6 warning signs CIOs should look out for in 2024

CIOs had to navigate a labyrinth of challenges in 2023: generative AI rewrote the rulebook of technological possibility, governments started to draft new regulatory frameworks for the tech sector, and global conflicts disrupted business operations. Through it all, CIOs had to adapt swiftly.

The lessons learned will prove useful in the year to come, as CIOs steer their organizations through digital transformations against the backdrop of an unpredictable world.

“One of the biggest lessons from 2023 was the need for adaptability,” says Peter Bilyk, chief innovation officer at Ukrainian law firm Juscutum. “Companies that were able to pivot quickly in response to new technologies, market demands, or global events fared better.”

Remaining adaptable will be key as we step into 2024. “CIOs need to remain agile, proactive, and adaptive to navigate these challenges successfully,” says Michal Lewy-Harush, global CIO at cloud native security company Aqua Security.

This year, digital transformation will continue to be on everyone’s agenda, now coupled with a heightened focus on ethical considerations in light of evolving regulatory frameworks. And as organizations integrate more advanced technologies into their operations, cybersecurity should continue to be a top priority.

In the face of the challenges that lie ahead, recognizing warning signs or red flags early on could yield massive advantages for CIOs. Being visionary and agile won’t simply be a way of outsmarting competitors, it could be a survival skill.

AI is a double-edged sword

Over the past year, organizations and tech professionals have been experimenting heavily with AI. Now it’s time to take that to a new level.

“Readiness is determined by the ability to experiment, and the ability to scale what works — building this capacity is critical to be future-ready,” says Siim Sikkut, former government CIO of Estonia, who’s now managing partner at IT consultancy Digital Nation. “For tech, it means dedicated time, talent, and budget to consciously and constantly try out new things. And then mainstreaming into your business the stuff that proves valuable.”

Dong-Hwan Cho, CIO of SK Telecom in South Korea, agrees. “The introduction of GenAI across all areas of business is essential to stay ahead of the competition,” he says. However, not everything that glitters is gold. “Achieving the level of effectiveness that can fully recover the investment cost is a different dimension from seeing a great demonstration,” he adds.

Next year, organizations should refine their strategies and consider the ethical implications of artificial intelligence more seriously. “While AI is at the forefront of technological advancement, its potential for misuse and the ethical dilemmas it poses have become more apparent,” Bilyk says.

Lesia Kasian, chief delivery officer at Ukrainian software developer JEVERA, shares this viewpoint. “The business shouldn’t forget about people and social responsibility, so AI to business transformation should be planned carefully,” she says.

She also adds that organizations should be highly adaptable. “New technologies might spread with unprecedented speed and, as a result, impact business plans in unplanned manners,” Kasian says. “So businesses must be ready to adapt in a smart way. It requires effort, yet the winner catches everything.”

Swift changes in AI regulation

2023 saw a massive boom in AI, and governments are starting to catch up. In the US, President Biden rolled out an executive order on the safe and secure uses of AI, while in the European Union, lawmakers in December agreed on the details of the AI Act — one of the first bills in the world to establish comprehensive rules for AI.

So CIOs will have to follow the debate closely as the year progresses. “Staying updated with new regulations, especially regarding AI ethics, data usage, and copyright concerns, is crucial,” says Bilyk. “Ignoring these changes can lead to legal complications and a loss of public trust.”

Companies should make sure they have enough compliance experts, while startups need to hire them early on because they have to understand if and how regulations apply to them. Also, it helps if CIOs know exactly which AI-powered tools their company uses and how their in-house tools are developed. Not knowing this is a serious red flag.

“A lot of times, leadership, or the legal side, doesn’t even know what developers are building,” Joseph Thacker, security researcher at AppOmni, told CSO. “I think for small and medium enterprises, it’s going to be pretty tough.”

Geopolitical tensions might disrupt operations

As the world grapples with increasing geopolitical tensions, businesses are encountering a spectrum of challenges. It’s vital for CIOs to stay informed by keeping up with international news while also being mindful of external influences.

