- CIOs must be prepared for a volatile business environment in 2023, mitigating risks while simultaneously pursuing new growth opportunities with the right strategies and tactics.
- CIOs need to adopt technological trends that help the organization deliver value better and faster to compete in the digital economy.
- CIOs must build a structure to protect the organization from volatility and lay the foundation to thrive.
- Like a chess grandmaster, CIOs must play both sides of the board. Emerging technologies present opportunities to attack while protecting from a volatile board state is a requirement.
- It’s the role of the CIO to push the organization harder. While maintaining existing technology, they must set goals for technology to support the business to move faster and perform better. To enhance existing capabilities and create new ones.
Impact and Result
- Use the data and analysis from Info-Tech's 2023 Tech Trends report to inform your digital strategy.
- Discover the seven trends shaping IT's path in 2023 and explore use cases for emerging technologies.
- Hear directly from leading subject matter experts on each trend with in-depth case study interviews.
After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this blueprint and what our clients have to say.
Average $ Saved
Average Days Saved
South African Reserve Bank
Thinking like a chess grandmaster
Upon being defeated by IBM’s Deep Blue computer in a multi-game chess match in 1996, reigning world-champion and highest-ranked chess player in history Gary Kasparov cried foul. He accused the IBM team of cheating, saying that Deep Blue was in fact a Mechanical Turk of sorts, that humans were performing the job and not a machine. A documentary, Game Over: Kasparov and the Machine, was made detailing Kasparov’s accusations in 2003. But more than a decade later, Kasparov reflected on his experience differently in his 2017 book Deep Thinking. He retracts the cheating accusation and instead asserts that the moment was a watershed for artificial intelligence. In choosing to not reject technology’s capacity to beat him, he also embraces its potential to augment his capabilities when used as a tool.
“If we feel like we are being surpassed by our own technology it’s because we aren’t pushing ourselves hard enough, aren’t being ambitious enough in our goals and dreams,” Kasparov writes in the book. “Instead of worrying about what machines can do, we should worry more about what they still cannot do” (MIT Technology Review, 2017).
Technology leaders can sympathize. Like chess grandmasters, CIOs must strategize to defeat their opponents. Emerging technologies present opportunities to attack. Move your pieces the right way and you might establish a dominant position to support a victory. Defending the king is a constant concern, as the competition is constantly threatening to defeat you. Protecting from a volatile board state is a requirement.
Move the right pieces in the right way and win the day. Make a mistake and you risk toppling the king. Tech leaders must be prepared to respond to a range of different scenarios in a volatile business environment.
It’s the role of the CIO to push the organization harder. While maintaining existing technology, they must set goals for technology to support the business to move faster and perform better. To enhance existing capabilities and create new ones. They must test the limits of what machines still cannot do.
Make your move
Last year’s Tech Trends report focused on the capabilities organizations would need to compete in a digital economy. We are continuing that theme this year with four trends that are focused on helping the organization deliver value faster and better. At the same time, we’re considering the volatility of a world dealing with several major crises simultaneously. Organizations need to protect themselves from that volatility in order to thrive. So, we have three trends focused on the risks all organizations will face in the year ahead.
In Tech Trends 2023, we consider how technology leaders can attack opportunities while protecting the organization from the risks posed. We’ll consider which capabilities will help organizations respond to each trend in our CIO Priorities 2023 report to be published later this year.
CIOs would do well to heed Kasparov’s advice. If they fail to protect their organizations, crying foul play won’t help lessen the impacts of defeat. Better to focus instead on how to work with the machines and push harder toward achieving goals in collaboration. CIOs need to be ambitious and ready to make their move to push their organizations ahead.
The research effort for Tech Trends 2023 is driven by our Trends and Priorities survey receiving 813 total responses from IT professionals between August 9 and September 9, 2022. See our methodology section for a full demographic breakdown of the survey. Each trend features a case study with an expert that is on the cutting edge of the trend, with Info-Tech conducting the interviews directly.
Info-Tech’s design team created the visual elements of this report using AI-image generator Midjourney. See our generative AI trend to learn more about the creative potential of this emerging technology.
“Like a chess grandmaster, CIOs must play both sides of the board. Emerging technologies present opportunities to attack, while protecting from a volatile board state is a requirement.”
Attack New Opportunities
Industry-Led Data Models
Sustained Digital Processes
Protect From Volatility
ESG Analytics and Reporting
A platform that combines multiple technologies to enable social and economic activity in a digital world that is connected to the physical world.
AI can be trained by feeding content into generative adversarial networks, transformers, and variational autoencoders to create new content that’s meaningful to people.
AI investment on the rise
Generative AI is a type of semi-supervised machine learning that uses neural networks to create new content or interpret complex signal information. By training the models with a large amount of content, they can be made to generate new works like what people would create.
The uses for generative AI go beyond creating imagery. It could help businesses with predictive maintenance or improving cybersecurity analytics. It could help generate new ideas for drugs or assist in quality analysis and medical diagnoses.
AI is picking up steam with more organizations adopting it in 2023. According to our survey, AI will receive the most net-new investment by organizations by the end of 2023. While 35% of organizations say they have already invested in it, 44% of organizations say they plan to invest in it next year. With a 9% change between committed investment and planned investment, AI leads all technologies, followed by data lake at 5% and data mesh at 5%.
The change between organizations that are planning to invest in an emerging technology and those who have already invested in it.
Artificial Intelligence (AI) or Machine Learning Data Lake / Lakehouse Data Mesh / Data Fabric Blockchain Quantum Computing Next-Gen Cybersecurity Mixed Reality (Augmented or Virtual Reality) 5G Robotics
9% 5% 9% 4% 3% 3% 2% 1% 0%
-1% -1% -2% -2% -5% -16% -23% -24%
Internet of Things (IoT) Biometrics Edge Computing No-Code/Low-Code Platforms ESG Metrics Reporting Workforce Management Solutions Application Programming Interfaces (APIs) Cloud Computing
signals AI used to unearth insights and handle repetitive tasks
By the end of 2023, most businesses plan to use AI for business analytics or intelligence, with 65% saying they will do so. Also, 63% of businesses say they will use AI to automate repetitive and low-level tasks. Other uses feature a clear drop-off after that, but the next-most popular use for AI is to identify risks and improve security.
By the end of 2023, which of the following tasks will involve AI at your organization?
Business analytics or intelligence 65% Automate repetitive, low-level tasks 64% Identify risks and improve security 43% Monitoring and governance 34% Conversational AI or virtual assistants 33% Augment operational staff in their decision making 28% Sensor data analysis 27% Financial planning and analysis 20% Content creation 16% Define business strategy 12%
Generative AI can play a role in enhancing each of the top three use cases of AI. Many businesses struggle with making use of unstructured data for analysis. Generative AI can interpret that data and transform it into structured data. That not only renders it usable in analytics but trainable for robotic process automation (RPA). Generative AI can also detect anomalies in network and application behavior, aiding security systems in identifying threats.
