Kevin Dominik Korte dedicates himself to inspiring people to take control of their time, data, and dreams in IT, business, and life. As President of Univention North America, startup investor, and board member, he enables individuals and companies to follow their visions and missions without building dependencies. He is a trusted voice for strategic questions, risk management, and technical solutions from the boardroom to the field. He earned his MSc and BSc in Computer Science from Jacobs University in Bremen, Germany, and serves as Treasurer of the Jacobs University Foundation of America.
Digital transformation projects have been a mainstay of our world for the past 20 years. Websites and apps have replaced travel agents and hotlines. Digital scanning apps have replaced insurance adjusters. Word processors have replaced secretaries and typing pools. A flood of generative AI-based apps promise even more and more intelligent task automation.
Yet in many organizations, one crucial thing is still missing amid all the tech frenzy to give the digital push some smart guidance and guardrails.
The CIO, and even more importantly, the chief information security officer (CISO) often aren’t part of the upper-level management team. Thus, digital transformation and cybersecurity are taking a back seat, confining both their potential and risks to individual departments. The results are all too visible.
On top of that, the role of the CISO is constantly shifting between hitting reporting targets and requirements.
Technology and IT cannot be just a service. In order for an organization to be resilient and successful, the heads of technology–whether they are the CIO, CTO or CISO–need to be integral parts of the upper echelons of a company. There are at least five reasons why they belong at the top table and should be part of the boardroom.
Pass it on: Risk Management Concerns All
With the advancement of the new SEC cybersecurity regulation in the US, it should be clear to everyone that boards and upper-level management must actively participate in cybersecurity communication and reporting. Without a direct link, both sides are hampered by incomplete information relayed between the different actors and a third party.
Incidents at Block and its CashApp service should serve as a clear warning to anyone in IT and risk management. A former employee breached CashApp’s servers back in 2021, yet the company’s disclosures and information flow were more than lacking. As a result, Block now faces lawsuits from its customers and investors and is suffering from multiple short-seller reports about its risk management practices and other questionable behavior.
This lack of internal and external information flow is problematic, even more so for a technology company. Add in intermediaries who control the flow, and a company might be in for a disaster similar or worse to the one that Block is still dealing with two years later.
Change it up: Long-Term Strategies Need CIO Input
Digital transformation and the impact of IT on the top line have been hot topics in the consulting world for years. And yet, 40% of CFOs expect to cut IT costs. This cost-cutting reinforces the notion that many digital transformation projects are transformative in name only.
Too many times, there is a filter level between the strategy-developing management team and strategy-approving board on the one side and the CIO on the other. The filter prevents an open discussion about IT strategy and how it can fundamentally change the business. The extra layer and competing priorities also slow down transformation efforts and prevent honest feedback from reaching the CIO.
Communicate If You Are on Board
In many companies, tradition and grown hierarchies at the top level are the only things that prevent a CIO from being well integrated. Often, it’s the misunderstanding of technology as a service provider that precludes questioning the hierarchies. I’ve seen several CIOs reinforce this notion by providing overly technical reports. Thus, it falls to the Assistant to the CEO or a board clerk to summarize it and prepare it for the board briefing.
Here’s a better approach: It helps to prepare concise and compelling reports that go straight into board documents. Have presentations ready so the board can discuss them without someone summarizing the content again; tone down the technical aspects, and focus on risks and strategies. All of those things can go a long way in getting a CIO or CISO board-ready.
Consistency is another crucial aspect. While management and board meetings are the two visible events on the calendar, you shouldn’t disappear from sight between those important dates. Important updates should be communicated on all levels, especially strategic changes and risks. Almost all companies have procedures in place for that. It’s just upon the executive to provide the content. Most newly minted CISOs and CIOs will have practiced this with their teams and direct superiors for years. Thus, it’s a good idea to take it one step further.
Lastly, getting an experienced mentor can help develop the right tone and confidence to speak the correct language. A mentor is beneficial if there is a generational gap between the board and CEO on the one side and CIO or CISO on the other. A mentor can also provide vital insight into whether it’s worth fighting a battle for a project or strategic change or if it’s better to wait it out.
Play the Long Game: The Importance of Cross-Department Strategic Initiatives
Many of the initiatives on the agenda of board and upper management meetings will be cross-departmental and involve longer timeframes. In many cases, upper management stays in control of these. With IT and cybersecurity initiatives often being cross-department or company-wide, technology executives should be able to make their mark by taking control of them as well as a CFO or CRO could.
Showing you can deliver a significant initiative is often an excellent start to ensuring that your name is getting noticed and that your concerns about risks and strategy are heard by the shareholder representatives.
Make Cybersecurity a Key Part of Digital Transformation
Technology topics will keep offering strategic opportunities and remain the source of new risks. As Columbia University’s David Rogers emphasizes in his forthcoming book about the The Digital Transformation Roadmap: “Strategic problems and opportunities are defined at every level.”
As long as technology executives are in the second row, companies will struggle to adapt to changing user demands. Whether it’s mobile apps to handle flight changes or compliance in online banking, technology will continue to dominate our changing economic landscape.