The security risks keeping CIOs awake at night
Getty Images
Share on LinkedIn
Share on Xing

The security risks keeping CIOs awake at night

Maxine-Laurie Marshall — March 2016

Global research highlights how the big security worries of IT leaders are changing fast.

Some of the biggest security concerns for CIOs in recent times — particularly around the use of ‘citizen tech’ in the workplace — have started to fade into insignificance.

In a survey of 400 IT decision-makers, the challenges of shadow IT and BYOD (bring-your-own-device) were cited as major risks by only 4% and 3% of respondents respectively. Rather, the research — conducted by TechValidate for open source software company Red Hat — points back to more classic threats: employees not taking appropriate measures, malicious acts by both insiders and external forces, and unpatched devices (see graph below).

Red-hat-TechValidate-graph 001 450

That shift mirrors a straw poll by I-CIO on the changing attitudes to shadow IT, which revealed that many IT executives now see user-led IT as something to be encouraged rather than condemned (see CIOs start to view ‘shadow IT’ as a catalyst for innovation).

Customer-centricity driving security

Against that backdrop, the pressure on CIOs to deliver robust yet non-intrusive security is only growing as businesses everywhere intensify their focus on customer-centricity. CIOs questioned as part of the Red Hat study named customer trust as the top business concern for security (47%). More surprising is that revenue loss as a result of security breaches was only named as a top concern by 12%, putting it at the bottom of the list of concerns (see graph below) — though that might just recognize the direct link between customer trust and sales.

short cocktail dresses online

As well as revealing some unexpected numbers, the study confirmed some common — and somewhat paradoxical — thinking among business leaders. It showed that while almost half believe IT security is of “critical importance” (43%), the vast majority are only willing to approve small — or no — increases in security spend in 2016. For the largest group of respondents (42%), IT security budgets will be flat, while 39% are working with a small increase.
Hybrid IT challenges
One of the evolving challenges for CIOs is dealing with security across both traditional IT and new digital application development — so-called fast and slow IT. At the start of the year, another TechValidate/Red Hat survey asked 600 IT decision-makers about how they were planning to manage that new hybrid environment.

The hot technology of containers (the packaging of application code so it can be moved between different run-time environments) was the most popular approach for helping to deliver applications faster, selected by 35% of respondents. This was followed fairly closely by platform-as-a-service and public cloud, which were cited by 24% and 18% respectively.

Traditional IT approaches were spread across a large cross-section of options, with virtualization (when used for both optimization and migration) being selected by 84% of respondents. Increasing automation and data center/infrastructure consolidation were the next priorities, with 58% and 35% respectively (see graph below).


But those challenges of striking the optimal balance between cloud and traditional IT models are not just about technology. As Cynthia Stoddard, CIO at storage company NetApp, told I-CIO recently: “A smooth journey to hybrid IT is as much about people skills and change management as it is technical planning and strategic IT leadership.”

Share on LinkedIn
Share on Xing

    Your choice regarding cookies on this site

    Our website uses cookies for analytical purposes and to give you the best possible experience.

    Click on Accept to agree or Preferences to view and choose your cookie settings.

    This site uses cookies to store information on your computer.

    Some cookies are necessary in order to deliver the best user experience while others provide analytics or allow retargeting in order to display advertisements that are relevant to you.

    For a full list of our cookies and how we use them, please visit our Cookie Policy

    Essential Cookies

    These cookies enable the website to function to the best of its ability and provide the best user experience for you. They can still be disabled via your browser settings.

    Analytical Cookies

    We use analytical cookies such as those used by Google Analytics to give us information about the way our users interact with - this helps us to make improvements to the site to enhance your experience.

    For a full list of analytical cookies and how we use them, visit our Cookie Policy

    Social Media Cookies

    We use cookies that track visits from social media platforms such as Facebook and LinkedIn - these cookies allow us to re-target users with relevant advertisements from

    For a full list of social media cookies and how we use them, visit our Cookie Policy