We also asked what AI governance steps organizations have in place today. New legislation in various jurisdictions, including Canada and Europe, are defining new rules around when and how AI can be applied. Organizations that are using AI in situations that governments determine to be high risk will be required to do more to mitigate risks. Yet today, 55% of organizations are doing nothing to govern AI. As more organizations invest in AI and start applying it to more decision-making processes, IT leaders should be putting governance structures in place before they’re made to do so by new regulations.
drivers Data needs to be collected and synthesized
The NEED TO MANAGE UNSTRUCTURED DATA
In the age of data collection in hope of becoming more data-driven in their processes, organizations are grappling with how to manage unstructured data. Unstructured data is the majority of data collected, describing everything from written communications to images to presentation decks. Basically, everything that’s not in a database or spreadsheet. Without AI to make sense of it, businesses can’t search this information and turn it into actionable insights.
NOT ENOUGH DATA
In some areas of business, the problem is a lack of the specific data they need to train an algorithm. The medical field often faces this problem because of the sensitivity of patient data. One solution to this problem is to create synthetic data: data that is generated by AI that closely approximates a real example of that data. Synthetic data is being used today to train various AI algorithms, from models that will detect brain tumors on an MRI scan to self-driving cars.
DESIRE TO COMPETE
Organizations are increasing their spending on AI because of the potential benefits it offers. It can augment workers to do more work more quickly, reducing costs by automating away more tasks. It can help discover new products more quickly and increase revenues. With more commercialized options available to deploy generative AI and more organizations investing, those that don’t invest may fall behind.
Attack opportunity – protect from risk Harness unstructured data, stay ahead of regulators
Augment your workforce
Some workers may fear that AI tools will replace them. Send the message that like any other tool, AI is meant to augment the work of people. With the availability of AI tools to consumers through the web, workers will start tapping into them for help with their work whether IT is involved or not. Consider how to help support a plan that is best aligned with the business and avoids potential risks.
Use synthetic data to improve your own AI models
If training specific models could be useful for your business for tasks like quality control or building customized marketing campaigns, then generating synthetic data could help accelerate the training of those models.
Make sense of unstructured data
Turn the volumes of unstructured data you collect and store into a useful asset. Use AI to read data stored in images, communications, and other content and translate it into a format that can be properly deciphered.
Beware of biased results
Society has ingrained biases, and since AI is trained on data from the real world, it will be biased as well. Being intentional about the data sets that train algorithms can help with this, and testing should be employed to uncover biases.
Put governance in place now
New legislation being developed in Canada and the European Union focuses on mitigating risks for high-risk AI applications. Draft legislation suggests requirements to use AI models that are explainable, to monitor deployed AI to ensure it’s behaving as expected, to conduct impact assessments on AI, and to publish clear explanations of how AI is intended to be used and what predictions it makes.
Consider ethical implications
Adopting a commercial AI tool that was trained on data of unknown origin may prove problematic. After image generators became popular in 2022, some artists complained that they’d never given permission to have their art used to train the AI models and that their own work was being devalued as a result of so many people using their style to produce new images. Getty Images banned the sale of AI-generated images on its service due to concerns about the legality of the images and their copyright (Ars Technica, Sept. 2022).
Attack opportunity – protect from risk Harness unstructured data, stay ahead of regulators
Generative AI causes controversy
When considering the risks of adopting AI, consider some of these AI controversies covered by the media in 2022. How could your organization avoid receiving unwanted attention like this?
In April, OpenAI releases its DALL-E 2 image generator, which produces biases that reinforce stereotypes. For example, women were more likely to be depicted as nurses, and men were more likely to be depicted as builders. OpenAI releases a fix to improve its image diversity, but then users find it is less accurate at turning their prompts into useful images (NBC News, 2022).
In June, Google engineer Blake Lemoine claims that chatbot LaMDA is sentient and publishes an existential conversation he had with the bot to the web. He is later fired (Washington Post, 2022).
In August, Jason Allen won Colorado State Fair’s fine arts competition with a piece generated using AI image generator Midjourney, titled Théâtre D’opéra Spatial, stoking controversy among artists (The New York Times, 2022).
case study From existential crisis to exciting collaboration
“I asked myself ‘How can I have authorship in this process when the rendering is done by a computer?’ The answer was that I viewed it as a collaboration with the AI.” Rob Sheridan
Art Director, Co-Founder
on his experience testing AI image-generating bot Midjourney
AI lab Midjourney launched its first product, an image-generating bot only accessible through Discord, to private beta in the first quarter of 2022. Similar to other AI-powered image generators like OpenAI’s DALL-E 2, it took any text prompt and produced an array of images. Midjourney’s illustrative aesthetic made it eye-catching, and it was soon featured on the June cover of The Economist.
While it was in private beta, the Midjourney team reached out to established visual artists to invite them to try the tool. Among them is Rob Sheridan, an American graphic designer best known for his work with the Nine Inch Nails, producing album cover art and other accessories for projects like Year Zero. In his first weekend of using Midjourney, Sheridan found himself in an existential crisis pondering what it meant for his role as an artist. “How can I have authorship in this process when the rendering is done by a computer?” he asked himself.
Sheridan responded by probing the limits of the AI image generator tool, testing the boundaries of where it would take his preferred genre of horror. After sharing some attention-getting results of his efforts to Twitter, Midjourney responded by banning terms like “body horror” from the platform. Sheridan doesn’t agree with the censorship. “Art is not just about beauty, that’s not a unilateral thing,” he says. “Beautiful is horror imagery to me. But it’s their platform so they can decide.”
Despite the disagreement, Sheridan moved on from his initial reaction to Midjourney and used it for a new project, Volstof Institute for Interdimensional Research. A graphic story told on Instagram and Twitter, it’s a found materials narrative that’s firmly in the horror genre, with visuals of dilapidated laboratories, tentacles, and skulls. As Sheridan created more of the work, he began to appreciate the tool. “I love the flawed, messed-up aesthetic of it,” he says.
The project helped him come to terms with the implications of AI-generated imagery. He viewed the Volstof project as a collaboration between himself and the AI. He let the boundaries and parameters of Midjourney help guide his process and take the idea in new directions. The project has a modest following on social media but has been covered by the media, and some observers suggested the narrative would be fitting for a video game.
Sheridan also used Midjourney to produce elements for designs he sells on T-shirts and paraphernalia on his e-commerce store. While Sheridan doesn’t allow the AI to design everything on a new t-shirt, he did use it to create some characters that he incorporated into the design. “It’s exciting and I feel I can take some authorship of it,” he says. He points out that having the tool opened the door to him creating the designs on a whim, when otherwise he might not have invested time into following through on the idea.
Sheridan’s advice to other artists is to adapt to the new set of tools. Art directors should be excited because they can now prototype designs more quickly, he says. “I can prototype something like Volstof without having to hire a team of artists or investing the time it would take me to do it manually.”
Illustrators can use the new tools as an extension of their own brains, he says, and eventually even train algorithms to mimic the style of their own work.
