Alongside our New Year’s coverage of TechTarget’s 2013 IT Salary and Careers Survey, SearchCIO, SearchCIO-Midmarket and SearchCompliance have been pouncing on the hot topics of 2014: IT transformation, customer engagement and what’s next in tech — i.e. wearables, cloud computing and big data tools.
If you’re following consumer technology news, odds are you’ve heard a lot about the 2014 International Consumer Electronics Show (CES). Techies and leaders in information technology flocked to Las Vegas last week (Jan. 7-10) to preview the year’s new gadgets and talk topics like the Internet of Things (IoT) and wearable technology.
Senior Features Writer Karen Goulart ended the week, per usual, with her SearchCIO Searchlight column, and the main topic of her weekly recap was CES and wearable technology. There was a similar theme in Goulart’s first Searchlight of 2014, a list of lists that predicted what’s next in technology.
Other news from SearchCIO
Among the 830 IT leaders who responded to the biannual TechTarget Cloud Pulse survey, 45% indicated “business needs” as their top reason for adopting public cloud technologies. Karen Goulart talked to Laura Patterson, CIO for the University of Michigan in Dearborn, Mich., about the results. Goulart delivered a whole slate of recent cloud computing reportage: check out how CIOs are using cloud toward an end-to-end implementation strategy and the importance of security in new cloud computing arrangements.
Since the calendar year turned, SearchCIO experts have shared important news and advice for CIOs and IT leaders. Peter Burris, vice president and research director in the CIO practice at Forrester Research Inc., highlighted three fronts where companies must engage with their customers in an expert tip. In addition, CIO Niel Nickolaisen outlined 10 steps guiding the CIO’s trek toward IT transformation in this column.
As the year wound down, SearchCIO hosted a tweet jam with an “IT resolutions and regrets” theme. In recaps from the #CIOChat, participants shared their project focus regrets and how to resolve IT issues in 2014. And speaking of IT resolutions, Senior News Writer Nicole Laskowski looks at big data/semantic analysis and other data-related IT resolutions in The Data Mill. In her latest Data Mill, Laskowski looks at how big data takes a big bite out of credit card fraud.
Finally, in a fun tip Jenny Laurello shares how the collaborative skills of Quincy Jones, longevity of the Rolling Stones and tenacity of Tina Turner are the makings of a potent digital strategy.
Coverage from SearchCIO-Midmarket
SearchCIO wasn’t the only site to report on CES 2014 and cloud trends. In this recap, take a look at how the Internet of Things (IoT) and wearables have enterprise CIOs envisioning a consumerized-tech future. Goulart talked to two in-the-know CIOS about advice for cloud computing novices in a CIO Symmetry blog post. Managing Editor Rachel Lebeaux also took to the blog to discuss Boston’s technology wish list.
There’s more: A panel of experts at the ASAE’s Technology Conference detailed how to create an enterprise MDM policy and ensure mobile device security, reported our community manager Jenny Laurello attended the event. And finally, readers can test their knowledge pertaining to project management practices by taking our quiz.
Updates from SearchCompliance
Looking to give compliance a boost in 2014? In this Q&A with Derek Gascon, executive director of the Compliance, Governance and Oversight Council, we look at how effective data management strategy can transform IT organizations.
Attention CCOs: What is Rule 38a-1(c) of the Investment Company Act of 1940 and how is it lowering liabilities for CCOs? Get answers in this FAQ by Caron Carlson, part of SearchCompliance’s IT Compliance FAQ series.
Site Editor Ben Cole took a trip to ARMA’s international conference and came back with a plethora of info for security and compliance professionals. To start, watch this video interview with Barry Murphy, principal analyst and co-founder of eDJ Group Inc., about profiling data as part of an information management strategy. Next, watch how certain unique business needs force information governance to adapt in this video Q&A with ARMA International Executive Director of Content Diane Carlisle.
Top stories across sites
Every fall, TechTarget polls the IT masses to find out which technology professionals have enough dough in which to roll. In addition to learning who the high earners are, TechTarget’s 2013 Annual Salary and Careers Survey asked participants (1,711 IT professionals in North America) about bonuses, pay cuts, IT budgets/staffing and overall job satisfaction.
Over the past couple weeks, the writers and editors at SearchCIO and its sister sites have sifted through the salary data, turning out story after story for your reading pleasure, plus another special treat.
Visual learners, rejoice! Take a look at our — if we do say so ourselves — visually appealing IT career salaries infographic, which depicts everything from 2013 salaries and expected compensation changes in 2014 to IT priorities and the mood within IT organizations.
