Information Week

It often feels like the world is becoming increasingly unpredictable. The proliferation of AI, economic volatility, a shifting regulatory landscape, and other factors have created new challenges that today’s businesses need to account for. For organizations across nearly every industry, this added uncertainty can make business leaders (not to mention corporate boards) a little nervous.  The truth, however, is that today’s business leaders are no strangers to risk — and savvy organizations are actively factoring it into their plans for the future. Because while today’s threat landscape may look a bit different, the underlying risks — and how to address them — have largely remained the same. Businesses are constantly adapting to new regulations and compliance frameworks, facing down new cybersecurity threats, and evolving to meet the needs and preferences of consumers. Simply put, it comes with the territory.   And, while the looming threat of new technologies, regulations and economic uneasiness may feel like a tsunami on the horizon, risk-aware organizations can easily position themselves to ride the wave.   Today’s Volatile Risk Landscape  Most businesses understand that risk is inevitable, and responsible organizations already tend to have strong risk management practices in place. Of course, preparing for what might be around the corner isn’t easy. For example, it’s hard to predict exactly how AI will impact certain risk areas, when new regulations might emerge, or what economic conditions might look like a year from now. But that’s why savvy organizations are constantly creating, testing and reworking resilience plans, business continuity plans, crisis management plans and incident response plans. A strong risk management program doesn’t mean you have a plan in place for every possible scenario. But it does mean ensuring your entire organization is equipped to make informed, risk-based decisions, even on its very worst day.  Related:Who Should Manage AI? That said, while any business can benefit from a well-established, mature approach to risk management, the current velocity of change in the world necessitates an added degree of flexibility.   With conditions changing rapidly, it’s not always easy to tell if you’re preparing for the right scenarios. Economic uncertainty can lead to changing customer and commercial sentiments, supply chain volatility, hesitancy (or enthusiasm) regarding mergers and acquisitions, and other potentially disruptive developments. Even the most well-prepared businesses sometimes find that previously reliable scenarios don’t fit the current landscape, and when that happens, they need to be prepared to dust off their assumptions and reassess their risk models.  Related:Forecast for Today’s CIOs Is Simple: Turbulence Re-Evaluating Your Assumptions  If you’re a risk leader at a modern business, it’s important to consider whether you are using the right stress factors, and whether they are weighted properly. When conducting exercises, are you taking the scenario to the point of failure to better understand where potential breaking points exist? Perhaps most importantly, is scenario planning a “check-the-box” exercise, or is your organization truly interested in understanding where it has the potential to suffer a mortal wound? Risk management isn’t about responding to specific developments but about understanding where your weaknesses lie and ensuring you can compensate for them when the unexpected happens.  Testing is critical. It’s one thing to have a policy on paper, and another to put it into practice. It’s not enough to stress test a balance sheet or simulate a cyberattack on a specific system. It’s about wargaming a fleshed-out scenario and understanding what levers need to be pulled to address it. Maybe that means sourcing products or materials from alternative suppliers. If so, can you count on those suppliers to be available at an acceptable price point? If critical systems are taken down in a cyberattack, do you have backups ready? Is there a process for activating them, and do you know who to contact? Again, risk management is about preventing surprises, and that means testing everything, top to bottom, so you know exactly what you can count on and when.  Related:IT Leadership Is More Change Management Than Technical Management It’s also important to remember that “risk management” is not the same as “risk avoidance.” For example, any business could completely eliminate the risk of email phishing by cutting itself off from the internet, but that would have obvious drawbacks. Think of a medieval knight wearing a perfect set of armor with no weaknesses. Sure, he might be protected, but he’ll be effectively paralyzed. The same is true of businesses that take an overly cautious or conservative approach.   Managing risk is good, but don’t become so risk averse that it limits your agility and flexibility. You never want to be paralyzed in the face of change you want to be light on your feet and quick to adapt.  Many of today’s biggest “risks” illustrate the difference between risk management and risk avoidance, and AI is a prime example. In fact, AI is so ingrained in today’s technology that it’s hard to even call it an “emerging” technology anymore. While it’s true that AI comes with risks, avoiding the technology altogether is no longer an option.   Instead, businesses need to ensure they have the right processes in place to take advantage of the benefits while limiting the risks. By upleveling your risk management practices and reevaluating them on a continuous basis, you can make informed, risk-aware decisions that drive the institution forward.  You may not be able to predict the exact risks that will impact your business, but the right approach can make all the difference. When you see a tsunami of change on the horizon, don’t panic. With the right risk management practices in place, you can maintain the agility you need to stand tall and ride the wave.   source

Artificial intelligence is the premier technology initiative of most organizations, and it is entering the door through multiple departments in BYOT (bring your own technology), vendor, and home-built varieties. To manage this incoming technology, the trust, risk, and security measures for AI must be defined, implemented, and managed. Who does this? Most companies aren’t sure, but CIOs should get ready as the responsibility is likely to fall on IT. Here are some steps that chief information officers can take now.  1. Meet with upper management and the board  AI adoption is still in early stages, but we’ve already seen a series of embarrassing failures that have ranged from job discrimination that violated federal statutes, to the production of phony court documents, the failure of automated vehicles to recognize traffic hazards, and false retail promises presented to consumers that companies had to pay damages for.  Most of these disasters were inadvertent. They originated from users not checking the verity of their data and algorithms or using data that was misleading because it was wrong or incomplete. The end result was damage to company reputations and brands, which no CEO or board wants to deal with.  