Information Week

Few roles evolve as quickly as that of the modern CIO. A great way to prepare for a future that is largely unknown is to build your adaptability skills through diverse work experiences, says Bhavik Rao, CIO for the Americas at Vertiv. Learn from your wins and your losses and carry on. Stay free of comfort zones and run towards the chaos. Leaders are born of challenges and not from comfort. Bhavik shares what he’s facing now, how he’s navigating it, and the hard-won lessons that helped shape his approach to IT leadership. Here’s what he had to say: What has your career path looked like so far?  I actually started my career as a techno-functional consultant working with the public sector. That early experience gave me a solid grounding in both the technical and process side of enterprise systems. From there, I moved into consulting, which really opened up my world. I had the opportunity to work across multiple industries, leading everything from mobile app development and eCommerce deployments to omnichannel initiatives, data platforms, ERP rollouts, and ultimately large-scale digital transformation and IT strategy programs. It was fast paced, challenging, and incredibly rewarding.   That diversity shaped the way I think today. I learned how to adapt quickly, connect dots across domains, and communicate with everyone from developers to CXOs. Eventually, that path led me to Vertiv, where I now serve as the CIO for the Americas, in addition to leading a couple of global towers, such as data/AI and engineering systems, for example. I’ve been fortunate to lead initiatives that drive operational efficiency, scale GenAI adoption, and turn technology into a true business enabler.    Related:Mastering the Art of IT Task Delegation What are the highlights along your career path?  There have been several defining moments, both wins and challenges, that have shaped how I lead today.  One of the most pivotal chapters has been my time at Vertiv. I joined when the company was still owned by private equity. It was an intense, roll-up-your-sleeves kind of environment. Then, in 2020, we went public — a huge milestone. But just as we were ramping up our digital transformation, COVID hit, and with it came massive supply chain disruptions. In the middle of all that chaos, I was asked to take over a large-scale transformation program that was struggling.  bh Bhavik Rao It wasn’t easy. There were legacy challenges, resistance to change, and real execution pressure. But we rallied, restructured the program, and launched it. That experience taught me a lot about leading under pressure, aligning teams around outcomes, and staying focused even when everything feels like it’s shifting.  Related:Tech Burnout: CIOs Might Be Making It Worse Another major learning moment was earlier in my career when I lost a large national account I’d spent over seven years building. That was a tough one, but it taught me resilience. I learned not to attach my identity to any one outcome and to keep moving forward with purpose.  Then, there are the moments of creation, like launching VeGA, our internal GenAI platform at Vertiv. Seeing it go from idea to impact, with thousands of users and 100+ applications, has been incredibly energizing. It reminded me how powerful it is when innovation meets execution.  I’ve also learned the power of being a “player-coach.” I don’t believe in leading from a distance. I get involved, understand the challenges on the ground, and then help teams move forward together.   What’s your vision for the future of sovereign AI?  For me, sovereign AI isn’t just a regulatory checkbox; it’s about strategic autonomy. At our company, we are trying to be very intentional about how we scale AI responsibly across our global footprint. So, when I think about sovereign AI, I define it as the ability to control how, where, and why AI is built and deployed with full alignment to your business needs, risk posture, and data boundaries.  Related:How Continuous Learning Paid Off for CTO Pravin Uttawar I’ve seen firsthand how AI becomes a competitive advantage only when you have governance, infrastructure flexibility, and contextual intelligence built in. Our work with VeGA, for example, has shown that employees adopt AI much faster when it’s embedded into secure, business-aligned workflows and not just bolted on from the outside.  For CIOs, the shift to sovereign AI means:  Designing AI infrastructure that can flex whether it’s hosted internally, cloud-based, or hybrid  Building internal AI fluency so your teams aren’t fully reliant on black-box solutions  Creating a framework for trust and explainability, especially as AI touches regulated and legal processes  It’s not about doing everything in-house, but it is about knowing what’s mission-critical to control. In my view, sovereign AI is less about isolation and more about intentional ownership.  What do you do for fun or to relax?  Golf is my go-to. It keeps me grounded and humble! It’s one of those games that’s as much about mindset as it is about mechanics. I try to work out regularly when I am not traveling for work.  I also enjoy traveling with my family and listening to podcasts.    What advice would you give to young people considering a leadership path in IT?  Be curious, stay hands-on, don’t rush the title, and focus on impact. Learn the business, not just the tech. Some of the best technologists I’ve worked with are the ones who understand how a supply chain works or how a sale actually closes.  Also, don’t be afraid to take on messy, undefined problems. Run toward the chaos. That’s where leadership is born. And finally, surround yourself with people smarter than you. Build teams that challenge you. That’s where real growth happens.  source