Looking for a more detailed overview of our survey? Head over to our Essential Guide for the ultimate overview of our Salary and Careers Survey stories. Topics covered include:
The IT executive perspective
Three senior IT executives dish on their compensation and what keeps them engaged in the workplace. Read the full feature by SearchCIO Editorial Director Christina Torode to absorb their advice and learn about their top projects in the year ahead.
Senior IT execs’ increased earning potential
Could you be making more money? A senior IT executive’s earning power is contingent on industry, company size, company revenue and a number of other factors. Executive Editor Linda Tucci picks apart the salary data.
Compensations on the rise
Senior IT executives responding to the survey reported an increase in compensation in 2013. Senior Features Writer Karen Goulart explains how those compensation numbers are expected to increase steadily through 2014.
Innovation and growth make IT do the happy dance
Just like Mom always told you, money doesn’t equate to happiness — so what does? Goulart weeded through the survey data on IT job satisfaction and the organizational mood and found that CIOs get excited when they see their company moving forward.
Cloud, cloud and more cloud
According to salary survey respondent David Girard, “Cloud is making a huge difference to IT careers.” Learn why cloud computing continues to loom large, plus more from Torode on career goals among IT professional.
Budgets and headcounts: Up or unchanged
Overall, IT leaders saw a stable or growing change in their IT department budgets and headcounts, according to survey results parsed by Senior News Writer Nicole Laskowski. Several executives weigh in on how they’ll direct IT resources in the year ahead.
BYOD continues to gain traction in IT
Outsourcing who? Bring your own device takes the spotlight in Laskowski’s roundup of top technology priorities, while only 2% of survey respondents said that outsourcing and privacy are their primary project areas.
The GRC salary
SearchCompliance Site Editor Ben Cole took a peek at salary trends amongst the governance, risk and compliance professionals who took our survey – turns out, as the demand for their skill increases, so do their salaries.
What do you think about all this salary mumbo-jumbo? Do these numbers and experiences match up with your own? Share your thoughts here or on the individual story pages.
As 2013 was coming to a close, SearchCIO took a look ahead to the new year and asked some CIOs and industry experts to weigh in on the shape of cloud strategies in 2014. It looks like we’ll be seeing enterprises embrace new trends in security and a drive toward going data center free in the months to come. But what about the midsize companies? Those who fall between startups running entirely on cloud and enterprises with the staff and budget to put toward cloud directives? Some companies have only made baby steps — sometimes inadvertently, if at all — toward embracing the cloud. What should they be looking to do this year ?
Two of the CIOs we spoke to for the cloud strategies 2014 story were more than happy to share their advice. As much as one can be an old hand at a relatively new technology, these two gentlemen are it. Alexander Pasik is a former analyst with Stamford, Conn.-based Gartner Inc. who served as CIO for the Guggenheim (where he finished his tenure with 70% of applications being cloud based ) and is currently looking to go data center-free as CIO for the Institute for Electronics and Electrical Engineers (IEEE). Larry Bolick is CIO of Boston-based Aquent, where he started going all in on cloud back in 2008.
What advice would you give a CIO who is just starting to seek cloud solutions?
Alexander Pasik: As you go from infrastructure to platform to software as a service, the economic benefits increase. So if you can identify well defined point solutions for SaaS, like e-mail, contact and calendar or if , suppose you’re a small company and you haven’t invested a lot in a financials package, financials packages are pretty much consistent, you’re not going to get an advantage by using financial package over another so why not use a cloud based one? So it’s a matter of identifying the things that are as boiler plate as possible, that you’re not going to want to make changes to, that you can just use out of the box. Like an e-mail system, like a financial system, etcetera.
Should they be worried about the maturity of solutions at this point?
Pasik: That’s the thing, right now it’s so hyped up that there’s a lot of vendors providing solutions in the cloud, but many of these vendors might be very small and might have very limited sustainability. You might be tempted to go with a cloud vendor who has some interesting, unique solution that you can just plug and play. But if these guys are a start-up that may not be around in a year then you’re stuck because you just put all your data in their systems. So you do have to make sure that you are working with reputable vendors that you know you can rely on.
What advice would you give a CIO who is just starting to look at using cloud?
