The role and the focus of a CISO with Benjamin Corll

With 25 years of experience in the IT Industry, the insight, advice and perspective of Benjamin Corll, CISO, Coats is fascinating. His views on the relationship between the CIO and CISO, the importance of knowing the business and collaboration among teams are some of many areas that Corll shares through this Apex 1 on 1. 

 

Q: What is IT security doing to support innovation in the enterprise?

InfoSec has been an underpin for enterprise innovation for decades. We have been a force for change, yet we have operated behind the scenes for many years. Yes, we have had a bad reputation as it has long been believed that the InfoSec team is the “office of no”. However, I do like to say that we’re the team of the “office of the know”. And by this I mean that we have monitoring of the organization. We have an obligation to use this data to feed the other teams and to help them make better data-driven decisions. By doing this, we are driving (or supporting) innovation in the organization.

 

Q: How can you best describe the relationship between the CIO and the CISO in the enterprise?

As in most organizations, the CISO generally reports to the CIO. This means that the CISO has a tight relationship with the CIO. There should be mutual respect. I truly believe that the CIO and CISO are only successful when they are closely aligned. Security and IT should be aligned in objectives and strategy. The CIO is focused on availability and the integrity of the computing environment. The CIO is only going to be successful when the CISO is successful, as the CIO suffers when the network is breached, when applications are unavailable, and when desktops are compromised. The fate of the CIO and CISO are intertwined.

I have heard many times that it is said that it is a conflict of interest having the CISO report to the CIO. Can this be true? Yes, if the CIO is ignoring the risks that the CISO is reporting in order to prioritize uptime for the sake of availability. Yet, if the CIO understands that her success is tied to the CISO, then she should partner with and support the CISO. When that happens, there shouldn’t be a conflict of interest.

 

Q: What is the biggest challenge for a CISO today?

 Prioritization is the biggest challenge for a CISO today. The threat landscape continues to evolve. Our budgets will never be large enough and our teams big enough to address every risk. We cannot do it all. There will always be more to do. And we cannot remove all risk as that would be too cumbersome to end users or it would remove the ability for users to do their jobs.

Security teams will have to stay nimble and pivot. This doesn’t mean that security has to be only reactive, yet it does mean that they need to be flexible. A roadmap can still be developed and delivered upon, yet it is not to be written in stone as new threats may be revealed and require a shift in focus, a reallocation of funds, and full support put into a new initiative. 

This is why I believe prioritization is the key challenge for a CISO today.

  

Q: How do you stay abreast of the trends and what your peers are doing?

Collaboration & sharing is how I stay up to date on trends and with what my peers are doing. Joining organizations which enable sharing of ideas and experiences in a trusted and controlled environment is invaluable. Some of these are free, some of them actually have a subscription model. Both are good.

 There are curated lists of news which do save time. This allows me to know what some of the top articles and happenings are from around the globe without having to spend a lot of time scouring websites. What this enables me to do is answer questions if my executive staff calls me and asks me about something they may have seen in the news. So long as I have read my lists, I am rarely uninformed of the topics they’ve inquired about.

 

Q: What advice would you give an early stage CIO or CISO joining an enterprise organization?

Learn your business. Don’t focus on your silo’d role. Learn what the company does and the workflows required to produce the goods or service that drives revenue. This is going to help with two main things:

  1.       You’ll discover what the true crown jewels and critical systems are
  2.       You’ll learn how to align your organization with the business objectives

Talk to the business. Empower your stakeholders. Listen to listen. And when you make a promise or commitment, do everything to keep it. Even if you have to go back and tell them that something isn’t possible after all, still go back and have that conversation (and learn not to overpromise when you’re not absolutely certain). Stakeholder management and setting proper expectations goes a long way to being successful.

And then for the CISO, look at things from a risk based perspective. And when someone comes with a request, rarely answer with a “no”. Instead, answer with “Yes, and…”. Include the and to be the required guardrails or stipulations that you would be comfortable with the request. If possible, give multiple options. Allow the requestor to decide the path forward or if they don’t want to proceed. This makes the decision a joint decision and stops it from being an adversarial relationships.

 

Q: What can organizations do to get more women into senior level and executive positions? What can companies do to address unconscious bias at all levels of the organization?

How do we get more women into senior and executive positions? Be intentional. We need to get diversity in our organizations. This is also a diversity in thinking. I don’t want to hire anyone who thinks exactly the way I do. I need other thought processes and perspectives, else I’m going to continue to make the same types of decisions that I’ve always made. So I have to be intentional to hire people who do not think the same way I do. So I, like others, need to be quite intentional to require my recruiters to bring me a diverse group of candidates. And then I need to be open to those who have the right mindset, even if they don’t have all the experience that I want. For security, a mindset is more important than technology experience. I can teach someone the technology, yet I cannot teach them how to be curious, skeptical, or persistent.

 As for getting people into executive roles, organizations need to require a diverse group of candidates when a role is available.

 

Q: Has security been more of a challenge to manage while your teams have shifted to a Work From Home structure? 

My organization was friendly to a non-traditional office location for our administrative work force. However, it wasn’t exactly ready for everyone to not be able to ever be in the office, and certainly not for a year. 

How has this impacted the security? The engagement of users is more interesting. We need to make sure people stay engaged as they are more likely to follow the standards and security awareness when they feel engaged, empowered, and involved.

 

Q: Have you found new vendors for your organizations that are now needed in this time of COVID-19 and remote working

One of the most innovative companies we found was one that has enabled us to use our existing cameras within our facilities to allow our health & safety team to monitor the environment. The H&S team can get real-time / near-real-time alerts to unsafe activities. It allows remote monitoring of locations while still being able to detect undesirable activities and incidents.

 

Benjamin Corll, CISO, Coats

I’ve been in the IT industry for about 25 years now. I started in the US military as a small computer systems specialist, also known as a UNIX systems administrator. Being versed in CLI and IPTables, I was assigned to taking care of the firewalls and perimeter devices. This started a transition from sysadmin to security administrator. 

During the dot.com boom, I transitioned from military life into technology consulting. I spent the next several years deploying network and security devices before deciding it was time to settle down and begin building and maturing organizational security programs. I was fortunate enough to be a founding member of the US Postal Service’s Computer Incident Response Team (CIRT) where we built a world-class response organization with engagement with other CIRT/CSIRT/SOC’s around the globe.

 After a few years of building programs from a security engineering perspective, I shifted to building programs as an InfoSec Director. This allowed me to shift to a more strategic perspective and build programs that not only focused on risk management and protecting my organizations but also build programs that align security with business objectives.