This is the conversation that the CIO should have with the CEO and the board now, even though user departments (and IT) might already be in stages of AI implementation. The takeaway from discussions should be that the company needs a formal methodology for implementing, vetting, and maintaining AI — and that AI is a new risk factor that should be incorporated into the enterprise’s corporate risk management plan.  Related:Forecast for Today’s CIOs Is Simple: Turbulence 2. Update the corporate risk management plan  The corporate risk management plan should be updated to include AI as a new risk area that must be actively managed.  3. Collaborate with purchasing  Gartner predicted that 70% of new application development will be from user departments. Users are using low- or no-code tools that are AI-enabled. The rise of citizen development is a direct result of IT taking too long to fulfill user requests. It’s also generated a flurry of mini-IT budgets in user departments that bypass IT and go directly through the company’s purchasing function.  The risk is that users can purchase AI solutions that aren’t properly vetted, and that can present risk to the company.  One way that CIOs can help is by creating an active and collaborative relationship with purchasing that enables IT to perform its due diligence for AI offerings before they are ordered.  Related:IT Leadership Is More Change Management Than Technical Management 4. Participate in user RFP processes for IT products  Although many users are going off on their own when they purchase IT products, there is still room for IT to insert itself into the process by regularly engaging with users, understanding the issues users want to solve, and helping users solve them before products are purchased. Business analysts are in the best position to do this, since they regularly interact with users — and CIOs should encourage these interactions.  5. Upgrade IT security practices  Enterprises have upgraded perimeter and in-network security tools and methods for transactional systems, but AI applications and data present unique security challenges. An AI chat function on a website can be compromised by repetitive user or customer prompts that trick the chat function into taking wrong actions. The data AI operates on can be poisoned so as to deliver false results that the company acts on. Over time, AI models can also grow obsolete, generating false results.  AI systems, whether hosted by IT or end users, can be improved by making revisions to the QA process so that systems undergo testing by users and/or IT trying to imagine every possible way that a hacker would try to break a system, and then trying these ways to see if the system can be compromised. An additional approach, known as red teaming, is when the company brings in an outside firm to perform the QA by trying to break the system.  Related:Digital Transformation Is a Golden Opportunity for RGP IT can install this new QA approach for AI, selling it to upper management and then making it a company requirement for the pre-release testing of any new AI solution, whether purchased by IT or end users.  6. Upskill IT workers  A new QA procedure to hacker-test AI solutions before they are released to production, or new tools for vetting and cleaning data before it is authorized for AI use, or methods to check the “goodness” of AI models and algorithms are all skills that will be needed in IT to achieve AI competence. Staff upskilling is an important directive, since less than one quarter of companies feel that they are ready for AI. Users are even less prepared, so would likely welcome an active partnership with a, AI- skilled IT department.  7. Report monthly on AI  The burden of AI management is likely to fall on IT, so the best thing for CIOs to do is to aggressively embrace AI from the top down. This means making AI management a regular topic in the monthly IT report that goes to the board, and also periodically briefing the board on AI. Some CIOs might be hesitant to assume this role, but it has its advantages. It clearly establishes IT as the enterprise’s AI focal point, which makes it easier for IT to establish corporate guidelines for AI investments and deployments.  8. Clean data and vet data vendors  IT is the data steward of the enterprise. It’s responsible for ensuring that data is of the highest quality, and it does this by using data transformation tools that clean and normalize data. IT also has a long history of vetting outside vendors for data quality. Quality data is essential to AI.   9. Work with auditors and regulators  Outside auditors and regulators can be extremely helpful in identifying AI best practices for IT, and in requiring AI practices for the enterprise which in turn can

The role of the chief information officer in terms of the expectations heaped on them mirrors this century’s global weather patterns. Wait a minute, it’ll change.  Over the course of 40 years in IT journalism, I’ve watched CIOs deal with the dynamic environment of IT, not just with the many tech revolutions but also the waves of change focused on corporate structure that, in turn, drive further shifts in IT strategy.  Get ready for yet more change.  But first, let’s take a step back in time to 1985-ish. For those of you who weren’t yet born at that time, this isn’t just another grandpa tale like, “We walked two miles to school in a blizzard, barefoot, uphill both ways!”  It was in the mid-80s when IT management gurus made the term chief information officer popular. Prior to that point the top IT exec in a company tended to be called something like VP of IT or information systems manager.  The CIO role was revolutionary in ways you might not expect. The CIO had to be responsible not just for IT’s data center or distributed minicomputers. That CIO also took on the chore of developing a business strategy for a company full of PCs, including a network to tie those PCs — often smuggled into the office to avoid IT — to servers. Keep in mind PCs really were new in 1985; it was just four years since the IBM PC debuted.  Related:IT Leadership Is More Change Management Than Technical Management However, the CIO also wasn’t just to be about computers and software. They were saddled with tech such as fax machines, copiers, and wired telephone systems supporting thousands of employees.  The CIO was viewed as sort of a chief knowledge officer. If it involved “information”, they were responsible, at least in theory. Humans having a defensive nature, and the bureaucrats who headed up some of the knowledge domains didn’t want some new tech boss sticking their nose into their operations. So, the noses of the PC manager and telecom director quickly got out of joint, and the CIO had to calm hard feelings.   Yet, those early CIOs were lucky in a sense. They worked in a relatively stable and predictable environment in 1985. The real change was only just getting started.  Within a couple years, the CIO role went beyond complicated. Computer worms and viruses were showing up in a “secure” setting. Meanwhile, experts and boards of directors began questioning the value of those very, very expensive mainframes.  Soon, as security threats continued to flourish with the companywide adoption of PCs and networking, it was the CIO who faced the challenges of protecting the data and operations. That CIO had to cede decision-making to what eventually became a CISO, and both struggled to maintain the balance between expanding access and protecting assets.  