Home » Blog » The Role of CIO and IT

The Role of CIO and IT

  • by

This is a little of topic, but coming from an IT management background, I think it’s relevant:

IT Consumerization, the Cloud, and the Alleged Death of the CIO

I agree there will always be a place for the CIO, and in turn, the IT department, even while tech gets consumerized.  One thing sort of missing, or rather given some short shrift, from the link above is an explanation of policy and security.  Sure, integrations will always carry with them increased flexibility in terms of handling certain security protocols and policy.  And, as time wears on with BYOD (Bring Your Own Devices, for the uninitiated, and, by extension, bring your own apps), security policy will meld and simplify around a multi device universe.  In short, security policy will itself become a bit more commoditized and consumerized.  But right now, it’s still the role of the CIO, and by extension, the IT department, to implement, maintain and enforce this policy, which I would rank as quantifiably the largest area of risk of all.

Funny how, to this end, open source apps have finally pushed some forms of pay model out and heralded not the era of open source, but the era of integrations and layered policy!

In an interesting segue, fabled security expert Bruce Schneier talks to TechCrunch about the idea of security and the relationship economy.  The consumerization of IT and related devices mirrors the phenomenon of scalable trust on the internet.  Trust is now a delegated resource, something we as consumer will likely see more of (Scheier’s example is eBay delegating trust for a slew of consumer merchants).  Trust, and by extension security, as a commodity, can be outsourced only to the extent that organizations are willing to comply to certain standards of trust and security.  For instance, there are trust standards for organizations providing IT services to government regulated agencies.  The standards are usually very comprehensive and they are well documented.  How much can organizations offload the security and trust model, thus offloading risk, to outsourced entities remains to be seen, but it introduces even more opportunity for IT in the enterprise, for the foreseeable future.