Don’t just look at all the problems with the new technology and dismiss it or demonize it, he advises. Film photographers that reacted that way to digital photography and photoshop were quickly pushed out of the market for the new standard that customers expected. While there will no doubt be problems to solve with Midjourney and other similar tools, it’s better to discuss how to solve those problems and work with technology providers. After all, in Sheridan’s view, the medium is not the message. “Having a good vision is more important than owning an expensive piece of equipment,” he says. Likewise, having a good vision will serve artists well as the unimaginative churn out volumes of banal imagery.
what’s next? Every creative field will be impacted by AI
OpenAI’s stated mission is to pursue artificial general intelligence. As a result, it has several types of AI projects in progress. On Sept. 21, 2022, it released to open source Whisper, a neural net that can recognize English speech with human-level robustness and accuracy. It encourages developers to use Whisper to add voice interfaces to their applications (OpenAI, 2022).
Identifying a user through digital data minutiae of how they move a mouse or what network their smartphone is connected to at the moment is now possible with AI-developed fraud prevention algorithms. The smallest details can be added up in an algorithm that predicts the risk of fraud on any given transaction and flags it for further inspection by a human (IT Business Edge, 2022).
Non-technical workers will be aided in creating new applications with AI-powered tools that write the code for them. GENIO is one example, described as a low-code software development program. It can generate code in both modern web architectures and back-office solutions. In a Facebook post, Meta CEO Mark Zuckerberg wrote, “It’s much harder to generate video than photos because beyond correctly generating each pixel, the system also has to predict how they’ll change over time.” Currently no one is allowed access to the model outside of Meta (The Verge, Sept. 2022).
“It’s much harder to generate video than photos because beyond correctly generating each pixel, the system also has to predict how they’ll change over time.”
Meta unveiled its Make-A-Video system on Sept. 29, which allows users to type in words to describe a scene to generate a video several seconds long that matches the prompt.
Also important to watch will be the progress of new legislation to regulate AI. Bill C-27 is currently scheduled for a second reading in the House of Commons and could progress into law by the end of 2023. The EU-proposed regulation on artificial intelligence is expected to take longer to pass into law. So Canada may end up being the first jurisdiction to pass AI regulation to law in the world (McCarthy Tétrault, 2022).
recommendations and resources Train your own AI and experiment with it
Experiment with new generative AI tools
Whether it’s using Midjourney to render the art of your entire flagship content piece, as Info-Tech has done with Tech Trends 2023, or using Github Copilot to help you through the next few lines of code that you write, begin building awareness of the different AI-powered content creation tools available. Expect workers outside of IT to start using them on an ad hoc basis and consider how you might support them or mitigate potential risks.
Curate your own data sets to train generative models
Generative AI models come ready to imitate the artistic style of Picasso or the sound of The Beatles, but they won’t be ready to create specific content that is relevant to your organization. Luckily, it can be trained to do so with a robust enough source of input data. Consider what data you currently own that is a value differentiator and think about how to prepare it to train an AI model.
Develop an AI center of excellence
Group together the best AI talent your organization has access to on a centralized team. Have them examine processes and determine where AI can be used to create the most value.
Legal Professional Services Artificial Intelligence Report
It should come as no surprise that AI has gained traction in the legal professional services industry, as the benefits and return on investment (ROI) of AI is readily apparent. Automation of manual tasks, such as filing, categorization, document creation, and billing, is among the most visible benefits of AI, but this is just the tip of the iceberg.
Get Started With Artificial Intelligence
Use this blueprint to understand what AI really means in practice and to get started with your AI explorations to harness its transformative power.
AI and the Future of Enterprise Productivity
Artificial intelligence (AI), as a collection of techniques rather than a singular technique, sits at various levels of expectation and deployment – with some applications commonly deployed in enterprises for years and others just emerging.
Industry-Led Data Models
Industry-specific expertise is helping turn data collection into insights, pushing more back-office operations to find analytics-driven efficiencies, and creating new revenue-generating opportunities.
Data value is defined by the insights it yields
The promises of big data have been harped upon for the entire 21st century, giving rise to an industry of data-collection and analytics services. Clear examples of data-driven business models are well known in the technology sector, with the rise of Netflix based on its watch recommendations algorithm, Amazon’s e-commerce dominance based on its personalized search results, and Facebook’s success in the ads market thanks to behavioral advertising algorithms. Yet that success proved more difficult to translate for other industries with more established business models.
“Industry insights are increasing the value of enterprise data.”
Legacy technology was one point of friction, with data being trapped in silos and hard to report on or compare against. But even when that problem is overcome by modernization efforts, converting data analysis into actionable insights is difficult. Technology vendors don’t always understand the important factors to report on for their customers in complex business environments like healthcare or manufacturing. Recognizing this shortfall, solution providers are now collaborating with industry to drive the insights needed to increase the value of enterprise data.
After AI, the two technologies gaining the most momentum in new investment are data lake or lakehouse and data fabric or mesh, with both seeing a 5% increase in the number of organizations planning to invest in 2023. These platforms facilitate better access to enterprise data and enable real-time reporting. To achieve data-driven decision making, organizations must iron out the friction in their data analysis process.
The focus around big data has been on the four V’s model: volume, velocity, variety, and veracity. Now the fifth V, value, must be considered.
The change between organizations that are planning to invest in an emerging technology and those who have already invested in it.
Artificial Intelligence (AI) or Machine Learning Data Lake / Lakehouse Data Mesh / Data Fabric Blockchain Quantum Computing Next-Gen Cybersecurity Mixed Reality (Augmented or Virtual Reality) 5G Robotics
9% 5% 9% 4% 3% 3% 2% 1% 0%
-1% -1% -2% -2% -5% -16% -23% -24%
Internet of Things (IoT) Biometrics Edge Computing No-Code/Low-Code Platforms ESG Metrics Reporting Workforce Management Solutions Application Programming Interfaces (APIs) Cloud Computing
signals Value is driven by cost-savings and product enhancements
The most popular ways for organizations to determine the value of their data demonstrate how industry-specific expertise comes into play. Seventy percent of organizations determine value based on the improvements made to existing products and services. Also, 65% of organizations determine value based on how effectively the data helps reduce operating costs.
Without the right industry expertise, you can’t understand the variables in play in improving a product or what’s relevant to operational overhead throughout a value chain.
How do you determine the value of data in your organization?
How much value-add the data brings to existing products and services 70% How effectively the data helps us reduce costs in operations 65% How effectively the data helps us acquire new customers 51% How effectively the data helps us increase spend in existing customers 38% How much we are able to sell the data for directly 11% Other 9%
Perhaps that’s why most organizations look to build their own data analysis tools. According to survey results, 41% of organizations build their own data analysis with in-house staff. Another 28% both build their own tools and buy tools to support analysis.
What best describes your organization’s approach for data analysis?
Organizations want to put their own industry expertise to work in designing analytics to provide the right insights. But by taking on the task of building the tools, they are likely missing out on best-in-class approaches honed by technology vendors with refined analytics products and services.