Related:Digital Transformation Is a Golden Opportunity for RGP By the time the World Wide Web debuted in the mid-90s, everyone from business leaders to employees and the public was clamoring for more and easier access to the “information” that the CIO had to manage.  The changes became more numerous, more rapid and more complex:  Decentralization of computing power  Y2K at the turn of the century  24×7 remote and mobile access  Outsourced processing and, sometimes, all IT services  Developer and security talent shortages  The combination of world terrorism and economic uncertainty.  Now, the CIO faces what can be viewed simultaneously as the Godzilla and the Super Man of IT: artificial intelligence. How you see it depends on your situation and your organization’s needs.  Think about this: An AI implementation in some way weaves together all of those earlier concepts, with the noticeable exception of Y2K and COVID, which are just so yesteryear. And each of the many changes and concepts plays a role in any AI initiative today.  Guess who has to manage that AI initiative and the seemingly unstoppable spread of rogue AI? In the end, it comes down to the CIO.   Related:What a CIO Needs to Do Today to Prepare for Quantum Computing For all the talk about the wonder and worry surrounding AI technologies, enterprise use of AI boils down to how you execute and manage AI tech, policies and people.   Consider that list of change factors. We’ve heard plenty about the security aspect of AI as a threat and a tool, and AI does present staffing challenges. AI has its pros and cons in SaaS strategies, as we’ve seen in numerous breaches. Today’s CIO has to figure out how citizen development plays a role in AI’s implementation, as employees download GenAI apps for their own use, perhaps without understanding the apps’ limitations and vulnerabilities.  It’s up to CIOs to define not just a business strategy for rolling out AI apps, but also a communication strategy on AI use for their many end-user departments. They have to know which AI technologies the company and those many departments can use and how, and those CIOs have to move fast and be flexible. As we have seen over the past two years, the 1980s approach to PCs — “Just don’t use a PC” — won’t work with AI.   A reactive attempt to simply ban AI’s use by user departments is too late and too draconian. CIOs have to take lessons from the traditional application development model to define user needs and ways to meet those needs. But do it much faster.  The traditional start to application development has been meetings with department heads to define user needs, leading to months or years of development. Today, IT’s response has to be accelerated in ways that would have been impossible to imagine a year or two ago. So, the classic app dev approach of interviewing users and then returning with a limited-function application in three, six, or 12 months simply won’t work. That process has to start now, and even that may be too little too late for many companies.   Wait for the perfect strategy, and the AI horse won’t just be out

Recent advancements in quantum computing indicate that it may soon become a mainstream technology, particularly among scientific and medical adopters. Once this happens, it will only be a matter of time before quantum enters the enterprise mainstream.  The advent of production-scale quantum computing, while still some years out, necessitates immediate strategic action from CIOs, says André M. König, CEO of Global Quantum Intelligence, a quantum industry analysis firm. He notes that transitioning to it won’t be a trivial undertaking, likely requiring five to 10 years for large enterprises to complete. “Therefore, the most critical recommendation for CIOs is to start immediate planning and to initiate a quantum-safe program if one isn’t already underway,” König advises.  Scott Buchholz, emerging technology research director and quantum computing leader at Deloitte, also believes that now is the time for CIOs to begin preparing for quantum computing’s inevitable arrival. “Many CIOs and their enterprises continue to take a ‘wait and see’ approach,” he says. “However, given the inherent technical complexity, implementation strategies will necessitate extended timelines — spanning years rather than months — and will demand the careful development of both talent and technology operating models across investment cycles.”  Related:Forecast for Today’s CIOs Is Simple: Turbulence First Steps Before doing anything else, CIOs and other leaders need to understand which use cases might benefit from quantum computing, and when capabilities to meet those needs might arrive, Buchholz says. They will also need to identify the teams to handle development and operations.  König agrees that CIOs should begin defining job roles for a future quantum environment, exploring whether to leverage external quantum consultants or to cultivate internal expertise through robust training and upskilling programs. “Investing in staff education on quantum computing will be vital for building a knowledgeable workforce capable of navigating this complex landscape,” he explains.  Meanwhile, CIOs and their teams should engage in strategic planning by identifying potential quantum use cases that could accelerate or improve existing IT processes, König says. “Advanced technology groups within the organization should be tasked with evaluating quantum computing readiness and continuously monitoring for signals of disruption in the quantum landscape.”  Now is also the time to start building close relationships with quantum technology vendors, Buchholz says. “Organizations that invest in cultivating relationships within the quantum ecosystem will be well-established and supported when quantum becomes commercially viable,” he states. “The time to begin forging these connections is now.”  Related:IT Leadership Is More Change Management Than Technical Management Business partners can leverage their significant investments and expertise in multiple ways to help educate CIOs on quantum solutions, says Doug Saylors, a partner at technology research and advisory firm ISG. “Partners can help provide a basic understanding of quantum physics and computing as a foundation, along with industry-specific use cases.” he states. “Additionally, we’re starting to see the emergence of industry-specific consortiums focused on the application of quantum computing in a non-competitive manner.”  Building Support At a minimum, CIOs should begin creating awareness campaigns for their C-level colleagues on use cases applicable to their industry and begin forecasting budget and skill requirements, Saylors says.  CIOs should start with sober, informed communication, Buchholz recommends. “Opening a dialogue offers the space to educate stakeholders on how … these new [quantum] tools provide opportunities and risks,” he says. “From there, discussions can shift to solution-oriented conversations.”  Related:Digital Transformation Is a Golden Opportunity for RGP Security Matters CIOs and CISOs must also be proactive in educating leaders on quantum computing’s potential risks, Buchholz says. He points to Deloitte’s 2025 Tech Trends Report, which found that just over half (52%) of organizations are assessing their exposure and developing quantum-related risk strategies, yet with only 30% taking decisive action to implement solutions. “With the approaching deadlines for widespread adoption, those numbers should be much higher,” Buchholz warns.  Risk management must be at the forefront of quantum preparedness, König cautions. “A key focus should be on cryptographic vulnerabilities, particularly addressing the ‘harvest now, decrypt later’ threat.” He believes that implementing post-quantum cryptography (PQC) solutions will be crucial in combatting this threat. “Ultimately, CIOs should adopt a risk-based approach to quantum preparedness, prioritizing the protection of the most critical assets and data against future quantum-enabled threats.”  Be Prepared While there’s no set date for when widespread quantum adoption will arrive, preparedness is crucial, Buchholz says. “CIOs must prepare their organizations, teams, and stakeholders to help keep their organization on a path of success and growth,” he advises. “Starting to plan today, and working to thoughtfully scale for the future, will help a CIO prepare for both the opportunities and risks quantum computing can bring to their enterprise.”  source

