In April 2023, Acora conducted a survey that revealed insights into the changing responsibilities of Chief Information Officers (CIOs) and their main focuses in mid-market companies in the UK. The research included 126 decision-makers from UK-based financial services companies and aimed to identify the difficulties and modifications that resulted from the transition to a hybrid work model after the pandemic.
The evolving role of CIOs
The survey findings revealed that 65% of IT leaders believe that hybrid working has elevated their role within their respective organisations, and 61% reported additional responsibilities such as direct involvement in due diligence activities. The study underscores the vital position of cybersecurity within organisations, with 67% of respondents listing it as their top focus area. This signifies the continued significance of cybersecurity, an issue that previous reports have highlighted as the “big, scary cybersecurity monster”.
Investment in cybersecurity
IT budgets are another focal point in the survey. While 55% of IT leaders predict an increase in their budgets in the coming year, this marks a significant drop from last year’s prediction of 77%. The use of Managed Service Providers (MSPs) is also on the rise, with 92% of respondents planning to work with them this year. However, there are concerns about MSPs’ ability to support their company’s growth strategy, with 48% expressing apprehension.
Integrated cyber security and IT operations
The role of Managed Service Providers (MSPs) is also projected to increase, with 92% planning to collaborate with MSPs. However, there is some concern about these providers’ ability to support the company’s growth strategy, with 40% expressing concern and 8% certain they will need to look for other providers.
Diverse patterns are emerging in the management of cybersecurity operations across different organisations.
- 50% of respondents noted that Cybersecurity Operations and IT operations are managed together as a single in-house department.
- 32% reported that Cybersecurity operations function as a separate, standalone department within their organisation.
- 10% have chosen to outsource Cybersecurity and IT operations, which a third-party provider collectively manages.
- 8% have outsourced Cybersecurity operations to a third-party provider that operates separately.
Interestingly, one in five (20%) respondents indicated that although cybersecurity operations are not an immediate priority, they plan to look into it in the future.
These outsourcing organisations face two significant challenges. Firstly, they need to identify a trusted partner with the right capabilities and reputation that aligns with their current business needs and future growth plans. Secondly, they must navigate the complexities of managing multiple third-party providers. Finding a single partner that can address IT and cybersecurity operations could allow these companies to reap the same benefits as those that control these functions as a single in-house team.
Focus areas for cyber security
Cybersecurity threats are becoming increasingly sophisticated, with attackers using targeted methods to inflict reputational and operational damage. While technology tools are helpful, the complexity of threats necessitates skilled professionals. However, maintaining an in-house team with the required specialities is often neither practical nor affordable, leading organisations to work with external experts.
The unfolding AI narrative adds to the current climate of uncertainty, requiring IT leaders to step up and guide organisations about its implications and opportunities.
“AI isn’t ‘difficult’ technically,” Chief Information Officer Lee Ganly explains. “The challenges are around intellectual property, security, and policy issues. It’s hard to predict where AI will sit in the wider IT landscape, even this time next year. All we can say for certain is it’s going to be a fascinating journey.”