Driving the most value from data requires a best-of-both-worlds approach that combines industry expertise with best-in-class analytics tools.
drivers Storage is cheap and sharing is easy
An ecosystem of applications and services that includes SharePoint, OneDrive, Google Drive, and Dropbox and offers APIs and integration opportunities for developers to enhance their products. The ease of integration with little or no additional effort on the part of developers leads to more data being collected more often and stored away in various caches, both locally and in the cloud. With the cost of storage so low it may as well be free, there is no friction in stowing away data if there is any chance it could be useful.
Data analytics vendors are integrating AI capabilities into their tools that help solve challenges around deriving value from data, for both management and insights. On the management side, tools help automate the preparation, integration, cataloging, and quality review aspects of data. On the insights side, AI-driven tools are more adeptly generating visuals that make data interpretation easy.
New ways to share data
Data managers are using new platforms to aggregate enterprise data in a way that makes it more accessible. Users can see real-time updates of the data rather than requesting reports on historical data, enabling more timely decision making.(Info-Tech LIVE 2022, 2022 Data and Analytics Trends)
Attack opportunity – protect from risk Graduate from analytics to insights, formalize data governance
Identify new lines of business
Refining data to the point that it’s driving unique insights can yield new revenue-making opportunities. An organization may recognize the need for a new product to suit customer needs or determine there is an opportunity to target a different type of customer. In some cases, the data itself may be valuable enough to sell in a data-as-a-service model.
Partner with technology providers
Identifying a vendor or solutions provider that’s trying to enter a new industry can be an opportunity to partner with them. Combining your organization’s industry expertise with a technology services approach can yield new business models and help solve your own problems.
Turn analytics into insights
Go beyond creating a dashboard of analytics for the business and embed analytics into your business process. Determine where and when to surface a data-driven insight to the user so it is most likely to be acted upon.
Establish a formal data governance capability
It’s rare for organizations to have a data governance process implemented, according to our survey, with just under one in five organizations saying they had implemented a data governance process or better yet fully automated it. Without a formal data governance strategy, businesses will be exposed to risks including compliance challenges, negative customer experiences, and reputational damage.
What best describes your organization’s approach toward data governance?
case study Turning “no-shows” into no problem for healthcare providers
“Healthcare has a lot of challenges that can be solved with better use of analytics. But oftentimes analytics companies don’t understand the complexities with which healthcare organizations operate.” Victoria Gregorio
Director, Center for Discovery,
Innovation and Development
Children’s Specialized Hospital
In the US, the healthcare industry suffers from a problem around patients not showing up for scheduled appointments. These “no-shows” cost the industry $1.5 billion annually. At the organizational level, a typical hospital will have a no-show rate between 15 and 30 percent.
Children’s Specialized Hospital in New Jersey was no stranger to this problem, seeing about one in every five appointments result in a no-show. Not only was this costing the organization tens of thousands of dollars per year, but it meant its resources sat idle and patients did not receive care.
The hospital’s innovation arm, the Center for Discovery, Innovation and Development, was looking for an opportunity to make meaningful change in the healthcare industry with analytics. It settled on no-shows as its target problem to solve.
“We’re in a world of healthcare worker shortages and burnout,” says Victoria Gregorio, the innovation program lead at Children’s Specialized Hospital. “Wait lists are longer than before and with no-show solutions, we could use that information to fill up those appointments and reduce the wait lists. It could reduce burnout too.”
Analytics solution provider and SAS partner Pinnacle Solutions was also trying to address the no-shows problem. But its customers weren’t seeing the value in its analytics solution. So, it partnered with one of its customers, Children’s Specialized Hospital, to form a joint venture in Predictive Healthcare Solutions.
The hospital brought the industry insights that Pinnacle needed, says Elizabeth Stack, chief sales and relationship officer for Predictive Health Solutions. “We as a tech company could have never made the robust solution we have in place today without the insight of those who understood the healthcare industry.”
The hospital team helped Pinnacle understand how to communicate the value of the solution. They had to go beyond mere cost savings and address the improvements made to the patient experience. The analytics were built into the daily operations of the hospital so they could be actionable. Not only on a patient-by-patient level but at a strategic level as well.
They also collaborated on refining the no-show prediction model itself, with the hospital providing insights on what variables were relevant.
The Children’s Specialized Hospital and Pinnacle solution splits the revenues evenly from their joint venture. Predictive Healthcare Solutions bills clients based on the number of appointments they are booking, allowing the solution to scale from a small independent provider to a large multi-location hospital.
“We’re about making the data that healthcare organizations already have actionable,” Gregorio says.
Each customer is provided with a tailor-made algorithm to predict the no-show appointments accurately for their situation. The type of healthcare delivery and whether it is in an urban or rural setting are a couple of examples of factors that can change how the predictions are calculated. A process is also put in place to ensure the model remains accurate.
“We don’t just rely on the technology,” Stack says. “Once it’s deployed, we have a process in place to talk about what’s happening from a people, process, and technology perspective.”
The solution is being used at the Children’s Specialized Hospital as well, across 12 different outpatient locations, helping to reduce wasted costs and deliver better healthcare results.
what’s next? AI-powered data value pipelines
New AI capabilities will help organizations at every step along the way to turn their data into value. Agile governance that is flexible enough to adapt to organizational change will become automated governance, entrenched in organizational processes and actively adapting to changes in the environment. Data fabric architecture will play a role in delegating governance.
Natural language processing and generative AI will also play a role in storytelling for analytics. Allowing users to ask for data in plain language instead of complex database queries, then representing it in a beautifully rendered chart or graph will help individual users realize insights. Metadata management will be a key aspect to making this type of experience a reality.
Data as a Service
Data mesh architecture will align data sources by business domains, allowing data owners to create data products for their domains. This approach will change back-office mindsets around data as a resource to aid them in decision making. In certain cases, organizations will identify data products to make available to an external marketplace for monetization.
The total amount of data created, copied, and consumed globally is predicted to increase at a rate of 19% annually and will reach 180 zettabytes by 2025 (Info-Tech LIVE 2022, 2022 Data and Analytics Trends).
recommendations and resources Partner externally and align internally
Look for industry-fit analytics providers
If you’re looking to procure an analytics solution, consider how your competitors or other organizations in your industry are doing it. If you find several successful examples involving the same vendor, it’s a good indication that vendor is already mature in providing analytics to your industry. If you don’t find one, you’ll have to consider a different route.
Partner with analytics providers
If you are developing your own analytics solution for the organization, consider seeking a technology partner with competency in analytics. You may have a good understanding of the insights your organization needs, but rendering them accurately and reliably is a specialized skill in itself. Partnering with a solutions provider may lead to other opportunities down the road.
Construct a scalable data foundation
Align your data analytics approach with the business by letting business capabilities guide your data identification. Then design data practices to deliver insights and a data architecture that can scale with demand.
