Change in your role as CIO is that fast. In seemingly no time, business departments are now employing their own IT staff. Those same departments are buying technology without consulting with you. Overall, you are making less IT decisions for the company, and much of your own IT work is being outsourced. The days of control have passed; the time of being only a cost center is in the history books. People are looking to you to be more than a Director of IT – and that is good news. You always have been more. Your love of what technology has longed for others to see its value. That day is here. But you must make some shifts, and you can’t wait to be invited to make them. You must demonstrate your value, or the thing you always knew technology could do will be entrusted to someone else.
Welcome to your new world of customer experience, data analysis and wise counsel.
The Shift to Customer Experience
Customer experience is the new brand differentiator. Price and product is becoming secondary to customer-business interaction. Consumers will pay more out of brand loyalty if such loyalty is rooted in experience; and one bad experience not handled to a customer’s satisfaction will be the end of the loyalty.
As CIO, you must now be aware of every customer’s touchpoint with the company, and how your technology meets customers at each point. To demonstrate your value, you must engage in multiple department interaction. Understanding the end user experience, and how each department feeds into that, you are now the champion of how technology serves their strategies. In this, you are aware of how changes in technology and new proposals for technology affect each department’s performance.
You are not just a cost center; you are a revenue driver. Over half the projects consuming the attention of a Chief Experience Officer involves technology.
The days of the CIO and IT staff being brought late into strategic development are far behind you. You must seat yourself at the table, in the beginning, designing the customer journey and being the champion each department needs for technology’s implementation.
The Shift to Data Analysis
Just like that, data is seated on the throne. As CIO, you are now a critical player in digital strategy. You do not need to be the Chief Digital Officer, a position that 90% of global companies will have in place by next year. But you do need training in analytics.
As a CIO trained in analytics, you further equip yourself to be a data source that helps departments solve problems. Your primary role is moving from a permission-giver (the old cost center mindset) to a prophet: Because of data, you can see what is needed before others, you can warn of regrettable actions departments might take, and you can direct leaders to the most efficient, cost-effective and customer-centric options available to them.
The Shift to Wise Counsel
The CIO now represents a consultative relationship rooted in strategic relevance. You have the opportunity to use your IT knowledge to inform better decisions. You are now more than bits and bytes. You create a digital, optimum performance place of work.
As CIO, you must be consulted on significant technical spending. There are aspects of past responsibilities that will remain in play. But you must also inform marketers what technology is capable of, and in places where technology, marketing, customer experience, sales and services seem blurred, emerge as the one to whom others turn for sound advice.
You live in an interesting tension. The CIO today that clings to the old model of business will find that people will look for ways to avoid them and get around them. Today, the CIO is a peer strategist and team player. IT is not a necessary evil; it serves every department in quest of the mission. To succeed, to demonstrate your continued value, you must shift into areas foreign to your previous job descriptions. You are now the heart of every customer experience; you are the knowledge pool of business decision making; you are the sage who has stepped out of the shadow to guide the many.
Myth: Trust is earned.
Truth: Trust is not earned. Trust is granted.
If I can earn your trust, then you have given away power to me. If I can earn your trust, then trust is something that can be quantified, and all I have to do is reach a goal, a standard, a 100% of something that necessarily releases what you have. Trust doesn’t work that way.
Trust is something that you grant. You can give it or not give it. Trust is in your control, an expression of your power and will.
If someone failed you, and then asked, “What can I do to get your trust back,” I doubt you gave them a clear list of tasks to complete.
Trust is an opportunity you extend for someone to act in your best interest. Trust is a bridge you are willing to cross with another from the known to the unknown. When you get on an airplane, you trust the pilot to get you there safely, and to get you to a place in a way you could not on your own.
Do-It-Yourself industries rely on undermining the trust you put in professionals. Where you once relied on someone to act in your best interest and to do so with a knowledge you did not possess, DIY now gives you the knowledge you need to act in your own interest (while trusting that the knowledge they provide is accurate). It’s not that professionals are bad; some just aren’t needed like they once were. Trust is rooted in need.
Consumers are moving their trust away from institutions and toward individuals. It is a major shift. Before, we relied on the good name of companies. Now, corporate reputation as a whole is suspect. Consumers either rely on individuals directly (e.g. Airbnb, which averages 5 email exchanges before booking, vs. hotels) or indirectly (hence, the rise of peer reviews).