 

The Evolving Role of a CDO with Bojan Duric

Bojan Duric is the Chief Data Officer (CDO) of the City of Virginia Beach where he promotes a data-driven and citizen-centric culture at all levels of the organization. Bojan’s rich experience in data science and business analytics span multiple industries including government, transportation, healthcare, and consumer packaged goods (CPG). He shares with Apex how he has watched the role of a CDO evolve throughout his tenure and discusses the current data trends that can impact an organization.  

 

Q: What is the difference between a Chief Data Officer (CDO) and a Chief Analytics Officer (CAO)? Are they one in the same?

A: I personally wear both hats and view these roles as being one in the same. However, depending on the size of the organization, its culture, and individual skills and personalities, the roles might be different. Both roles often play change agent with the same end goal, utilizing data and people to support organizational growth, enhance operational efficiency, and deliver an exceptional and personalized customer experience. The CDO is often incorporating both roles, while the CAO might come from the business side, focusing on data utilization without data governance, data infrastructure and other more technical data-related responsibilities.

 

Q: How have you seen the role of CDO change? Have you encountered any challenges facing the CDO function?

A: If we look at any business capability from a technology, people and process framework perspective, we can see that data plays an integral part and sits in the middle, acting almost as a glue. Projecting this view onto the CDO role clearly indicates that the role is evolving as our customers, processes and technology evolve, especially regarding overall responsibilities and organizational expectations. The role has become more mature and better-defined over the last few years, but the major leadership traits of possessing a well-balanced approach to technology and process while being an overall good negotiator and conversational leader to empower and inspire an entire organization to embrace data-driven practices remains a challenge. As an organization matures in its data and analytics journey, the role is growing by fine-tuning and expanding certain responsibilities. When I assumed the CDO position with the City of Virginia Beach, we defined our purpose as “to promote a data-driven culture at all levels of the decision-making process by supporting and enabling business capabilities with relevant and right information accessible securely anytime, anywhere, on any platform.” We were early in our data adoption journey, and our main goals were to address challenges such as breaking data silos, building internal data and analytics human capital, implementing an enterprise analytics platform and becoming cloud ready. By focusing on these challenges for two years and successfully closing the identified gaps, we enhanced our purpose to include digital transformation and innovation which changed the CDO role and responsibilities. It requires 360-degree support from leadership, peers, customers and fellow data and analytics practitioners. To secure buy-in from all stakeholders, it is very important to define an agreeable and achievable customer-centric purpose statement and start delivering on the promise. I have been able to get the necessary buy-in and continuously grow my team by frequently engaging customers and taking on new responsibilities to deliver actionable insights and relevant analytics solutions.

 

Q: How is your Organization leveraging Big Data and AI and machine learning to transform their businesses and what opportunities does it present to the business? What are the challenges, and how can these be best overcome?

A: Both Big Data and AI have been occasionally used as “buzzwords.” Big Data almost started to fade after failing to deliver on high expectations from all the hype a few years ago. Thanks to AI, Big Data is getting its second wind. AI, particularly narrow AI (NAI) seems to be able to deliver quick wins by automating processes and integrating chatbots, paving a good foundation for wider more sophisticated AI-backed solutions. So Big Data as a backbone of AI is getting attention again more from variety and veracity with way better outcomes than a few years ago when most business could not comprehend its applicability. Bots, RPAs and virtual assistants make AI applicability tangible and relevant to the business users. We have seen this transformation and its direct, positive and measurable impact on our organization with simple bot integration to handle basic, repetitive yet frequent tasks such as password resets and knowledge base searches. After one successful implementation, a floodgate of other use cases opened. Just one case, demonstrating seeing makes believing, has inspired great demand while cloud services along with human capital skills has proved to be able to scale appropriately and meet the increasing demand. Further automation and NLP adoption have huge potential, not only as a new solution but as an extension of existing business capabilities, almost AI as a service and product enhancement. For example, we all have access to personal assistants not only senior management as was the rule in past decades, but we do not utilize it in our everyday tasks to be more productive. The key to marginal improvements and adoption on a larger scale to gain huge organizational impact and operational efficiency involves freeing the creative mind to deliver new values. It requires unlearning old habits, relearning existing ones and learning new approaches. 

 

Q: What are the current data trends and how will it impact your organization?

A: Data is growing exponentially and new trends are emerging almost frequently but I would focus on a few that can make a huge impact on our lives as data consumers as well as on data practitioners such as data sharing and data privacy. It seems these are on opposite sides but not mutually exclusive rather data ethics inclusive. It does not mean that private data cannot be shared or that sharing means opening up all data. There is governance in place to ensure appropriate levels of privacy and security. It requires a good understanding of existing data compliance as well as your role to support and enforce data governance processes. I found that “data owners” are most reluctant to open up and share their data even in instances where there are no legal, compliance or business restrictions. I always use the analogy of home ownership when trying to explain data governance and especially, the term “data owner.” I ask the group to raise their hands if they are homeowners. You will notice most people in the room raising their hands. Second, I ask them if they would still be homeowners after failing to pay their mortgages for 12 months to raise their hands? Only a few hands would stay up (those who owned their homes outright and no longer had a mortgage). It is the same with the data; we own certain data and it is protected and regulated depending on industry and compliance, but in the most cases we as data practitioners are data trustees. We take good care of our homes, we follow regulations, do home improvements to enjoy our homes, improve quality of life, and build equity. We certainly do not mind keeping our neighbors accountable if we see that their neglect can jeopardize our living conditions and diminish equity potential. Why should it be different with data? If your home is one of your biggest assets, and we continue promoting ‘data as an asset’, then we should manage it as an asset. Data sharing is one way of improving and enriching your data. It also promotes data reusability, significantly reducing the number of requests for new datasets which force highly-skilled data engineers to perform unnecessary and redundant ETL processes. I have to admit that the data sharing implementation might be painfully slow, but we will see enormous efficiency among our customers even with small improvements around data sharing. Streamlining the process and annotating data on small samples eliminates not only silos but unnecessary errors and increases trust in existing data. Thus again showing the importance of being a data trustee.   

 

Q: How has DevOps and cloud services changed the way you design, build, deploy, and operate online systems and secure infrastructure?

