What New CIOs Act On First and Why

Congratulations! You’ve just been promoted to chief information officer or you’re joining another company as a CIO, whether you’re new to the role or a seasoned professional. We asked some CIOs what they prioritized first and why. This is what they had to say. 

For example, Ajay Sabhlok, chief information officer and chief data officer at cybersecurity company Rubrik, says it’s wise to develop a good understanding of the IT baseline and strengthen it. This includes the organizational structure with roles and responsibilities, architecture, applications, data, security, stakeholder analysis, and the budget, as well as understanding the current state of operational processes. 

“Understanding and strengthening the IT baseline is foundational and needs to be made robust enough to build upon. Each component of the baseline plays an important part in turning IT into a business catalyst for growth and scale,” says Sabhlok in an email interview.  

The typical challenges faced in establishing and improving the IT baseline may be the existing IT culture that resists change, proliferation of shadow IT that impedes improvement progress, stakeholder apathy toward IT caused by long periods of unresponsive, or misaligned IT. It might also be the absence of a specific component such as architecture, data hygiene or change audits that take enormous effort to create and may not have budget support for, and sometimes misallocated or missing budgets. 

Related:CIO Compensation May Soon Be Tied to Green Data Centers

Ajay Sabhlok, Rubrik

“The first few actions are the best way to build IT credibility with all stakeholders and set it up for success in the form of additional IT investments, a balanced budget, optimized processes and elimination of daily fire drills. It also creates a framework for pursuing and meeting commitments, innovating and scaling up, collaborating within and across departments, and communicating effectively,” says Sabhlok. 

Understand the Company’s Strategic Initiatives 

When Sean Pike, head of information security/CIO joined security and infrastructure solutions company A10 Networks, his first priority was to understand the organization’s strategic initiatives. To accomplish this, he spent considerable time with organizational leaders trying to identify core products and services, existing roadmap items, and the technologies that support them. This exercise was executed as an informal business impact analysis (BIA) with an eye toward what would be most important in 24 to 36 months. 

His second priority was understanding the organization’s security posture through the lens of existing capabilities. This did not mean that he initially ran reports or looked at KPIs and scoring solutions. Rather, he performed a high-level capability maturity assessment.   

Related:10 Ways IT Leaders Can Encourage Employees to Be Greener

“It may not be what others do, but I score every solution in a 9-box [grid] with technology on the Y axis and maturity on the X axis. ‘Technology’ means, is this the right solution for our current organization and where we’re headed? ‘Maturity’ means is this solution fed and cared for?” says Pike in an email interview. “This can take a few weeks or so but at the end of the process, I end up with a really good idea as to the maturity of each tool, whether it fits into the organization’s long-term strategy, and which cybersecurity domains require immediate attention.” 

Sean Pike, A10 Networks

His advice to mentees is to know the organization better than it knows itself, so no stone is left unturned.   

“[Y]ou’ll be more successful if you know everything there is to know about the company.  You’ll recognize issues more quickly and have the tools you need to solve them,” says Pike. “From this point, it’s just about risk management and prioritization. What are the most critical items to address? What are the items that I can accomplish quickly to create immediate impact?  What are the items that are going to take significant planning? The answers to these questions go straight into a 3-year plan.” 

Related:9 Ways to Ensure Continuous Innovation

The benefits of his approach are building rapport with colleagues, understanding where the organization struggles and understanding what the company aspires to be.  

Quick Wins Are Important 

When Shannon Thomas joined Hennepin Technical College as CIO, her first step was to interview the technology team because it allowed her to build relationships with them, understand what they know, are passionate about, and what they’d like to see changed. It also allowed her to understand the landscape of all the tech in the organization.  

“I told them that everything was on the table to be improved. The team brought up whatever was on their minds including but not limited to how they were being treated by end-users, the workload, the security issues, and even that they wanted an air fryer,” says Thomas. “Then, I met with all the stakeholders to understand their biggest pain points both with the technology and IT team, and with their day-to-day. We talked about their dreams for their departments, their lack of budgets, and how they didn't always feel prepared to do their jobs.” 

As she was working through those conversations, she mapped out the current state and memorialized all the dreams people brought up in meetings and how they tracked back to the college’s tech and overall budget, as well as anything to note for long-term contracts. At the time, “everything” was on fire: Equipment was aging, security needed to be addressed, there were redundant tools. Worse, the team she inherited had poor morale. 

Next, she identified quick wins, such as something that would have a big impact or that was timed perfectly because of contracts. For example, the phone system was reaching end-of-support, so they moved from on-prem to cloud phones that would integrate with other systems.  

“It took a couple years to really see the fruits of the labor, but we saw some really big changes. First, we repaired the strained relationship with our end-users and other departments. That included implementing a 5-year replacement plan for our devices instead of waiting for all of them to die on their own. We also hardened our security position by phasing out old equipment,” says Thomas in an email interview. “Second, we made sure the right people were in the right places on the team, and [they] got the support they needed to do their jobs well. This dramatically increased the tenure of the team members and boosted morale. Third, the implementation of our CRM and other automations we did [reduced] administrative burdens [on] staff and helped us connect with our students and prospects at the right time.” 

In addition, the college achieved a 30% increase in new business and a 157% increase in at-risk student retention. It was able to cut out a lot of redundant systems, which allowed it to reduce its budget and technical debt.  

Uplevel the Approach to IT 

Few technology departments are just “keeping the lights on,” especially since business and technology are one in today’s digital economy. Nevertheless, some organizations don’t value IT and IS as much as they should. 

For example, three years ago, David Weisong, CIO at clean energy solutions company Energy Solutions, turned down the first offer to work for the company because the role was defined a senior director position reporting to the VP of Finance. At the time, there were no C-suite roles, but he was able to convince the president that it was in the company’s best interest to have a VP who was on par with the other VPs. 

After starting as VP of information systems, he started working on a strategy that is underpinned by a “do no harm” philosophy. That means, don’t come in and immediately make changes. Meet the people you’re going to have to interact with and start relationship building. 

“[The] best way to create relationships is to ask questions and then shut up because you’ve got to be able to listen. I did a lot of observations and drop-ins, just to see how teams were functioning. I was just listening,” says Weisong. “But [from] a one-on-one standpoint, I would ask a lot of questions so I [could] start developing rapport and relationships because you need trust. They can [also] be part of the success of change that needs to happen.” 

With those relationships in place, it’s possible to start collaborating, such as working on a gap analysis so it’s clear what needs to change, why, and when. In Energy Solution’s case, its challenge was hypergrowth.  

He also made a point of asking his managers to describe an epic failure and an epic success. In some cases, the situations were one in the same, just reported differently by different people. That exercise clued him into their individual mindsets.  

While the IT department focuses on infrastructure, the IS department, which Weisong also oversees, builds custom software since COTS doesn’t work well for specific things in the energy sector. However, to get everything working, he needed to gather the developers who had been working in lines of business under a single roof with a single charter for what both departments were doing to support the organization’s mission. 

Weisong’s team is also instrumental in Energy Solutions’ market-based incentive programs for Utah utility companies and state agencies. To facilitate that, the IS department needed to build an industrial bill pay-type application capable of facilitating the incentive program. They also built a platform that can serve multiple programs for multiple clients. 

“If you start building relationships in the beginning it makes things easier because people want to collaborate. It takes longer, but it’s more predictable,” says Weisong. “That’s how we can scale and take on more programs that create more energy savings for our customers and more profit for the company.”