One way to see a new country is to become a professional truck driver. Werner Enterprises EVP and CIO Daragh Mahon did just that when he immigrated from Ireland to the US. After about nine months, he wanted to find something different and decided to leverage his prior inventory management experience to embark on a new career.  “I went to work for a company called PeachTree Software as an inventory control manager, but literally everything was considered inventory management — unloading trucks, shipping stuff, running returns. Over the first couple of months, I realized that nothing was automated. It was all spreadsheets at the time,” says Mahon. “I started learning how to code, and I started to write some applications, but I got fed up. I thought, ‘This is just pointless. Why should I build this if I can buy it?’ so I negotiated a deal with Manhattan Associates for a shipping and warehouse management system and signed a contract I had no authority to sign.”  While he wasn’t fired for overstepping his role, the CFO, Teri McEvily, reminded him that he’d violated company policy and that the software ‘better work’ or he would be fired for sure. Mahon worked closely with IT and together they helped Manhattan Associates develop one of their first high-volume shipping systems. Over the next couple of years, he continued to help IT in the afternoon or evenings, after working full-time in the warehouse.  Related:Digital Transformation Is a Golden Opportunity for RGP When PeachTree was acquired by Sage Group in 1999, the IT department was doing an SAP implementation. McEvily was tasked with running the SAP implementation for North America and subsequently globally. She asked Mahon to help with the implementation since he was a supply chain expert.  “I volunteered for and moved into the data migration area, because it wasn’t working and nobody had any data migration experience, nor did I. [Nevertheless,] Teri told me to make it work because it was a mess,” says Mahon. “So, I gathered a bunch of SQL and data guys, we sat down and figured it out. Suddenly, we were doing things with SAP data services that Deloitte and SAP probably didn’t know you could do. I started gradually doing all sorts of SAP work. Wherever there was a need, I filled it, such as running security on the platform. The more I got stuck with technical problems, the more I enjoyed it. I love chaos.”  Meanwhile, his job scope expanded to managing the relationship between the business teams and the service desk and infrastructure. In fact, Mahon and the Sage team virtualized the SAP environment, which was an industry first. When they told SAP what they were doing, they expressly told him not to do it on the grounds that it wouldn’t work.   Related:What a CIO Needs to Do Today to Prepare for Quantum Computing “We installed SAP on virtual servers in a data center, and SAP told us not to do it, but we couldn’t figure out why we shouldn’t do it [because] it would save us a ton of money [and] effort. It worked just fine,” says Mahon. “Over the coming years, I started to work with SaaS platforms Salesforce and Zuora, and that’s kind of what brought me to my build versus buy mentality. This was at the beginning of our move to the cloud, which the CIO spearheaded. We were early adopters, and I just felt it was the wave of the future. As we came out of the SAP implementations, I got involved in business analysis and I remember going to Teri one day and saying, ‘You know, I’m kind of pissed off. I’ve become a jack of all trades and a master of none, when others in the organization own a specific piece of the IT world.”  McEvily told Mahon he was looking at it the wrong way. The reason he found himself in this situation was because he was the only guy she and others could trust to fix problems. (In fact, his favorite award of all was the one given after the 10-year SAP implementation. All the approximately 200 people involved in the deployment nominated Mahon for the award, “Who to call when the **it hits the fan.”)  Related:IT Leadership Takes on AGI Mahon spent just over 20 years at Sage Group, rising through the ranks to director of IT and finally senior director, IT & business applications. After that, he held several positions at Vonage, from director of business services to ultimately senior vice president – global and IT business applications before joining Werner as EVP and CIO in 2020.  “As I moved on into director, VP, and senior VP, and CIO roles, I realized that all of that being kicked around the place, going from one area to another, one problem to another and one **it storm to another was actually a good thing,” says Mahon. “It meant I had cybersecurity and infrastructure knowledge. I ran development teams and the service desk. I worked with all the different business units as well: marketing, sales, contact center, accounting, finance, HR, you name it. So, when I sit down and have an IT conversation with anyone, I’ve been there and done [what they do] to a certain extent.”  Important Lessons Learned Along the Way  Planning is considered critical in business to keep an organization moving forward in a predictable way, but Mahon doesn’t believe in the traditional annual and long-term planning in which lots of time is invested in creating the perfect plan which is then executed.   “Never get too engaged in planning. You have a plan, but it’s pretty broad and open-ended. The North Star is very fuzzy, and it never gets to be a pinpoint [because] you need to focus on all the stuff that’s going on around you,” says Mahon. “You should know exactly what you’re going to do in the next two to three months. From three to six months out, you have a really

