Top 7 CIO challenges in 2023 and how to handle them

1. Balancing priorities in an uncertain economy

In 2023, the continuing demand among enterprises to digitalize for growth will bump into economic reality and the need to contain expenses. It's the latest incarnation of an age-old CIO dilemma.

"CIOs are once again going to be asked to support top line growth initiatives while being asked to reduce ongoing operational cost," said Ross Meyercord, CEO of Propel Software, Santa Clara, Calif.

Top-of-mind issues for CIOs will include security and moving from cloud migration to cloud rationalization and consolidation. Meyercord, who previously served as CIO at Salesforce and chief revenue officer at Pluralsight, also cited the need to revisit previous technology deployments, which the COVID-19 pandemic pressured. That means "addressing technical debt from the diving catches of the last several years, including retooling the business for a work-from-home, hybrid-workforce model," Meyercord said.

The uncertain economy will also cause CIOs to revisit and rebalance their project portfolios. Macroeconomic trends over the past few months have dictated a sharp departure from an era of cheap money and easy availability of capital to "an environment where fundamentals are important again," said Guido Sacchi, CIO at Global Payments, a payments technology company based in Atlanta.

"When we talk investment candidates for 2023 and budgets for CIOs, the priorities that the company wants to focus on are much more based on business models that can be profitable, proven and leading to ROI that is tangible," he noted.

In contrast, Sacchi said the scope is narrowing for speculative investments in areas such as decentralized finance (DeFi), which uses distributed ledger technology to handle financial transactions. Global Payments' core businesses include providing payment services for entertainment venues and educational institutions.

That said, selective investments in promising aspects of DeFi will continue, Sacchi noted. He cited blockchain applications such as stablecoin as an example. Hybrid digital commerce applications, in which a customer's experience persists across digital and physical worlds, will also see some attention.

"It's not going to be a bet-the-house type of investment," he said. "It's always a balancing act."

Dalan Winbush, CIO at Quickbase, a no-code platform provider based in Boston, also noted the changing investment climate.

"We are definitely seeing a very conservative posture around the marketplace right now," he said. "CIOs have to have more defensible budgets."

Winbush said his focus is on adopting enterprise-wide agility as opposed to digital transformation. That approach calls for providing the right framework for both process and technology to become agile and absorb the ebb and flow of business, he added.

2. Bolstering cybersecurity

The need to refine cybersecurity to deal with the latest wave of attacks is a perennial CIO focus and 2023 will prove no different. Tech managers expect to look for opportunities to automate their cyber defenses, while also focusing on the human element.

"What is high on every CIO's list is always security," said Vincent Mangiacapra, associate vice president for technology and CIO at the University of New Haven. He cited the prominence of email-based attacks and the importance of educating users on the threat of social engineering and the danger of clicking on links contained in email messages.

The key is user awareness: "That is probably where you will spend the least amount of money, but you'll get a very high return on that," he said.

Monitoring the security landscape presents another challenge and the sheer amount of data involved in identifying attacks highlights the need for automation. The university has been weighing whether to build an in-house security operations center (SOC) or hire a vendor partner. Mangiacapra said he would prefer to outsource the SOC function.

"We don't have the largest staff and to bring in people who are highly qualified in the area of security is very costly," he said.

Early next year, Mangiacapra said the IT office will discuss its needs with different security providers to assess the outsourcing option. He's unlikely to be alone in that regard. About half of senior IT professionals cited a "problematic shortage" of cybersecurity skills in an Enterprise Strategy Group (ESG) technology spending intentions survey. ESG, a division of TechTarget, also found that 63% of the IT leaders polled expected to increase spending on cybersecurity services in 2023.

But user awareness and staffing won't be the only issues next year.

Brian Jackson, research director in the CIO practice at Info-Tech Research Group in Toronto, said he expects a greater focus among CIOs, and their security colleagues, on software supply chain security. The Log4j vulnerability exposed a lack of visibility regarding the varied components within today's software, which Jackson compared to a nesting doll. A piece of software might include code of all kinds, from open source snippets to pieces from third-party vendors.

"A lot of CIOs right now don't have a detailed inventory list of their software environment," Jackson said. "That is something they will have to do."

In addition, hybrid work, which took off in 2020 with the onset of the COVID-19 pandemic, will continue to complicate cybersecurity in 2023. "Having dispersed workers adds an extra layer of security concerns for IT departments," said Bobby Cain, CIO at Schneider Electric, an energy management and automation company with U.S. headquarters in Boston.