Trust cannot be earned, but it can be triggered. How do companies today trigger the trust of the public?
1. Don’t try to build trust. Trigger trust.
Building trust is an exercise of persuasion. Being trustworthy is an expression of character. Persuasion seeks to have you act in another’s best interest. Character will act in our best interest.
Trust is triggered by four trustworthy character-istics. Not any one of these is a magic bucket that, once filled, requires the trust of another. Each one of these is a signal, for reasons you cannot predict, to another’s mind and emotion that they can grant something of their self to you.
Competence: Do you have what it takes to act in my interest or get me to a place in a way that I cannot?
Consistency: Will you be responsive to me and act in a way that I can count on you?
Care: Are you really driven to meet my need or is your service just a camouflage for your own profit?
Congruence: Does your behavior match your stated intentions?
Trust is not necessarily revoked because of failure. Studies have shown that loyalty to a company is highest not among those who never had a problem with a company, but with those who had an issue rightly resolved. Why? Because competence is but one of four triggers, and if, when you fail, you are responsive, genuinely caring, and living up to what you project, then trust might remain in place.
2. Technology that triggers trust amplifies decisions rather than dictates decisions.
Technology does things for people, and it has a growing role in deciding things for people (algorithms). Your company will be more human when it chooses to enhance decision-making (honoring a trust to be granted) rather than to impose a decision (trying to require trust).
Customer knowledge (which informs what you offer) plus multiple options (which maintains your customer’s power of choice) is the equation for relational business versus transactional business. And the more you seem human (relational), the more you will trigger trust.
Your company’s technology serves the triggers. Technology is not only about you being more efficient; technology empowers your ability to be trustworthy. IT must do both – serve you, and strengthen your competence, consistency, care and congruence.
Failure to utilize technology to both serve you and strengthen you will cause consumers to entrust their needs elsewhere, and neither one of you may be able to articulate why – and that’s because trust is not a commodity a company can measure and attain, but a part of a consumer that they willingly, if not consciously, give.
In a recent article, Techie to Tech Lead, Peter Gillard-Moss confessed to the five biggest mistakes he made when assuming a lead role from his previous tech role. It’s a great article, written from lessons learned the hard way. As I analyzed the article, I found myself framing his lessons proactively:
What makes a leader effective who has been promoted based on technical competence?
It feels good to work in the field, to plunge into the familiar, and to bolster one’s ego by producing great product. But leadership is always about someone else and their competence in cooperation with their peers. Leaders aren’t building stars; leaders are bringing stars into alignment. Leaders orchestrate by bringing the pieces together to perform as a whole.
IT leaders experiencing promotion lose sight of this if they focus first on their own reputation, or if they believe they must be the best skilled among the team. Some of sport’s best coaches were nominal players, but they understood the game better than most. In understanding the game, they know how the system best works and how to bring out the best in a player in a team capacity.
In order to be about team, and in order for a leader to keep his or her own ego checked, the measure of success must be stated in terms of team accomplishment and team play, not technical or personal expertise. How do you define success as a leader? Define it in terms of overall objectives, objectives that can only be met by the whole of who you work with.
The moment you assume the mantle of a leader, you redefined success in terms of how you bring out the best in others, and how you multiply your skills to the point that others surpass them. Leaders are not threatened by any one individual’s success, because the leader is measured differently than those they lead. A leader is not evaluated by the same standards as when they were a tech genius. So don’t allow a former standard to drive what you do in a given day.
The Strengths Movement has taught us that to focus on weakness and seek to improve it is counter-productive: Know your strengths and build on them. As true as that is, leadership comes with increased responsibilities, and those are characterized by skills that can be learned. For example, one may not be the most administratively detailed person, but they can still learn the skills of time and project management. One may not lean toward being a people person, but people skills, such as listening, asking questions, and giving proper direction can be acquired.
Think of it this way: If you are being asked to learn something that applies to other areas of your life, it’s a competence you can grow in (being on time and listening improve a lot more than your job). If you are trying to become someone you are not, then you may be seeking to over-reach. For example, if you are strategic (strong in ideas and plans), being asked to be deliberate (focused only on tasks at hand), you will find yourself climbing the wall in order to see the big picture.
