must be cut," says Jones.
Downtime is more than just an inconvenience, says Martha Poulter, CIO at Starwood Hotels, it can greatly impact an organization's capability to generate revenue and grow business in the long-term, too, especially in a market such as hospitality.
"Travel and tourism are one of the world's largest industries with a global economic contribution of almost $7 trillion. Downtime for Starwood correlates to lost revenue opportunities, which is not only important for our growth, but vital for our ability to serve our guests in all the ways that they want to transact with us," says Poulter.
Talent Acquisition Is Often Overlooked
The need for top IT talent continues to be a growing challenge for the technology sector in 2015 and 38 percent of respondents noted that CIOs are concerned about talent acquisition, according to the survey. But while talent is a top-of-mind concern for CIOs, 50 percent of respondents don't believe talent acquisition and retention get the appropriate attention it deserves.
"Recruiting has always been a challenge, not just in IT, though when the recession was in full swing finding talent was a bit easier," says Jones.
"It's not just about finding talent but retaining the right skills, finding someone who fits well with your culture and balancing the need for great talent with cost efficiencies. Partnering with vendors and outsourcing talent for some IT needs to get specific expertise can really help, but now and in the future it's a balancing act between hiring in-house to support core projects and leveraging outside resources for short-term demand," Jones says.
Poulter echoes a similar sentiment saying, "Talent acquisition continues to be important as we expand our data and digital channel offerings to our hotels and guests. Having the right talent will help us to respond at a faster pace than ever before to our increasing business needs."
All technology leaders need a relentless focus on today's operations and a business strategy with a strong view of the changing external trends ahead. CIOs must be aware of issues that affect their security, their organizations' availability and their ability to attract and retain strong talent in order to be best prepared for what lies ahead and to help them rest easy.
This story, "Security keeps CIOs up at night" was originally published by CIO.