- RSA Conference 2024: Exploring our Current Cybersecurity Realities Amidst AI Myths
- RSA Conference 2024 Highlights: Cutting-Edge Cybersecurity Innovations
- Europol Warns of Home Routing Challenges For Lawful Interception
- Cyber Insurance Premiums Are Declining, Howden Insurance Brokers Report Finds
- Meta Faces Suspension of AI Data Training in Brazil
11 lies CIOs will tell themselves in 2022
A key member of your leadership team isn’t giving you straight information. Which is distressing, because straight, unvarnished, accurate perspectives are what you need most when formulating IT’s strategies and plans.
Sadly, you can’t escape the worst deceiver on your team. That’s because the worst deceiver is the one you see when you look in a mirror.
You know who I’m talking about. It’s the person you’re most likely to trust – who’s most likely to tell you what you want to hear, not what you need to hear.
Yourself.
But don’t worry. Unlike any other deceiver on your leadership team, you don’t have to resort to drastic measures to deal with your self-deceptions. You just need to take off the blinders that steer your head away from unwelcome information. To get you started, I’ve compiled a list of lies you’re most likely telling yourself about what 2022 has in store.
Employees want to come back to the office
We used to think employees liked the sense of sociability and belonging that came from the friendships they formed at work.
It’s time to peel this onion to the next layer. What it’s starting to look like is that as long as they had to come into the office anyway, the interpersonal relationships employees were … nice.
That doesn’t mean the opportunity to socialize makes employees actually want to come in to work. Some certainly do, but more are at best ambivalent. They figure as long as they’re in the office, socializing is more enjoyable than retreating to their cubicles to tickle their keyboards and mice.
But all in all, the benefit of socialization doesn’t even offset the frustrations of commuting.
We fully support remote workers
The pandemic probably has you thinking you’ve got this remote thing down pat. You’ve embraced the hybrid enterprise, and so far you’ve been able to focus at-home staff’s and at-home staff’s management on what they can do. Keep telling yourself it’s all good, even though you probably don’t even monitor the reliability and performance of employees’ home ISPs.
Sure, you’re able to take a don’t-blame-me stance on at-home ISPs, not that everyone won’t blame IT anyway. Here’s the bigger issue: Sure you’ve rolled out Teams, Slack, or some other collaboration tool. Sure you’ve made sure users have been taught how to operate the tools, congratulated the rollout team, and bragged about it to the executive leadership team.
But as with any other application implementation, the rollout isn’t finished when employees learn how to operate the new tools. It’s finished when employees have learned how to do their jobs using the new tools.
So unless fully online and hybrid meetings and are as natural and effective as the same people collaboratively solving problems used to solve them — getting together in a conference room with big whiteboards — the job isn’t done. The experience has to be just as seamless and intuitive. And when meetings are hybridized, with some participants in the office and others in those little squares on everyone’s laptop, problems only compound.
Although you do get one gimme in all this. At least nobody has to try to find the one dry-erase marker that still has some life in it.
Oh, and one more thing: Everyone everywhere probably needs to pay attention to having effective meetings, period. Technology can’t solve bad meeting habits. But you’ve already got a handle on that, right? Right…
COVID is last year’s problem
This self-deception falls squarely into the category of wishful thinking. The pandemic is far from over, nor will this be the last pandemic. Viruses will continue to jump from one host species to another, and global travel means they won’t become any easier to contain.
If we’ve learned anything over the past couple of years, it’s that pandemic prevention and mitigation should be a major section of your business continuity plan.
We think of the rest of the business as IT’s customer
No, you don’t.
If your average IT department ran a restaurant, and a customer came in to order the 16-ounce porterhouse, medium rare, an IT waitstaffer would say, “I don’t think so. You’re looking kinda pudgy. I’ll get you a house salad. Does low-fat ranch dressing sound good?”
If your average IT department ran a hardware store and a customer came in to buy a ceiling fan, the IT store associate would say, in no uncertain terms, that the customer couldn’t be trusted to install a ceiling fan without hurting themselves. “I think this floor fan is the right answer for you. Need instructions on how to plug it into the outlet?”
Businesses with customers don’t make “no you can’t” their default answer.
We’re meeting our business SLAs
Maybe you are, and maybe you aren’t, but meeting a service level agreement is a far cry from success.
An SLA is a contract between IT, acting as a vendor, and some part of the business, acting as a client. As anyone who’s been a vendor knows, clients only bring out the contract when there’s a problem with the relationship.
If you were a real vendor, pointing to the SLA and arguing, “See? You’re satisfied!” would get you exactly nowhere.
Well, no. It would get you even further away from somewhere than you started.
A service level measure is a two-part metric. It defines the minimum threshold of acceptable performance, and the percent of time IT lives up to that minimum threshold. SLAs are IT playing defense. Most business managers only negotiate them with IT because IT tells them they have no choice. Because really, if IT doesn’t meet its SLAs, what’s the business manager going to do, sue?
