Almost two-thirds (63 per cent) of organisations now allow technology to be managed outside the IT department, a shift that brings with it both significant business advantages and increased privacy and security risks, reveals the 2019 Harvey Nash/KPMG CIO Survey.
When IT spend is managed away from the direct control of the CIO companies are twice as likely to have multiple security areas exposed, and more likely to become a victim of a major cyber attack.
“Cybersecurity is now a top priority for business leadership and is an area of increasing importance for boards who are dedicating more time to this objective,” said KPMG Bahrain cybersecurity lead Logan Simpson.
“Those that deal with cyber threats with a proper risk optimisation mindset, rather than a compliance or ‘tick-box’ exercise, will be better prepared to respond and recover appropriately and ensure their reputation and customer trust remains intact.”
“Cybersecurity continues its stellar rise in importance in this year’s survey with 56pc of respondents stating that cybersecurity is a board priority. Boards and CEOs are placing customer trust at the centre of their strategy, hence protecting data and systems from cyber threats is paramount. As many as 91pc of those surveyed agreed that data privacy and trust will be as important as product/service offering in attracting customers,” said KPMG Bahrain partner for advisory Manav Prakash.
The largest technology leadership survey in the world, analysing responses from organisations with a combined technology spend of over $250 billion, reveals that for those organisations where the IT team is formally involved in decision-making around business-led IT, business advantages include improving time to market new products (52pc more likely to be significantly better than their competitors) and employee experience (38pc more likely to be significantly better than their competitors).
However, four in 10 (43pc) companies are not formally involving IT in those business-led IT decisions.
These organisations are twice as likely to have multiple security areas exposed than those who consult IT2, 23pc less likely to be ‘very or extremely effective’ at building customer trust with technology, and 9pc more likely to have been targeted by a major cyber attack in the last two years.
These risks are uncovered at a time when cybersecurity reaches an all-time high as a board priority (56pc vs 49pc last year).
The huge opportunity to capitalise on the value of business-led IT, but also manage its risks, comes at a time of significant change for the business, the CIO, and the IT department, as the survey found:
– Although the influence of the CIO remains intact (66pc this year view the role as gaining influence compared with 65pc in 2018), fewer CIOs now sit on the board – dropping from 71pc to 58pc in just two years
– As the IT department is being tasked by its board to use AI/automation to improve efficiencies (up 17pc this year as a board priority), this is leading CIOs to expect that up to one in five jobs will be replaced by AI/automation within five years.
This is likely to lead to a significant reorganisation of roles across the business. However, 69pc of CIOs believe that new jobs will compensate for job losses to AI/automation.
– Technology leaders are struggling to find the right talent with skills shortages at their highest level since 2008. The three most scarce skills are big data/analytics (44pc), cyber security (39pc) and AI (39pc).