Offering constructive criticism is a challenging task for many IT leaders. Whether it’s implementing an employee improvement plan, addressing a specific situation, or conducting a quarterly review, effective criticism can be crucial to a team’s development and performance.  Constructive criticism can be an excellent instrument for growth, both individually and on the team level, says Edward Tian, CEO of AI detection service provider GPTZero. “Many times, and with IT teams in particular, work is very independent,” he observes in an email interview. “IT workers may not frequently collaborate with one another or get input on what they’re doing,” Tian states. “If you can be intentional about constructive criticism, you can better ensure that your IT workers are constantly improving their skills and work outcomes, even as they work independently.” Improving individual workers improves the team as a whole, Tian adds.  Gone are the days of top-down directives, says Jean-Philippe Avelange, CIO at Expereo, a global provider of managed Internet and hybrid networks, SD-WAN, and cloud connectivity solutions. “Today’s most successful IT teams thrive on open, transparent, and data-driven feedback loops, driving real-time course corrections and sustained high performance,” he explains in an online interview.  Related:CIO Chaos Mastery: Lessons from Vertiv’s Bhavik Rao Criticism is simply a matter of pointing out obvious failures or errors, says Ola Chowning, a partner with technology research and advisory firm ISG. “Constructive criticism helps the team improve, and, therefore, believe that they can succeed,” she observes in an online interview.  When using constructive criticism, take an approach that focuses on seeking improvement with the poor result, Chowning advises. Meanwhile, use empathy to solicit ideas on how to improve on a poor result. She adds that it’s important to ask questions, listen, seek to understand, acknowledge any difficulties or constraints, and solicit improvement ideas.  Criticism Versus Constructive Criticism  Criticism looks backward; constructive criticism looks forward, Avelange says. Traditional criticism, he notes, focuses on what went wrong, often leaving teams defensive or disengaged. Constructive criticism, on the other hand, is inherently solution-oriented and directly tied to business outcomes. “It’s not about assigning blame — it’s about enabling teams to see opportunities to optimize, experiment, and push the envelope,” Avelange explains. It’s an approach that requires a mindset shift, moving from correction to coaching — an environment in which leaders act as enablers rather than enforcers.   Related:Pay for Performance — How Do You Measure It? With any IT team there are two key aspects of constructive criticism: creating the expectation and opportunity for performance improvement, and — often overlooked — instilling recognition in the team that performance is monitored and has implications, Chowning says.  Appropriate Situations  Timing matters when offering constructive criticism, Chowning says. “Most teams do poorly when confronted with criticism within the midst of a task or event, as well as in any situation that involves people outside the team, or directly on the heels of a failure,” she notes. Give the team time to take a deep breath and step away from a failure or stressful situation, Chowning recommends. “Additionally, conduct your discussion in a trusted space, such as during a team meeting.”  Constructive criticism isn’t a tool for damage control — it’s a permanent, embedded practice in high-performance IT organizations, Avelange adds.  Avoiding Mistakes  The biggest mistake IT leaders make is treating feedback as a one-way directive rather than a dynamic conversation, Avelange observes. “Too many IT leaders still operate in a command-and-control mindset, dictating what needs to change rather than co-creating solutions with their teams.”  Related:CIO Marvin Clark on Why It’s OK to Move Outside Your Domain Comfort Zone Failing to do anything is probably the biggest mistake IT leaders make when facing a problematic situation, Chowning says. “Confronting poor performance of any kind is difficult for leaders — confrontation is rarely comfortable,” she notes. As a result, many leaders either delay action beyond a time when a detailed approach might be beneficial, or they fail to address the situation at all. Additionally, if there are aspects of the poor performance result that lie beyond the team’s control, it can be a mistake to allow that factor to become an excuse. “A clear understanding and acknowledgement of a constraint is important, but don’t let it stop the team from finding ways to improve.”  Asking questions is the best way to immediately relay disappointment while simultaneously signaling an expectation for improvement, Chowning says. For example: “As you know, we didn’t hit our mark for XYZ this month, but ABC was happening at the same time, and that introduced additional constraints for us. So, what could we have done differently? What should we do differently next time? Let’s talk through it.”  A Final Observation  High-performing teams don’t just execute — they think, challenge, and innovate, Avelange says. “Leaders who fail to embrace this attitude risk creating a passive workforce rather than an engaged, problem-solving team,” he warns.  source

More enterprises have moved to pay-for-performance salary and promotion models that measure progress toward goals — but how do you measure goals for a maintenance programmer who barrels through a request backlog but delivers marginal value for the business, or for a business analyst whose success is predicated on forging intangibles like trust and cooperation with users so things can get done?  It’s an age-old question facing companies, now that 77% of them use some type of pay-for-performance model.  What are some popular pay-for-performance use cases?  A factory doing piece work that pays employees based upon the number of items they assemble.  A call center that pays agents based on how many calls they complete per day.  A bank teller who gets rewarded for how many customers they sign up for credit cards.  An IT project team that gets a bonus for completing a major project ahead of schedule.  