No, really. We are meeting our business SLAs
Business users, no matter what their role, go home and shop on Amazon. Amazon is never down and rarely slow.
Some are gamers. Their gaming sites are rarely, if ever, down.
Some share ideas on social media. We might wish Facebook would crash and burn for a few days but it doesn’t.
Business users also control their thermostats and door locks, see who’s ringing the doorbell, and keep track of how much less exercise they’re getting than their New Year’s resolution says they’re supposed to, all using smartphone apps.
Business users’ expectations of information technology, that is, are set at home and brought from there into the office. They aren’t set by your SLAs.
The fact of the matter is, the whole idea of SLAs is a quaint relic of a bygone era.
If your goal is for everyone in the business to think highly of IT and the services it provides, make their experience as consumers your benchmark.
Unless, that is, they use Comcast.
I have a strong partnership with the chief digital officer
Keep telling yourself that. It’s a comforting thought.
The CDO’s job is to keep track of what’s possible given the current state of whatever technologies are high on the list of digital-enabled opportunities this year and connect the dots between them and business strategy. The CDO’s role, that is, is to make promises. Your role is to keep them.
Which means it’s your job to disappoint everyone by explaining what’s possible on the planet you like to call “earth” given the constraints and other obligations IT has to deal with.
Guess whose version of “what’s possible” the rest of the executive leadership team will like better.
What’s that? Your company doesn’t have a CDO? Congratulations! You’ve ducked a bullet. So far, at least. If you want to keep on ducking it, keep your eye on the ball, namely, building and strengthening strong relationships with every member of the ELT.
We have a comprehensive cloud migration plan
More likely, you don’t even have a reliable application inventory. And if you do, a lot of your cloud migrations will be what’s politely called “lift and shift,” which is the IT equivalent of pouring cheap brandy into a Courvoisier bottle. Batch COBOL remains batch COBOL; point-to-point batch interfaces remain point-to-point batch interfaces.
And while I hate to be the bearer of bad news (okay, that’s one of my lies), you won’t know if your plan for migrating these to the cloud will deliver the performance you need while synchronizing data among DBMSs that live in different data centers thousands of miles away from each other.
Cloud as a place computing happens is less interesting than you might think from reading PunditWare on the subject. Cloud as an application architecture is what’s important. So a comprehensive cloud migration plan refactors every application in the portfolio to a cloud-native architecture. I’m not saying you should do this. I’m saying it isn’t a comprehensive cloud migration plan until you do this.
If you lift and shift instead of refactoring, you might see reduced platform license costs, but the flexibility and adaptability that come with true cloud-native architectures just won’t happen.
If we’re hit with ransomware, we’ll be okay
Well, maybe. Do you have the original installation files for all your applications safely tucked away on air-gapped servers? Do you not only back up your data but take frequent snapshots as well? Are you running an AI/machine-learning-based tool to look for ransomware-ish patterns in your network traffic?
Then maybe you’ll at least be a harder target.
Oh, and if your ransomware strategy is to just pay the ransom and hope the attacker will restore everything as promised, remember this: Risk management recognizes exactly four responses: prevent (improve the odds), mitigate (reduce the damage), insure (share the cost), and accept (hope it doesn’t happen).
If the risk is of an asteroid hitting the earth, wiping out civilization as we know it, and the prevention strategy relies on Bruce Willis getting there in time, accept isn’t a bad strategy. Otherwise it’s just being lazy.
Hope still isn’t a plan. Click here to see what a plan looks like.
We won’t have to start planning for Windows 11 until 2023 at the earliest
Oh, wait. This time you’re telling yourself the truth. Give yourself a gold star.
Your best 2022 Windows 11 strategy is to ignore it, for two reasons. First, you have plenty of time before migrating from Windows 10 becomes urgent, and in the meantime, you have bigger fish to fry. Second, a well-established rule of thumb for software from Microsoft is to never rely on the first release. Call it “best practice” and insist that’s what you’re adhering to when anyone asks about it.
Yes, you should set up a test lab so your end-user support team can, in what they laughingly call their spare time, familiarize themselves with it, but that’s all you need to do in 2022.
I’m honest with myself! Really!
When it comes to lying, doing it to yourself is a lot easier than to someone else. When you lie to someone else, they’re more likely to be on the lookout for it.
Which doesn’t mean you should ask a trusted confidante if they think you’re right about whatever the subject is. Trusted confidantes are almost as likely to tell you what you want to hear as you are.
To be honest about being honest with yourself there’s no substitute for personal due diligence. Be on the lookout for what might sound like a convincing narrative but isn’t rooted in verifiable evidence.
And make sure everyone who’s likely to disagree with you knows that even if they don’t convince you, you’ll always be receptive to their views.
