The state we’re in

This summer, we have produced our third annual CIO Report. Ahead of the official publication date, LEE GANLY, our CIO here at Acora, shares his own thoughts on the main findings, the lessons learned, and what the next 12 months might have in store.

For the third consecutive year, we reached out to CIOs and other IT leaders in organisations across the UK to get a sense of the challenges they’re facing now, and how they see things developing over the coming months.

Not surprisingly, we focused primarily on hybrid and agile working. Although it’s starting to feel as though we’ve always worked like this, organisations in general and IT teams in particular are still learning about the practicalities of delivering it, especially at scale. Our survey suggests that while the initial, immediate difficulties have largely been overcome, two issues remain unresolved, and are actually growing in importance.

Perhaps not surprisingly, the one that really leapt out for me was cyber security – specifically, how do we put the right software, people, systems and other controls in place to ensure protection, while enabling users to work seamlessly and productively. In the hybrid working context, there are obvious concerns around remote access to SaaS applications. These are now in-scope for Cyber Essentials; combined with the increasing salience of cyber insurance, this is focusing minds on compliance, certification and supply-chain auditing as never before.

But there’s another, potentially even more daunting issue facing IT leaders. The move to hybrid working has shone a hot white light on the criticality of the user experience. Yet almost everyone we asked – a whopping 96% – told us they can’t take steps to improve it for one devastatingly simple reason: a chronic lack of actionable data.

In an age where we can produce and access reams of data about practically anything, this is pretty staggering. The key word is ‘actionable’. Very often, organisations have the wrong data because they’re still using the wrong tools – KPIs, CSAT – which almost entirely exclude the user experience. For us, this is a strongest possible argument in favour of the experience-level agreement (XLA), which provides real-time, empirical intel about how people are actually consuming your technology. That intel feeds into business cases for investment, provides insights into technology adoption, helps you triage support services and, over time, ensures every user is receiving the best possible experience.

So what lessons did I take from the survey? Firstly, that we’re all going to need to prioritise, invest, and align enhanced cyber security with a framework or certification. This is a basic requirement of doing business, since it’s increasingly being written into service contracts, and part of an ever more restrictive cyber insurance market.

And secondly, we have to leave behind the reactive mindset that got us through the worst of the pandemic and start thinking about hybrid working proactively and long-term. We need to equip our teams, users and wider organisations for this new world we now inhabit. The technical challenges are just beginning; but the main thing we’ve learned over the past year is that we, and our teams, are more than up to the task.