by Stacy Collett

7 issues keeping CIOs up at night

Aug 05, 2020
CIO IT Leadership

No one-size nightmare fits all, but CIOs share many of the same concerns about securing the enterprise, automating work processes and retaining customers for the long haul.

man in bed nightmare what keeps you up at night stress sleeping by gorodenkoff getty images
Credit: Gorodenkoff / Getty Images

The hits just keep coming — a global pandemic with no clear end in sight, business shutdowns, remote work mandates, a surge in cyber attacks, business strategy upheaval, and an uncertain business future. It’s a wonder CIOs get any sleep at night. 

“All CIOs are facing a tremendous amount and variety of pressures and asks,” says Steve Bates, principal and global lead at KPMG’s CIO Center of Excellence. “Because of the reactive nature of the COVID crisis — they’re stuck in a whack-a-mole environment, and it’s really difficult to get out of that.”

The amount of pain a company is facing right now depends on the degree of digital maturity that the company already had before the pandemic, says Martha Bennett, vice president and principal analyst serving CIO professionals at Forrester. “For a company already with a lot of apps in the cloud, for example, it’s much easier to move people to remote working if you’ve already got that in place.”

Almost half (44%) of CIOs reported large-scale adoption of cloud in 2019, and 77 percent use cloud in some form, according to a report by Harvey Nash and KPMG, which surveyed more than 3,600 CIOs and tech leaders worldwide.

A CIO’s level of unrest also depends heavily on their industry and country, industry-watchers say. KPMG breaks it down into four patterns of recovery, although one enterprise can cover more than one pattern if they have many geographies and lines of business.

Well over 60 percent of companies are either in the midst of fundamentally transforming their entire operating model in order to re-emerge “mostly because there’s been a change of consumer priorities and how they want to interact,” Bates says, or they’re simply modifying their business as usual because the industry is essential, such as utilities and banks. “They’re likely to recover more quickly once demand returns,” he adds.

A lucky few, less than 10 percent of companies, are surging in growth or benefiting from the disruption and filling needs. Think Amazon, Netflix, GrubHub and Zoom.

About 25 percent of companies are in hard reset mode, according to KPMG. They are companies and industries experiencing a permanently lowered demand, and they may have a difficult time riding out this crisis or an extended recession. “Many of them have struggled in the past to transform,” Bates says.

Analysts describe what’s keeping each of these CIOs up at night, and they offer some remedies.


Cybersecurity topped the list of IT leaders’ concerns even before the pandemic, but the context has changed, says Bennett. “They’re not just concerned about just external threats, but now it’s the complexity of both new business models and new digital channels that they weren’t prepared for, as well as [threats that come with] re-architecting their entire mobile work. Threats from malware and phishing have gone up exponentially.”

Some 30 percent of employees worldwide admitted to having an online account compromised since the start of their COVID-related remote work, according to a survey of 5,000 workers by OneLogin.

When the pandemic hit, United Airlines shifted to “an almost 100 percent remote workforce in a matter of weeks,” says Deneen DeFiore, vice president and CISO at United, in a virtual panel discussion on cybersecurity in a remote world. DeFiore had to rethink everything from remote infrastructure to end-point security controls to having remote workers get application updates directly from the internet without having to connect back to the corporate network.

“You have to change your thinking about your cybersecurity program and the way you approach threat management,” DeFiore says. “Now your attack surface is everybody’s home network, everybody’s PC.”

IT leaders now have to home in on employee education and awareness, she says. “In a remote working situation, there’s a lot of capabilities employees take for granted. Printing, for example. I have to print a document to do my job. How do you do that securely without maybe compromising IP? You’re scanning an application and signing it on your home printer from a cloud application. Now you have a company’s information and IP in some application that maybe isn’t secure or licensed, and there’s a lot of risk that goes with that.”

Employees must understand how to mitigate those threats so they don’t inadvertently put themselves or the company at risk, she adds. “It’s those little back-to-basics things that you have to go through.”

New customer channels

Companies that must transform to survive should focus on their application portfolios, Bates says. Do you have the right set of applications and set of services to engage your employees and customers? Before the pandemic, “the answer most likely was no,” Bates says. So CIOs’ top priorities should now focus on architecture, infrastructure and service delivery models. 

CIOs operating in essential businesses want to recover as quickly as they can, Bates says, so they won’t dabble in new channels but instead commit to the digital channels they’ve been working on. “They’re looking to protect their customer base from those surge companies” that are thriving and can invest in new markets, he says. These CIOs need to focus on customer-centricity, a digital-first mindset, and resiliency and business continuity.

Customer experience

When stay-at-home orders and store closures forced most consumers online, customers generally excused an occasional website crash, limited inventory or shipping and delivery delays because of high demand, “but at some point, customers will cease to be forgiving,” if they haven’t already, Bennett says. “We’ve had those issues for several months now, and other companies will have solved those issues” and will lure your customers to their business.

The future of work

Government imposed safety guidelines have changed how we live and work, and those instructions remain largely in place in many states for the foreseeable future. With social distancing, limited crowds, mask wearing and contactless shopping and delivery the norm right now, “Will these behaviors persist when the virus starts to wane? Will we keep interacting with markets in the same way,” asks David Furlonger, distinguished vice president and Gartner fellow in Gartner’s CEO and Digital Business Leaders research group. Or will consumers revert back to their pre-pandemic habits?

CIOs will have to bridge both worlds going forward, Bennett says. “Customers will expect digital experiences no matter what. But some customer groups would really like to go back to the stores.” They should also expect a long-term hybrid workforce with some employees working remotely full time and others returning to the workplace.

AI and automation

AI and automation have been on the radar of manufacturers for years, but the pandemic has accelerated their interest as companies struggle to keep production moving when employees fall ill.

At least one fifth of CIOs had at least small-scale implementation of IoT, on-demand platforms, RPA and AI in 2019, according to KPMG’s 2019 CIO survey. Companies that have moved beyond piloting and into adoption will be increasing their investments in automation going forward, Bates says, while investments will drop off significantly for companies that hadn’t reached small-scale adoption.

“The promise of automation to those that have proven their business case seems to be ‘this is a lever we’re going to pull.’ Others who are going to pull the plug on it are saying, ‘We don’t have time to prove a business case.’ I think this will create a bigger divide between winners and losers, because they’re going to create an automation chasm,” Bates says.

Digital strategy gaps

Even organizations that were well on their way to digital maturity before the pandemic are still finding gaps in their digital strategies. Many law firms that quickly moved to remote work, for instance, found that critical files were still locked away in office file cabinets, or trade processes that were largely digital still relied on one key process, for a courier to go across borders with paperwork, to complete transactions, Bennett says.

The transition to remote work went smoothly for some, but left process gaps for others. One online retailer boasted sophisticated warehouse automation, but the teams were used to working together in an office. “They’re refocusing their strategy on accelerating innovation in areas where they were already ahead. But also putting a lot more emphasis on automation and remote capabilities. How much can you run the operation without needing to send somebody into a data center?” Bennett says.

Another company working with augmented reality had to figure out how to repair a robot with one onsite specialist instead of three.


“We have no idea,” Furlonger says, of how long today’s uncertainty will last or what might come next. “We have to think about the multiple, complex, interdependencies we have in front of us.”

Gartner recommends multiple scenario planning to imagine all the alternative futures as the best way to keep from stalling in recovery. Then monitor, prioritize and adapt, Furlonger says. “Establish metrics and event triggers that may require you to change your strategy.”