Cloud-based collaboration and application tools are readily scalable for hybrid work environments, but may lack proper security measures. "CIOs will need to ensure their company's physical workplace, remote devices and IT networks are designed to maintain data integrity," Cain said.

3. Improving customer experience

Even as organizations focus on cost-cutting and optimization projects, customer experience will endure as an imperative in 2023. Emerging technologies are poised to shape how technology managers approach this field next year.

Generative AI services such as OpenAI's ChatGPT and Stability AI's Stable Diffusion will challenge CIOs' current crop of user and customer experience tools, Jackson said. ChatGPT is a chatbot that can write essays and other textual content, while Stable Diffusion is a text-to-image model that creates art. As consumers become familiar with such services, they will begin looking for similar experiences from the companies with which they do business.

"Consumer technology sets customer expectations that enterprises have to chase," Jackson said. "They need to figure out how to incorporate generative AI models into their operations."

Indeed, a conventional enterprise chatbot, which tries to understand customers' needs and then provides a response from an integrated knowledge base, might not measure up to the latest generation of AI.

"That will be a lackluster experience compared with these new AI services," Jackson said.

The continuing development of virtual worlds will also influence customer experience initiatives. The University of New Haven, for example, plans to look for opportunities to deploy virtual, augmented and mixed reality to boost the student experience, Mangiacapra said.

The university's College of Health Sciences, for instance, already uses a VR anatomy program. Other potential applications include building a virtual crime scene to support students studying forensics and crime scene investigation. Mangiacapra said he believes there's an opportunity for developing such an application as a joint project between the university's Henry C. Lee College of Criminal Justice and Forensic Sciences and other schools including arts and sciences and engineering.

The university, however, aims to have students become producers as well as consumers of virtual innovation. With that in mind, the school may build upon its esports facility, so students would have an adjoining place for creating gaming software. "If we decide to expand the program along with our gaming program, we would look to design a space that would consist of a competition area [and] a development area," Mangiacapra said.

4. Staying ahead of AI/ML developments

Out-of-the-box AI and the resulting rise of at-scale deployment have shifted the economics of the technology, which, until recently, involved years of costly modeling work.

Sanjay Srivastava, chief digital strategist at Genpact, a professional services firm based in New York, framed the question for CIOs as they enter 2023: "How do you transition to first truly scaled deployment of AI in the enterprise and make sure you are not a laggard and, in fact, are ahead of that game."

One test for technology managers in this transition will be putting their company's stamp on AI models such as ChatGPT that any organization can access. They must train the foundational AI model, using the company's unique data, to achieve a competitive advantage, Jackson said.

But some organizations will need to prepare themselves for that task.

"With the challenge that the enterprise has today around data quality and managing their data architecture, they are a long way from being in a position to train these sorts of models in a way that will lead to satisfying results," Jackson said.

Businesses clearing the data obstacle face another consideration: having enough talent on hand to make use of the advancing technologies. This concern marks a shift from previous years when a lack of viable tools was the key issue. Global Payments' Sacchi said cloud-native AI and ML services from AWS and Google have become "extremely good." In addition to partnering with those companies, Global Payments has begun experimenting with ChatGPT, he noted.

"The limitation was in the tools available," Sacchi said. "Right now, the limitation for us is in the human power that I can use to develop new applications."

5. Dealing with supply chain issues, rising costs

Component shortages and higher equipment costs will continue into 2023, creating obstacles for CIOs to overcome.

Networking gear has proven especially difficult to source, Mangiacapra said. The lead time to get equipment can range from six months to a year. This presents two difficulties: timing orders so they fall into the fiscal year for which funding has been allocated and hitting the installation windows when students are away.

We don't actually have the ability to invest what we had hoped to because of the rising cost.

"We don't have 12 months to do our work -- we have blocks of time," Mangiacapra said.

Those blocks amount to a few weeks at winter break and from graduation in May through August. Orchestrating IT projects amid lengthy equipment delivery timelines has been difficult, he said.

On the cost side, CIOs must come to grips with higher inflation, even though the rate is expected to decline in 2023, Jackson noted. "Even for CIOs who expect a budget increase, inflation is going to take some of the spending power out of your budget," he said.

The realization: "We don't actually have the ability to invest what we had hoped to because of the rising cost," Jackson noted.

6. Adjusting to political, social and economic change

A transition to a new geopolitical, socioeconomic order is underway and CIOs will need to adjust.