A: My decades of professional experience as a data practitioner and a leader have taught me that information is valuable and actionable only if received when needed—one day or even one hour late could easily make it irrelevant. A day-old newspaper is viewed as useless, almost like garbage to be recycled. My latest hire to lead data engineering efforts came from a strong DevOps and cloud background. I see strong, agile, and infrastructure scalable data engineering is a prerequisite for successful data science and data analytics practices. For those going to the gym regularly, data would be your legs and you never want to forget your leg day, while analytics is your upper body, the most visible thus getting the most attention. Data engineering is your core, abs and back. A weak core compromises your overall health and fitness. So strong data science without strong, agile data engineering is questionable too. I must be clear that DevOps is not a simple copy/paste to data engineering, but there are many similarities. The data engineer role is often used interchangeably to define data architect which requires a solid cloud understanding. It also requires good scripting skills where I pull parallel with software developers, and as every code, it requires versioning and collaboration. In previous years, we have managed to retool part of our DBAs practice and develop a data engineering team that is fully cloud-certified adopting DevOps principles with an ultimate goal to manage data via code repos rather than maintaining multiple data tables and views. On the analytics side, in addition to computing power and scale, the cloud offers production-ready, data science services which require borrowing DevOps methods. Both cloud and DevOps hugely accelerated a long-term need for data analytics and quick turnaround resulting in DataOps as not only a set of best practices but as its own methodology in data analytics.

 

Bojan Duric is the Chief Data Officer (CDO) of the City of Virginia Beach where he promotes a data-driven and citizen-centric culture at all levels of the organization. As CDO, Bojan is responsible for implementing data and information strategies across the enterprise with wide impact not only on Virginia Beach residents but whole Hampton Road region. Shortly after joining the city, he successfully implemented the highly demanded Data Academy Program, a data and analytics literacy initiative which enriches employees with data and analytics skills to support factual based decision-making process. Some key advances for the City of Virginia Beach in his short tenure include the implementation of the first data and analytics platform for collaboration and a framework for certifying both data and practitioners, as he likes to call “Data Governance in Practice”. He views data as an asset to empower employees, boost citizen engagement, and increase transparency.

Bojan’s rich experience in data science and business analytics span multiple industries including government, transportation, healthcare, and consumer packaged goods (CPG). He has held key roles in financial, operational, supply chain, and sales and marketing analytics. His vast business background includes providing management coaching, training, and consulting to Fortune 100 companies and government contractors, such as Norfolk Southern, Carlsberg A/S, and ADS Inc. He is proficient in several open source and proprietary technologies and has developed a range of data solutions and analytics products recognized by influential data communities, and both private and public organizations.

Bojan is a guest lecturer at the Old Dominion University (ODU). He is the advisory board member with ODU’s Computer Science and Engineering, and Storme College of Business. Bojan holds a Bachelor of Science degree in Computer Science with a minor in Mathematics from Rutgers University and a Master of Business Administration (MBA) from Old Dominion University. 

 

Apex 1 on 1 with John Arsneault: Insights from a CIO, venture capitalist and a startup advisor

With over 30 years in the technology industry, his expertise in strategy and execution within the realm of growing business has made his 1 on 1 with Apex fascinating. Read John’s perspective on how the legal industry is evolving in the current state and his five step process for managing an organization.

 

Q: Have you developed a business driven data strategy; is there support for it and is your organization becoming more data-driven? What steps are you taking to ensure all areas of the business are data driven?

A: We set out to develop a business systems architecture that modernized all of our back office systems utilizing a platform first strategy.  This included moving to SaaS only vendors with modern API’s which allows us to move data in and out of systems as needed without heavy effort.  With a SaaS architecture, systems are automatically updated with new features, allowing IT resources to focus on value-add efforts vs. system upgrades and maintenance.  The organization has an ever increasing appetite for data driven decision making around client preservation, revenue generation and back office decision making.  We believe that simplicity in systems architecture plays a big role in adoption of tools and idea generation around them.

 

Q: How do you balance the need to ensure that non-revenue generating data-driven transformation efforts receive the commitment and funding that are required to sustain these efforts?

A: We build business cases for IT initiatives and run those cases through a technology steering committee for selection of a diverse set of annual investments.  While ROI is a key driver in the selection process, a balanced approach to progress across the entire firm is a key guiding principle.  Keeping the overall firm healthy from a technology perspective only happens if we invest in all areas of the firm vs. focusing only on revenue generating activities.

 

Q: How are you justifying the cost needed to evolve and adapt IT to support the speed and agility required by the business?

A: We have been successful keeping IT costs relatively flat despite investing heavily in new systems.  This is accomplished primarily by utilizing SaaS solutions.  Migrations from managing data centers and DR facilities to being 100% cloud as well as cloud PBX adoption has cut traditional IT infrastructure costs substantially, which offsets the investment in new systems.

 

Q: What operating model and cultural changes have you considered as you shift to a digital business?

A: This is something that is very much in progress in the legal services space.  Some technologies such as e-signature capabilities have made an immediate impact on efficiency and client service. Others such as Zoom have cut travel expenditures significantly.  There are many examples of technologies that have adoption curves that take years, while others catch on quickly.  Emergencies (like a pandemic) or an extreme competitive disruption can accelerate adoption, most however take a little time.  Our firm has moved in a direction of digital work processes quite a bit in the last few years with a focus on speed of delivery for clients.   

 

Q: What is the current state of Big Data and AI investment and do you sense the pace of Big Data and AI investment changing?

A: This has been mostly an experimental space in the legal world.  The biggest issue holding back adoption of AI in legal is the lack of focus on UX.  The majority of focus is on the back end of the systems, resulting in solutions that are hard to use, limiting who can take advantage of them.  This follows a typical innovation curve of complex systems and I expect this to change in the next 3-5 years.  There is already an uptick of focus on the UX of AI systems in the legal space.

Q: What advice would you give an early stage CIO or CDO joining an enterprise organization?

A: I think it is important when you join an organization to learn the business at a high level and develop a multi-year (call it 3 years) technology strategy for the organization. If you get too bogged down in the weeds early on, it is very difficult to shift to strategic work. I try to follow a five step process for managing an organization:

  • Develop a strategy aligned with the industry you are in and get executive buy in.
  • Build a team of A level players that are excited about the strategy.
  • Break the strategy down into tactics (prioritization, resource management).
  • Show up each day and grind.  Be consistent and keep commitments. Your staff will mimic your habits.
  • Develop the art of saying no.  You will be inundated with requests and ideas.  If you allow these requests to disrupt your tactical plan, you will not succeed with your strategic plan.  This is art form – you need to learn to say no without making people feel like you don’t listen or care.  That is not easy but it is a vital skill.

 

Q: How has cloud services changed the way you design, build, deploy, and operate online systems and secure infrastructure?

