Editor's note: The following is a guest article from Jason Dury, director in technology solutions at Guidehouse, and Jack O'Meara, director in cybersecurity at Guidehouse.
The job of chief information officer is not for those that have trouble managing stress, time, or big issues. CIOs who take an enterprise-wide and business leadership view of their responsibilities have numerous, immensely important, wide-ranging, and both strategic and operationally detailed roles.
CIOs have to work in a collaborative way with other business and government leaders because there is inevitably overlap in key functional areas. And some of these areas, such as cybersecurity, are growing significantly.
The role of an enterprise-wide CIO has transformed from the "head of IT" to much more. Indeed, the best CIOs are genuine strategic drivers of the business and increase enterprise value by helping or even leading the organization to across-the-board advances in technology.
In short, they are executive business and government leaders that enormously transcend their titles and IT "hats."
We reviewed some recent CIO job notices, and their common responsibilities include:
- Leading the IT team and all the people, processes and associated hardware and software
- Acquiring and integrating technology for efficient business operations
- Ensuring optimal performance of systems and networks
- Developing strategic partnerships with others involved in information technology and communications (ITC), such as cloud providers
- Staying abreast of new technology and tools that will reduce costs, increase value, and mitigate the risks related to the organization's data and technology architecture and infrastructure.
What we often find lacking is the requirement for possessing a broader vision and other must-dos that private and public sector organizations often seek from their CIOs.
Absolutely mandatory, for example, is helping the chief information security officer (CISO) ensure the security and resiliency of the organization's data, ICT infrastructure, systems, and more.
This falls alongside the goal of propelling transformation through leveraging the technologies recognized as best in class, such as related to the cloud, automation, robotics, big data, advanced analytics, artificial intelligence (AI), machine learning (ML), enterprise resource planning (ERP), robotic process automation (RPA), speed, agility, scalability, quality, digital transformation, advanced and additive manufacturing, and a host of other smart modernization advancements, too.
And yes, another critical and growing role for some of today's CIOs is having a leading role in supply chain issues, including supply chain risk management.
Why CIOs marry well with supply chain issues and risk management
The supply chain dimension of CIOs' (along with their CISO colleague) responsibility is quite simply, vital to the success of most public and private sector organizations. Supply chains are no longer focused wholly on logistics, just-in-time delivery, optimization, and efficient operations any more than CIOs are focused entirely on computers, help desks, printers, and applications.
What does all of this tell us about the best CIOs and supply chain issues? It indicates that CIOs have a major part to play in improving ways to source, manufacture, and deliver products while also dramatically trying to reduce the risks associated with operational interruptions including cyberattacks.
As a result, one of the biggest mistakes that CIOs can make is not understanding their key leadership role on supply chain issues. Whether it is the COVID-19 pandemic and its effects on supply chains of nearly every type (how many of you are still dealing with laptop shortages, for example?); ransomware attacks like those seen recently on Colonial Pipeline or JBS Foods Group and the thousands that do not grab the headlines; or the rise in new and used car prices due to microelectronics shortages, the adverse impacts of supply chain blockages or stumbles are enormous.
It was less than a year ago that personal protective equipment (PPE) supplies were dangerously low and being sought by states and countries competing against each other; when cleaning materials were in short supply; when respirators and oxygen were being rationed in some places; and so on.
In addition, a ship blocked the Suez Canal and cost international shipping $10 billion per day; the SolarWinds software supply chain penetration and the Microsoft Exchange servers data breach left many exposed to malware attacks, and dozens of other supply chain issues emerge to one extent or another on our news and social media channels.
These sorts of issues make clear why there are increasing numbers of CIOs who are dual-hatted with both IT and chief supply chain responsibilities.
The duality in a CIOs role is because the success of any organization is often linked to the performance of IT, technology more generally, and supply chain operations and security. Supply chains play the role of a funnel through which consumers, businesses, and government units get what they need at the right place and the right time.
In some cases, supply chain professionals are the new stewards of modern day business and technology, and ensure alignment across functions.
In this dynamic business environment, organizations require accurate order and contract information, the ability to quickly get near real-time status updates, and visibility and insights into issues that might affect the supply chain for good or ill.
For the latter, understanding risks, such as suppliers going out of business or being sold, cyberattacks, counterfeit or substandard products and production, sudden or long-term labor shortages, geopolitical occurrences that change trade, exchange rates, supplies, or routes, raw material or economic disruptions, and malevolent state and non-state actors seeking to get into the supply chain for a variety of illicit and adversarial reasons – these are all the sorts of things that top-notch CIOs have on their minds.
Whether manufacturing a pipe coupling, a stuffed animal, food products, or the newest U.S. military fighter aircraft, possessing and being able to understand the impacts of this sort of data is crucial. And given that many CIOs are at the nexus of where so much of the data, systems, and networks, come together, CIOs should embrace supply chain excellence as a fundamental competency throughout all levels of an organization.
Industry leading CIOs have a special role when it comes to partnering with others in the organization on supply chain issues. CIOs, as information leaders, need to reach out constantly, collaborate, and seek partnerships.
Managing the multifaceted and complicated universe of logistics, vendor relationships, IT, finance, people, operations, security, risk management, and other key elements of any organization requires insight, a well-rounded personality and approach, networking and relationships, an enterprise-wide mindset, a focus on the success of the mission or business operations, negotiation skills with business unit managers, and much more.
This is precisely why the CIO role is no longer for the faint of heart.
CIOs are often well positioned to bring together diffuse data and their sources into one digital "space" or data lake so they can be understood and analyzed much like an ERP system would.
However, the world of supply chain risk management does not stop there. Many supply chain requirements necessitate illuminating parties in the supply chain, including several layers down, identifying alternative suppliers, infusing outside data on everything from labor strikes and weather patterns to much more that could potentially interrupt supply chains, looking for nefarious actors and potential insider threats, and vetting – and where warranted undertaking due diligence on – riskier parties in the supply chain.
One of the biggest challenges is still cultural, organizational, and even personal clashes. However, many CIOs have a perfect station from which to help weave together supply chain issues of all types – from operations to security and risk management – in a truly unifying way and notwithstanding such challenges.
What a CIO should focus on
For CIOs directly involved in the supply chain there are three major supply chain priority areas to focus on:
- Supply chain operations, including delivery, optimization, cost savings, etc.
- Safeguarding the integrity and security of the supply chain especially critical ITC assets, data, and IP.
- Protecting the integrity of the products provided to others, both digitally and physically, starting with customers but extending to vendors and partners as well.
These three critical areas indicate why outstanding CIOs collaborate with their functional counterparts across the organization, focus on gaining visibility into these additional layers of the supply chain – to illuminate the tiers of a supply chain far beyond what a business normally sees – and ensure they have appropriate controls in place and are monitoring them.