IT modernization isn’t a foreign concept at RGP. The global professional services firm advises 70% of Fortune 500 companies on how to plan and execute complex digital transformation projects. However, a few years ago, the Dallas, Texas company recognized an uncomfortable truth: Unless it upgraded its own infrastructure, it risked losing credibility and falling behind competitors.  That realization set off a four-year mission to overhaul the company’s IT framework. The goal? Migrate off legacy systems such as Microsoft Dynamics and embrace a cloud-based architecture built for speed, agility, and flexibility. “We needed teams to work faster and better,” declares Keith Golden, chief information officer. “No one wants to hire a consulting firm that can’t modernize itself.”  The initiative, dubbed Project Phoenix, has rewired workflows — and reshaped results. By swapping out legacy systems, code bases, and data framework for a lightning-fast digital infrastructure, RGP is fueling innovation and dialing up its ability to respond to constantly changing business demands. “This was our chance to lead by example,” Golden says. “We had to stick the landing.”  Speed Bumps For decades, medium and large companies have turned to RGP to address complex staffing needs. Yet after the firm expanded into business consulting during the early 2000s, it found itself increasingly constrained by an outdated IT infrastructure. By 2020, things had reached a breaking point. “We had code bases that vendors no longer supported. We had software systems that couldn’t interact and exchange data,” Golden says.  Related:IT Leadership Is More Change Management Than Technical Management The problems didn’t stop there. RGP’s applicant tracking platform wouldn’t integrate with other critical software. This meant that teams sometimes had to use several systems to accomplish basic tasks. On top of that, brittle code triggered disruptions and occasional breakdowns. “We were siloed,” Golden admits. “In some cases, people had little or no visibility into events.”  Keith Golden, RGP Inefficient manual processes were piling up, Golden explains. This made work far more difficult for the more than 2,600 RGP consultants and specialists scattered across 37 countries. “We weren’t operating at the speed required for today’s business environment. It was clear that we had to adopt faster and more efficient workflows and processes,” he says.  In late 2021, the company launched Project Phoenix, a multi-year modernization initiative. Golden stepped in as CIO for RGP a year later. The firm selected Microsoft Azure and an application stack built around Workday Finance and HCM modules to handle money and people; Salesforce to manage customer relationships; Aperture for applicant tracking; and ContractPod AI, a firm specializing in AI-powered contract lifecycle management.  Related:What a CIO Needs to Do Today to Prepare for Quantum Computing Into the Clouds In early 2024, with Deloitte serving as the systems integrator, RGP began to switch on the new systems. “It was far from a lift-and-shift project,” Golden says. Initially, teams had to assess what data the company had, how different groups stored and organized it, and how people used the data to do their work. Analysts also had to determine how to optimize the data for the new systems. “We had to work through complex issues related to cleaning and preparing data,” Golden notes.  Although RGP mostly uses plugged-in vendor APIs to connect applications, it also had to develop its own APIs and code to optimize the workflows. “We had specialized situations where we needed custom code and specific functionality to get data where it was needed at any given moment,” Golden explains.  Executive alignment and a focus on change management were key factors, Golden says. “Fortunately, we had buy-in from our leadership from start to finish. This provided the support we needed to see the project through to the end.” At the same time, the change management team identified technology gaps, fine-tuned processes, and worked with employees to tweak and adapt the new workflows.  Related:IT Leadership Takes on AGI The resulting platform addresses today’s business requirements — yet it’s also engineered for the future. This includes support for specialized artificial intelligence and agentic AI tools embedded in Salesforce and other enterprise applications. Fueled by agile teams and continuous improvements, RGP has developed a global playbook that keeps the business at the leading edge of innovation.  Agility on Demand The project wasn’t without challenges. For example, one small vendor was supposed to build out additional functionality within RGP’s time tracking application, which consultants in the field use for billing. Internal teams had already begun writing code and developing APIs — based on a planned acquisition by Workday. However, six months before the system was supposed to go live, a different company acquired the software firm. “We had to go back and revamp all the code,” Golden says.  Yet, overall, the modernization initiative progressed smoothly, Golden says. Today, teams are working faster and more efficiently across numerous areas. For example, when RGP receives a request from a client to find qualified candidates, job openings flow from Salesforce into Aperture. It can then match qualified candidates and rank them based on specific criteria, including skills and role requirements. “This eliminates the need for recruiters to dig through piles of résumés,” he says.  Recently, when an oil and gas client needed to fill 90 finance roles as part of its own transformation project, RGP’s team delivered ranked matches within hours — a process that in the past required days or even weeks. “While we didn’t succeed with every placement, we captured more than our share of business by identifying high-quality candidates quickly,” Golden says.  Contract management is also simpler. In the past, if a client wanted to use its own templates for the review process, a document would often sit in email inboxes for hours or days until an attorney could review it. If someone happened to be on vacation, the entire process stalled out. Making matters worse, “Tracking changes was messy and inefficient,” Golden says. Now, the role-based contract management system routes the contract to the first qualified and available attorney.  RGP is now eyeing other improvements, such as

An emerging avenue of AI, applied affective computing (AAC), holds immense potential despite being in its early stages. AAC enhances human-computer interaction by integrating AI, robotics, and engineering with social science, psychology, and medical science.    In the generic human parlance, AAC is a reflection of what we call empathy. As technology becomes universally accessible through cloud, open-source, AI, and low-code platforms, the race to outperform is no longer just about features; it’s about human connection.   And for CXOs leading high-tech firms, integrating empathy into strategy isn’t a soft initiative; it’s a powerful business lever with measurable impact. Empathy is today regarded as big business, and the global affective computing market is expected to reach USD 338.28 billion by 2030.  The Shift from Capability to Connection  This shift was bound to happen. In today’s rapidly changing competitive scenario, the historic differentiators of technological prowess — speed, computing power, and functionality — have become default attributes. Both the game and the playing field have been drastically disrupted. Empathy, the ability to deeply understand and respond to the needs, feelings, and challenges of users and stakeholders, is emerging as a powerful differentiator in the hi-tech industry.   