by Cristina Lago, with additional research by Chloe D

5 steps to success for a new CIO

Sep 18, 2019
CareersData CenterIT Strategy

Starting a new role is always a challenge, and the position of CIO is unlikely to be any easier as the ever-expanding role is significantly different to other IT leadership posts. However, with the right mindset and knowledge of what to expect you won’t be far off the route to success.

Apart from taking responsibility for all the IT and technology infrastructure within your organisation, you are also expected to be a business leader and influence meaningful change, including the bottom line.

The five steps below will help you get off on a good footing from day one and ensure that your role as a new CIO moves in the right direction.

Read next: How to build a winning technology team

Survey the landscape

An obvious but frequently ignored step.

Before implementing your new strategy as CIO, it is important to realistically takestock of the organisation, assess any previous plans that were in place, their effectiveness or the reasons they were dropped. Was the problem a lack of resources or maybe negligence from management?

Make yourself familiar with any ongoing IT projects and infrastructure developments. Sometimes stopping or delaying them could do more harm than good, so think twice before introducing any major changes.

Master the schedule, set milestones, study each vendor’s contract terms and conditions. Get to know the contracting and project teams and pick their brains about their issues and concerns.

Stepping in and demanding change from day one won’t sit well with most people around you so adopting an observer approach can bring more positive results than imposing an aggressive transformation.

Surveying the landscape will also show you areas of opportunity and improvement – where the implementation of new and disruptive technologies could benefit the organisation to best achieve its business goals.


Not only that: overcommunicate if necessary.

CIOs should be able to transmit information effectively to their team, fellow executives and the overall organisation, explaining how digital can influence the business model.

As the digital leader you should build relationships with different departments, involving all stakeholders to plot out a vision of where the business hopes to be in the next 12 and 24 months.

Open discussions will create a better understanding of your company’s needs and how to work together to reach the same shared goals.

The use of collaboration tools such as Slack, Trello and Google Hangouts can help further bring colleagues together, and make communication easy and fluid.

In 2018 Unilever CIO Jane Moran discussed how the consumer goods company was moving from a project delivery to a platform-based business delivery model, and how business partnerhip was increasing engagement with non-IT colleagues in a way which could help the bottom line.

“Our IT organisation is divided into business engagement teams which provide employee services, creating and using information and insight for a competitive advantage and investing in supporting technology to drive efficiency and growth,” she said.

“But not only do we provide employees and the business with the best possible tools, technology and information at the best possible cost, we also use technology as a driver for competitive advantage at Unilever.”

Build a strong team

During your critical first 100 days in a new role, it is vital that you work on establishing strong departmental and interdepartmental relationships and ensuring that you have a skilled team collaborating with you.

Practicing diplomacy can be a sensible move. Although you might want to start leaving your leadership imprint from day one, listening to those who have been in the organisation longer than you can ensure that you don’t antagonise colleagues and staff.

People are the number one priority. Paying attention to the human factor and demonstrating a genuine interest for your peers will help inform and implement process- and technology-related decisions.

Ask lots of questions. After all, you are the new person and it will be expected that you will want to know how things work in your brave new world. This will show an interest in the current state of the business and could start a conversation about issues that might have gone unnoticed before your arrival.

Good Energy’s CTO, David Ivell explained how he’s building a workplace culture where employees feel like they’re given the right technology and support to help them achieve success.

“We measure people by their output and quality of the work they do, not the amount of time that they sit at their desk,” he told CIO UK.

Tech teams should frequently refresh employee talent through investing, upskilling and hiring new brains. Investing in skills is often cited as a concern for CIOs and it should help in retaining the best IT talent.

Utilise the cloud

If not yet in place, you might want to consider migrating your organisation’s IT infrastructure to the cloud. It’s not only an important step towards digital transformation, it might save money and increase business agility.

A consumption-based cloud computing model to procure storage and hardware on demand can significantly reduce your quarterly bills as it will save your finance department cash on in-house IT servers and network equipment.

Richard Orme, CTO of Photobox Group, explained to CIO UK why his organisation decided to move to the cloud. “The reason for us deciding to migrate to the cloud was fundamentally to do with the fact that we were starting to hit the edges as to what we could do, in terms of storage.

“We were starting to reach a point where we were spending a lot of time just maintaining the hardware and the equipment within the data centres that we had. That really then takes us away from the investments that we like to make, and the customer journeys, and the ability to innovate in the physical product space.”

Of course, cloud migration is no small project, and there are right and wrong ways to go about it. Involving all stakeholders to better understand the real business benefits a cloud-based model can deliver is integral to a successful migration. There will be numerous other questions to address as well: what kind of cloud delivery model best suits business needs; public, private, or hybrid? Is there a lot of legacy architecture that could cause significant pain points, for example, in being re-architected? How best to run this migration with minimal business disruption while paying close attention to security and compliance – especially with GDPR looming in the background?

Nonetheless, successful cloud migrations can offer businesses agility and versatility.

Prioritise cybersecurity

The last thing that you want to happen on your watch is a data breach affecting your business. In 2014, Beth Jacob, CIO at US retailer Target, resigned after six years in the department store following a data breach that may have affected as many as 110 million US residents. More recently, the Yahoo email data breach potentially affected all 3 billion customers, while the Equifax breach resulting in the personal details of 146 million people being compromised naturally had an effect on brand reputation.

CIOs responded in recent editions of the CIO 100 that more than half of their organisations had detected a security breach in the previous year, while according to official government figures, almost half of UK firms were hit by a cyber breach or attack in 2016. Not only that, nearly seven in 10 large companies identified a breach attack. Just a couple of weeks ago British Airways announced that customers’ financial records relating to 380,000 card transactions had been the subject of a “sophisticated, malicious criminal attack”.

Being realistic, every business that is steward to valuable information will be considered a legitimate target for cyber criminals. But CIOs and CISOs can be proactive in how they anticipate potential attacks.

With cyber attacks becoming more frequent and sophisticated, a dynamic security strategy, a healthy cybersecurity culture with up-to-date policies, frequent staff training and a robust security framework will ensure that your business is ready for any kind of daunting scenario.

“It’s about having every member of staff understanding the excitement and the responsibility and challenge of maintaining that infrastructure, and doing that in such a way that we can keep a high level of service not just from a technology perspective but from a security and a customer service perspective as well,” Simon McCalla, former CTO at Nominet and current CEO for Sedex told CIO UK.

If your organisation has a CISO, close collaboration with them will go some way to helping that all adequate measures are in place. Since threats are constantly evolving, audits and penetration tests should be standardised and your systems regularly tested against.

Introducing and maintaining a vigilant security-conscious culture into your organisation can pay dividends. Adopting a ‘when not if’ mindset to security threats will mean that your business is more adaptable and ready to respond should threats occur, able to shut down networks to prevent threats from moving laterally across your systems.

“We’ve been working behind the scenes to ensure that we can remove as many threats from .uk as possible, and some of that is stuff that we talk about openly, and some of that is stuff that we have to do quietly behind the scenes with law enforcement to tackle some of the bigger challenges, and we’ve been pretty successful at that,” added McCalla. “This division is a kind of natural exposure of some of those skills and capabilities into a more commercial market.”