The IT example differs from the others, because it depends on team and not individual execution, but there nevertheless is something tangible to measure. The other use cases are more clearcut — although they don’t account for pieces in the plant that were poorly assembled in haste to make quota and had to be reworked, or a call center agent who pushes calls off to someone else so they can end their calls in six minutes or less, or the teller who signs up X number of customers for credit cards, although two-thirds of them never use the credit card they signed up for.  Related:CIO Chaos Mastery: Lessons from Vertiv’s Bhavik Rao In short, there are flaws in pay-for-performance models just as there are in other types of compensation models that organizations use.  So, what’s the best path for IT for CIOs who want to implement pay for performance?  One approach is to measure pay for performance based upon four key elements: hard results, effort, skill, and communications. The mix of these elements will vary, depending on the type of position each IT staff member performs.  Here are two examples of pay per performance by position:  1. Computer maintenance programmers and help desk specialists  Historically, IT departments have used hard numbers like how many open requests a computer maintenance programmer has closed, or how many calls a help desk employee has solved. There is merit in using hard results, and hard results should be factored into performance reviews for these individuals — but hard numbers don’t tell the whole story.   For example, how many times has a help desk agent gone the extra mile with a difficult user or software bug, taking the time to see the entire process through until it is thoroughly solved? lf the issue was of a global nature, did the Help Desk agent follow up by letting others who use the application know that a bug was fixed? For the maintenance programmer who has completed the most open requests, which of these requests really solved a major business pain point? For both help desk and maintenance programming employees, were the changes and fixes properly documented and communicated to everyone with a need to know? And did these employees demonstrate the skills needed to solve their issues?  Related:CIO Marvin Clark on Why It’s OK to Move Outside Your Domain Comfort Zone It’s difficult to capture hard results on elements like effort, communication and skills, but one way to go about it is to survey user departments on individual levels of service and effectiveness. From there, it’s up to IT managers to determinate the “mix” of hard results, effort, communication and skills on which the employee will be evaluated, and to communicate upfront to the employee what the pay for performance assessment will be based on.  2. Business analysts and trainers  Business analysts and trainers are difficult to quantify in pay for performance models because so much of their success depends upon other people.  A business analyst can know everything there is to know about a particular business area and its systems, but if the analyst is working with unresponsive users, or lacks the soft skills needed to communicate with users, the pay for performance can’t be based upon the technology skillset alone.   Related:Building High-Performance Tech Teams in 2025: A Practical Scaling Guide IT trainers face a somewhat different dilemma when it  comes to performance evaluation: they can produce the training that new staff members need before staff is deployed on key projects,  but if a project gets delayed and this causes trainees to lose the knowledge that they learned, there is little the trainer can do aside from offering a refresher course.  Can pay for performance be used for positions like these?  It’s a mixed answer.  Yes, pay per performance can be used for trainers, based upon how many individuals the trainer trains and how many new courses the trainer obtains or develops. These are the hard results. However, since so much of training’s execution depends upon other people downstream, like project managers who must start projects on time so new skills aren’t lost,  managers of training should also consider pay for performance elements such as effort (has the trainer consistently gone the extra mile to make things work?), skills and communication.   In sum, for both business analysts and trainers, there are hard results that can be factored into a pay for performance formula, but there is also a need to survey each position’s “customers” — those individuals (and their managers) who utilized the business analyst’s or trainer’s skills and products to accomplish their respective objectives in projects and training. Were these user-customers satisfied?   The value that IT employees contribute to overall IT and to the business at large is a combination of tangible and intangible results. Pay for performance models are well suited to gauge tangible outcomes, but they fall short when it comes to the intangibles that could be just as important.  Many years ago, when Pat Riley was coaching the Los Angeles Lakers, an interviewer asked what type of metrics he used when

What makes data actionable and real for an organization? Many enterprises capture data as part of their operations and activity but taking that information to another usable level can be a challenge. There may be security concerns, privacy regulations to adhere to, conflicting requirements among stakeholders within the organization. If the world runs on data that fuels the software that gets put into action, how do you separate the wheat from the chaff? And how do you not step on too many toes along the way? In this Breaking Bread session, Craig Martell, chief AI officer for Cohesity; and Matt McVaney, chief revenue office for BombBomb, discussed finding common ground between operations and tech to make data useful, and better understand the demands on either side of this dilemma. InformationWeek’s podcast is evolving. The “Breaking Bread” format brings together one CIO, CTO, or other C-suite tech leader to discuss a challenge with an executive from the operations side of another organization. The intent is to allow them the space to exchange ideas and pain points from their respective vantages, and foster discussions that generate new insights for their organizations as well as the audience. source