Larry Bolick: I think the logical starting points are still where they were when I started. If you haven’t used cloud to begin with, you’re probably going to start thinking about an application that hosted in the cloud like with a Google or a Salesforce or something like that. But to use clouds as a kind of the PaaS or IaaS you’re probably going to start through your software development organization or your IT organization. Just to get them familiar with it. Because you need the systems administration ability anyway from that organization to get familiar with the cloud to support all that stuff. So that’s the logical place to start. Within that organization, everyone needs and extra server now and then to scale or everyone needs a test environment that’s not part of your production software environment – those are the areas that that traditional – if you can call three or four years a tradition – those are the areas that are have been the place where many folks have started getting familiar with cloud based services.
What about having the right skills?
Bolick: One nice thing now is it’s easier to find the system administration resources that are familiar with cloud services and virtualization that’s associated with it than it was a few years ago. A few years ago you basically had to grow those resources and now you can find them just as the market has got more legitimacy and more people have started using them.
SearchCIO and its sister sites certainly didn’t slow down during the holiday season. Across all three sites — SearchCIO, SearchCIO-Midmarket and SearchCompliance — we’ve been turning out year-end content to prep IT leaders for 2014, our major focus being our annual IT Salary and Careers Survey.
The first salary story to hit the Web, compliments of Editorial Director Christina Torode, looked at the IT executive salary as well as their career and project ambitions.
Over the next few weeks, writers and editors across the TechTarget network will share salary results and career trends. While you wait for those, read Linda Tucci’s take on CIO earning potential and Nicole Laskowski’s story on top projects in 2014.
Other trending stories:
Salary trends aren’t the only developments on our mind. This week’s Data Mill by Nicole Laskowski looked at the Bitcoin phenomenon and recapped her trip to the MIT VC conference.
In the first part of this feature by Karen Goulart, CIOs and cloud experts suggest that 2014 will be the year when cloud really matures as the focus turns toward end-to-end solutions rather than the disjointed use of cloud solutions and services. The second part of this story looks at the maturation of Infrastructure as a Service, the importance of IT service catalogs and why cloud is no longer driven by cost.
We continue to share stories from the Global Direction 2013 conference. In this two-part video, Tucci talks to AIIM president John Mancini about legacy IT systems. In the second part, Mancini shares his views on the future of big data in the enterprise.
Future State is back, and asking, “Can application performance monitoring tools improve regulatory compliance?” In this column, SearchCompliance Site Editor Ben Cole explored the emerging use of application performance monitoring as a tool for regulatory compliance.
On SearchCIO-Midmarket, we looked at Boston’s technology strategy and planning process in what Managing Editor Rachel Lebeaux tags “an easy-to-follow keep-implement-dream format.” Along similar lines, learn how Renato Sogueco, CIO of the Society of American Florists, chose a different path when creating his company’s mobile device management policy.
I was there as a resident, not as a technology editor, but as I settled into this past Saturday’s town hall-style forum led by Boston Mayor-elect Marty Walsh, it quickly became apparent that I’d be talking tech on my day off.
The mayor-elect and his staff are gathering feedback on all areas of city life as he prepares to take over the big job in Boston next month, and I chose to attend the breakout session on improving basic city services under the new administration. The session covered everything from providing more recycling bins where needed to improving communications in the business-permitting process.
But much of the conversation revolved around technology. SearchCIO has interviewed Boston CIO Bill Oates several times on such initiatives as the Citizens Connect app, creating mobile and online interfaces, gamification and more. I thought I’d share the relevant information from the session handout, which provides some nice insight into Boston’s technology strategy and planning process in an easy-to-follow keep-implement-dream format. Continued »
Did your kids experience their Hour of Code last week? In Friday’s CIO Searchlight column, Senior Features Writer Karen Goulart turned our attention to the timely Computer Science Education Week initiative, during which K-12 teachers were prompted to expose students to at least an hour of computer programming. But, as Harvard economist Edward L. Glaeser argued in The Boston Globe, an hour of programming work is not nearly enough to make an impact.
Getting tikes to tinker with Angry Birds wasn’t the only out-of-the-ordinary idea SearchCIO shared last week. How about a lesson in enterprise business value derived from an analysis of tweets? In this two-part CIO Trailblazer feature with Sherry Emery, senior research scientist at the University of Illinois at Chicago’s Institute for Health Research and Policy, Senior News Writer Nicole Laskowski writes about harvesting the potential and value of Twitter. In part one, Emery explains how her tweet analysis yielded unfiltered chatter on what teens are smoking. In part two, we delved into using tweet analysis to communicate in customer-approved lingo.
