CIOs and CISOs shouldn't look at IT like a box of Legos

CIOs and CISOs shouldn't look at IT like a box of Legos

221 readers like this
Shadow IT CIO

With the term 'innovation' seemingly on the tip of every corporate executive's tongue it's difficult to identify those efforts that really can lead to some kind of positive change for the enterprise. Whether suggestions come from the C-suite, staff members, or vendors, the proposals need to be properly evaluated. Rick Doten, Chief Information Security Officer of DMI thinks the right way to bring innovation to life in the enterprise is to lead rather than follow.

"Innovation is unfortunately more rare in the enterprise than we’d like. The reason is the industry has productized the process, and IT and Security management are being led by the product vendors to identify what is needed and how to use it. What should happen is for IT and Security leaders understand their IT and security goals based on the “business” requirements, not technical requirements.

"These are unique to each organization. They then must ask questions to understand “what technology do I need to have to allow my organization to perform their business requirements?” Then “What questions do I need to know to understand if these systems, networks, and applications are secure?” At that point you go research and find technology and develop processes to answer those questions.

"Doing it that way, you will discover there might be a gap in a technology, which you will need to develop a capability to meet your needs. Or you might search to find a unique little company that isn’t widely known, who developed a capability that solves that requirement. As a CISO, many of my technologies are from small firms, who I then can assist in their product roadmap that will both improve their product, and align with my requirements.

"I view innovation starting at the top, with a leader who wants to do what’s best, not just what’s available, then he or she pushes that approach down to technical staff to research, develop or acquire, test, implement, and manage it. But like I said, most folks look at IT and Security like getting a box of Legos and following the directions to put them together. Instead of thinking first what they want to make, and considering all building media options to be able to create it."

Scott Koegler practiced IT as a CIO for 15 years. He also has more than 20 years experience as a technology journalist covering topics ranging from software and services through business strategy. He has written white papers and directed and published video interviews.

7 New CIO Rules of Road

CIOs: We welcome you to join the conversation

Related Topics

Submitted By Stephanie Overby
October 16, 2019

You may think everyone knows what big data is by now, but misconceptions remain. Get expert advice for discussing big data in plain terms with colleagues, customers, or any audience.

Submitted By Abbas Faiq
October 16, 2019

IT chief Abbas Faiq shares DevOps lessons learned, from change management to training, on PTC's road to faster software releases

Submitted By Carla Rudder
October 15, 2019

Leaders know that every person on a team has different motivators and pain points. Learn how to work with - and bring out the best in - everyone on your team with these books.


Email Capture

Keep up with the latest thoughts, strategies, and insights from CIOs & IT leaders.