CIOs and CISOs shouldn't look at IT like a box of Legos

CIOs and CISOs shouldn't look at IT like a box of Legos

271 readers like this
Digital transformation security

With the term 'innovation' seemingly on the tip of every corporate executive's tongue it's difficult to identify those efforts that really can lead to some kind of positive change for the enterprise. Whether suggestions come from the C-suite, staff members, or vendors, the proposals need to be properly evaluated. Rick Doten, Chief Information Security Officer of DMI thinks the right way to bring innovation to life in the enterprise is to lead rather than follow.

"Innovation is unfortunately more rare in the enterprise than we’d like. The reason is the industry has productized the process, and IT and Security management are being led by the product vendors to identify what is needed and how to use it. What should happen is for IT and Security leaders understand their IT and security goals based on the “business” requirements, not technical requirements.

"These are unique to each organization. They then must ask questions to understand “what technology do I need to have to allow my organization to perform their business requirements?” Then “What questions do I need to know to understand if these systems, networks, and applications are secure?” At that point you go research and find technology and develop processes to answer those questions.

"Doing it that way, you will discover there might be a gap in a technology, which you will need to develop a capability to meet your needs. Or you might search to find a unique little company that isn’t widely known, who developed a capability that solves that requirement. As a CISO, many of my technologies are from small firms, who I then can assist in their product roadmap that will both improve their product, and align with my requirements.

"I view innovation starting at the top, with a leader who wants to do what’s best, not just what’s available, then he or she pushes that approach down to technical staff to research, develop or acquire, test, implement, and manage it. But like I said, most folks look at IT and Security like getting a box of Legos and following the directions to put them together. Instead of thinking first what they want to make, and considering all building media options to be able to create it."

Scott Koegler practiced IT as a CIO for 15 years. He also has more than 20 years experience as a technology journalist covering topics ranging from software and services through business strategy. He has written white papers and directed and published video interviews.

7 New CIO Rules of Road

CIOs: We welcome you to join the conversation

Related Topics

Submitted By Jason Hall
June 01, 2020

Agility, collaboration, and accountability are essential to an innovative culture, but they must work in balance. Here’s how to make that happen

Submitted By Stephanie Overby
June 01, 2020

As the pandemic wears on, leaders need to know how to manage emotional responses to crises - both yours and your colleagues.'

Submitted By Carla Rudder
June 01, 2020

Each month, through our partnership with Harvard Business Review, we refresh our business library for CIOs with five new HBR articles we believe CIOs and IT leaders will value highly.


Email Capture

Keep up with the latest thoughts, strategies, and insights from CIOs & IT leaders.