As an IT leader experiencing promotion, the critical essential to expanding your competence is to beware of the source. That’s why outside eyes serve you well: People who have history and connections in the areas you are seeking to improve upon can lead you to credible sources so that you are maximizing effort and not wasting time.
As a technology expert, your primary responsibility was to get your job done, and if possible, to play nice doing so. Your biggest obstacles were obstacles that got in your way, not necessarily the way of others. As an IT leader who wants to maximize your promotion, you are responsible to make sure that all of your team can get the work done, and so you are aware of all the obstacles that can come into play. You must be proactive more than reactive as before.
Obstacles are either internal to your team or external upon your team. As a leader, you must be aware of what is happening company wide, anticipating how decisions will affect the work of your team, and articulating to others what your team absolutely needs.
As a techie, you could ask, “Who let in the wolf?” As a leader, you look out for the wolves in the first place.
Also, before your promotion, you contributed to the culture. As an IT leader, you shape and defend the culture.
Doing things right (as determined by you) now gives way to doing the right thing (as determined for everyone). A leader is still aware of wrong, and is quick to correct; but a leader gives much more allowance to the various right ways of accomplishing tasks and purpose.
Before your promotion, your aim was to produce that best product possible. The IT leader builds the best team possible. Part of building people is being aware of all that is in play for them in a given day: life circumstances, distractions, insecurities, personal liabilities. How to identify issues and engage in helpful conversations about those issues are skills to be learned. They are essential skills for those who sit upon the summit of leadership.
Consistent to each of these five realities: Leaders have a broader perspective. You must take far more into account than ever before. More things shift, and leaders live in the paradox that they must be more proactive than ever before, and they must be more agile in being reactive than ever before. Simply, more is at stake: People.
Cyber crime costs to the world will double in a six year period ending in 2021.
More reports of attacks give rise to a gnawing sense of inevitability. As leaders in the fight, there is only one strategy that safeguards our companies. Inevitability must promote “Response-ability.”
The Biggest Catalyst to Response-ability is Compliance.
Internal compliance drives adherence to the practices, rules and regulations set forth by internal policies. External compliance follows the laws, regulations and guidelines imposed by governments and agencies.
Compliance requirements are numerous, and the legal team and C-Suite Executives are responsible to determine the scope of compliance. Compliance officers and staff are a growing requirement. Technical, procedural and strategic frameworks must be built to assure your company’s integrity.
Behind the pressures, costs and potential fines that surround your compliance, the public is demanding more of you as the steward of their information. 6 of 10 people would blame you, not the hacker, for lost data. 7 of 10 people said they would boycott a company that appeared negligent in protecting their data.
Here are a few pressing challenges to compliance:
Companies now must have strong policies and technical controls in place, such as mobile device management protocols that exist, and by enforcing device lock passwords and time-based, one-time based passwords. Employees with laptops and devices should be provided security policies and prevention mechanisms, as well as secure access to corporate data.
IT Managers must ensure that your organization is current with software updates and that they immediately patch known vulnerabilities. Last year alone, the number of third party vulnerabilities doubled.
Also last year, 63% of data breaches originated directly or indirectly from third-party vendors. Managing vendor information security and vendor compliance with privacy laws is a major and essential undertaking.
Cyber Insurance is Response-able.
And it’s being responsible in advance of the need. Cyber insurance not only covers legal fees, but typically expenses associated with notifying customers of a data breach, restoring personal identities of customers, recovering compromised data and repairing damaged systems.
Purple is Response-able.
Borrowed from military language, Red Teams exist to attack your cyber-security systems and to expose points of weakness. Blue Teams defend, enforcing the security measures you have in place. The buzz of the day is the Purple Team. The Purple is either a make-up of both Red and Blue teams in which participants form a learning community for the sake of the other, or an outside group brought in to examine the tactics of both teams and make recommendations. Ideally, Red and Blue Teams exist not in competition to the other but as complement, holding the security objectives of the company as the standard of each team’s success.
The greatest detriment to your response-ability is lack of clarity on what you need or don’t need. Outside eyes continue to be the best check and balance for CIO’s. Without third-party, unbiased expertise, you will not possess the confidence you need that the compliance, policies, insurance and Purple evaluations are sufficient and efficient for your situation.