How to Succeed as a Mid-Market CIO

Imagine needing technology but not having the resources to spend on it. Imagine being so busy reacting to problems, you never have time to plan for the future. Imagine being so overwhelmed by new reporting regulations, you can barely get your staffers to update their passwords. Imagine trying to tackle these issues with a gaggle of outsourced workers, or a tiny, overworked and underqualified staff.

Most mid-market CIOs don’t have to strain their imaginations; these are the facts of their lives. Indeed, life in the mid-market is hard. Companies with annual revenue between $50 million and $1 billion have the same fundamental problems as enterprises in the Fortune 1000—resources, time management, compliance and staffing—but mid-market CIOs must address them in an entirely different manner than their wealthier counterparts. Indeed, recent data from CIO’s "The State of the CIO 2006" survey found that technology leaders in small and midsize companies are far more hands-on than their counterparts at larger firms. At the same time, while their brethren at larger companies usually report straight to the top, IT leaders at smaller companies often report to second-tier managers, making communication even more critical.

"Mid-market CIOs are always fighting fires," says Laurie McCabe, vice president of the small and midsize business solutions group at Access Markets International Partners, a research organization in New York. "In that environment it’s tough to think about the bigger picture, but the advantage they have is that if they can carve out the ability to look ahead, they can be more agile and flexible than a larger company."

As McCabe suggests, those CIOs who can deal deftly with the problems they face in the mid-market need to have something extra, a bit of wizardry. Larry Bonfante, Greg Seyk, Jim Taylor and Ken Meidell are four who lead by example, constantly innovating in a drive to compete. These technologists speak philosophically about the challenges they face, and recognize that like most small businesses, they have to work two or three times as hard as the big boys to succeed. Still, it seems none of them would have it any other way.

"Is being a CIO in the mid-market more challenging than being a CIO at a bigger firm? You bet it is," says Bonfante, CIO of the United States Tennis Association (USTA), the $220 million organization that runs the annual U.S. Open tennis tournament. "But nowhere else can you really feel like you’re making a difference every single day."

Putting Out Fires

CIOs at big companies strive to minimize costs by forecasting systems development projects so they are not caught by surprise. However, at many mid-market companies, this kind of IT planning is difficult at best because these technology leaders already have so much to worry about. CIOs who run businesses in this boat describe their leadership approach as reactive, and their strategy as one of survival.

Early in his career, when Larry Bonfante served as an IT executive at pharmaceutical firm Pfizer, he had the option of delegating problems to someone else. Now, as CIO of a small organization with limited staff, he must get personally involved with just about every operational hiccup to make sure it is solved appropriately.

A perfect example is the U.S. Open itself. The late-summer event brings in $185 million in revenue, and Bonfante and his staff of eight have a budget of approximately $6 million for the entire year, and they must use a portion of that to provide technology for the tournament. Whether it is setting up electronic scoring systems, or making sure reporters have wireless access at the tennis facility in Flushing, Queens, Bonfante and his IT team quite literally run all over New York City to make sure USTA technology is performing the way it should.

"I’m up to my ears in alligators," Bonfante says. He describes the annual event that spans from late August to early September as an "exhilarating but exhausting" endeavor that draws hundreds of thousands of visitors. "A good thing about mid-market companies is the lack of bureaucracy, but this means that when things go wrong, you’re right there in the middle of everything."

Bonfante, for example, had to get involved when his organization’s Web domain expired earlier this year. The blackout occurred after the director of service delivery for USTA failed to renew the service with website registrar Network Solutions. The provider suspended service and shut down the site; only after Bonfante called Network Solutions and paid a $45 reactivation fee was the site repopulated.

Complicating matters is the fact that USTA board members, many of whom are former tennis professionals with little IT experience, expect Bonfante to spend time with them during their board meetings during the course of the year. During these meet-and-greets, Bonfante says he must market IT to board members and the business side of the organization. He estimates that he spends a "fair" amount of his time with executives and hints that this time could be better spent in the trenches to deal with the day-to-day operations.

"There is an ongoing marketing and education effort that comes with the job, but sometimes it’s heavier than others depending on the time of year," says Bonfante, who reports to the CEO. "It’s making sure that people at board level understand the value of IT and that they understand how we’re involved in every aspect of the business. That takes time, and there’s nobody else to do it but me."

Limited Resources

It’s no secret that financial resources at small and mid-market organizations are considerably more limited than those at bigger companies. With this in mind, many mid-market CIOs have improvised to meet technology needs with the resources they have. As CIO and vice president of IT at VisionQuest, a $70 million, Tucson, Ariz.-based organization for at-risk teens, Greg Seyk manages four IT staffers for a user base of 700 (out of 1,400 total employees) and has an annual budget of $1.2 million. Put simply, there’s no way he can invest much in hardware.