A: SaaS has changed everything.  You can focus on data and feature usage vs. deployments and maintenance.  Applications don’t get old, IT doesn’t have to choose what new features to give to the business because of limited resources.  There is no infrastructure to manage.  Tech access gets simplified, no VPNs, user experience is the same regardless of where you are or what device you are using.  The IT folks can focus on usage and value vs. keeping the lights on.  Product development can be more easily influenced with strategic vendors as they are now maintaining a single code base.

The ever changing role of a CSO with David Levine

With a wide and diverse variety of positions during his 23-year tenure with the Ricoh, Vice President Corporate and Information Security and CSO David Levine shares his perspective on the role of the CISO,  how he stays abreast of industry trends and in the current COVID-19 era, what it means to have a remote team. 

 

Q: How has the role of the CISO changed over your career?

A:  The CISO role has continued to grow in organizational and strategic importance within many businesses, including Ricoh. What was once a blended function in IT is now its own critical function with its leader (CISO/CSO) having a seat at the table and reporting, if applicable, to the board on a regular basis. That’s a significant transformation!

Q: What is the biggest challenge for a CISO today?

A: This ties into my answer above, the security budget and staffing has not necessarily kept pace with increasing demands and importance. As more and more of the organization as well as customers and partners realize they need to engage and include security the team gets spread thinner. This can put a real strain on the organization and its effectiveness. Prioritization and risk assessment become critical to help determine what needs to be focused on. You also cannot ignore the fundamental challenge of just keeping pace with operational fundamentals like vulnerability remediation, patching, alert response and trying to stay ahead of highly skilled adversaries. 

Q: How do you stay abreast of the trends and what your peers are doing?

A: I use a variety of approaches to track what’s going on relative to trends and my peers. Daily security email feeds are a great source to get a quick recap on the last 24 hours, leveraging one or more of the big research firms and being active in their councils is a great mix of access to analysts and peers. I am also active in the CISO community and participate in events run by great organizations like Apex. 

Q: What advice would you give an early stage CIO or CISO joining an enterprise organization?

A: Although I have been with Ricoh for many years, if I was moving to a new organization, I would take the time to ensure I understand:

 

  • the company’s objectives and priorities; 
  • what’s in place today and why;
  • what security’s role in the organization has been;
  • what’s working and what isn’t.

 

I’d also commit to completing initial benchmarking and make sure I spent time, upfront, to start to build solid relationships with key stakeholders.

Q: Have you been putting cloud migration first in your organization’s transformation strategies?

A: We adopted a cloud first mentality a few years ago. The cloud isn’t perfect for everything but in many cases it’s a great solution with a lot of tangible advantages.

Q: What are your Cloud Security Challenges?

A: For us, one of the biggest challenges is keeping pace with the business from a security and governance standpoint. We are currently working on putting in comprehensive policies and requirements, along with tools like a checklist, which will make it clear what’s needed and also enable the various teams to do some of the upfront work without needing to engage my team. That’s a win-win for everyone and reduces the likelihood of a bottleneck.

Q: What are your top data priorities: business growth, data security/privacy, legal/regulatory concerns, expense reduction?

A: YES! In all seriousness, those are all relevant priorities my team and I need to focus on. This further adds to the prior points around more work than hours and resources. 

Q: Did you have specific projects or initiatives that have been shelved due to COVID-19 and current realities?

A: Like most of my peers that I have talked to, we have put on hold most “net new” spending for now. The expectation is we will get back to those efforts a bit down the road. We are also taking a look to see what opportunities we have to streamline expenses.

Q: Has security been more of a challenge to manage while your teams have shifted to a Work From Home structure?

A: I am proud of my teams and the ecosystem we put in place. All in all, it’s been a pretty smooth transition. My team is geographically dispersed and a few key resources were already remote. However, that is not to say there aren’t any challenges – not being able to put hands on devices has made some investigations and project work more difficult but we’ve found safe ways to complete the tasks. Ensuring the teams stay connected and communicate is also important. 

Q: What were/are the most significant areas of change due to COVID-19?

A: We certainly had to make some exceptions to allow access and connectivity that we would not have done under normal circumstances, but it was the right thing to do for our business and our customers. We also had to shift some users to work from home who typically would not and as such, didn’t have the right resources. Both of these highlighted areas to focus on in the next revisions of our Business Continuity Plans which contemplated the need to shift work and locations but not necessarily everyone working from home. There is also a need to reemphasize security, policies, training when working from home.

“Take charge of your own career, and do it passionately,” with Varsha Waishampayan, CEO and Founder of WINGS for Growth.

Apex sat down with Varsha Waishampayan, CEO and Founder of WINGS for Growth who has tremendous experience on Wall Street building global teams from the ground up, problem solving and whose passion to promote women leaders led her here. She shares her experience along with ways that we can all move the needle through mentorship and support.  

 

Q: Is the lack of women in tech really a pipeline problem or is it that companies are not providing the culture to cultivate and promote their women talent? 

A: Lack of women in tech is a similar issue as lack of women leaders rising to the top in any industry. I do not believe in blaming companies, society or the world alone in general. Times have changed. Many opportunities have opened up for women to do what they want to do. Yes, there is still a lot of work that needs to be done to promote gender equality but we are heading in the right direction. Now the question is, are women ready when the opportunities arise? Do they have the right support system to rise? I do think companies have to do more work in creating an upward mobility path for all employees wanting to pursue a career in Tech regardless of their gender. In my view, CIOs still don’t have an important seat at the table. WHY?

Q: Does the current conversation about women in tech single women out and leave men out of the solution in your organization? 

A: No conversation should ever single women out. We always need men as our allies and partners in every growth conversation. No questions. Organizations need to create an inclusive culture not just by talking about it, but by doing it. 

Q: What can organizations do to get more women into senior-level and executive positions? Where do you see gaps? 

A: This is a longer conversation, but this is how I will summarize:

  1. First, women have to be ready and willing 
  2. Structured Mentoring and coaching program should be offered to high potential women feeling stuck in the middle 
  3. Women must create a better support system at home so that they can have work and life balance (Work and life Integration does not work in my opinion). Organization must support flexible work environment even for senior women. They should not have to pick promotion vs. family. 
  4. Women have to lift each other to reach the top  
  5. The organizations need to create opportunities for women and women need to learn how to spot, seize and grab the opportunity when they see it 

Q: What can companies do to address unconscious bias at all levels of the organization? 

A: Train them well and test them over and over again. Create a culture where employees feel empowered, respected and they are not afraid to own their actions.

Q: What advice would you give to a woman considering a career in the tech industry? What do you wish you had known?