Some companies have more success in a vertical when their CIO understands the business domain well. Such has been the experience of Marvin Clark, CIO of workplace and asset management solutions provider Accruent, who grew from an IT manager to a CIO in the financial services industry. Eventually, he decided to seek an opportunity outside the financial services industry because he wanted another kind of challenge and believed his knowledge and skills could benefit Accruent.   After earning a B.S. in Business Administration and Management at the University of Northern Colorado, Clark worked at financial services institution Fiserv where he learned the value and necessity of ultra-high system availability.  “Fiserv was the largest clearing firm in the US, so that’s where I started to learn about how financial services and banking and wealth firms operate,” says Clark. “I was there for nine years, working my way up the chain of command. I went from an individual contributor to supervisor to manager.”  After that, he joined startup Techfi Solutions (which was acquired by Advent Corporation) because most wealth services firms were looking at ways to partner with startup firms that were building things quickly. As director, professional services, he was part of the team looking for other startup firms to partner with, so Techfi could deliver more capabilities and functionality to its customers.   Related:Building High-Performance Tech Teams in 2025: A Practical Scaling Guide “Working for a startup taught me how to build technology at a very fast pace and I learned how to run a company at a very young age,” says Clark. “All of us at Techfi were under 30 years old, so there wasn’t a whole lot of experience within the company. But we were working really hard, and we’re all learning as we went. That included the CEO and the leadership team. I ran their back-office systems and customer support.”  Given that financial services entities are highly regulated, he also learned how to deal with regulatory agencies.  “I knew how the industry worked, I knew how the companies worked, I knew how the systems worked. I knew how to kind of connect the dots, and so I was very comfortable in that role,” says Clark. “I had to build things to make sure that they were highly stable and secure. I was always looking at ways to streamline and to create a more efficient way of doing business.”  After that, he continued working his way up the career ladder, rising to director, online advisor services at Ameriprise (an American Express spin off) before becoming chief technology officer at Woodbury Financial Services. From there he joined Wells Fargo as senior vice president, divisional information officer where he learned how a very large company operates and how to take advantage of the central, shared services that Wells Fargo offered. Before joining his present company, Accruent, Clark worked at LPL Financial as SVP, chief information officer, wealth management growth and later SVP, CIO, digital operating platform.   Related:NCSU CIO Marc Hoit Talks Fed Funding Limbo, AI’s Role in Shrinking Talent Pool When he arrived at LPL Financial in 2016, Clark discovered the technology stack hadn’t been updated in a very long time, so working in tandem with executives and individual contributors, he built a new technology stack for financial advisors. Back-office capabilities also improved. These efforts helped fuel LPL Financial’s growth.  “All the things I’d learned and experienced in financial services transferred over really well when I first started at Accruent because we came together as a set of acquisitions. So, I took my learnings of how we connected systems in financial services and started to do the same thing here,” says Clark. “We now have a very efficient back office, and it’s a back office that helps our employees and customers be successful.”  Financial Services Reqs Raise the Bar in Other Industries  Related:John Deere’s CISO Is Always Thinking About Cyber Talent Financial services IT stacks involve four or five active infrastructures at any given time to prevent outages. While the facilities industry in which Accruent operates isn’t burdened with the same requirements, Clark and his team ensure Accruent achieves 99.99% availability in a way that bends the company’s the cost curve, while providing secure infrastructure for its customers.  “I wanted to try something new, and I knew that I had the tools, capabilities and experience that could potentially work somewhere else. Even the interview process at Accruent felt different. It was just a different culture, which was really cool. It was not as fast paced, but still very efficient. I knew I wouldn’t be the expert, and that I wouldn’t know how things work right away, but it was similar enough that I was able to provide value immediately. That said, I’m still learning,” says Clark. “I’m three years in, and I’m still learning about the industry, capabilities and functionality that we should be offering to our customers, how we can integrate our products to deliver even a better experience to our existing customers.”  Based on his experience, he’s now telling friends and those in his professional network that they’d be surprised how much value they can offer to a new industry. (Most of his contacts are in the financial services industry to this day.)  “One thing I always say that probably drives people crazy is, ‘Every time we touch a keyboard, it’s always directly in line with the company mission, goals and strategy.’ We never do technology for technology’s sake,” says Clark. “We’re always focused on delivering something cool for the business or business need, and I would say that that’s been true throughout my career. We have delivered value-add technology that’s helped the company grow and become better every day.”  Upskilling Is a Constant  Clark has learned a lot working for different companies in increasingly responsible roles that involve both business and tech strategy.   “I loved every minute I worked in the financial services industry, but I do love waking up and not knowing everything. I love that I

