Digital Business

CIOs are caught in a perfect storm: Navigate with Zero Trust

Jul 09, 2021
CIOs and zero trust

A “perfect storm” is a critical situation created by a powerful concurrence of unpredictable factors. Visualize several severe weather fronts about to collide and imagine the results: ferocious destructive waves, violent rainstorms, flash floods, lethal funnel clouds, and untamed damage. A perfect storm is frightening. 

For CIOs and other technology leaders managing complex technology portfolios, that perfect storm has arrived. The confluence of digital transformation initiatives, adapting to the pandemic, and increased security concerns are causing many to feel the pressure building around them.

How should we move forward?

Migration to the cloud

“Cloud-first” and “cloud-ahead” are popular labels used to describe the transformation journey for most companies moving infrastructure, business services, platforms, and applications from traditional on-premises managed data centers to the cloud.

The economics of self-managed data centers no longer seem compelling or sustainable. Cloud computing promises reduced costs, deployment convenience, demand elasticity, access to new technologies, innovation, agility, and a better platform to support the digital aspirations of progressive organizations. CIOs are constantly being asked, “Why can’t we move everything to the cloud?” 

Business initiatives, budget pressures

The COVID-19 pandemic drove digital business transformation far more effectively than the most passionate of CIOs ever could. Most organizations are planning their “return-to-office” strategies, and many are rethinking their future workplace models. Will employees remain at home after the pandemic? Will they split their time between home and the office? Does this affect the amount of physical office space needed going forward? What does “office design” look like in the new world? Can we incorporate new ways of working to future-proof our organization and operate more efficiently?

CIOs are under pressure to simplify their IT environments, retire old technologies, and replace them with newer technologies that support new priorities. This business transformation requires funding and resources at a time when both are in scarce supply. Can you do more with less and spend funds more efficiently? Can you fund some of these transformative initiatives and still reduce your operating costs?      

Change how we work: Project to product shift

The insatiable search for efficiency, cost optimization, and agility drive most organizations away from an inefficient, cumbersome, waterfall-based project-driven methodology to an efficient, agile, and outcome-based product approach. This approach aligns investments with the company’s goals and shifts the measurement of business value to specific outcomes. A product focus moves the traditional value measures away from time, budget, plan, forecast, and actuals to predefined business outcomes. CIOs under pressure to convert to this new value-delivery philosophy can find that the most challenging hurdle is a change in corporate culture and corporate operating norms.

Legacy debt

Every non-cloud native CIO will inevitably face the question: “Why are we managing our own data centers?” The answer always revolves around hard-to-move legacy platforms that often operate at a ridiculously efficient cost. These platforms are always inflexible, brittle, and not conducive to change. Most were architected in a time when today’s cybersecurity requirements weren’t even an option. Finding technologists adept in legacy architectures and skills is challenging. The cost to retire legacy platforms, and the data center where they are housed, is often prohibitive. The obstacles faced in retiring these platforms do not hide the recognition that legacy platforms anchor the organization to outdated, inefficient business models.

Safe business transformation

The IT, cyber, and infrastructure teams must modernize and transform the technology portfolio to accelerate business transformation and realize business value. These technology groups can act as a transformation catalyst that creates a modern, efficient organization and provide safe and ubiquitous access for all customers and employees.

Creating this reality with limited funding, efficient spending, and operational savings requires some ingenuity. Security architecture transformation is emerging as a viable way to deliver vital transformative goals.

All technology leaders face the pressing challenge of articulating a transformative approach while a perfect storm is swirling overhead. For most organizations, IT is one of the largest expense categories and a prominent source of scrutiny. The CIO is under immense (and often conflicting) pressures: spend more, spend less, spend quickly, slow down spend, spend efficiently, generate business value, and produce run-rate savings. Simultaneously. 

Zero trust helps CIOs navigate the storm      

Senior technology leaders faced with this daunting task are landing in the same place with the same conclusion: Zero Trust. Implementing a Zero Trust architecture for secure connectivity is a viable alternative to the cybersecurity architecture currently deployed.  

Zero Trust removes the need for cumbersome security architecture that surrounds home-grown IT infrastructure by allowing access based on policies. These policies look at user and application traffic workflows and grant access to systems, applications, and assets based on identity and context. This allows simple, internet-based access to anything from anywhere, no matter where either entity lives. 

Moving an organization to a Zero Trust architecture is a key ingredient of any digital business transformation journey. More CIOs and CTOs use Zero Trust to deliver upon the multitude of demands emerging from these unprecedented times. 

Consider the Zero Trust benefits:

  • Provides a best-in-class cybersecurity approach while enhancing the user experience.
  • Enables a safe and easily maintained “work-from-anywhere” strategy.
  • Lowers operational costs and allows harvested savings to be redirected to self-fund transformation activities.
  • Hides, masks, and obfuscates poorly architected legacy applications from the internet and buys time to decommission, refactor, or retire important but brittle platforms.
  • Simplifies the technology environment and frees up resources to work on more strategic activities and rationalize expensive technologies.
  • Maximizes investments by consolidating activities into one strategic initiative that results in multiple strategic outcomes of high business value. 
  • Brings harmony and a sense of congruency to multiple constituents’ (network engineers, cyber professionals, application resources, business leaders, accountants, customers, and shareholders) by creating shared quality outcomes and an improved experience.
  • Delivers a constructive path forward within organizational constraints and offers future-proofing for investments.

Zero Trust architecture is not a panacea, but it is fast becoming a must-have to support a cost-effective, secure, and viable path forward. Considering the mass shift to the cloud, the agility imperative, and digitalization of business models, what better options do CIOs have?

 

What to read next

“Saving Face” as a CISO: Let Zero Trust accelerate change

Building a hybrid workforce infrastructure that works for everyone