Build Your Data Practice and Platform
The complex nature of data investment leads to de-scoping and delivery of data services that do not meet business needs or give value to the business. Subject matter experts are hired to resolve the problem, but their success is impacted by absent architecture, technology, and organizational alignment.
Connecting to data should be as easy as connecting to the internet. This is achievable if all organizations start participating in the data marketplace ecosystem by leveraging a Data-as-a-Service (DaaS) framework.
SoftwareReviews: Data Integration & iPaaS category
Data integration software combines data from different sources, databases, data warehouses, and apps to provide a unified view. Integrated Platform as a Service is a solution that enables users to develop, execute, and govern data processes. Evaluate top vendors in the market and understand their ability to satisfy customers with our reports with data from real software users.
Sustained Digital Processes
Ensure your organization is executing the digital transformation it planned with business process mining and discovery.
Digital transformation is a journey, not a destination
Like a chess grandmaster that wants to stay on top of the world rankings, organizations that have achieved a digital transformation will find it takes dedicated commitment to continuous learning and review to sustain their new stature. In last year’s trends report, we explored how the pandemic accelerated digital transformation, particularly among industries previously considered laggards. The impact of those efforts is that most customer interactions worldwide are now digital.
Companies made big investments into digitalizing tasks and processes to get to a position where they can run the business more efficiently and effectively. Those that pursue digital transformation soon learn that it’s a transformation that doesn’t have a definite final state but is instead an evolutionary process without end. Effort is needed to sustain its momentum, as are new tools and ways of working.
Based on our survey data, more companies may now be through the initial rush of digitalization and into the next phase of sustaining their efforts. Last year, more organizations were likely to say they’d digitalized more than 20% of their processes, with eight in ten IT professionals saying so. In our survey this year, seven in ten respondents say they digitalized between 0-20% of their processes in the past year.
Most organizations have finished making their early game moves to set up the board. Now they are ready to execute on sustaining their strategic advantages.
To what extent did your organization shift its processes from being manually completed to digitally completed during the past year?
signals Digitalization must lead to optimization
When we asked what motivation they had to pursue automation, increased staff focus on high-level tasks was the most popular answer with 69% of respondents. A little more than two-thirds of respondents also saw that increasing productivity of staff without increasing headcount is a motivation. Only 35% say the motivation is a cost savings by reducing headcount.
To achieve what they set out for, organizations need to go beyond merely digitalizing processes and seek to optimize those processes. Digitalization sets up a process to be probed with process mining tools that can examine how processes are executed and determine what actions affect key performance indicators. These tools are bottom-up approaches that capture and document processes as they are executed.
Using event logs, process mining can enable process automation by detailing exactly how current processes are run. Process mining can enable better productivity by identifying unnecessary steps in a process and removing them altogether. Organizations may identify employees that need to be retrained after years of following a legacy process that is no longer relevant (AI Multiple, 2022).
What best describes your main motivation to pursue automation, above other considerations?
Increase staff focus on high-level tasks by automating repetitive tasks 69% Increase productivity of existing staff to avoid increasing headcount 67% Reduce errors made by people 59% Improve customer satisfaction 52% Cost savings through reduction in headcount 35% Increase revenue by enabling higher volume of work 30%
signals Digitalization must lead to optimization
During the pandemic’s early phase, jurisdictions limited in-person activities to constrain the spread of the virus. This shifted many in-person activities to digital very quickly and organizations had to respond by serving their customers in that context. Delivering services on digital channels meant also reworking business processes and systems to a more modern approach. As most jurisdictions have now ended limitations on in-person gatherings, organizations that transformed are looking for ways to sustain the value they created from their investments.
More centralized log files
Investigating organizational activities through digital log files can only be done if there is consensus on which log files represent reality. Legacy ERP systems stored data in separate silos and made this type of analysis too difficult. New approaches to ERP that unify data stores on a single platform open up the possibility of establishing a single source of the truth.
Do more with less
It may as well be every CIO’s mantra. In 2023, with an economic downturn expected and organizations struggling to hire talent in certain areas, there is pressure to make the existing workforce more productive by removing wasteful processes and automating repetitive, low-level tasks.
signals Digitalization must lead to optimization
Improved back-office efficiency
If willing to adapt processes based on the findings of process mining, organizations will be able to continually improve. Employees can be trained with real feedback data and positive outcomes will reinforce best practices.
Reach consensus on KPIs
Rather than stakeholders disagreeing on what key performance indicators (KPIs) should be used to indicate their success, reach a consensus that’s based on evidence. Having everyone in pursuit of the same goal is half the effort of sustaining digital transformation.
Drive transparency and objectivity
Business process mining provides visibility into actions as they were executed, bridging the gap between expectations and reality. This allows for the detection and reconstruction of digital roadmaps or business workflows in phases and helps build consensus around a source of the truth.
Just because a process mining tool surfaces a flaw in execution doesn’t mean that everyone in the business will agree. Accepting that a tool that examines log files can direct how business processes should be run means accepting best practices as determined by people. Plan to meet different levels of friction as the organization implements the practice and accept that some stakeholders will take more convincing than others.
Standalone solutions get iced
Purchasing a standalone solution that examines the log files of your ERP system provided by another vendor runs the risk of changes in compatibility. As ERP providers look to add their own process mining capabilities through in-house development or acquisition, they could make changes to their log files that make them more difficult to access or read by a third party. Think about future support scenarios when selecting a solution.
The results produced by the BPM system is dependent on past entry logs by employees in the ERP or SAP system. There are certain parts of the business process system that are conducted offline and don’t have entry logs within the system. If the quality of data is poor, it will be reflected in the results produced by the BPM. It is important that quality check methods are implemented at different stages of the business cycle to ensure best results.
case study Albemarle’s digital transformation shifts to value realization
“ERP has grown in capability and size but it hasn’t had a big paradigm shift since the ‘90s. Digital process mining is the next disruptive and major technology that can change all ways of working like ERP did.” Jim Richards
VP Business Systems
Charlotte, NC-based chemicals producer Albemarle Corp. counts more than 5,900 employees and generates $3.3 billion in revenue. In 2017, its CIO initiated a three-tier digital transformation strategy. Stage one solidified the fundamentals of infrastructure and security. In stage two, the focus was on modernizing from its on-premises SAP systems into a unified SAP S/4HANA cloud environment while avoiding unnecessary process customizations.
Across 5,000 global users, Albemarle was able to use 95% of standard processes in the new platform with zero code modifications. It migrated from a legacy and multi-silo backend to a single platform in the cloud in a period of just 18 months. The technology project and change management was complete, and sustaining the transformation became the next goal.
In stage 3, the focus shifted to value realization from operating on the new platform. That’s when Albemarle started considering using business process mining (BPM), a technique that uses event data to show what people and machines are really doing and when that veers from the desired process.
“We wanted to be able to check on our standard processes and stay on the standard path. Ultimately, our sustainability depends on if the users are following the processes. That’s what brought us to look at BPM,” says Jim Richards, vice president of business systems at Albemarle Corp.
