sb-au logo
Story image

How IT executive roles are shifting in this cloud-first era

30 May 2018

With 2018 now well underway, it’s interesting to think about the high-level trends at work in the world of corporate technology. One of the most interesting is the changes that are occurring in the roles of senior executives.

With more organisations looking to achieve faster innovation driven by technology, it’s natural that the roles of CIO and CTO are becoming more critical. At the same time, however, the role of CISO is becoming almost an after-thought when it comes to key initiatives. This is something of a concern.

It’s only natural that, with the shifting of IT from on-premise data centres to cloud-based platforms, services and apps, senior roles will evolve. However, this shouldn’t mean that CISOs are no longer required. Rather, the CISO should actually be leading a strategic corporate shift from on-premise security to managing the new risks that are emerging in the cloud.

Managing a cloud-first approach

It’s a tricky thing to suggest how an organisation should structure the execution of its business processes. The requirements and end results will vary greatly depending upon need, regulatory requirements, and risk appetite.

However, having observed many different organisations hone their strategies, I understand the typical elements needed to implement a cloud-first approach and how they differ from a data centre-centric strategy. I also know what needs to be done for a successful deployment and to maintain a high quality of user experience.

The most important point for security professionals is that, whatever their organisation calls the person running security, that individual will become less focused on on-premise security and will need to shift their attention to managing risks associated with the cloud.

This shift is also changing the relationship between the CIO and CISO. This is because it eliminates the requirement to specify, deploy, manage and maintain a range of technologies that are now automatically handled by cloud service providers.

Essentially, I predict there are three fundamental shifts taking place in senior IT roles:

  • CIOs are shifting from being ‘technology first’ to ‘business first’
  • CTOs are shifting from architecting corporate networks to embracing the cloud
  • CISOs are shifting from security and controls to risk and enablement

Business drivers

The shift happening for the CIO reflects how business drivers are now leading the use of technology and not the other way around. The non-technical board of directors can easily see how new companies have leveraged the internet to rapidly build huge profitable businesses and wealth in just a few years. Therefore, don’t be surprised that boards are telling CIOs what the business needs from technology. Indeed, many business leaders want the cloud to drive everything.

Since the physical running of IT infrastructure is shifting to cloud platforms, the roles of IT operations on premises will diminish. There will be a bigger need to co-ordinate what’s happening in the cloud with business users’ needs wherever they are working. This will be mandatory as enterprise and business apps move into the cloud.

Of course, this transformation won’t happen overnight as legacy apps will be in place for some time. However, the CTO’s need to focus upon on-premise infrastructure will drop off and engineering the cloud-first approach will dominate their focus going forward.

Security focus

As for the CISO, now is the time to get conversations with the board of directors moving from security technology to a risk-based perspective.

It’s silly to promote a legacy “protect the castle inside the moat” approach when enterprise computing and business apps are in the cloud and not physically on premise. The internet has become “the” network and securing access to it, cloud apps and data must be the new strategic focus.

CISOs should be leading the conversation with business leaders to understand the real risks, as well as the real opportunities, that this new cloud-driven world presents.   They need to change the dialog from “Are we secure” to “Do we understand the risks of operating in this environment and have we mitigated those risks sufficiently”.

For all executives in the IT space, now is the time to prepare for a new chapter in keeping their organisation’s IT operations, network and business applications operating at peak performance. The shifts taking place in their roles will help this come about.

Article by Zscaler vice president Asia Pacific and Japan, Scott Robertson.

Story image
Singapore makes an example of remote working in APAC, but security concerns persist
Respondents are most concerned about WiFi networks (39%), cloud storage (38%), email (36%), new technologies like IoT and 5G (34%), and video conferencing platforms (31%).More
Story image
AustCyber research shows huge potential of cybersecurity market
For the first time, the gross value added (GVA) of Australia’s cybersecurity sector can be estimated, at $2.3 billion. More
Story image
Video: 10 Minute IT Jams - Vectra AI exec discusses cybersecurity for Office 365
In Techday's second IT Jam with Vectra AI, we speak again with its head of security engineering Chris Fisher, who discusses the organisational impact of security breaches within Microsoft O365, why these attacks are on the rise, and what steps organisations should take to protect employees from attacks.More
Story image
Businesses can save on the hefty cost of a security breach if they're honest
SMBs and enterprises that disclose breaches proactively tend to experience 40% less financial damage, according to new research from Kaspersky. More
Story image
Ivanti extends ESM automation capabilities with latest additions
Ivanti has made additions to its Enterprise Service Management (ESM) portfolio, with greater automation capabilities between service management and SecOps. More
Story image
Cyber Security Cloud launches WafCharm on Microsoft Azure
Already available to more than one million Amazon AWS users around the world, this launch provides Azure users with AI operation of Web Application Firewall (WAF) rules, expanding WafCharms availability to 60% of the world's cloud users. More