Related:IT Leadership Is More Change Management Than Technical Management Thus, technology is no longer just about systems. It’s equally about people — their experiences, expectations, context, and diversity of thoughts and reactions. With AI’s ultimate goal of making human-like machines, empathy stands as the definite bridge between engineering and human experience. For example, Microsoft has an inclusive design philosophy that ensures its products serve people with disabilities while enhancing usability for everyone. Salesforce recognizes the impact of algorithms on human lives and integrates empathy into its technology governance. Even startups recognize this important need: Headspace and BetterHelp leverage technology to scale mental health support, an inherently empathetic service, to millions.  And here is an undeniable truth, and it is not about whether technology can replace human skills. Be it AI or automation, they need the human touch to evolve. Their ascent to such incredible heights has been made possible by human ingenuity, and this will not change.  Why Empathy Matters Now More Than Ever   Neuroscientific research has firmly established that emotions are an integral component of learning, perception, and decision-making. When applied to evolving consumer expectations, this has significant implications. Today’s users do not just want products that work; they demand products that understand them. They expect frictionless experiences, personalized journeys, inclusive design, and brands that reflect their values. This is true across industries, whether it’s a fintech app in rural India or an AI assistant for a Fortune 500 CEO.  Related:Digital Transformation Is a Golden Opportunity for RGP It is therefore no surprise that AI and automation seek the human touch. Especially since there is an increasing risk of alienation or bias, AI becomes embedded in products and workflows. Empathetic design thus becomes a vital aspect of technology development. It not only mitigates the risk of bias but also proactively ensures that AI respects the need for fairness through ethical design, transparent algorithms, and human-in-the-loop systems that listen, adapt, and learn responsibly.  In a crowded digital market, customer retention hinges on relationships that enjoy an emotional connection. Brands that demonstrate empathy through responsive support, accessibility features, and thoughtful engagement strategies earn customer loyalty and advocacy that outlast price wars and product comparisons.   Empathy extends beyond external stakeholders of an organization to its internal talent force. Here too, retention depends on relationship, and an empathetic approach fosters psychological safety for employees to stay and engage with motivation and happiness, both powerful drivers of innovation. An interesting case is that of Acer’s approach to hybrid work, which provides flexible schedules around individual productivity rhythms and trains managers to focus on engagement, rather than monitoring.  Related:What a CIO Needs to Do Today to Prepare for Quantum Computing Embedding Empathy into the Tech DNA  For empathy to be a sustainable differentiator, it must be embedded in the culture, processes, and products of hi-tech organizations. Imagine an enterprise-wide culture where human-centered design leads product development cycles, where ethnographic research informs and guides business strategy, and where cross-functional teams enjoy diverse voices at the decision table. This is true empathy in action, and it calls for leadership that promotes diverse teams, open communication, collaborative problem-solving, and an engaging workplace culture, all of which are essential to thrive in today’s complex and fast-paced tech landscape.  In an increasingly data-led business environment, analytics can be a great means to achieve this outcome. The hidden value of data lies in the human story that creates every data point. When empathy is woven into data analysis, deeper insights can be unlocked, leading to greater ethics and integrity in decision-making.  The ROI of such an approach is as huge as it is measurable. A recent report estimates that fostering empathy in the workplace could lead to an estimated USD 180 billion in employee attrition savings.    So, in leading the next era of high-tech, let’s build with heart, measure with rigor, and embed empathy in every code, conversation, and corner of our organizations.  source

Artificial general intelligence (AGI) is already being hyped but realizing it will take time. How much time is highly debatable. For example, Sam Altman stated he thought AGI would be achieved by 2025, which was earlier than other estimates. Later Altman changed the forecast to “during Trump’s term.” Most recently, he’s said that AGI is a pointless term and some IT leaders agree, arguing that AI is a continuum, and that AGI will be realized incrementally rather than suddenly.  “[W]e think about AGI in terms of stepwise progress toward machines that can go beyond visual perception and question answering to goal-based decision-making,” says Brian Weiss, chief technology officer at hyperautomation and enterprise AI infrastructure provider Hyperscience, in an email interview. “The real shift comes when systems don’t just read, classify and summarize human-generated document content, but when we entrust them with the ultimate business decisions.”   On the 2025 Gartner Hype Cycle for AI graph, AGI appears behind but relatively close to other forms of artificial intelligence, including AI agents, multimodal AI and AI TRiSM (ethical and secure AI), which Gartner recommends IT leaders focus on in 2025.   OpenAI’s newly released GPT-5 isn’t AGI, though it can purportedly deliver more useful responses across different domains. Tal Lev-Ami, CTO and co-founder of media optimization and visual experience platform provider Cloudinary, says “reliable” is the operative word when it comes to AGI.  Related:Unum Group CIO on How to Prioritize Learning and Relationships “I predict we will see functionally broad AI systems that appear AGI-like in limited contexts within the next five to seven years, especially in areas like creative content, code generation and customer interaction,” says Lev-Ami in an email interview. “However, true AGI [that is] adaptable, explainable and ethical across domains is still likely more than 10 years out.”  Tal Lev-Ami, Cloudinary Other estimates are even longer. For example, Josh Bosquez, chief technology officer at public benefit software provider Second Front Systems, thinks AGI probably won’t be a reality for one or two decades, and that reliable, production-ready AGI will likely take even longer.  “We may see impressive demonstrations sooner, but building systems that people can depend on for critical decisions requires extensive testing, safety measures, and regulatory frameworks that don’t exist yet,” says Bosquez in an email interview.   Jim Rowan, principal, Deloitte Consulting and US Head of AI, says that while the timeline for and definition of achieving AGI remain uncertain, organizations are already preparing for its arrival.   Related:How CIOs Can Work With CFOs on Sufficient Project Funding “By implementing standards, addressing regulatory challenges and optimizing their data ecosystems, companies are strengthening current AI capabilities and laying the foundation for AGI. These proactive measures make the path toward AGI feel increasingly within reach,” says Rowan in an email interview.   Any estimates of AGI’s arrival are subject to change, given the accelerating rate of AI innovation and emerging regulation.  