Diving deeper into data analytics, Laskowski looked at the next stage in data analytics in last week’s Data Mill. When you think big data, General Electric Co. and Macy’s Inc. might not be the first organizations to come to mind, but big data is fast becoming central to their business models, according to Tom Davenport, president’s chair and distinguished professor of information technology and management at Babson College in Wellesley, Mass. Davenport’s recent research has led him to believe the industry has entered a new era, one he’s calling Analytics 3.0.
Other pieces from last week:
Chatter about big data among IT leaders at the recent SearchCIO360° breakfast revealed that IT self-service can be a gift for CIOs. According to the IBM Digital Analytics benchmark, mobile traffic has increased by 45% over last year and accounts for about one-third of all online traffic. In her CIO Matters column, Executive Editor Linda Tucci explains that we are more likely to use our phones for browsing and our tablets for closing the deal, and that we now prefer to buy via machine rather than face to face.
We rolled out our Essential Guide on data protection, providing CIOs with advice for guarding their organization’s information assets, addressing such areas as mobile, the cloud and data governance strategies.
And over on SearchCompliance: Contributor Ed Moyle explained how integrating data security continuous monitoring processes with regulatory controls provides big benefits for IT compliance; and a video from our ISSA International Conference coverage looked at the bleak future of IT security.
Thanks for catching up with us. Have a great week!
We’d like to think SearchCIO was sounding really intelligent last week with all of our “smart” talk.
For starters: In Senior Features Writer Karen Goulart’s weekly Searchlight roundup, which features top stories and blog posts from around the Web, she highlighted John Markoff’s New York Times article on Google’s plans to get into the robot biz. Robot discussions were already the talk of the Web following Amazon’s Prime Air reveal, and Goulart didn’t shy away from taking on smart machines and the attack of the drones. Also in Searchlight: Apple gets social with its purchase of Topsy Labs and users are outraged about their stolen-and-published Yahoo, Facebook and Google passwords.
Other “smart” talk focused on an emerging breed of apps, smart process applications, which are aimed at streamlining and optimizing human-based behaviors to increase productivity and improve business agility. For our CIO Citings piece on smart process apps, Agile and data, Managing Editor Rachel Lebeaux selected some of the best quotes from our recent CIO Decisions e-zine from Wellesley College CIO Ganesan “Ravi” Ravishanker, Yammer co-founder and CTO Adam Pisoni and other technology heads.
Moving away from smart machines and smart process apps, we also took a look at a smart CIO with a cloud-first vision. Two years ago, the University of Miami brought in CIO Steve Cawley to help centralize IT service management and transform the university’s IT to a cloud-first organization. In this CIO Innovators profile, our Goulart interviews the university’s deputy CIO, Brad Rohrer about its cloud-first philosophy (Part 1) and how Software as a Service got it there (Part 2).
Other news and tips from our sites last week:
SearchCIO contributor and December tweet jam expert Harvey Koeppel discusses how BPM and BPO practices are evolving, converging and changing the nature of work in his CIO Matters column.
In one of our weekly favorites, The Data Mill, Senior News Writer Nicole Laskowski asks readers, “Want better analytics?” The secret, according to John Lucker, a consultant with Deloitte Consulting LLP, is asking “crunchy” questions that align with strategic goals, relate to key performance indicators and are designed to be both actionable and informational.
Last week on CIO Symmetry, Laskowski blogged about a “technology obsessed” world. Read what she had to say, and then put down your handheld device and “be brave in the new world.”
We rolled out a lot of video coverage from the ISSA International Conference, where we sat down with a number of security professionals to discuss cybersecurity’s impact on IT. In this SearchCIO-Midmarket video, Christina Torode asks Randy Sabett, an attorney at ZwillGen PLLC, about the legal limitations of active cyberdefense. At the same show, SearchCompliance reports on predictive security intelligence, an information security plan for 2014 and leveraging free security tools.
Finally, we close out our weekly roundup with a Q&A from SearchCompliance that looks at techniques for adapting data governance strategies to the digital age. Information management expert Jeffrey Ritter, discusses how to improve the connection between modern data governance best practices and business success to boost a company’s overall management activities.
Thanks for catching up with us. Have a good week!
The world is technology obsessed. So much so that Carl Hammerschlag, a Yale-trained psychiatrist who specializes in psychoneuroimmunology, or mind-body-spirit medicine, believes we’re beginning to experience cultural attention deficit disorder.
“As a culture, we’re having trouble paying attention,” Hammerschlag said during his keynote address at the Society for Information Management’s annual conference. “We have the capacity in this day and age to always be someplace other than where we are, which makes wherever we are never enough because something else might come up.”