Scaling an engineering team is one of the most critical — and risky — phases in a startup’s journey. Done right, it creates a strong foundation for innovation and growth. Done wrong, it leads to silos, slowdowns, and cultural fragmentation.  In 2025, I believe scaling successfully isn’t about hiring at top speed — it’s about scaling intentionally, with structure, flexibility, and purpose. At Moss, where I serve as co-founder and director of engineering, we took this principle seriously. Moss is a European fintech platform offering smart expense management and corporate credit cards. Over the past few years, I helped grow our engineering team from 5 to over 50 people across several locations. We also built a 20-person R&D center in Tallinn, Estonia — one of the best decisions we made for long-term product delivery and culture.  Here are some core lessons we learned — ones I think will resonate with founders, CTOs, and engineering leaders navigating similar growth in 2025.  Avoid the Hypergrowth Trap: Scale with Intention One of the earliest decisions we made was to avoid hiring reactively. Instead of rushing to add headcount after raising our Series A, we planned growth in stages. We made sure the team was ready, onboarding was solid, and infrastructure could support it.  Related:CIO Marvin Clark on Why It’s OK to Move Outside Your Domain Comfort Zone That meant maturing documentation, defining ownership, and aligning hiring with product milestones. It helped us avoid the trap of hiring faster than we could absorb people, which often leads to confusion and low morale.  Build Flexible Structures: The Mission and Core Model To scale effectively, we introduced a structure that let us balance innovation with stability. We split our engineering org into two team types:  Core Teams (around five engineers) are responsible for platform health, reliability, and maintaining existing features. Mission Teams (two to three engineers) focus on building new features or running experiments. These teams are time-boxed to three months and aligned to specific outcomes.  This gave us a fast lane for innovation without compromising platform stability. For instance, one mission team built and validated a localized invoicing feature for the DACH region in under eight weeks. Afterward, we handed it off to a core team for long-term maintenance.  We were inspired by Spotify’s Squad Model but made it our own by rotating engineers between mission and core work. This kept engagement high and helped avoid silos.  Organize Around Tribes for Cross-Functional Focus As we grew, we grouped teams into tribes — cross-functional units of 15–16 people, including engineers, product managers, and designers. Each tribe focuses on a product domain or technical area and owns its roadmap and delivery.  Related:NCSU CIO Marc Hoit Talks Fed Funding Limbo, AI’s Role in Shrinking Talent Pool Each tribe has leadership, including an engineering manager and a group product manager. This model gave our teams autonomy while maintaining alignment. It also allowed engineers to move between teams within a tribe more easily, maintaining context and momentum.  Tribes became the backbone of our scaling journey. They created a sense of identity and purpose while giving teams room to operate independently.  Hire for Adaptability, Not Just Experience Rather than hiring specialists in a specific stack, we prioritized engineers who were curious, flexible, and eager to learn. We encouraged everyone to work across the product — from backend services to frontend UI, and sometimes into DevOps.  That adaptability became one of our superpowers, especially when we expanded into new products. Engineers were used to jumping into new domains, which made scaling smoother and faster.  Plan Your Roadmap Before You Scale We don’t do ad-hoc planning. Every quarter, our engineering managers and product leads create a roadmap, align on outcomes, and define staffing for each mission.  Related:John Deere’s CISO Is Always Thinking About Cyber Talent When we decided to enter the French market, we didn’t wait until the last minute. Three months before launch, we had a mission team working on localization, compliance, and integrations. By launch time, the groundwork was in place.  That kind of planning made it easier to onboard new engineers and gave our teams clear visibility into priorities.  Balance Speed with Sustainability We scaled fast — but never recklessly. Every decision was balanced between delivery goals and long-term technical health.  We built rituals to stay aligned: tech huddles, architecture discussions, quarterly tech reviews, and retrospectives. These helped us identify debt early, review pipelines, and keep best practices consistent.  One moment stands out: After a rapid series of launches, we paused to refactor legacy components that were slowing us down. That investment paid off — helping us avoid critical downtime and reducing incidents.  Final Thoughts: Scale Smart, Not Just Fast Startups in 2025 are under pressure to grow. But real growth comes from thoughtful systems, intentional hiring, and strong feedback loops — not headcount alone.  Our team didn’t grow from five to 50+ engineers by accident. It happened because we did the following:  Hired adaptable, collaborative engineers  Structured around missions, core responsibilities, and tribes  Planned roadmaps carefully  Invested continuously in feedback and tech health If you’re scaling this year, I encourage you to go beyond headcount. Start slowly. Build with purpose. Scale sustainably.  source

