If 2009 was a year of never-ending challenges for CIOs, 2010 may dare IT professionals to step it up even further. Budgets are still tight and mandates to drive innovation in the
center, across applications, and in the cloud still stand.
All this means CIOs are tasked with finding ways to not just do more with less, but to be increasingly more effective in the way they drive the virtuous cycle of IT value.
With all this in mind, what is the top challenge for CIOs in 2010? There is no single answer -- or a single strategy for how CIOs should tackle those challenges. That's because not all CIOs are the same. But there are some commonalities and key takeaways that can help CIOs prepare for the challenging year ahead.
According to Gartner Executive Programs CIO Agenda Survey reports, CIO effectiveness is closely linked to effectiveness in terms of the enterprise's ability to set and achieve financial and strategic goals. In essence, highly effective CIOs -- and the enterprises they serve -- have different priorities than their less-capable competitors.
"For CIOs in highly effective enterprises, the highest-priority challenges are all about enterprise performance and outcomes -- for example, growth and profitability. These CIOs are trying to strengthen the business capabilities that their enterprises' strategies demand, such as rapid integration of merged or acquired companies, or strong product-development expertise," said Richard Hunter, vice president and Gartner fellow in Gartner's CIO Research Group.
Challenging CIO Effectiveness
By contrast, Hunter said, for CIOs in less-effective enterprises, the high-priority challenges are often about establishing IT as a peer contributor to enterprise goals as opposed to a utility function whose success is measured in terms of cost reduction. For those CIOs, challenges tend to be framed in terms of IT process capabilities and IT operating efficiencies.
"For CIOs in less-effective enterprises, the aspirational challenge is to position IT as a strategic peer within the enterprise. To do so, the CIO must first show that IT is indeed an efficiently run organization," said Hunter, coauthor of The Real Business of IT. "Establishing an IT service catalog and running benchmarks are examples of the ways that CIOs address this challenge. With value for money demonstrated, the next step is to initiate the 'virtuous cycle' of IT value, beginning with solid in the form of a transparent process for creating and choosing options for investment in change supported by IT."
Highly effective enterprises have done that. Indeed, Gartner's 2009 CIO Agenda survey reveals that establishing governance was a much higher priority for less-effective enterprises than for the most-effective enterprises. For the most-effective enterprises, hiring and retaining top performers was near the top of the list, but for less-effective enterprises hiring and retaining top performers didn't even make it into the top 10.
"In short, the difference is that the most-effective enterprises -- and their IT organizations -- are looking outward, at markets and customers, while the less-effective enterprises look inward to controlling costs and processes," Hunter said. "Of course we are talking here about a matter of emphasis -- all enterprises look inward and outward. But in the most-effective enterprises, CIOs are challenged to help the enterprise grow, while in less-effective enterprises CIOs are challenged to run IT efficiently. It's a big difference."
Beyond the unique challenges to highly effective and less-effective enterprises and their respective IT departments, there are some challenges common to most CIOs. One of those challenges is data-center convergence.
According to Hewlett-Packard research, organizations have been adding data-center equipment to keep pace with business growth for the past two decades. These additions, in turn, have created costly technology silos that consume up to 70 percent of the IT budget. What's more, solving the issue of IT sprawl is expected to create a $35 billion market opportunity by 2012 for solutions.
With this in mind, Magdy Assem, senior director of HP Enterprise Business solutions, believes that 2010 will be the year for promising technologies that create a converged infrastructure -- solutions that unify computing, storage and network assets and allow customers to make the most efficient use of technology resources that drive business innovation.
"A converged infrastructure consolidates technology assets into pools of resources, which can be leveraged on the fly, managed universally, and optimized for any workload, enabling faster time to value, improved service levels, and, ultimately, business transformation," Assem said. "This approach helps businesses accelerate the delivery of application environments in a predictable, repeatable way that makes the most efficient use of IT, facility and staff resources to drive business innovation."
Addressing Application Modernization
Yet another CIO challenge is the seemingly ongoing need to upgrade inefficient systems to reduce costs and spur innovation. In today's self-service world, a company's business applications need to be able to support changes quickly, while keeping pace with competitors and guaranteeing uninterrupted operations. However, Assem said, many organizations are working within rigid technology environments that are costly to maintain and expensive to update.
"Redundant code and bulky legacy applications drain the technology budget and prevent organizational agility. Application modernization can be implemented quickly to help organizations shift the focus from the costly maintenance of legacy systems to investment in innovation," Assem said. "And businesses must leverage the knowledge trapped in these legacy systems to become more agile."
As Assem sees it, enterprises need a road map that aligns with the 's overall modernization program and offers the flexibility to execute individual projects with their own return on investment. Renewed legacy systems and newly developed functionality can be integrated to work in new ways through a service-oriented architecture (SOA).
Next, IT professionals ensure that the customer applications portfolio and infrastructure align to their business, operations and budget needs. Finally, Assem said, the road map should offer a total life cycle solution process that encompasses application assessment, modernization and ongoing management of the modernized applications.
Securing the Cloud
No discussion of CIO challenges would be complete without looking at cloud security. Cloud computing removes typical barriers by placing data in a central, easily accessible location, as more organizations store sensitive data with third-party cloud service providers. While this is instrumental in creating new connections, it also means relinquishing control -- the location of data can vary and data management may be more challenging.
In fact, according to a recent IDC report, security not only remains the top concern with regards to cloud adoption, but grew from 74.6 percent in 2008 to 87.5 percent in 2009. In 2010, Assem predicted enterprises will be looking to take advantage of SaaS/PaaS with a higher degree of confidence in the security -- as well as the health and availability -- of applications running in the cloud.
"Typically, a cloud-service environment includes standard terms and conditions that are not tailored to an organization's unique security needs. Many cloud-service providers make no promises about protecting data," Assem said. "Therefore, it is critical for organizations who consider moving to the cloud to understand the risks involved. As such, security is a top concern when it comes to cloud computing."
As Assem sees it, part of the solution is for companies to know where their data is, how it's protected, and who can access it. But since many cloud-service providers offer no service-level agreements, enterprises have no guarantees about data availability, privacy or data .
"Cloud computing doesn't have to be rife with risk. With the right service provider, the cloud can fulfill its promise of more affordable, flexible and easier-to-manage IT services," Assem said. "However, a lot depends on the preparation and choice of service providers. In order to take advantage of cloud-computing services, IT needs to move toward a 'service-centric' model and apply basic risk-analysis principles."