Join other Information Security Professionals and Subscribe

to receive monthly insights on securely enabling business transformation

Bridgeway Insights

Treading the digital transformation tightrope: what are the biggest challenges for CIOs?

Treading the digital transformation tightrope: what are the biggest challenges for CIOs?

Posted by Lisa Higgins 29 April 2019

We caught up with top digital transformation influencer Jos Creese to discuss the current challenges that many CIOs face. Jos has over 30 years IT leadership experience, including CIO and CDO roles, and a variety of Non-Exec Director positions (including audit, risk and chair). He is a past president of both the Society of IT Management (SOCITM), the BCS, the Chartered Institute for IT, and has been cited as ‘the most influential UK CIO’ in the Silicon 50 survey.

Jos Creese Business Headshot 2017

For over a decade Jos was CIO and latterly CDO for Hampshire County Council, leading a range of ground-breaking shared services and achieving national recognition with a host of awards for IT innovation. He also set up and chaired the Local Public Service CIO Council and worked with central government on a range of national programmes such as open data, ID cards and national supplier contract negotiation. Jos now works as an independent consultant, researcher and Strategic Adviser to Advice Cloud providing expert advice to public and private sectors on digital and IT strategies. In this excerpt he chats to Bridgeway Content Editor Lisa Higgins.

Hi Jos, let’s kick things off with a question we are always interested in. In your opinion, what are the biggest challenges for CIOs at the moment with respect to digital transformation in the public sector?

"For CIOs the biggest challenge is balancing the risks and legacy constraints around technology with the excitement and enthusiasm about the new order of digital delivery.

Say you have a departmental head, a Chief Executive for example, desperate for some new level of customer self service automation, or artificial intelligence engine to revolutionise a service. Such tech may deliver better customer service or move the organisation forward around productivity and efficiency, for example. The CIO has to grapple with the underlying platform thatalready exists – the technology infrastructure and security access management support. He/She cannot necessarily just decommission elements of that legacy in order to release the capacity, staff and money to pay for the new stuff.

So there’s a sort of political challenge here as well as a business and a technological challenge for CIOs in helping to explain and support the migration to a new operating model – the digital transformation piece – in such a way that doesn’t expose the organisation to undue risks, or indeed costs, especially in a transitional period.

It certainly isn’t just, ‘there isn’t enough money’ or, ‘how risky are these new technologies?’ Tech has always had its risks. The best CIOs are working at board level to help their organisation close the gap between the potential of some of these new technologies and the business opportunity that exists. And that’s true of public and private sector.

According to last year’s Deloitte survey CIOs have moved from being trusted operators to business co-creators and change innovators. Would you agree and how has your role and mindset changed since your first CIO role?

"I have seen the Deloitte survey and I only partially agree with that statement. If you talk to any competent CIO they will say, ‘absolutely, I am a co-creator and a strategic resource. I’m not just an Operations Manager,’ and of course many of them are definitely of that ilk. Many are working at board level helping to formulate their organisation’s business strategy. But we’ve also seen organisations where that doesn’t happen and they have come a cropper in terms of significant information data breaches or system failures. TSB is an example here and chief executives lose their jobs if they fail to understand the risks and opportunity. So there is an element of truth in the survey.

However, what I see on the ground in both public and private sector is that in some organisations the culture still exists of IT as a cost centre, responsible for managing operational IT matters, a responsive and resilient infrastructure, manager of IT suppliers and so on. In parts of Whitehall, for example, some CIO responsibilities have been relegated to what I would call a more traditional operational IT management function. So I think it is quite mixed actually and it is not all to do with the competency and attitude of the CIO themselves. It is often to do with the culture and the maturity of the organisation in understanding the potential of technology as a strategic component of services, rather than an operational contributor.

Is that kind of attitude the biggest resistance, in your opinion?

There are a number of barriers. A lack of change leadership and a lack of seeing IT as a strategic resource in a digital operating model is an issue. You see organisations say, ‘we wish to be a public sector digital business providing public services and we want to be a digital leader,’ but then you look at the evidence and discover that: a) the corporate strategy has a bit of a bolt-on about digital at the end, b) there’s no detailed digital strategy just a set of digital programmes that will hopefully connect together to deliver some of this stuff and c) completely separate and relatively unrelated is an IT strategy plan which is primarily focused on how to keep the legacy going.

This is a major problem. What you want is a digital strategy which courses across the whole of the corporate strategy and business plans and is used to drive IT prioritisation and activity as well as investment. This is so that the digital strategy gets the appropriate investment as a result and equally IT is expected to contribute in terms of potential opportunity and innovation back into that digital strategy and corporate strategy. When you get that sort of synergy then you have a very effective organisation. Inevitably the bigger tech companies do this because tech is their bread and butter. But when you’re not a tech company, when you’re a police organisation or a health authority or a local council, you have to work harder to make those sorts of connections, particularly to understand and manage the risks and especially in a political environment such as Whitehall and local government where you’ve got politicians representing the interests of the public."

Read the full interview here