Enterprises today face a critical imperative. Artificial intelligence is not just a technological evolution; it is a strategic driver of business transformation. AI is reshaping competitive advantage, redefining business models, and unlocking new revenue streams. Yet, many organizations continue to treat AI as a technical add-on, rather than a core business capability. According to a 2023 McKinsey report, organizations that integrate AI across their operations are 1.5 times more likely to experience double-digit revenue growth.   For CIOs and enterprise architects, AI is no longer an IT issue — it’s a boardroom priority.  AI’s role extends far beyond driving efficiencies in operational processes. It is the key to unlocking agility, reshaping decision-making, and transforming business models. CIOs must lead the charge in embedding AI as a strategic enabler, aligning technology with the enterprise’s broader objectives to drive sustainable growth.  The Strategic Impact of AI: Drive Business Outcomes  Many companies are on the verge of digital transformation to modernize their IT landscapes, yet AI is often viewed as a mere innovation metric, added to enhance existing systems. AI should be embedded when designing core business processes to align business architecture with IT architecture.  Related:CIO Marvin Clark on Why It’s OK to Move Outside Your Domain Comfort Zone AI’s true potential lies in its ability to drive enterprise-wide agility, transform decision-making, and accelerate business outcomes. AI empowers leadership teams by providing real-time, data-driven insights that enable smarter, faster decisions. CIOs and enterprise architects must work together to ensure that AI adoption is seamless and strategically integrated, avoiding the temptation of tactical, short-term solutions that fail to scale.   The CIO Playbook: Leading AI-Driven Transformation  To harness AI’s full potential, CIOs need a structured roadmap for its integration into the business. Here’s a playbook for AI-first enterprise transformation:  Establish a clear AI vision aligned with business goals.  AI should not be siloed within the IT department; it must be part of a broader strategic vision. CIOs should collaborate closely with the C-suite to align AI initiatives with the organization’s core objectives-whether that’s driving customer engagement, enhancing operational efficiency, or unlocking new revenue streams.  Invest in enterprise-wide AI integration.  AI must be embedded across all facets of the organization: business, technology, data and applications. This requires a holistic approach to AI architecture, integrating AI at all levels to ensure scalability and flexibility as the business evolves.  Related:Building High-Performance Tech Teams in 2025: A Practical Scaling Guide Leadership Imperative: Govern AI for Long-Term Success  As AI continues to evolve, CIOs must play a critical role in shaping AI governance to ensure long-term business success. This includes managing risk, ensuring ethical use, and embedding AI into the enterprise’s culture. For CIOs, AI governance is more than compliance; it’s about creating a framework that promotes innovation while safeguarding the organization’s values and business priorities.  The Road Ahead  For CIOs and enterprise architects, the question is no longer if they should adopt AI, but how to embed it at the heart of enterprise transformation. AI-first organizations — those that embrace AI as a core driver of business change — are outpacing competitors in digital transformation maturity.   AI has the power to redefine leadership decision-making, enhance operational performance, and fuel new business models. But to reap the full benefits, CIOs must lead with vision, govern strategically, and integrate AI seamlessly into the organization’s DNA. Those who do will position their enterprises for long-term, sustainable growth.  source

John Deere hired its first CISO in 2014, and James Johnson has remained in that role at the agricultural equipment company to this day. Johnson sat down with InformationWeek to talk about how he got started in his career, why working through a nation state attack was pivotal to his love of security, and how John Deere is building a talent of pipeline in the time of the cybersecurity skills gap.   From Network Engineer to Chief Information Security Officer  Johnson started his career as a network engineer at windows and doors company Pella. He loved working in the network space but soon realized that he might grow bored there given enough time.   Derek Benz, a friend of Johnson’s and now CISO of Coca-Cola, suggested looking into security. Johnson went out and got a Certified Information Systems Security Professional (CISSP) certification, which helped him land a job as a pen tester at manufacturing and technology company Honeywell.   During his time at Honeywell, the company was hit by Titan Rain, a series of coordinated cyberattacks carried out by a Chinese APT.   James Johnson, CISO “Getting a chance to see how nation states target companies and what they’re capable of doing, I think really made the mission even more important to me at that point,” Johnson shares. “When you do have the nation-state attack early on your career, it’s kind of a game changer … just thinking about the value of the work that you’re doing and why it matters.”  Related:CIO Marvin Clark on Why It’s OK to Move Outside Your Domain Comfort Zone He spent 11 years at Honeywell, steadily working up the ranks to become a CISO overseeing various divisions within the company. And then, a call came from John Deere.   John Deere’s First CISO  That call came at the right time. Johnson had reached a point at Honeywell where his growth would likely be limited for a period of time.   “I was pleasantly surprised by the opportunity,” says Johnson. “I had a great connection to John Deere coming out of Iowa, growing up in the farming community, seeing a lot of that … great brand and an opportunity to really build something that from scratch again.”  