The COVID-19 pandemic accelerated the digital transformation across most industries, giving greater visibility to the work done by the Chief Information Officer (CIO) and the Chief Information Security Officer (CISO) executives. With new technologies propelling the digital disruption, the focus of the CIO has shifted to service analysis, market reach and cybersecurity rather than running the IT department, agreed industry experts.
Digital consumption habits have changed in Mexico, with the massive migration to digital, online shopping and communication in a hyperconnected world, said Elvira Sánchez, CIO, DHL: “Ensuring the security of operations is vital and has become the main challenge for CIOs and CISOs. With the growth of cybercriminals, we invest strongly in technology, shipment protection and protection of personal data of clients and collaborators. One of the main challenges is developing cybersecurity systems for the unknown because it requires constant understanding and training of the entire organization. It is not enough to install hardware and software; you have to detect and address the true vulnerabilities of the company.”
CIO is a C-suite job title given to the executive in charge of information technology initiatives and strategy. The CIO role, which was established in the 1980s, oversees the computer systems required to support the organization’s unique objectives and goals, according to TechTarget. Initially, the CIO focused on managing technical projects and systems, leveraging technology to increase efficiency and cut costs. As storage and analysis of data grew in importance for companies, the job has evolved and CIOs now lead digital transformation initiatives, forging closer ties with the business side of their organizations.
The pandemic accelerated the transformation of retail and e-commerce businesses. For example, nationwide department store Coppel took a leap into omnichannel sales. “The challenge for digital transformation here is large. We are moving from controlled, physical environments to different channels that are public. Regarding omnichannel sales, we already do transactions via WhatsApp, mobile applications and webpages,” said Antonio Saracho, CIO, Grupo Coppel. While these systems offer greater sales opportunities to companies, these transactions become very complex and challenging for both CIOs and CISOs, he added.
The CISO is a senior-level executive responsible for developing and implementing an information security program, including procedures and policies to protect company communications, systems and assets from both internal and external threats, according to TechTarget. Besides responding to data breaches and security incidents, CISOs must anticipate new and emerging threats and work with other executives across the company to align security initiatives with broader business objectives.
“We work together with the CISO on in-depth analysis to assess risks and to carry out intelligent monitoring to understand patterns. Current challenges demand a preventive approach to problems, not just a reactive one. Cybersecurity has become a very complex career and collaboration is crucial,” said Saracho.
Cybercriminals continuously expand their capabilities to take advantage of limited security awareness among companies. With multiple attack vectors, “attackers have become more sophisticated and target victims’ weaknesses, forcing CIOs and CISOs to change strategies to face them,” said Erik Moreno, Head of Cybersecurity Advisory Services, Minsait.
The sophistication and expansion of capabilities of cybercriminals force companies to make larger investments to strengthen their cybersecurity strategies, said Heriberto Landetta, IT Vehicle Sales Marketing and Aftersales Manager, General Motors: “There are two main pillars to build a robust security strategy. First, the technical elements, which include hardware, software and firewalls to face attacks. Second, training for internal staff to handle certain emails, avoid phishing, ransomware and staying firm in the face of uncertainty. It is important that we make people see that information is the company's most important asset.”
With the emergence of new technologies and the acceleration of the digital transformation, CIOs have had to develop skills that go beyond traditional technology management. Although responsibilities of CIOs vary according to their organizations, industry and region, these executives are in charge of innovation and collaboration. They must also balance the IT budget and the motivation of their staff.
It is essential to have a robust security system that guarantees the security of data of clients, employees, third-party companies and suppliers, said Sánchez: “Nowadays, we have almost everything in the cloud and at DHL we are very strict with regulatory compliance. The protection of sensitive data is crucial to a trusting relationship with our clients. Forty-five percent of organizations have experienced some sort of attack on supply chain software.”
Cloud Computing Is Key to Democratize Innovation
Cloud computing transformed the way software is built and who gets to build it. Before the cloud, only big companies had access to the highly skilled talent and the massive hardware infrastructure required to build software products, as reported by Forbes. Cloud computing tools like Amazon Web Services, Microsoft Azure and Google Cloud Platform, among others, have democratized software development, which has become available for companies of any size and budget.
While Coppel focuses on omnichannel sales and the cybersecurity challenges around them and DHL reinforces its sensitive data protection and supply chain software security, General Motors (GM) is working on a 360-degree cybersecurity strategy, said Landetta: “With cloud solutions available, the cost is more affordable for companies, including SMEs. At GM, we are developing a cybersecurity strategy that includes our dealership network and suppliers. We want to raise the bar for them.”
As the digital transformation continues expanding among businesses, the joint work done by CISOs and CIOs is no longer delimited to regulatory compliance, said Saracho: “The digital transformation continues changing business lines and these executives are now part of the strategic teams of companies.”