A: If tech is your passion, go at it with full force. Doors will open if you want them opened. Perseverance and focus will clear the path. Don’t be afraid to chase opportunities where they exist. The biggest challenge with Technology is continuous education and innovation. Women have a lot more demands on their time. So, I found it challenging to keep up with new technologies while fulfilling my duties as a mom and wife at home. Prioritization and support system at home is key.

Q: What do you think is the biggest challenge for the next generation of women and how can we be stronger role models for them? 

A: Millennials have everything boomers often lacked – confidence, focus, passion and a great sense of entitlement. They MUST NOT undervalue experiential guidance. We need to be open-minded and flexible. Make room for the next generation to grow. Engage them in the decision-making process. Companies should fire their managers if they do not have a succession plan. 

Q: How is your organization creating programs and training for men to be better advocates for women specifically around support and sponsorship?  

A: WINGS for Growth is a nonprofit, we deliver a formal mentoring and coaching program to women with high potential. Many of our mentors are men and they are senior executives. We coach them and train them to become great mentors while they are in our program for 10 months. We also have female mentors. Often, they learn from each other’s experience.  

Q: How can women better support other women in technology? 

A: Women need to lift other women in any industry not just in Technology. There are plenty to go around, no need to be insecure. Just because we struggled does not mean others should. Progress will be very slow if we keep blaming companies, society, and businesses for gender equality, and we do not do our part. I am doing mine.

Q: It is no secret that many women in the tech industry felt their gender has affected the way that they are perceived or treated in their role. Have you come across a situation that made you feel that way?

A: I have not, mostly because I focus on what I can control and find a way to navigate through challenges. But I know gender plays a role. If you equip yourself with knowledge, passion and strong drive nothing is impossible. It may take longer but you will feel the progress.  

This is the reason I left corporate America to focus on the solution rather than complaining about the problem. I started a nonprofit called WINGS for Growth. We prepare women for upward mobility through formal mentoring and coaching. We also prepare senior executives to be better mentors. This is a ground level work we must do before we can have any meaningful conversation about Diversity and Inclusion and gender gap. 

 

Varsha Waishampayan, CEO and Founder, WINGS for Growth

Varsha has decades of management experience on Wall Street. During her career, Varsha has built large global teams from the grounds up, led complex problem-solving opportunities, and developed meaningful relationships in fortune 500 companies as well as in large nonprofit organizations. Varsha has worked with several C-level executives in her management-consulting career at PwC. She knows knowledge, authenticity, and insight is what matters in almost every business and she has learned and practiced that all her life. Her strong operational background helps her to stay focused on execution and delivery. 

Varsha is passionate about creating and promoting women leaders. She has worked and led nonprofits that focus on girls’ education. She is a teacher at heart and has seen her father changing people’s life from good to great by being a teacher all his life. Before stepping into financial services, Varsha was a professor of Chemistry in her previous life. She taught graduate level courses. 

Her fascination with leadership development in women was kindled by being a participant of the corporate run “Developing talent program” focused on women’s development. Varsha had a chance to observe, participate and understand the dynamics of what worked and what could be made better in workplace mentoring. At this point, she recognized she was drawn to constantly mentoring women around her and she could make a difference with her approach.

This led to a discovery and then new beginning of her purposeful journey. Varsha left her long successful career in corporate America and founded WINGS for Growth to pursue her father’s vision in a purposeful journey. WINGS for Growth is a non-profit organization, which empowers women to unleash their inner leader and accelerate their personal and professional growth.

Music is Varsha’s muse. She is rejuvenated by music and equally loves being energized by a day at the spa. Nature in its selfless giving inspires her every day. She is ever grateful to have a wonderful family and thankful that she followed her father’s best advice “There is never a bad time to do good, it is a matter of priorities”. She lives in Bridgewater, NJ with her husband and enjoys the natural bounty of her surroundings. 

 

Insights from a Transformational Leader with Susan Marricone

Apex sat down with Susan Marricone, a Technology and Transformational Leader to discuss the role of an IT Leader and the importance of innovation, being customer centric and IT as a business enabler in the enterprise. 

Q: What is IT doing to support innovation in the enterprise?

A: The current technological environment is so fertile and the need to innovate so urgent, that we shouldn’t even have to be asking this question. Innovation has to be a given for IT in the current environment; yet, in ­­many companies, IT isn’t doing enough to support innovation in the enterprise. 

It is today’s innovation that becomes the viable revenue stream of the future and much of that innovation has deep technological foundations in IT. IT is always at risk of becoming one of the “business as usual departments” instead of focusing a meaningful proportion of its activities on innovation. Close alignment with the business strategy as well as with industry trends can help IT focus its innovation activities in meaningful ways, but IT should also have its own innovation zone. It’s impossible to predict where the next innovation will come from.

Q: What is the single most important thing CIOs should be focusing on today?

A: Like every other part of the enterprise, the most important thing for CIOs to focus on is the customer. The real customers of the company, not the fallacy of the “internal customer.” The “internal customer” fallacy has caused a lot of damage to many IT departments by enabling a lot of gold-plating, a lot of unnecessary internal processes and the reinforcing silos or introducing new ones. CIOs have to lead the way by aligning closely enough with the business to make it clear how IT’s activities are ultimately serving the customer, even when it is not readily apparent.

Q: Should IT be a business enabler?

A: Unless it’s been strictly relegated to “keeping the lights on” – which is net loss for everyone involved – then IT should not only be a business enabler, they should be business partner and a business leader. IT should be at the forefront of ideas, technologies, services and platforms that can not only enable the business but inspire it as well. IT cannot settle for being merely reactive but needs to be firmly entrenched in business strategy and growth and viewed as an internal think tank for ideas.

Q: How do you stay abreast of the trends and what your peers are doing?

A: Talking, reading, travelling to conferences where the people I respect as innovators and thought leaders have a presence. Mostly it’s a mindset of keeping one’s eyes and ears open to what’s happening all around – and making sure you keep it as a priority.

Q: What is the biggest challenge for a CIO today?

A: Finding and keeping the right people is one of the biggest challenges for any leader, including CIOs, particularly in the current competitive environment. For CIOs, it’s extra hard, given the pace at which the landscape changes.

Q: How has the role of the CIO changed over your career?

A: There was a day when a CIO could succeed merely by effectively implementing three- or five-year old technology strategies cost-effectively and with stability. Those days are gone, and the role of today’s successful CIO is a multi-faceted mosaic: part leader, part visionary, part technologist, part transformational guru. Much more challenging – and much more interesting too!