While building a security program as a first-time CISO is an exciting opportunity, it comes with its challenges. When Johnson arrived, he noticed how trusting the culture was at John Deere.  “It’s a great value that John Deere has … they really try to strive to do the right thing with integrity, but that’s not the way the world operates on the digital front,” he says.  One of his mentors early on in his tenure at John Deere told him that he was going to have work on shifting the entire company culture as he built his security organization.   Related:Building High-Performance Tech Teams in 2025: A Practical Scaling Guide And he has made strides. When he first got there, everyone was using relatively simple passwords. Yet, the process to change those passwords was cumbersome and time-consuming.   “Today, MFA is deployed across the company. We have complex passwords,” he says. “We’re trying to find ways to use biometrics more.”  An Evolving Role  His responsibilities in the CISO role have grown over time. When he first joined, he was overseeing IT security and operations. Financial product security, data security and governance; his team have taken on more and more over time.   “We built the program from about 32 people to … 220 people strong now in our organization,” he says.   Johnson has been with John Deere for more than a decade. Not every CISO or CIO sticks with the same company for that long, but Johnson has found that longevity has its benefits. He has built relationships with the board and his C-suite peers  “It’s pretty hard to get good at something in two or three years,” he explains. “You’re there longer. You’ve got the relationships. You’ve got the ability to influence things and really make a bigger difference.”  Today, he is working alongside John Deere’s leadership to navigate the thrilling possibilities and security concerns of AI.   Related:NCSU CIO Marc Hoit Talks Fed Funding Limbo, AI’s Role in Shrinking Talent Pool Building a Talent Pipeline  While the possibility of a security incident always looms in a CISO’s mind, Johnson is thinking about talent, too. “We will not succeed without the right people in our organization driving the right change,” he says.   John Deere is taking multiple approaches to bringing the right people to his team. First, he looks to other teams for people who are experts and not necessarily in security. He looks for promising talent and asks, “Can I teach that person security?” And the answer to that question in many cases has been “yes.”  “We’ve got folks who used to be lead engineers on the product side who now are running our product security department, and they were never interested in security at all,” he says.  John Deere also makes use of cyber talent through its bug bounty program, which has paid out more than $1.5 million since 2022.   Having been a pen tester, Johnson knows how frustrating it can be for someone to discover a vulnerability only for a company to do nothing to fix it. “We have service-level agreements to get certain vulnerabilities that are critical, high, medium, low, fixed within a certain period of time, and in most cases, we beat those numbers,” he says.   John Deere also works with Iowa State University to cultivate talent. “We put some services on campus, part of their tech center, that are services you probably would never get a chance to really work with or learn in college,” says Johnson.   He knows it would be difficult to find cloud security experts, for example, so they are helping develop those experts at Iowa State. “We’ve built a pipeline of talent out of Iowa State University because they know our brand,” says Johnson.   source

The average age of a CIO is 55, so most have already had some thoughts about retirement and what they want their legacy to be.   What do CIOs value for their lasting career contributions? I’ve had this conversation with many CIOs, and I’ve considered the matter myself. Predictably, the answers are not of a one-size-fits-all variety.  Here is what I’ve learned from other CIOs about what they wanted to feel they achieved:  1. Not much! Many CIOs who are starting to think about the end of their careers never talk about it, that is, unless you coax them. Then, when you do, they don’t always seem to know.  They’ll say that they want to feel that they did a good job running IT when they walk out the door, and that they helped develop new people. They want to feel that they delivered value to their companies, and that they were able to earn a good living and support their families. Most agree that they really enjoyed their jobs and the challenges, but they’ll also tell you that they’re looking forward to taking that long coast-to-coast car trip they’d always planned, and that it’s time for someone else to take the helm.  2. Corporate pride. There are CIOs who not only want to feel pride in their work, but in whom they worked for. They’ll beam with pride and say, “I worked for X company for 25 years as CIO.” This is especially true for CIOs who worked for large enterprises, tech companies, and organizations that have broad and favorable household recognition.  Related:Building High-Performance Tech Teams in 2025: A Practical Scaling Guide 3. Stress. The CIO job is stressful. A CFO colleague of mine once told me, “I’m glad it’s you running IT and not me. Finance is more stable and predictable. I go to work each day and know what’s going to happen. You don’t.”  That’s all so true. For CIOs who no longer relish the challenges of continuous and unpredictable change, it can get tough to manage the stress. Continuous stress can motivate some CIOs to retire early, or to switch careers altogether. In these cases, their legacies as CIOs aren’t so important, but peace of mind is.  4. Feeling that they made a difference. Twenty-five years ago, IT professionals around the globe focused on making a 6-digit numeric date field into an 8-digit field so that systems wouldn’t crash when the new millennium arrived. This was a harrowing but also a purposeful time for IT in general and for CIOs in particular.  