To pursue BPM, Richards first created the accountability structure in his organization. As the lead on enterprise business systems, he already had five directors reporting to him on SAP deployments across the organization. After considering using a Center of Excellence approach to focus on BPM, he decided to instead use talents of the business systems analysts group. The digital technology manager started reporting directly to Richards. That position would be responsible to build up the BPM expertise in the group and eventually train other analysts on the competency.
Albemarle considered a couple of vendors in the space but ultimately selected Celonis, a Munich-based data processing firm started in 2011 and rated as one of Germany’s most-valuable private companies. Celonis reads the change logs generated by SAP. From there it is able to report on how employees took action to complete a specific process and in what order the steps were taken. The software can then check that execution against the agreed-upon process that was drawn up on the whiteboard.
“What is our happy path? Is it the standard process that we thought it was? It’s about helping users follow the right process,” Richards says.
To get started with the new tool, Richards partnered with Albemarle’s order to cash group. The group was not meeting some key performance indicators like on-time delivery and order confirmation dates.
Richards learned that it was important to educate experienced team members on the new tool and how it would help improve their processes.
Digital process mining gained traction with the order to cash group by drilling down into the data and exploring the reasons behind why some suppliers were not getting order confirmations. Albemarle connected the problem back to the inventory that it had available to promise. In oversold situations, it is necessary to confirm orders against planned production. So to improve the process, a new planning project was put in place to integrate the different departments involved and allow order confirmations to be done more reliably.
The proof of concept with the tool was effective and Celonis was soon deployed to other areas of the business. For example, it examined its hiring process, which was taking an average of about three months to complete. Background checks were taking too long to complete, and Albemarle decided to change its vendor in that area.
Richards finds overall that BPM is helping make the new standards put in place during the company’s digital transformation effort more sustainable. “People that just want to get their job done tend to want to move away from the standard,” he says. Managing against that urge is “a combination of change management and training.”
Albemarle will continue to expand its BPM footprint. It plans to roll it out to its transportation logistics across road, ocean, and rail planning in 2023. Richards’ team will partner with business and process owners to implement Celonis with them.
what’s next? The biggest thing since ERP
Two sides of sustaining digital
BPM is being enhanced by AI and more often bundled with emerging process discovery tools. Process discovery is the other side of the coin to process mining, a top-down approach to monitor users. The tools provide the most effective mechanism to sustain a digital transformation investment and stand to impact every area of business operations. Gone will be the days of drawing out a process on a whiteboard and hoping managers can coax employees into following it. Instead, software will visualize processes as they are really executed. This will help organizations identify candidates for automation, hone their automated processes, and avoid conflicts between processes.
The market for standalone process mining tools has seen triple digit growth since 2018 and is expected to continue that trend in 2023. Now more vendors that are established with ERP or robotic process automation (RPA) solutions are also looking to add the capability through building it out themselves or acquiring other software developers. Expect software-as-a-service providers to integrate the capability into their offerings. These vendors will benefit from the familiarity with their own log files, allowing for tighter integration of the tools.
BPM will also extend out to capture manual activities in warehouses and factories, translating human behaviors into a digital log that can be examined for opportunities to discover best practices and eliminate errors.
Organizations seeking new automation opportunities will use process mining to help. The tools address process documentation gaps and inaccuracies and help build a funnel of automation candidates. Process mining and discovery help to streamline automation after the pilot is completed.
Recommendations and resources Mind your gaps and socialize new ways to realize value
Identify your tooling gaps
Map out how your organization operates and highlight the pain points around value delivery and productivity. Determine where tooling is under and over used. Understand the objectives in taking stock of your processes: is the aim to improve efficiency, create a business continuity plan, or both?
Ask your vendor about their plans
Before acquiring a standalone solution to create your process mining capability, ask your ERP vendor if they have plans to incorporate one in the future. Using a solution designed by the same vendor that designed the log files might lead to better results. Or you may learn that you only have to wait for the capability to be added rather than spending more on a different vendor.
Socialize the practice of process mining
While process mining and discovery tools will automatically surface the deviations from standard process and visualize it for you, that’s not of value in itself. Managers have to be able to take the results to their employees and explain what was learned and how to fix the issue identified. Understanding that this quality assurance step is a part of the ongoing effort to improve productivity should become ingrained in organizational culture. Staff might perceive that their personal activities would be tracked on a corporate computer when they are not, so address privacy concerns clearly.
SoftwareReviews: Business Process Management
A BPM system helps to design, model, formalize, document, and automate business processes and make their execution more efficient. It allows companies to manage entire business process lifecycles, model scenarios, and discover opportunities.
Digital Transformation Center
As we emerge from the pandemic, your choices range from blindly turning everything back on to rising to the challenge of building a resilient organization that can thrive in a digital economy.
Build a Winning Business Process Automation Playbook
Apply good practices to first optimize and then automate key business processes. Take a user-centric perspective to understand how users interact with technology to complete their tasks. Maximize the learning of automation solutions and business operational changes through small, strategic automation use cases. This sets the foundations for a broader automation practice.
ESG Analytics and Reporting
Preparing for a heightened regulatory environment with timely and accurate reporting on ESG metrics.
The era of non-financial reporting requirements begins
In 2023, public companies will be required to report on their carbon emissions by financial regulators in the UK, EU, US, Canada, and elsewhere.
“...a majority of IT professionals expect to support environmental mandates but are not prepared to accurately report on their organization’s carbon footprint.”
We identified the shift from voluntary to mandatory reporting on ESG metrics such as carbon footprint in last year’s report. But with various financial regulators around the world either implementing those reporting requirements or moving closer to doing so, many organizations are still behind on this issue. According to our survey, a majority of IT professionals expect to support environmental mandates but are not prepared to accurately report on their organization’s carbon footprint.
Is IT planning to support any environmental, social, or governance (ESG) mandates at the organization in the coming year?
Yes, we are supporting environmental mandates (e.g. reduce carbon emissions) 56% Yes, we are supporting governance mandates (e.g. improving diversity on the board of governors) 45% Yes, we are supporting social mandates (e.g. improving people’s access to food) 37% No, we are not supporting any ESG mandates 25%
Regulatory pressure to report on carbon emissions is building around the world:
International Financial Reporting Standards board received responses to draft climate reporting regulations and has several meetings planned to discuss. Once completed, the standards will be implemented by many countries.
U.S. Securities and Exchange Commission received feedback on its greenhouse gas emissions reporting requirements for ESG funds on August 16 and could put the proposals in place by the end of 2022.
The European Union received feedback on its European Sustainability Reporting Standards in August and plans to submit a first draft to the commission by the end of the year.
The UK made its Climate-related Financial Disclosure Regulations law in January 2022, and they were enforceable as of April.
signals IT is committed to ESG but not confident about it
Despite the commitment to support an ESG initiative, less than one quarter of IT professionals say their organization can accurately report on the impact of its ESG initiatives, and 43% say their reporting on impacts is not accurate.
