7 Top IT Challenges in 2024
Some of the major IT trends in 2024 aren’t a surprise, but they do require more critical thinking to drive value.
AI, cybersecurity, digital transformation. These trends have been major themes over the past several years, but IT departments need to remain on top of what’s changing, why, and how.
The organizations that don’t keep pace with new technologies and techniques will find themselves at a competitive disadvantage and at greater risk for cybersecurity incidents.
The twist to AI in 2024 is generative AI’s popularity across various organizational functions and its growing prevalence as a new product, service and solution capability. Though large language models (LLMs) aren’t new, OpenAI’s simple interface proved that anyone with access to a computer could easily use this form of AI. Since the efficacy of prompt engineering impacts the results, organizations must help their employees use this technology effectively so they can achieve greater levels of productivity.
Meanwhile, organizational attack surfaces continue to broaden, providing bad actors with more potential points of compromise. AI and generative AI both play a part here out of necessity. However, as always, not everything that needs to be addressed has to do with technology. IT departments and other stakeholders need to ensure that people and processes also align with the new realities.
“While AI has the potential to revolutionize enterprises through increased efficiency and enhanced commercial offerings, there are downsides,” says Josh Langley, chief information officer at enterprise information management company Iron Mountain, in an email interview. “From generative AI that creates malware to deep fakes used to perform social engineering, there is a dark side to the AI revolution and CIOs must ensure their boards, executives, and resources are equipped to fight the attackers on this new front.”
Many of the traditional frameworks, tools, and techniques fall short of preparing organizations for the new and sophisticated attack vectors. Langley says he has found the evolution of NIST CSF 2.0 and AI RFM 1.0 to be useful tools to baseline Iron Mountain’s risk management posture to ensure the company has the right focus and continuous education on governance, detection, prevention, recovery, and privacy. Langley’s team also learned that for the most sensitive transactions, a dual control (maker/checker) is often warranted.
Here are seven trends CIOs, CTOs and CISOs should have on their radar:
1. Adversarial AI use
MK Palmore, director, office of the CISO for Google Cloud, also formerly with the FBI, considers 2024 one of the most pivotal potential moments for the cybersecurity landscape because of AI’s infusion into cybersecurity metrics.
“Adversaries are as capable as they have ever been, if not more. I think we forget sometimes you have to put on your adversarial lens and think about how they think about attacking,” says Palmore. “They have this suite of tools, just like the enterprise does. They think about how to leverage those tools to gain traction and access to enterprises and it’s up to us on the defense side to figure out how to help organizations defend against this. The challenge is the adversary has always had the upper hand, they can be as agile as they need to be, they move fast, and they adopt things very quickly.”
Once the attackers find something that works, they continue to use it until they are prevented from doing so by the targets.
2. Increasing Regulation
Increasing regulation translates to a higher compliance burden, but it’s necessary to avoid fines and minimize potential compliance-related legal action.
“Government agencies at all levels are issuing an increasing number of regulations or mandates that need to be complied with. Some are inconsistent, some are duplicative but require separate reporting. They all have penalties for non-compliance so that creates liability concerns that shifts the focus from security and compliance,” says Scott Algeier, executive director of industry association Information Technology-Information Sharing and Analysis Center (IT-ISAC). “Security and compliance are not the same thing, so you may need to make additional investments to be both secure and compliant.”
3. Moving Deeper Into the Cloud
Organizations are continuing to move more data, applications, and workloads to the cloud, and increasingly they’re adopting a multi-cloud strategy to shield themselves from potential downtime. However, working with more cloud vendors also translates to added complexity.
“Everything you built for one vendor doesn’t apply to the other because they have different logs, configurations, structures, and regions. Each one of them has their own quirks like how [to] activate, what’s activated by default and what isn’t,” says Roei Sherman, field CTO at incident response company Mitiga, in an email interview.
4. Staffing woes will continue
IT departments don’t have endless capital to throw at human resources, and even if they did, some candidates would prefer to work elsewhere for the prestige, the compensation, career growth opportunities or cultural fit.
“[T]he workforce challenge isn’t going anywhere. There’s such a massive gap in talent that we need to figure out how to use technology to close some of that gap,” says Google Cloud’s Palmore. “I think AI can play a role.”
5. Bloated technology stacks head to the fat farm
Return on investment is a key metric for financial services companies. However, after years of regulation, mergers, and growth, technology estates have become bloated and underperforming. As a result, financial institutions want technology that is user-friendly, value-drive and rapidly adaptable to new technologies like AI.
“To accomplish this goal, CIOs and CTOs are facing the need to streamline enterprises by reducing spans and layers, increasing reuse of architectural patterns and ultimately increasing [the] productivity of their organizations,” says Fredric Cibelli, principal, technology consulting at multinational professional services network EY. “It also requires revising team structures for alignment with ‘value streams,’ improving Agile principles and nurturing product management skills. Adjustments in these areas will facilitate clear cascading of OKRs to prioritize customer/colleague outcomes and traceability back to business strategy, fostering cross-functional teams and minimizing middle management.”
6. AI is still largely exploratory and generative AI might help
Info-Tech Research Group’s Future of IT Survey 2024 revealed that AI will be the leading technology attracting organizational investment. About half of high maturity IT departments have already invested in AI and another 20% plan to invest during 2024, AI is also leading investments at low maturity organizations, with 35% investing in AI beginning this year.
“Despite ranking at the top of the investment priority list, most organizations shared that they were yet to identify the first pilot project to pursue with AI. More than half of high maturity firms are still in the exploratory phase with AI, as are 74% of low maturity firms. This presents a clear problem between investing in AI and return on investment,” says Brian Jackson, principal research director in the CIO practice at Info-Tech.
How will CIOs close the gap and start bringing use cases to the organization proactively, delivering value in an exponential way? Jackson thinks generative AI has the potential to supercharge the innovation process in several ways: idea generation, prioritizing new ideas, creating synthetic data for modeling, and generating text and images for a new product wireframe.
“Tapping into generative AI can be like having an always available employee to progress from problem to solution,” says Jackson. “Of course, humans still need to be in the loop and applying their judgment to whether a new solution is really worth deploying, but not using generative AI along the way is leaving a powerful augmentation option on the table.”
7. Generative AI assists with legacy tech woes
Generative AI enables developers to better understand legacy code. Some are even using generative AI to port code, such as from COBOL to Java.
“While generative AI is seeing widespread inclusion in modern platforms and applications, many organizations are facing challenges related to integrating newer technologies with legacy systems, networks, and applications,” says Greg Benson, professor of computer science at the University of San Francisco and chief scientist at iPaaS platform provider SnapLogic. “Generative AI has the potential to allow organizations with strapped budgets to accelerate the understanding and modernization of legacy technology stacks. With the ability to reason about and modify older code bases, generative AI can break down skill and cost barriers to writing legacy code from scratch and translating old source code to modern programming languages, allowing organizations to overcome hurdles once imposed by historical dependencies.”
Read more about:
RegulationAbout the Author
You May Also Like