 

Susan Marricone, Director – Agility / DevOps Transformation Leader

Susan Marricone is a dynamic executive and transformation leader making an impact on the Future of Work and Ways of Working to deliver strategic business initiatives. As companies undergo digital transformation and recognize the need for continued innovation, transformation touches many different parts of the enterprise – from organizational structure and business processes to more agile strategy, finance, HR, procurement and supply chain.

A Certified Agile Leader (CAL), Susan Marricone is also certified in business agility, Agile HR, Lean, Change Management and Leading Disruptive Innovation. She holds most major industry leading Agile credentials and has deep experience in Agility.

Susan Marricone has been a speaker for the national Agile Alliance | Women in Agile workshop, leading into the Agile2017 Conference and Agile NJ among other venues, speaking on topics including Empowering Women through Agile Outside IT, Agile HR, and the evolving role of the Agile Business Analyst. She is currently on the Advisory Board for the Rutgers University Leading Disruption Innovation Certificate Program.

The role and the focus of a CISO with Tim Swope

Apex sat down with Tim Swope, Chief Information Security Officer at Catholic Health Services of Long Island to discuss his role and experience as a CISO. With extensive experience in the industry, Tim shares his advice and the value of an IT Risk Management Program being the cornerstone for all cyber security work.

Q: What is IT security doing to support innovation in the enterprise?

A: In addition to training the IT Security Staff, we all attend many seminars outlining new and innovative technologies and with our Proactive Risk Management model we are able to determine what GAPS those technologies will close in our organizations.

Q: What is the single most important thing CISOs should be focusing on today?

A: While many security leaders focus on the technical side of cybersecurity, a key focus of mine is risk management. Risk management is the overriding element for successful cybersecurity programs.  We need to know what cyber risks and 3rd party vendor risk that my affect our organizations, assign a risk level and then focus our remediation and management on the top tier risks first.

Q: How can you best describe the relationship between the CIO and the CISO in the enterprise?

A: The CIO and I work very closely together on the overall information strategy for the organizations.  That being said, while the CIO might push for technology solutions that will make access to information easier…..I ensure that we can effectively manage and monitor that technology.  In the Healthcare space, innovation has moved faster than our ability to secure it. I remind the CIO we are FIRST in the patient privacy and safety business..not the convenience business!!

Q: How have you searched for and found the best vendors for your organization?

A: We have a very strict due diligence process for our vendors, especially those that will be working with PHI. However, we are constantly looking and evaluating vendors that may be able to save us cost, have greater automation and solve our needs better.

Q: What is the biggest challenge for a CISO today?

A: In the Healthcare industry, changing regulations, the need to expose patient data to outside entities and ensuring that the same IT security posture remains in place in the face of this change.

Q: What advice would you give an early stage CISO joining an enterprise organization?

A: When coming into a new organization as a CISO leader, I strongly believe in conducting an internal assessment to get an understanding of what controls and technologies are in place. While some CISOs may rely on an outside firm to conduct these, I choose to do an initial assessment myself, putting myself in an outside auditor’s shoes. Rather than looking at somebody else to do it for me, I’ll do it myself and I think that’s the key thing a CISO should do, is understand his or her landscape and do their own personal assessment and only then can you see what you really have.

Q: What is the importance of an IT risk Management Program in today’s cyber security landscape?

A: In order to deliver value to our customers, patients, employees, communities and shareholders, we at Catholic Health Services and other Healthcare organizations must understand and manage the risks faced across our entire organization. Risks are inherent in our business activities and can relate to strategic threats, operational issues, compliance with laws, and reporting obligations.  As part of the overall IT risk management process Information Security, Governance and Risk (ISGR) departments are responsible for various activities that are important to regulatory compliance, information security, data protection and risk management. This group has the authority and responsibility to investigate and assess compliance in all activities relevant to the Security Governance Program and to report on compliance status to IS Management.

The “Framework” that encompasses their Risk Management Program has the primary functions to:

  • Determine categorization of IT risks
  • Define the common framework used to identify and manage potential events that may affect information within the IT infrastructure
  • Define accountability for IT risk management
  • Determine the governance and oversight of IT  risk management activities

Internal and external events affecting our ability to achieve our security and operational objectives are identified at various points in the business cycle. During strategic and business planning and review processes, business unit management assesses the market and competitive environment to identify risks and opportunities facing their business. The various risk management functions within or assigned to that business unit provide expertise, support and input into the process. Each of the risk management functions is represented on applicable management committees to enable effective risk identification and business partnership.

Throughout the year, risk assessments, scans and surveys are performed by the ISGR team to identify internal and external events that might affect the achievement of the Company’s objectives. Additionally, the various risk management functions scan the external environment for risk indicators through analysis of applicable business intelligence, including trends in external health authority and other government inspections and enforcement, legislative changes, and shifts in market, payer and consumer models, as well as relationships with external subject matter experts.

Finally, risk management functions review the output from internal monitoring and assurance activities to identify gaps and emerging risk areas. Risks are analyzed, considering likelihood and impact of a given outcome, to determine how they should be managed.

If we can take a way one lesson from the need for a risk management program it is the following:

Risk Management is the number one process for Identifying potential risks and creating a plan to eradicate or manage them!!

We don’t accept Risk, we continually Manage it!

 

Tim Swope

CISO

Catholic Health Services of LI

Mr. Timothy Swope is currently the CISO of Catholic Health Services, an 18,000 employee hospital group in Long Island, NY. He is an Information Security and IT Risk Management professional who partners with Chief Information Security Officers and IT Governance, Risk and Compliance executives to assess and deliver IT Security and Risk Management programs to Health Care and Insurance, Pharmaceutical and government agencies. After spending over 2 decades assisting clients implement secure enterprise BI, EHR, Meaningful Use and other data science systems, Tim knows and understands the requirements and components that create a secure information security posture. A key area of his expertise centers around interpreting and applying Federal, State and Industry regulations such as: DSRIP, HITRUST, HIPAA, NIST SP 800-53, 21 CFR Part 11, Health Insurance Reform: Security Standards, FISMA (Federal Information Security Management Act) and locally the Zadroga Act to name a few.

He also supported cyber security requirements for Medicaid’s Delivery System Reform Incentive Payment (DSRIP) Program at 2 of New York’s largest PPS’s (Performing Provider Systems) Northwell Health and NYC Health and Hospitals.

He has supported the IT Risk Management and IS Security initiatives of organizations that include Excellus BCBS, Medimmune/ Astra Zeneca, MERCK, ENDO Pharmaceuticals, Novo Nordisk, Daiichi-Sankyo Solutions, Johnson and Johnson, District of Columbia Government office of the Chief Financial Officer, District of Columbia Water and Sewer Authority, City of Richmond, Virginia Department of Public Utilities.