People arm themselves with smartphones when waiting in line or standing in front of priceless works of art or … listening to a keynote speaker at a conference. The seductive sights and sounds from incoming text messages, Twitter mentions, Facebook posts and Instagram updates are creating cracks in how we communicate. Today, we talk in sound bites, our personal stories reduced to 140 characters or spit-polished as entries on a timeline.
The effects from cultural ADD and truncated communication are insidious. We’re starting to miss out on important details, which, in the most extreme cases, can literally be the difference between life and death. Recently, in San Francisco, passengers on a train were so entranced by the warm, glowing screens of their handheld devices that they didn’t see a man brandishing his gun before he shot a fellow passenger. In more everyday cases, missed details can be the difference between business as usual and new opportunities. To find those potential gems, Hammerschlag told CIOs to “be brave in the new world”: Step out of the virtual bubble, be present in the moment, ask questions, connect the dots.
And share stories. Hammerschlag told the audience how he came to meet a Mayan healer. He was touring ruins with his family while a guide pointed out the sites. When Hammerschlag asked if there were any Mayan healers left, the guide said yes, one, an uncle who happened to live in a village they would drive through on the way back to the hotel.
“You want to pay attention to those things,” Hammerschlag said. “Every act of insight, every act of creativity, every act of genius is simply the result of a prepared mind and a serendipitous moment.”
When he asked the Mayan healer the most important thing he’s learned that enables him to heal people, the man said: Don’t take a cold drink on an empty stomach on a hot day because it causes “bad belly.” Hammerschlag didn’t understand what that meant at the time; later, he realized the old healer was describing the potential for disconnect between logic and intuition. CIOs are familiar with that topic. As businesses become more data-driven, questions about how facts versus feelings fit into the decision-making process bubble to the surface. CIOs will have to choose on a case-by-case basis but, as Hammerschlag illustrates, they will need to consider both.
Hammerschlag’s storytelling ended with the tale of his recent visit to a Syrian refugee camp. When a fellow volunteer began playing his guitar, a refugee grabbed his flute and started playing along. “They had taken everything, but they had not taken his song. He can still hear the music,” Hammerschlag said. “Those are the kinds of stories we want to be telling. Those are stories of resilience.”
And they are the stories of community, a concept that should not be overlooked by CIOs tasked with building an IT culture that embraces risk and delves into uncharted territory. Because, as Hammerschlag is known to say, those who tell the story define the culture.
So put down the tablet and the smartphone, ask your employees to do the same and make time for face-to-face contact. “We need to be talking to people more. We need to inspire each other more. We need to remember what it is we liked best about who we are and not be captivated solely by the instruments that were intended to liberate us,” Hammerschlag said.
It’s human nature to want to categorize the world around us. But is this desire to classify becoming a bigger part of our nature at the expense of creativity because of … IT?
Computers encourage us to classify and categorize, but following a corporate or coded script doesn’t exactly lend itself to creativity.
Our recent SearchCIO360 breakfast speaker, Professor Gary King, used customer service reps as an example of how data classification or categorization can stifle innovation. Most companies develop categories for customer complaints and the rep is typically asked to type information into a program with fixed complaint categories.
“There are huge efforts to convince [the reps] not to come up with a new idea because, if they do, you have to reclassify millions of previous data points. So what you are doing is taking the people who are good at innovating, the ones with the most insight into the customers, and telling them to please not come up with any new ideas,” King said.
We are allowing computers to make decisions for us, which can be a wonderful thing — if the data being used to make those decisions remains relevant. Many times, it doesn’t.
To err is non-human and human
Take King’s research into the solvency of U.S. Social Security benefits. If you think some of the data classification and management methods in your office are outdated, you might feel a little better about them in comparison to the Social Security Administration’s use of a data analysis method developed 75 years ago, according to King. This method, used to forecast mortality rates, was developed by demographers at a time when obesity was not a problem and smoking was not considered the death knell it is today. Still, this 75-year-old method is the one being used today to determine when Social Security may run out of money.
By King’s calculations, it turns out that date is around 2032. A bit of “a bummer,” as he said, but a more accurate estimate, based on a method that incorporates the deep qualitative knowledge that demographers have used over the last 350 years, updated with new mortality factors (such as the rise in obesity) with automation built into calculations based on his own algorithms.