Reporting accuracy was even worse for reporting on carbon footprint, with 46% saying their organization could not report on its carbon footprint accurately. This is despite most IT professionals saying they are working to support environmental mandates.
How accurately can your organization report on the impact of its ESG initiatives?
More specifically, if it was required to do so, how accurately could your organization report on its carbon footprint?
DriversAn urgent need to act to avert disaster
The increase of greenhouse gases in Earth’s atmosphere has caused global annual average temperature to increase 1.1°C since the start of the industrial revolution. The temperature is projected to rise further and cause many negative impacts including droughts, species extinctions, and an increase in extreme weather events. To mitigate the damage, the United Nations is calling on governments to work to stop adding carbon dioxide to the atmosphere by 2050 (The New York Times, 2021).
Investors are not satisfied with voluntary ESG reports that can’t be compared between companies. In an analysis that compared the corporate reports and the Climate Disclosure Project responses of 56 tech companies, researchers found a gap of 391 megatons of carbon emissions. Of which, 202 megatons came from supplies consumed, and 189 megatons came from products sold to market (Nature Communications, 2021). Millennials are the demographic group that are most concerned with ESG investing and are the largest demographic behind investing and are still growing, standing to inherit trillions in wealth over the next decade.
Mandatory rules for ESG disclosures are arriving in multiple jurisdictions worldwide. Regulators recognize the need for consistency across jurisdictions, and we are seeing the regulators converge on using the recommendations of the Task Force for Climate-related Financial Disclosures (TCFD) when drafting disclosure requirements. The ISSB’s General Requirements and Climate Standards are also based on the recommendations of the TCFD. Other jurisdictions may adopt rules that are more stringent.
Attack opportunity – protect from riskBrief the boss, study the staff
Brief senior executives and the board on the imminent requirements for ESG reporting. Develop your voice of leadership on the issue in the organization.
Assess your entire stakeholder landscape to ensure you have a fulsome understanding of your data needs. Conduct a gap analysis to identify the primary data you will require to satisfy all your stakeholders.
Consider where you can leverage current data management infrastructure and governance practices (e.g. financial reporting (SOX), OTC derivative reporting).
Study the ESG solutions market. Understand what technology will help deliver accurate reporting of carbon emissions.
Examine market-based opportunities. Organizations that are already carbon negative may stand to profit by selling carbon credits to jurisdictions with a cap-and-trade system.
Prepare IT’s ESG budget. Funding for delivery of new reporting capabilities is needed in 2023.
Assess staff readiness to adjust to ESG reporting requirements.
Examine project priorities to ensure organizational alignment with new ESG mandates.
case studyWalmart’s net-zero mission is backed by science
“What do you do as far as influencing your vendor partners in your sourcing team to make those sustainability decisions? Because at the end of the day, 80% (of the device carbon footprint) is really belonging to them.” Denise Wallace
Director of Technology Support
for Logistics and Client Services
Walmart’s corporate head office started its Regenerative Initiative in 2017. The goal is to be carbon negative by 2040, meaning it is reducing more emissions than it is creating. Walmart is working with the Science Based Targets Initiative to measure and reduce its emissions in three categories:
Emissions directly created from Walmart’s buildings. Walmart is planning to start using low-impact refrigerants and to scale use of renewable energy.
Emissions created from its fleet. Walmart purchased a fleet of Tesla trucks and is committed to a 100% renewable energy fleet by 2028.
Supply chain emissions both upstream and downstream. Walmart’s Project Gigaton incentivizes suppliers to report on reducing emissions and offers calculator tools to support them.
With its corporate goals for ESG set, Walmart Canada is creating its plan to align with the strategic pillars and begin reporting on efforts made to curb carbon emissions. In IT, the challenge is to develop a baseline set of metrics for the impact of devices on overall carbon footprint.
Reporting on real-time data for each deployed device will be a challenge because of the variables. User behavior and power supply source are just a couple of the metrics that must be considered.
After the emissions of operating devices are considered, the emissions of manufacturing the devices are still left to be considered. Walmart will have to work with its vendors to determine the impacts.
Denise Wallace is a part of Walmart Canada’s regenerative tech team, and is working to create a baseline set of metrics for handheld devices and PCs as a primary focus. Walmart will work with suppliers Dell and Zebra to understand the footprint of their devices. “I’m going to find out what I’m consuming when I’m operating those devices.”
Wallace’s team will break down the data by region and by domain once it’s compiled. Then her team will look at what measures can be put in place to reduce the emissions from devices. For example, device power saving policies could be put in place.
what’s next?Multiple jurisdictions following IFRS standards
There has been a great deal of consolidation between standards bodies in the last year. The publication of two draft standards by the International Sustainability Standard Board (ISSB) in March 2022 could influence how mandatory disclosure regimes evolve. The advantage to the industry of this standard is that the ISSB framework is modeled after the IFRS’s accounting rules, which are widely adopted, enabling organizations to leverage existing infrastructure and consistent performance reporting across financial and non-financial risks (IFRS).
In the US
In 2023, the SEC will require large, accelerated filers – companies with more than $700 million in the hands of public investors – to start capturing information on climate disclosures to be filed in 2024. Filers that have $75-$700 million in public investment will start capturing information in 2024 and file in 2025. Small reporting companies will start capturing information in 2025 to be filed in 2026 (Federal Register, 2022).
In the EU
The EU Corporate Sustainability Reporting Directive was adopted in October 2022. Companies “start reporting under the [directive] starting in 2024” (reporting in 2025 on 2024 data). It applies “to all companies listed on the EU regulated markets except for micro-companies. Small and medium-sized enterprises (SMBs) have until 1 January 2026 to comply with the report requirements.” An opt-out clause could buy some companies time until 2028. The estimated impact is that “49,000 EU companies will be required to report on sustainability information in the future, compared with 11,600 companies at present” (EY, 2022).
“For non-European companies, the requirement to provide a sustainability report applies to all companies generating a net turnover of €150 million in the EU and which have at least one subsidiary or branch in the EU. These companies must provide a report on their ESG impacts, namely on environmental, social and governance impacts, as defined in this directive” (Council of the EU,2022).
recommendations and resourcesSocialize the new reality and prepare to report
Understand the pending regulatory shift and how it will affect your organization. Educate your executives and board about the risks.
Conduct a gap analysis
Identify the data gaps that will prevent you from satisfying all stakeholders. New SEC requirements around ESG reporting requires electronic tagging of climate-related disclosures to iXBRL. Survey solutions will help fill those gaps.
Prepare to report
Start doing the upfront work required to surface the data needed to report on your organization’s carbon footprint in a way that will satisfy external auditors. Shore up your supplier relationships and start the discussion on how they can help you report scope 3 emissions – those which are created by the products and services that you consume and that you sell.
ESG Disclosures: How Will We Record Status Updates on the World We Are Creating?
Read this executive brief to learn about the upcoming environmental, social, and governance (ESG) reporting mandates, what to do to prepare for them, and what they mean for IT.