The work on Y2K went on around the clock. I remember running to a McDonalds one evening to get a jug of coffee for the staff. There were about half a dozen state IT workers in the restaurant, also getting coffee. They are wearing “Y2K Bites” shirts, and we raised our fists in solidarity before heading back out into the night.  Related:NCSU CIO Marc Hoit Talks Fed Funding Limbo, AI’s Role in Shrinking Talent Pool Many CIOs who are retiring or thinking about retirement want to leave with the feeling that their work as CIOs was impactful, purposeful, and that they made a difference.  That difference might have been in navigating the IT ship through a colossal project like the Y2K data fixes.  Perhaps it was the innovation and deployment of a new system, the first of its kind anywhere, that their staff created under their leadership. Or, it might have been the individual staffers whom they helped along the way so these individuals could develop their IT skills and support their families.  This need for purpose — to feel that you contributed and made a difference, is what matters to the majority of retired or soon-to-retire CIOs I visit with. And it mattered to me.  So here is the age-old question that I always get asked in these conversations: Would you do it (be a CIO) again?  The answer, of course, is a resounding “YES”.  source

Sharon Mandell, chief information officer of Juniper Networks, has held various CIO and CTO roles over the past 25 years, each building upon her previous experience and matching her current life phase. In her current role, Mandell is in charge of IT strategy and implementation for an enterprise that offers high-performance networking and cybersecurity products to service providers, businesses, and public sector organizations.  In a recent email interview, Mandell discussed the options available for CIOs looking to further advance their careers.  What should be the next logical career step for a current CIO?  That really depends on the individual CIO, their time in the role, the scope of their responsibilities, the scale of the companies they’ve worked for, and most importantly, their personal interests and aspirations.  The next step could be another CIO role at a larger company in the same industry, or a shift to a different industry — smaller, same-sized, or even larger — if the challenge is compelling. It could be a smaller organization with a mission or opportunity that you’ve always wanted to take on.  Some CIOs take on adjacent or additional functions — customer support, engineering, marketing, HR. I haven’t yet seen a CIO move into CFO or chief counsel, but with the right background, it’s not out of the question.  Related:NCSU CIO Marc Hoit Talks Fed Funding Limbo, AI’s Role in Shrinking Talent Pool You could step into a COO or even CEO role. Some [CIOs] move into venture capital or advisory roles. There’s no single “right” next step — it’s about what makes sense for your unique path and purpose.  When is the best time to make a career move?  When you feel like you’re no longer having a significant impact or adding meaningful value in your current role. I’ve often felt taking on new roles can feel like being thrown into the deep end of the pool — completely overwhelmed at first, but eventually you develop a vision and begin driving change. When those changes start to feel incremental instead of transformative, it may be time to move on.  Sometimes, opportunities show up when you’re not actively looking — something that fills a gap in your background, stretches you in a big way, or offers a challenge you’ve always wanted to take on. Even if you’re happy where you are — not that the CIO role is ever truly comfortable — you’ve got to be open to those moments.  When is the best time to stay in place?  I don’t like leaving a role when I’ve taken a risk on a project, a technology, or a transformation and haven’t yet seen it through to a solid or stable outcome.  Related:John Deere’s CISO Is Always Thinking About Cyber Talent I also don’t want to leave a leadership team holding the bag, especially if I’ve been pushing them outside their comfort zones. I want my peers to understand why I’ve made certain decisions, and that usually means staying long enough to deliver real results.  That said, sometimes opportunities won’t wait. You’ll have to weigh whether staying to finish something or making a move offers more long-term value. At the end of the day, I want the people I leave behind to want to work with me again should the right opportunity arise.  What’s the biggest mistake CIOs make when planning a career move?  Chasing title, prestige, or compensation as the sole driver of the decision, or assuming that “bigger” is always better.  At the end of the day, what matters most is the people you surround yourself with, the impact you’re able to make, and what you learn along the way. The right role should stretch you, challenge you, and allow you to contribute meaningfully to the organization’s success. That’s what makes a career move truly worth it.  Is there anything else you would like to add?  I’ve never been someone who obsessively mapped out a career trajectory. I’ve made decisions based on what felt right for my life at the time. There were points when I took smaller roles because they gave me the balance I needed as a single mom. I passed on big opportunities because I didn’t want to relocate. I’ve moved back and forth between CIO and CTO roles more than once.  Related:How Constructive Criticism Can Improve IT Team Performance The common thread has been this: I look for roles that challenge me, expand my perspective, and give me big new experiences to grow from — even if I know they won’t be easy or fun. Those are the ones that build grit, resilience, and passion.  The money, title, and scope tend to follow if you execute well. I may not end up with the biggest job or the highest salary, but I’ve had one heck of a ride, and that’s what makes it all worth it.  source