This is an oversimplification – — King conducted his research not just for Social Security solvency, but also aggregated worldwide mortality data that analyzed 150,00 cross-sections. But his point was he did not seek out new data; he just analyzed existing data better and relied on a combination of qualitative (characteristics identified by humans) and quantitative (characteristics that can be measured) computer-aided methods.
“Fully human is inadequate, but fully automated or fully quantitative — meaning Excel spreadsheet with no labels — fails too. You need some qualitative information to decide what you’re trying to quantify. What really is needed is computer-assisted, human-controlled technology to take qualitative information, systematize it and then provide it back to the human being who actually ends up making the decisions,” he said.
Another case in point on the benefits of combining a human touch with statistically driven tech? One of King’s colleagues was running a complex data analysis that caused him to run out of room on his computer. IT told him that it would cost $2 million to give him a system to support his data analysis needs. Instead, a couple of King’s grad students spent two hours developing a new algorithm that does the job in 20 minutes — on the guy’s laptop!
The title of King’s talk at our breakfast was Big Data is not about the Data. His contention is that you can have all the data you want and the most powerful computer you need, but without the right analytics — which includes that human, qualitative element — you could be looking at some costly, outdated data.
As one CIO explained, “There is a real sense of urgency to figure out how to build the right skill set to take advantage of qualitative data, qualitative people.”
It’s a dangerous cyberworld out there. The news carries weekly, sometimes daily, reminders of the potentially catastrophic impact a data breach can have on even the largest of enterprises. Besides the loss or corruption of information itself, there’s the loss of trust from customers who may well decide to bring their business elsewhere. In this information-driven economy, more than ever before, it’s become abundantly clear that a well-honed security strategy is imperative. It makes findings from a recent Ponemon Institute study (sponsored by Sophos) all the more surprising.
Released this month, The Risk of an Uncertain Security Strategy indicates that many SMB organizations are simply unclear about their security strategy and the threats they face. Included are about 2,070 responses from individuals in charge of their SMB company’s security and risk management. Among the respondents were CIOs/heads of corporate IT, heads of IT security, heads of risk management, CFOs, CEOs and chief operations officers. CIOs/heads of corporate IT made up 61% of the sample.
If any one of these takeaways sounds like it could be coming from your organization — or if you’re simply not sure — it’s time to start strategizing.
- One-third of respondents admit they don’t know if their organization experienced a cyberattack in the past year. This lack of knowledge equals a lack of “actionable intelligence” going forward. These respondents claim that in order to remedy the situation, they will invest in big data analytics and network traffic intelligence over the next three years.
- Respondents in the most senior positions knew the least about cyberthreats to their organization. This uncertainty indicates that the further an individual is from dealing with security on a daily basis, the less they understand the pervasiveness of the risks. According to study findings, 58% of respondents say management doesn’t think cyberattacks are a serious risk.
- Respondents estimate the cost of disruption to normal operations exceeds the cost of damages or theft of IT assets and infrastructure. This clashes with findings in other Ponemon Institute studies where the theft of intellectual property is the most expensive consequence of cybercrime. In this study, respondents appear unable to determine the actual cost of lost or stolen information assets.
- Respondents indicated that company-issued mobile devices and bring your own device (BYOD) raise bigger security concerns than do cloud applications and IT infrastructure services. But these concerns fail to translate into extensive adoption and use of mobile devices, especially personal devices. To lower these BYOD risks, respondents claim their organizations will invest in such protections as Web application firewalls for mobile apps and endpoint management.
- Respondents’ confidence in their cybersecurity awareness and strategies seemed to be similar among specific industries. For example, respondents in financial services, indicated a strong understanding and awareness, which can be attributed to the numerous data protection regulations they deal with on a regular basis. Not surprisingly, the technology sector, too, is more security aware, likely thanks to the IT expertise in these organizations. Retail, education and research and entertainment expressed the lowest levels of awareness.
- Respondents indicated that chief information security officers and senior management are rarely involved in IT security decision making or priority setting. Thirty-two percent of respondents said the CIO of their company is responsible for setting these priorities; 31% say no single function owns the responsibility.
So what happens when cybersecurity fails to be a priority in SMBs and no one seems to know the plan, or even if there is one? The study suggests it can become a vicious cycle. “Uncertainty about how these issues affect an organization’s security posture could lead to sub-optimal decisions about security strategy,” the authors note. And even as boards of directors and higher-level management are beginning to show greater interest in cybersecurity and risk, if IT executives don’t use the best available information in order to make decisions, it will be more difficult to make the business case for investing in the right expertise and technologies.