"The world is going through some major shifts," Srivastava said. "The challenge is a shifting IT model."

He cited the Russia-Ukraine war and rising tensions between China and Taiwan as examples of geopolitical tumult. Against that backdrop, CIOs will need to rethink the model in which IT was built on a foundation of leverage and run with centralized enterprise licenses, centralized IT and centralized data across regions. "We serve locations centrally, but increasingly we are in a world where we have to segment the network and the IT infrastructure," Srivastava said.

The push for decentralization isn't entirely about global conflict. Data sovereignty regulations also encourage a more distributed IT model, he noted.

Srivastava, meanwhile, pointed to the remote work transition as an example of social change affecting CIOs and how they approach technology. Sustainability also falls into this category, creating a dual focus for CIOs: Examine IT's contribution to the carbon footprint, while gathering data to help other corporate functions, from logistics to real estate, transition to a low-carbon economy.

"Much of the responsibility is coming to the CIO," Srivastava said.

Jackson also noted the increased urgency of sustainability initiatives and the central role of CIOs. He said the last five years have seen voluntary efforts among organizations setting net-zero objectives in line with the Paris Agreement. But compliance is becoming mandatory for some businesses in light of the European Union's Corporate Sustainability Reporting Directive and the United Kingdom's climate-related financial disclosure requirements, both of which emerged in 2022.

IT departments will likely be tasked with data gathering and reporting, but Jackson said he hasn't encountered any ready to take on those activities. "It is actually an unsolved problem," he noted. "CIOs are going to have a big challenge not only figuring out how to collect data, but how to get stakeholders on board and convince them this change is something that has to happen because regulations are asking for it now."

Interoperability, now and then

1:48

7. Digesting digital transformation, improving interoperability

Digital transformation went into overdrive during the COVID-19 pandemic, with companies digitalizing as rapidly as possible for survival. That earlier phase, coupled with economic uncertainty, will cause enterprises to pause and look for optimization opportunities in 2023.

"Organizations are slowing down the digital transformation push a little bit," Jackson said. "The accelerator was fully down for the past couple of years."

Now, CIOs are looking at their previous investments and determining how to get more value out of them. The task at hand: Take stock of what has changed and assess whether recently digitalized business processes actually function as planned.

Jackson said emerging process mining and discovery tools can help with this evaluation. Organizations can employ process discovery to analyze log files from enterprise applications such as ERP to find out how the business is transacting in the digital environment, Jackson said. As a result, IT managers can further improve the process.

Winbush said organizations struggle to share data across different point systems, noting the processes attempting to bridge those systems are often manual. Spreadsheets often serve as the means for data transfer. "What sits in the middle to aggregate very cumbersome processes?" he asked.

In Quickbase's case, the company takes a bit of its own medicine, using its no-code offering to create automated workflows to connect data. The company also uses adjacent tools from other vendors to help with the aggregation task.

Along with digitalized business processes, cloud-based software could also prove ripe for reassessment in 2023. CIOs at enterprises in which cloud applications proliferated in recent years now face the task of bringing them together. Research points to a strong incentive for doing so. Accenture, in a November 2022 report, found companies that achieved high interoperability grew revenue six times faster than low-interoperability organizations. The bad news: Only 34% of the companies polled operate at the high interoperability level.

Accenture defines interoperability as enterprise applications that "easily interact with each other and exchange data." The paradox of choice ranks among the key obstacles in getting there. Accenture noted most large enterprises run more than 500 applications, with the availability of myriad cloud-based offerings contributing to the overload.

However, Brian McKillips, growth and strategy lead, enterprise and industry technologies at Accenture, said he believes leadership, rather than technology, might be the most critical barrier to interoperability. Historically, each department within an organization wanted a particular piece of software to run its operations.

But today, there's a dependency among departments that didn't previously exist, McKillips noted. Where interoperability is lacking, a company's digital marketers might push advertising into a particular marketplace even after inventory runs out. The lack of communication between marketing and inventory management systems could result in the seller being booted out of the marketplace.

"There needs to be, at the CEO level and C-suite level, an understanding that these systems need to interoperate," he said.

With that C-level understanding in place, organizations must next obtain funding for integration programs. Those might operate at an organization's group level and lack ROI as individual initiatives, McKillips explained. A wide-angle view of interoperability is in order.

"When you start to look at the overall business outcomes that you can drive with interoperability, then you can unlock the budget," he said. And with the organizational and financial pieces in place, the technical component becomes much easier to solve, he added.