The role of the chief information officer in terms of the expectations heaped on them mirrors this century’s global weather patterns. Wait a minute, it’ll change.
Over the course of 40 years in IT journalism, I’ve watched CIOs deal with the dynamic environment of IT, not just with the many tech revolutions but also the waves of change focused on corporate structure that, in turn, drive further shifts in IT strategy.
Get ready for yet more change.
But first, let’s take a step back in time to 1985-ish. For those of you who weren’t yet born at that time, this isn’t just another grandpa tale like, “We walked two miles to school in a blizzard, barefoot, uphill both ways!”
It was in the mid-80s when IT management gurus made the term chief information officer popular. Prior to that point the top IT exec in a company tended to be called something like VP of IT or information systems manager.
The CIO role was revolutionary in ways you might not expect. The CIO had to be responsible not just for IT’s data center or distributed minicomputers. That CIO also took on the chore of developing a business strategy for a company full of PCs, including a network to tie those PCs — often smuggled into the office to avoid IT — to servers. Keep in mind PCs really were new in 1985; it was just four years since the IBM PC debuted.
However, the CIO also wasn’t just to be about computers and software. They were saddled with tech such as fax machines, copiers, and wired telephone systems supporting thousands of employees.
The CIO was viewed as sort of a chief knowledge officer. If it involved “information”, they were responsible, at least in theory. Humans having a defensive nature, and the bureaucrats who headed up some of the knowledge domains didn’t want some new tech boss sticking their nose into their operations. So, the noses of the PC manager and telecom director quickly got out of joint, and the CIO had to calm hard feelings.
Yet, those early CIOs were lucky in a sense. They worked in a relatively stable and predictable environment in 1985. The real change was only just getting started.
Within a couple years, the CIO role went beyond complicated. Computer worms and viruses were showing up in a “secure” setting. Meanwhile, experts and boards of directors began questioning the value of those very, very expensive mainframes.
Soon, as security threats continued to flourish with the companywide adoption of PCs and networking, it was the CIO who faced the challenges of protecting the data and operations. That CIO had to cede decision-making to what eventually became a CISO, and both struggled to maintain the balance between expanding access and protecting assets.
By the time the World Wide Web debuted in the mid-90s, everyone from business leaders to employees and the public was clamoring for more and easier access to the “information” that the CIO had to manage.
The changes became more numerous, more rapid and more complex:
-
Decentralization of computing power
-
Y2K at the turn of the century
-
24×7 remote and mobile access
-
Outsourced processing and, sometimes, all IT services
-
Developer and security talent shortages
-
The combination of world terrorism and economic uncertainty.
Now, the CIO faces what can be viewed simultaneously as the Godzilla and the Super Man of IT: artificial intelligence. How you see it depends on your situation and your organization’s needs.
Think about this: An AI implementation in some way weaves together all of those earlier concepts, with the noticeable exception of Y2K and COVID, which are just so yesteryear. And each of the many changes and concepts plays a role in any AI initiative today.
Guess who has to manage that AI initiative and the seemingly unstoppable spread of rogue AI? In the end, it comes down to the CIO.
For all the talk about the wonder and worry surrounding AI technologies, enterprise use of AI boils down to how you execute and manage AI tech, policies and people.
Consider that list of change factors. We’ve heard plenty about the security aspect of AI as a threat and a tool, and AI does present staffing challenges. AI has its pros and cons in SaaS strategies, as we’ve seen in numerous breaches. Today’s CIO has to figure out how citizen development plays a role in AI’s implementation, as employees download GenAI apps for their own use, perhaps without understanding the apps’ limitations and vulnerabilities.
It’s up to CIOs to define not just a business strategy for rolling out AI apps, but also a communication strategy on AI use for their many end-user departments. They have to know which AI technologies the company and those many departments can use and how, and those CIOs have to move fast and be flexible. As we have seen over the past two years, the 1980s approach to PCs — “Just don’t use a PC” — won’t work with AI.
A reactive attempt to simply ban AI’s use by user departments is too late and too draconian. CIOs have to take lessons from the traditional application development model to define user needs and ways to meet those needs. But do it much faster.
The traditional start to application development has been meetings with department heads to define user needs, leading to months or years of development. Today, IT’s response has to be accelerated in ways that would have been impossible to imagine a year or two ago. So, the classic app dev approach of interviewing users and then returning with a limited-function application in three, six, or 12 months simply won’t work. That process has to start now, and even that may be too little too late for many companies.
Wait for the perfect strategy, and the AI horse won’t just be out of the barn, it will be out of the county, leaving the CIO holding the reins to nothing.