Challenges With AGI Artificial narrow intelligence or ANI (what we’ve been using) still isn’t perfect. Data is often to blame, which is why there’s a huge push toward AI-ready data. Yet, despite the plethora of tools available to manage data and data quality, some enterprises are still struggling. Without AI-ready data, enterprises invite reliability issues with any form of AI.  “Today’s systems can hallucinate or take rogue actions, and we’ve all seen the examples. But AGI will run longer, touch more systems, and make higher-stakes decisions. The risk isn’t just a bad response. It’s cascading failure across infrastructure,” says Kit Colbert, platform CTO at Invisible Technology, a software services provider supporting the AI value chain, in an email interview. “We will need a sophisticated set of safeguards in place to ensure this doesn’t happen. Today these exist as basic access controls to sensitive systems, but with AGI we’ll need much more advanced mechanisms.”  Related:Beyond Borders, Beyond Bandwidth: A CIO/CISO’s High-Seas Mission Deloitte’s Rowan says his company’s concerns are less about the technology and more about organizational preparedness and potential mismanagement.   “Without the right frameworks and governance, AGI implementation could amplify existing challenges, such as strategic misalignment. Robust preparedness will be crucial to maximize AGI’s benefits and minimize its risks,” says Rowan. “As with previous AI advancements, CIOs should approach AGI with a strategic and business focused approach that looks for opportunities to drive long-term value. [S]tart with low-risk, high-value pilots that improve internal productivity or automate repetitive tasks before expanding AGI to solve cross-departmental challenges. This phased approach helps teams adapt gradually, builds trust in AGI systems and allows operational challenges early.”  Jim Rowan, Deloitte Cloudinary’s Lev-Ami is concerned about hallucinations and opacity.  “My top concern is [the] ‘illusion of understanding.’ Systems that sound competent but have no grounded comprehension can cause real harm, especially when used in high-stakes decisions, accessibility or misinformation-heavy contexts,” says Lev-Ami. “I’m also concerned about opaque dependency chains. If core business logic starts relying on evolving black-box models, how do we ensure continuity, accountability and auditability? Even if we carefully test the AI, once we give it full autonomy, how can we trust what it will do when it encounters a situation it’s never seen before? The risk is that [AGI’s] mistakes could be unpredictable and potentially unlimited.”  David Guarrera, EY Americas generative AI leader believes today’s challenges will remain challenges for AGI. “Power and resources are becoming increasingly concentrated in a small number of technology companies, creating a new form of digital hegemony that could have broad societal implications,” says Guarrera in an email interview. “At the same time, we’re witnessing the spread of misinformation and a flood of low-quality AI-generated content [that] threatens to degrade the information ecosystem people rely on to make decisions. These trends risk fueling greater polarization, as algorithms reinforce divides and push communities further apart.”  There are also economic concerns. “[A]utomation is already displacing certain categories of jobs, and AGI would likely accelerate that trend dramatically. Beyond job loss, we face the possibility that agentic workflows could make catastrophic mistakes or hallucinate in ways that cause real-world harm if given too much autonomy,” says EY’s Guarrera. “Looking further ahead, AGI raises the

Launching an important new venture requires various resources, not the least of which is money. That’s why it’s important for a CIO to work closely with the enterprise’s CFO to ensure that adequate funds will be available to achieve success, even if initial cost estimates prove to be overly optimistic.  Technology has never been more important for business than it is today, and CFOs are finely attuned to the challenge, says Matthew Guarini, executive director of the Technology Business Management Council, a community of business technology leaders dedicated to advancing technology business management. “CFOs now prioritize technology over areas such as talent and supply chain, which demonstrates a significant shift in strategic investment focus toward technology for boosting growth and revenue,” he observes.  Working closely with the CFO allows the CIO to shift the perception of IT from a cost center to a strategic enabler, says Beth Weeks, executive vice president of development at project planning technology and services provider Planview. “CIOs need to be able to provide real-time visibility into delivery friction, bottlenecks, and flow metrics so they can present a clear, financial narrative that helps CFOs see what’s working and what needs reevaluation,” she explains.  Related:Unum Group CIO on How to Prioritize Learning and Relationships A Mutual Partnership CIOs can build closer partnerships with CFOs simply by providing full transparency into how tech investments create value for the business rather than just the IT department, Guarini says. CIOs also need to demystify tech spend by showcasing the value their investments deliver to the business in terms of revenue, productivity, innovation, risk reduction, experience, and sustainability. “With a clearer understanding of tech’s value and its drivers, CIOs can help their CFO counterparts create better strategies that deliver shareholder value while enabling more accurate budgets and forecasts for optimizing internal delivery.”  A CIO should work side by side with the CFO, particularly in terms of project funding, advises Uku Sööt, organizational growth strategist at communication and collaboration services IPB Partners. “It’s not only understanding tech, it’s also knowing more about the wider financial world,” he says. “Once CIOs and CFOs are on the same page, funding decisions can be based on a professional grasp of both the return on investment and financial priorities.”  Building an Alliance To establish a strong relationship with the CFO, the CIO must avoid the prevailing attitude of IT versus finance while adopting a business-first approach, Sööt says. The first step should be learning the CFO’s priorities — cost control, risk management, and profitability — and then discussing technology decisions around those issues, he recommends.  Related:Beyond Borders, Beyond Bandwidth: A CIO/CISO’s High-Seas Mission Sööt recalls he’s personally achieved success by demonstrating to CFOs how IT projects can have a positive impact to revenue generation and/or cost-saving. “As an example, in a conversation on cloud migration project, I demonstrated how it can scale operations without spending more on infrastructure,” he says. “I always focus on establishing trust through alignment of technology and business objectives.”  Achieving a Balance The biggest mistake CIOs make when working with a CFO is failing to understand what’s important to the business and the CFO, Guarini says. This can result in misalignment when the CIO is delivering on their plan, yet the strategy isn’t helping the CFO deliver on their goals.  