His solution: leasing equipment instead of buying it. Seyk has turned to vendors such as Cisco, Dell and IBM for three- and four-year leases on equipment. All leases include maintenance contracts so VisionQuest IT isn’t bogged down with troubleshooting. Seyk says this strategy provides an advantage because leased equipment provides a fixed monthly cost that is easily budgeted for by operations, with a continual hardware refresh cycle every 36 to 48 months as the leases expire.

"Our operations department perceives technology as a fixed monthly expense like any other ‘utility,’ rather than an asset that depreciates and must then be replaced with a new capital investment," says Seyk, who reports to his company’s CFO. "It could be argued that my fixed expense changes over time, but because older technology improves as it is replaced with newer technology, our technology generally continues to support the business expansion without a commensurate incremental capital investment."

Seyk says his relationship with his vendors is critical to making ends meet. In January, when the company inked a four-month deal with IBM to install a new wide-area network (WAN), Seyk insisted that the vendor include a full-time project manager so Seyk would not have to hire a new employee to manage the deal or train one of his current employees to do it. The results of this negotiation were savings of at least $75,000—what it would have cost to hire for one full-time spot. (Once the WAN is installed, VisionQuest will maintain it.)

Seyk says he plans to apply the same strategy during a forthcoming upgrade from Lawson Software version 7.22 to Lawson Software version 8.03. This time, instead of negotiating a project manager from Lawson directly, Seyk outsourced the deal to Salient, a provider that specializes in these types of implementations, and convinced the firm to "throw in" a full-time human liaison to see the job through until completion in January 2007.

"In theory, [this person] will keep our project moving from a company perspective and will work with the individuals who are responsible for each particular area," says Seyk, who adds that overall, the project will cost about $600,000. "He will be responsible for keeping the project headed in the right direction."

Compliance Woes

CIOs at nonprofit organizations such as USTA and VisionQuest don’t have to worry too much about stringent new federal reporting requirements. For CIOs at mid-market firms that are publicly traded, however, legislation such as the Sarbanes-Oxley Act (Sox), the Gramm-Leach-Bliley Act and the Health Insurance Portability and Accountability Act exact a particularly heavy toll.

These laws require companies to focus on reporting, hiring audit firms to make sure information is accurate, and installing complicated IT infrastructures that prove financial and private customer information is secure. The problem, of course, is that mid-market companies simply don’t have the financial or human resources to perform these tasks, making an already tenuous situation even more tense for everyone from programmers to the CIO.

Jim Taylor, corporate IT manager at Westmoreland Coal, a $333 million company in Colorado Springs, Colo., says that before Sox became law in 2003, his department had no formal auditing processes in place at all. In July of 2003, the department issued 11 policies for adoption that spell out how the organization will tackle everything from disaster recovery to technology refresh.

Many of these policies are derived from the Cobit framework, an open standard for control over information technology, developed and promoted by the IT Governance Institute in Rolling Meadows, Ill. Still, the policies themselves aren’t what costs money; according to Taylor, "it’s the technology that drives them that costs a ton." For Westmoreland, that "ton" has totaled $1.5 million so far, including fees to auditing firm KPMG. There’s a silver lining here, however: Taylor says that the law has finally given him leverage to implement some of the applications he has wanted all along.

Case in point: the company now has a new Denver data center to run a JDEdwards Enterprise One, which coordinates payroll and finance systems that previously had been implemented at a number of remote sites. Taylor, who reports to the vice president of administration, invested in this data center last year to centralize new systems designed to comply with Sox. Today, the new facility also houses a storage area network and document management system and will soon house the company’s primary e-mail exchange server. All of these technologies were bought and implemented with regulatory compliance in mind.

To set up this data center, Taylor called upon the services of Dimension Technology Systems. Though nobody from the company possessed a Statement on Auditing Standards (SAS) certification originally developed by the American Institute of Certified Public Accountants, Taylor convinced the firm to send its consultants to school for this knowledge so they could deliver the kind of compliance Westmoreland required.

"It is a major expense for our solution provider," Taylor says of the SAS 70 class. "They are committing to it because they realize that in the compliance-driven marketplace of today, if they don’t do it, they’ll be left out of opportunities in every market." (For more on the pros and cons of outsourcing, read "A Little Help from Your Friends" on Page 90.)

Staffing Struggles

Attracting and keeping good talent is an important issue for all CIOs, but it is particularly challenging for those in the mid-market, according to "The State of the CIO 2006" survey. Larger companies with bigger budgets simply can pay more. And because so many mid-market IT staffs are understaffed and overworked, the burnout rate is high, with some companies losing talented workers in droves to larger and wealthier companies.

At Cascade Designs, an outdoor equipment manufacturer in Seattle that earned somewhere around $75 million last year, CIO Ken Meidell has learned how to adapt to this challenge. After years of losing out to powerhouses such as Boeing, Microsoft and Real Networks in his search for experienced programmers, Meidell finally hit on the strategy of hiring staff members straight out of college and appealing to them with inducements they like: flexibility, individual freedom and, of course, camping gear. So far, the strategy has worked wonders.

1 2 Page 1
Page 1 of 2
Security vs. innovation: IT's trickiest balancing act