The role, the challenges and the responsibilities of a CIO with Milos Topic.

Apex sat down with Vice President & Chief Information Officer of Saint Peter’s University. With 20 years of experience in leadership, innovation strategies, technology implementation and business development, Milos shares his views on the role of a CIO and  what it means to be an IT leader today.

 

Q: What is IT doing to support innovation?

A: IT is meant to drive innovation and enable others to do the same and take part. IT is a critical partner and a “golden thread” if you will across everything modern businesses and organizations do. As such, it is uniquely positioned to provide value to all.  Furthermore, innovation comes in many forms, but it always requires action. Thinking, planning, strategizing is all wonderful and valuable, but without action, not much will get accomplished.

Q: What is the single most important thing CIOs should be focusing on today?

A: CIOs as well as all executives should be focused on people and business growth. Modern CIOs are more customer facing and are spending time on strategy, vision and innovations across and beyond the enterprise.

Q: Should IT be a business enabler?

A: IT is business in a sense, or it is at the very least an essential part of every modern and competitive organization. As such, it should provide options to challenge old (and at times outdated) business models before others (from the outside) do it for them.

Q: How do you stay abreast of the trends and what your peers are doing?

A: I have invested years (and continue to do so) in building and nurturing relationships across various industries, sectors and markets. These relationships paired with various events (such as those hosted by Apex) are of critical significance in staying current and learning from those who may be further along.

Q: What is the biggest challenge for a CIO today?

A: It varies across industries and different maturity models of organizations, but I do believe that attracting and retaining top talent is one of the largest priorities, it certainly is for me. In today’s world and in major markets such as greater New York City area people have options which is great for them, yet challenging to many organizations.

Q: What is the difference between a CIO and a CTO?

A: Titles vary, but in general, a CIO should be focused on customers, innovation, strategy, growth and providing value to other major areas (Finance, Marketing, Operations, Security, Legal…) while a CTO is leading the existing services and ensures smooth operations of teams.

Q: How has the role of the CIO changed over your career?

A: Visibility has increased, and so have the responsibilities. CIOs have now earned seats on top management teams among their executive leadership peers. They are also more involved in the overall business vision, strategy and direction than ever before. All of these changes have taken place across organizations that are current and future proofed, while others are still behind and are struggling across some of these areas.

Q: What advice would you give an early stage CIO joining an organization?

A: Get as close to the business as you possibly can and learn everything about it. Build relationships, provide value to others and always give more than you take, in every exchange. Spend time and resources on developing leadership, strategy and negotiation skills as they matter in all that we do, professionally and personally.

Q: How important is the relationship between a CIO and a CISO?

A: While the reporting structure is debated by some, the relationship is very important. CIO relationships with everyone they work with are of importance, from CISO, to CFO, CMO, COO…all the way to the CEO. The entire C-suite needs to be unified and transparent with each other in order for all of them to move forward and make progress.

Q: What is the largest obstacle a CIO faces when it comes to security?

A: People. Training and organizational requirements to how data is stored, used and shared. Furthermore, many organizations are not funding information security adequately and proactively.

Q: What falls under the CIO’s responsibilities when it comes to security?

A: I’m of the belief that there should be one top technology leader and that is a CIO. Everyone else should report to them with varying degrees of authority. When it comes to finance, marketing, legal…they are all ultimately under one leader while IT seems to be fragmented in some organizations. The only potential exception is an area responsible for the overall risk, liability and governance for the entire business…they could be outside IT with strong collaborative partnership with the CIO and their leadership team.

Q: How do you see the security landscape changing over the next 12 – 18 months and how are you preparing?  

A: Robots are taking over. From machine learning to artificial intelligence, people can’t keep up with the volume and complexity of threats so continuous investments in tools and technologies is expected. We are experimenting with robotic process automation (RPA), machine learning and will continue to stay current with what is available.  

Q: How worried are you about the “human element” when it comes to security?

A: It is the weakest link in this chain. People make mistakes in opening emails, sharing data, configuring technology (both software and hardware)…the list goes on. Cyber security awareness training should be mandatory across all organizations and should be part of one’s employment record at some point in time.

 

Milos Topic

Vice President & Chief Information Officer

SAINT PETER’S UNIVERSITY

I believe that everything begins and ends with leadership. Leaders have the greatest responsibility for the impact and influence over the people they lead and the outcomes of their organizations as a whole. Furthermore, I am passionate about IT being a trusted strategic partner and an advisor (a service broker) to the entire organization as technology must drive innovation across organizations and provide both strategic and operational business solutions.

I have 20 years of experience in leadership, innovation strategies, technology implementation & business development while my formal education is a blend of science, technology and business. My journey in the Information Technology (IT) profession started in 1997 and over the past 20+ years I have worked on nearly all aspects of IT. I got underway with networking/cabling installs; tech support to programming in C++, C#, Java; web development; system/network security/administration to my most recent positions of leading teams of amazing people providing technology solutions and services while supporting a multitude of organizational needs. Finally, it is essential to always focus on people first, as they matter the most in everything we do.

Sara Nunez: Being a Woman In Technology

Apex sat down with Sara Nunez, award-winning global Program Management executive. With her experience transforming organizations by applying a broad range of integrated strategic execution best practices and business development initiatives, she shares her thoughts on being a Woman in Technology. 

Q: Is the lack of women in tech really a pipeline problem or is that companies are not providing the culture to cultivate and promote their women talent?

A: We need to do research on this topic. There are many factors to this challenge. 1. We were created with special attributes, just as men were created.  2. Society and Cultures have a lot to do with this issue as well. 3. We need women to unleash their potential without looking at this as competition with men. Companies are us people, therefore, it is our duty to transform and enable success with the right mix of people required regardless of them being women or men.

Q: Does the current conversation about women in tech single women out and leave men out of the solution in your organization?

A: The current conversation is needed and I do believe it is a concern for both sides.

Q: What can organizations do to get more women into senior level and executive positions? Where do you see gaps?

A: Companies are looking for talent and new skills.  We need more qualified women with thick skin to be leaders and apply for senior level positions.

Q: What can companies can do to address unconscious bias at all levels of the organization?

HR and hiring programs should measure the desired outcome and strategize to make it happen.  A balance and diversity is critical for organizations around the world.

What advice would you give to a woman considering a career in the tech industry? What do you wish you had known?

