Technology executives and CIOs lying to themselves are a recipe for disaster.

“Ransomware happens to other companies.”

“Our disaster recovery is good enough.”

“This time, the new best practices will help the company.”

All too many CIOs feel content to self-deceive. Many will look over this list, see the headings, and decide none of them apply. Try not to be one of them.

Lie #1. We are not at risk for a security breach

We will start with the lie that’s most devastating to the self-deceiving CIO—the lie that there’s nothing to worry about. Maybe your company does not have anything overtly valuable on its servers.

However, when your lax security policies and meager data backup solution put your company at the mercy of ransomware, it will be too late to take proper actions.

If your company needs computers to do its job, it is at risk.

How many days of computer activity can you afford to lose? How much does every minute, day, week of downtime cost your company? How many customers lost, how much investor confidence squandered?

Lie #2. Our employees are not a potential security risk

There are numerous ways this self-deception might be phrased.

It all comes down to the same basic idea: your employee will not or cannot compromise your systems.

Maybe you think they are too smart to mess up, or you think they follow policies for security too well. Maybe you believe that you have taken away enough privileges to keep them from screwing anything important up.

A recent study reveals that 54% of Information Technology professionals report that employees are the main cause of most cybersecurity issues. If you think yours are any different, think again.

Any Chief Information Officer convinced that employees could not become a problem is at risk of employees becoming a problem.

Lie #3. Upgrades can wait

Chief Information Officer working on a laptop

This penny-wise, pound-foolish bit of CIO self-deception leads to far more than its fair share of headaches.

It is easy to convince yourself that you are a smart executive by waiting for a significant upgrade.

By assessing new features based on their potential benefits and sitting on funding until something exciting comes along, you can optimize your use of budget, right?

However, it never works that way. Sooner or later, you will need to upgrade. Moreover, making a significant upgrade later will cost a lot more than small upgrades throughout.

There’s no such thing as a 100% seamless transition from one piece of software to the next.

If you want to see an entire IT department—or an entire company—grind to a halt, jumping from year to year on technology is an excellent way to make it happen.

Moreover, all this ignores the question of security and questions of how accurate your assessment of value is.

How many ‘not worth it’ upgrades can you skip before the combined loss of efficiency and efficacy across them is severely inhibiting performance?

Lie #4. We can catch up on projects later

It is rare to reverse schedule slip in any field, much less Information Technology.

Any technology executive who manages to convince himself, his team, or other executives that falling behind today will not impact the final deadline is setting everyone in the company up for disappointment and disaster.

In the first place, you fell behind schedule for a reason.

Unexpected challenges cropped up due to poor planning, circumstances beyond your control or other reasons. If it already happened once, it can probably happen again. This means you will be lucky to keep up without slipping further behind, much less catch up.

Moreover, if you implement crazy work schedules and bring down the hammer on your IT department to rush to meet the original deadline, you are just going to create more problems.

Those problems may stay hidden until after the deadline, but you will have to pay the price in time and personeel sooner or later.

Lie #5 Our development is agile

Agility should not be underestimated

This is a particular lie that far too many CIOs tell themselves today. The strengths and advantages of agile development over waterfall development look quite appealing, but it is not enough to just go through the motions.

Far too many CIOs ended up with a waterfall but rushed and sloppy. As a quick test, you should simply ask yourself whether you are still trying to check off all the boxes on the waterfall development checklist. If so, you are not thinking about agile development the right way.

You can expand this to apply to other approaches and practices. Too many CIOs see the best new approach to development, security, support, or other issues and rush to adopt it.

However, instead of putting these new methods into practice and reaping the benefits accordingly, you end up with a haphazard implementation that looks new and exciting but largely functions the same.

Maybe it is self-deception, perhaps it is a theater for other executives. Either way, it is not helping your company. At best, it is helping your department with funding and perception without contributing positively to the whole.

Lie #6 Our IT department already follows best practices

It probably does not follow best practices all the time. You may have top performing IT infrastructure and advanced backup and disaster recovery solutions.

Even if you have a few team members who know all the processes, frameworks, and best practices you have worked so hard to drill into their heads, execution of those methods will rarely be perfect.

There will always be team members who slip in one or two areas. The ones that look for shortcuts and rush through the tasks they view as unimportant. If you are handing down orders from a pedestal and expect them to be put into practice correctly, you are lying to yourself.

Any best practice you try to instill or aspect of IT culture you try to shape will be a constant battle. If you think the fight is over, it is—and you have lost.

Lie #7 We coordinate well with other departments

Cybersecurity Awareness at Workplace

Few IT departments work as seamlessly with the rest of the business as the CIO believes. Even if you take steps to improve coordination, it rarely goes as deep as necessary.

You might align yourself well with the issue of budget or align resources effectively to meet short-term goals. However, it is difficult for any Chief Information Officer to lead their Information Technology department to work as part of an organized whole.

If your IT department feels like a separate company that shares the building with the rest of the business, you have a problem. If you think of your help desk as customer support, you have a problem.

The rest of the company is not your customer. The other departments are not separate. Unlike real customer support, your goal is not to have the user hang up the phone satisfied. Make your goal to resolve problems for the company, not the user.

Parting thoughts

If you made it to the end and didn’t think any of these apply to you, there are a few options.

The best leaders are the ones who do not tell themselves any of these lies and worry about each of these issues. The worst see these lies and think OTHER CIOs that have these problems. Those executives relax as their IT department marches towards disaster.

A good Chief Information Officer should not be a nervous wreck terrified of every possible aspect. However, confidence and complacency are far too close for comfort. Check, double-check, and keep worrying.

Not sure where you stand? Need better IT tools?

Contact our team today and learn more about your options!

PhoenixNAP Security Solutions - Contact