“The escalation of tensions between the US and China could disrupt supply chains for many companies, so it’s crucial to diversify risks to reduce dependence on these two countries,” says Bilyk. This approach is essential to maintain business continuity.

For companies with teams operating in geopolitically sensitive areas like Ukraine or Israel, it becomes even more important to have robust contingency plans in place.

“In Ukraine, the focus has shifted from adopting new technologies to preserving and enhancing the existing infrastructure due to the war’s impact,” says Sergi Milman, CEO and founder of online company verification service, YouControl.

Company culture and talent shortage

In addition, CIOs should be aware of staff turnover rates and the reasons behind them, although this isn’t necessarily part of the job description. Gaining this insight can help them identify potential problems in team dynamics or organizational culture early on. Addressing these issues can also lead to effective strategies to retain talent, thereby fostering a more consistent and efficient workforce.

In certain industries, talent shortages and skills gaps are significant challenges that organizations must navigate. “The rapid evolution of technology is widening the gap in skills, particularly in emerging technologies,” says Bilyk.

To attract and retain talent, organizations must ensure they offer a work environment that meets the needs of the workforce. Bilyk recommends adopting flexible remote work policies if possible and providing support to employees when they need it.

“Mundane tasks and ineffective processes can transform any organization into a swarm,” Kasian says. “Revision and improvement of workflows and business processes are always iterative tasks.”

She also suggests that efficiency should be a priority for companies. “New software implementation and the adoption of AI don’t make the organization operate better by itself,” she adds. “The reality pushes the business to transform itself faster. And, at the same time, the old five-year plans might not work anymore.”

Companies can’t afford to overlook security

As technology advances, the complexity and sophistication of cyber attacks increase. It’s not enough to defend against known threats. It’s also important to anticipate new trends that emerge with AI advancement.

“The risks of intrusions, corporate data theft, and attacks on infrastructure are increasing,” Kasian says. “To operate safely, organizations must preventively think about security. If the company doesn’t have a security officer and dedicated security team yet, it’s time to start urgently changing this.”

In fact, in light of rising security threats, the role of the CIO has seen a convergence with cybersecurity, says Grant McCormick, CIO of California-based cybersecurity company Exabeam. “Regardless of whether security reports to the CIO or another leader within the company, it’s in everyone’s best interest to be conscious of the organization’s security posture, and to enable IT and cybersecurity to work in a highly synchronized manner,” he says.

Sikkut urges companies to be more proactive and recommends that CIOs adopt a ‘trust-by-design’ approach from the start, integrating security and privacy protection into their business processes.

Yet, in spite of their best efforts, organizations often find it challenging to keep pace with the evolving landscape of threats. In such situations, seeking external assistance can help. Independent ethical hackers who work with platforms like HackerOne can be an option, as they’re getting better at finding and fixing risks associated with generative AI.

“More than half of the hackers within our community plan for gen AI to be a main target, and to specialize in hacking the OWASP Top 10 for LLMs,” says Chris Evans, CISO and chief hacking officer at HackerOne. “The lower barrier to entry for individuals interested in this field builds an inclusive path toward the security experts of tomorrow and a safer internet for everyone.”

Once again, the keyword is adapt. “Be aware of the unknowns around new attack vectors and new emerging risks and, by that, leave enough flexibility to change your security strategy without blocking the organization,” says Aqua Security’s Lewy-Harush.

Strategic investment in data management

Lastly, organizations need to think about how they manage their data. This means investing money and resources into reliable systems that can organize, store, and protect the information they use every day. Doing this helps them make better decisions, improves efficiency, and keeps important data safe.

“As the volume of data increases and the need for robust data management becomes critical, a red flag would be the lack of a scalable data management strategy that can keep up with the demand for instant access and insight from AI systems,” says Carl D’Halluin, chief technology officer at data storage software developer Datadobi.

Reluctance to adopt new technologies, including API-centric architectures and meshed applications, can also be an issue, he adds, because these are crucial to ensure interconnectivity and efficiency in data management.