A: My mentor once told me, if you love what you do, you will be amazing at it.  If you are considering a career in the tech industry you have to love it, be an expert at it.  Spend extra time to go beyond.  You are not competing with men, you are complimenting them and together as a team you will succeed.  Be you, be a woman.

Q: What do you think is the biggest challenge for the next generation of women and how can we be stronger role models for them?

A: I think the biggest challenge is to keep up with rapid technology changes and the ability to create knowledge rather than looking for it.  Writing articles and visiting universities to share your knowledge with a new generation could give us the platform to prepare them to succeed.  We need to pay forward and push them hard.

Q: How is your organization creating programs and training for men to be better advocates for women specifically around support and sponsorship?

A: Multiple programs are in place, from Leadership Dev Programs and global assignments to mentoring and sponsorships.

Q: How can women better support other women in technology?

A: We need to excel and inspire women to follow the steps and make giant moves to be recognized and valued for who we are.

Q: It is no secret that many women in the tech industry have felt their gender has affected the way that they are perceived or treated in their role. Have you come across a situation that made you feel that way?

A: Do not allow that to happen.  We are in a company to drive results and motivate each other to succeed.  We are ONE.

 

Sara Nunez, IT Enterprise PMO Director

Dynamic, award-winning global Program Management executive and advisor to the C-suite who ensures strategic PMO is embedded throughout the enterprise’s DNA. Transforms organizations by applying a broad range of integrated strategic execution best practices and business development initiatives. Drives organizational goals, improves performance and efficiencies, and capitalizes on revenue-generating opportunities. Generously shares expertise to inspire a passion for learning, creating high-performance teams with intellectual and emotional connection to their work. Agile and multicultural, with expertise across a broad range of industries including telecommunications, technology, wealth management, and education.

Insights from Founder and President of StarCIO with Isaac Sacolick

Apex sat down with Isaac Sacolick, Founder and President of StarCIO. As a successful CIO who has led digital transformation, product development, innovation, agile management, and data science programs in multiple organizations, he sheds some light on challenges and focus areas for today’s CIO.

Q: What is the biggest challenge for a CIO today?

A: CIOs have the challenge of evolving IT from back office support functions to ones that can deliver applications and analytics while investing in agile, cloud, devops, and security. Many of the CIO I talk to are still adjusting to the speed, innovation, and organizational intelligence required to remain competitive and to avoid disruption.

That’s all table stakes today.

CIOs have to see what’s coming next for their businesses and drive discussions on where they can lead their industries. They have to identify partnerships, experiment with new technologies, and accelerate the development of their leadership teams so that they can deliver and iterate on differentiating capabilities. That’s a lot to do, when many organizations have cultures resistant to change, legacy technology footprints, increasing security threats, and greater operational impacts when technologies underperform.   

Q: What is the single most important thing CIOs should be focusing on today?

A: I think that CIO can’t just have a single most important thing as it can lead to saying ‘no’ to business opportunities, underserving parts of the business, or overinvesting in a strategic driver whether it be innovation, operational excellence, compliance, etc.

Some time ago, I wrote how digital CIOs manage their time and it resonated with many CIO that struggle with their shifting roles and juggling many priorities. The biggest thing the CIO should focus on today is how to manage their time, find partnerships, and grow bench strength to meet these challenges.

Q: What is IT doing to support innovation in the enterprise?

A: IT should start by defining an ideation process and pipeline that captures new ideas from across the organization and puts them through rapid discovery processes. I describe these pipelines and planning processes in my book, Driving Digital: The Leader’s Guide to Business Transformation Through Technology along with agile transformation, product management, and becoming data driven – all practices that drive innovation.

Second, I recommend to CIO and their leadership teams to spend significant time out of their IT offices and seek to develop business relationships, visit customers, and attend various industry events. IT can’t drive innovation without having an outside-in perspective on what customers need, how business leaders are managing competitive threats, and how other industries are solutioning comparable challenges.

Lastly, IT should be doing a lot of experimenting, executing proof of concepts, and investing in learning activities. To be innovative, IT needs to know how to integrate different technologies into nimble, supportable solutions. There’s no silver bullet to innovation, and IT has to invest in learning the building blocks.

Q: How do you stay abreast of the trends and what your peers are doing?

A: I have a voracious appetite for reading, writing, speaking, meeting people, attending events, and participating in social media. I’m a bit of an outlier as a big part of what I do now at StarCIO is advise leaders on transformation, collaborative practices, platforms, and emerging technologies.

I also get hands on with new technologies from time to time.

IT leaders should try to do the same. Read two or more articles a day, a book a month, and attend at least three conferences yearly. Find a comfort zone participating in social media such as commenting on selective posts, participating in a Twitter chat, or writing a guest blog post. Most SaaS solutions offer trials and demo accounts, so invest some time to roll up the sleeves and see what works.   

Q: What advice would you give an early stage CIO joining an enterprise organization?

A: CIOs have to run in several parallel directions when joining an enterprise. First, significant time should be spent with business leaders to start developing relationships and ideally with customers to better understand how the organization’s products or services impact them. Second, they should conduct an end to end assessment of their department’s capabilities, strengths, and weaknesses along with a review of underlying practices and technologies. Finally, they should select a handful of departments that have strategic priorities and may be underserved technically.

CIOs in their first hundred days should be looking to answer several questions. Where are the strategic priorities where technology can make an impact? What are some quick wins and other initiatives that need to be on the roadmap? What major risks have not been communicated or don’t have mitigation plans? What are the gaps in IT that the CIO needs to address and may need financial help, collaboration, or forgiveness in their early goings? What areas of the organization are early adopters to new practices and technologies versus others that are slower to change or others that may be detractors?

CIO roles have to pull this information together quickly to formulate and communicate a go-forward strategy and plan.

 

Isaac Sacolick (@NYIke) is the Founder and President of StarCIO, a services company that helps clients succeed with data and technology while executing “smarter, faster, and more innovative” transformation programs. Isaac is a successful CIO who has led digital transformation, product development, innovation, agile management, and data science programs in multiple organizations. He is the author of the Amazon bestseller, Driving Digital: The Leader’s Guide to Business Transformation Through Technology, and has written over four hundred articles as a contributing editor at InfoWorld,  CIO.com and Social, Agile and Transformation. He is an industry speaker on digital transformation, becoming a data driven organization, artificial intelligence, agile management, and other leadership topics. Isaac has  been recognized as a top digital influence by IDG, Enterprise Management 360, and Thinkers360, a top 100 CIO in STEM, a top social CIO by HuffPost, Forbes, and HP Enterprise.