Still, despite a CIO’s best efforts, it’s often not easy to handle a CFO who’s primarily interested in saving costs, Sööt observes. He recommends focusing the discussion on value rather than expenses. “I’ve encountered cases where the CFO was obsessed with the immediate cost of a certain project, yet I altered the course of the discussion by demonstrating the advantages of the long-term results,” Sööt says. “For example, with a client interested in using an AI-based customer support system, I focused on the lower long-term cost of customer service and the possibility of serving more customers without increasing the number of employees.”  Related:Why Cloud Efficiency is Driving More IT Spending (Not Less) Final Thoughts The most productive CIO-CFO partnerships prioritize transparency and shared accountability, Weeks says. “When these two functions are working in lockstep, more strategic, confident investment decisions can be delivered across the enterprise.”  Building a strong partnership between the CFO and CIO is the ticket to technology success, Guarini says. “With the right data and insights from the CIO, CFOs can make more informed decisions about technology investments.”  People will never agree on everything, but the most important thing is to keep a conversation going, Sööt advises. “I always ensure that I keep in regular contact with the CFO, not only when there is a discussion of funding, but all along the project lifecycle,” he says. “Constant communication creates a long-term trust, and both parties will always be oriented toward a single final goal.”  source

Unum Group EVP Chief Information and Digital Officer and former Aflac EVP and CIO Shelia Anderson kicked off a high-tech career back in the late 80’s when few women could even hope to attain IT leadership positions. She earned a B.S. in computer science at Louisiana Tech University and an M.S. in engineering management at Southern Methodist University before starting her career in a tech world still dominated by mainframes, while the market for clunky PCs was expanding. Not long after, “local area networks” or LANs emerged, and the “killer app” was printing, followed by the interconnection of PCs or networking as we know it today.  Anderson’s first job was working for global tech consultancy Electronic Data Systems (EDS) as a technology consultant.  “[At the time,] we didn’t have all the big technology consulting firms that we have today. I went through EDS’s systems engineering development program, which was an industry-leading ‘tech boot camp’ at the time,” says Anderson. “[It was] a very disciplined approach to learning how to code and how to do technology the right way. You learned a lot of basic skills, [some of which I use] in my disciplined approach today.”  A few years later, the internet appeared as The Next Big Thing because it was obvious ubiquitous global interconnection would change everything. By this time, Anderson was already doing Internet consulting for a group within EDS that was spun off as a startup called “Chaos to Order.” Its charter was to develop innovative solutions using all internet-related emerging technologies.  Related:How CIOs Can Work With CFOs on Sufficient Project Funding “The internet was my first love. I developed new skills and learned many new and emerging internet technologies,” says Anderson.  Kicking Her Career into High Gear Keeping current on technology has always been important for a tech leader, though the job is no longer all about tech. There’s also an important human factor that Anderson learned to appreciate early on that included navigating gender bias.  “Today, we have a lot of inside and outside support, but at the time you had to learn how to navigate those perspectives and perceptions on your own,” says Anderson. “It taught me the importance of showing up strong and making the most of your seat at the table. You had to be prepared to contribute to those discussions meaningfully, ask thoughtful questions, and help drive the conversation forward. That’s how you demonstrate your value — by adding insight and making an impact that others can clearly see.”  Meanwhile, she was about to experience a common obstacle, which is balancing a demanding job with parenthood, which was more difficult then than it is now, given modern HR practices. Anderson found balancing work and home so difficult, she questioned what she “should” be doing.  Related:Beyond Borders, Beyond Bandwidth: A CIO/CISO’s High-Seas Mission “I was leading a very demanding transformation around a large system development initiative [with] never-ending working days and nights. And those were the days when you did not have the ability to work from home, because we had a green screen,” says Anderson. “If you had an issue, you could log in and see it, but to do the work, you had to drive into the office. I reached a point where I felt I was just not doing my best at home or at work when I returned into this pressure cooker of an environment. I quickly got to the point where I said, ‘Okay, this isn’t working. I’m going to have to quit,’ because I’m not doing a great job and I’m letting everyone down on both sides. [Surprisingly,] a male advocate who was very supportive asked what I needed.”  She kept her job, albeit at 40 hours, and was able to continue building her career.  “When I think back, and [wonder] if that [situation] had been handled differently at that time, would I even be where I am today? I don’t know,” says Anderson. “It’s important to surround yourself with people who are going to be both supporters and challengers who help guide you along the path. I’ve had the privilege of working with and for some amazing leaders, teams and companies, and I take that with me everywhere I go.”  Related:Why Cloud Efficiency is Driving More IT Spending (Not Less) After EDS, she was promoted from IT director, business management to director, asset engineering at Hewlett Packard Enterprise. After that, she served as managing director, business advisory services at IT consultancy Grant Thorton. Next, she moved into her first CIO role as vice president and CIO property and casualty at financial services firm USAA, then to EVP and chief information officer at Liberty Mutual Insurance. Most recently, she was EVP and CIO at insurance company Aflac.  Strong, Positive Relationships Are Critical Anderson places great importance on building and maintaining strong relationships. In fact, she’s hired prior technology leaders with whom she worked at previous jobs to help lead transformations.  “The CIO role changes every day now. Previously, you had tried-and-true practices you could anchor on, knowing that you could be successful with them,” says Anderson. “Now expectations are far greater. There are always pressures around the expected business value you must achieve in the business relative to all the technology advancements. How do you leverage these new and emerging technologies to drive value through innovation?”  Like other CIOs, she hasn’t had the luxury of keeping the business running at the cost of innovation or vice versa.  “It’s a very intentional focus for me, making sure that I’m carving off both the investment and the time to focus on the value-added capabilities. Today, there’s more emphasis on shortening time to value and measuring that,” says Anderson. “This is truly problem-solving every day, and all of us really [need to] reimagine how we’ve traditionally solved problems. How do I tell that story as a CIO in an organization?”  Recently, she says, there’s a broadening of the CIO role to include adjacent titles. Anderson is one example as