The ESG Imperative and Its Impact on Organizations
An organization’s approach to ESG cannot be static or tactical. It is a moving landscape that requires a flexible, holistic approach across the organization. Cross-functional coordination is essential to be ready to respond to changing conditions.
SoftwareReviews: ESG Reporting category
Find and compare vendors that offer solutions to help manage your operational data, evaluate your impact on the environment, and provide reporting to perform audits.
The shift from securing network boundaries to a focus on verifying users, assets, and resources.
Zero trust means full access at the bare minimum
The number of software supply chain attacks over the past couple of years is on the rise and the impacts are serious. State-sponsored criminal actors are seeking to disrupt critical infrastructure by targeting software that is widely used in the industry. These groups have the sophistication and resources to identify zero-day vulnerabilities. Attacks of this nature have proven disruptive to critical infrastructure such as gas pipelines and government services such as public transit. The exploits are used to deliver ransomware payloads or other malware.
To defend against the threat vector, the industry is turning to the concept of a “zero-trust network.” The original concept was formally established by security researcher John Kindervag in November 2010 when he authored two whitepapers. Its three core concepts held:
- There is no longer a distinction between a trusted and untrusted interface on security devices.
- There is no longer a trusted and untrusted network.
- There are no longer trusted and untrusted users. (Infosecurity Magazine, 2019)
In the US, President Joe Biden responded to the rising software supply-chain attack threat by requiring federal government departments and agencies to adopt zero-trust architecture as defined by the National Institute of Standards and Technology. This security model acknowledges that threats exist both inside and outside traditional network boundaries. It requires continuous verification of the operational picture using real-time information from multiple sources to determine access and other system responses.
“With attacks continually on the rise, a zero-trust security model acknowledges that threats exist both inside and outside traditional network boundaries. It requires continuous verification from multiple sources to determine access and other system responses.”
“In essence, a Zero Trust Architecture allows users full access but only to the bare minimum they need to perform their jobs” (White House, 2021).
Government and critical infrastructure may be the targets of these campaigns, but they’re not the only victims. Any organization that uses the affected software suffers collateral damage. Once an exploit for any widely used piece of software is available, other financially motivated hackers will use it to target a wide array of potential victims.
IT professionals are most concerned their organizations will be disrupted by cybersecurity incidents compared against other potential sources of disruption. Slightly more than half of respondents said it was likely or very likely that a cybersecurity incident will disrupt their business in 2023. Disruption from new government-enacted regulation was the area of next-most concern with 40% saying it was likely or very likely to disrupt business.
Percentage of respondents who said likely to disrupt their organization in 2023
Cybersecurity incidents 50% Government-enacted policy change 40% Regulatory changes 34% Established competitor attains better market position 21% New player enters the market with unique value proposition 18%
signalsZero trust implementation on minimal resources
Despite their high concern with cybersecurity incidents disrupting their business, IT professionals identify a couple of major challenges that will prevent them from with dealing with the issue in the year ahead.
Shortage of talent
First of all, organizations may not have the grassroots talent nor the executive awareness required to deal with cyber threats. According to our survey, 54% are concerned that talent shortages will lead to capacity constraints in cybersecurity. Another 46% are concerned that cyber risks are not on the radar of the executive leadership or board of directors. These two cybersecurity issues were the top concerns of professionals above all others, ranking just ahead of supply chain risks related to cyber threats.
IT professionals are more worried about their internal competency issues than they are with the actual threat itself at the moment. Unfortunately, it doesn’t look like they’ll receive new resources to change matters.
Rate how concerned you are about each of the following cybersecurity issues:
Talent shortages leading to capacity constraints in cybersecurity 54% Cyber risks are not on the radar of the executive leaders or board of directors 46% Supply chain risks related to cyber threats 43% New government or industry-imposed regulations 39% Changes to cyber insurance policy 39% Organization is not prepared to respond to a cyber attack 38% IT/OT security convergence 37% Lack of compliance with external frameworks (e.g. NIST, ISO) 34%
The second concern is that many organizations will not have more budget to help surmount their resourcing issues. While slightly more than half of organizations (53.5%) indicate they will increase the amount they spend on security next year, many will be either spending the same amount as in 2022 (41.5%) or decreasing spending (5.1%).
For the next fiscal year, how do you anticipate your organization’s spending on cybersecurity will change compared to the previous year?
driversCostly recovery from cyber warfare’s collateral damage
Heightened geo-political tensions
Modern warfare is more likely to see opponents wield cyber threats than guns or tanks. When conflict does become a full-fledged assault, cyber attacks preempt the physical attack to destabilize the enemy first. Before Russia’s tanks rolled into Ukraine, its cyber attacks compromised Ukrainian critical infrastructure and disrupted communications networks (Canadian Centre for Cyber Security, 2022).
Cost and consequence of recent breaches
Breaches have become more expensive as ransomware payloads are a popular choice among cyber criminals motivated by profit. Paying a ransom to regain access to organizational data and systems is a common outcome. After cyber insurance providers started hiking rates and requiring more security controls be in place to qualify for their coverage, the cost of insurance against such attacks is also higher. Successful attacks also cost an organization that suffers downtime related to an attack. Often days or weeks can pass before an organization is able to make a complete recovery from a network breach.
Complexity of software supply chains
It’s difficult for organizations to even know exactly what software is deployed in their environments, and therefore, from which known vulnerabilities they suffer exposure.
Attack opportunity – protect from risk Gather external resources, assign accountability
Open-source frameworks and tools are free to use
Developers looking to build modern security approaches into their software don’t need to spend money or hire a security engineer. Open-source solutions such as Sigstore and frameworks such as The Update Framework provide solutions to protect against software supply chain attacks.
Make use of government resources
Federal governments in many different jurisdictions are recognizing that poor cybersecurity poses a risk to a country’s critical infrastructure and economic productivity. In response, many offer cybersecurity centers that provide security alerts, guidance on improving cybersecurity, and tools and services to help.
Make security a feature
Avoiding data breaches and being proactive on cybersecurity protections can improve your organization’s reputation. In a time when most consumers have seen their personal information breached multiple times, promising them a secure experience is valuable.
Apply an enterprise risk management framework to cybersecurity
This is an effective way to assess how cybersecurity is managed by the organization as a whole. Fundamentals common to these frameworks establish the capabilities needed to support the organization in managing risk, determining its appetite for risk, and determining risk severity and priority.
Designate a CISO
If the organization doesn’t already have a role that is accountable for cybersecurity and is at a high enough position in the firm to clearly communicate to the board of directors in an unimpeded manner, it’s time to create that role (ISACA, 2022).
Get the board involved
New regulations being introduced by the SEC require organizations to demonstrate how their board of directors effectively manages cybersecurity risk. That means the board must include expertise in cybersecurity or hire expert advisors.
Case Study Edgeless Systems secures its software delivery pipeline
Edgeless Systems caters to customers in industries that deal with highly sensitive data such as financial services and healthcare. Its Constellation solution allows companies to use public cloud resources in a secure fashion by using a Kubernetes cluster built on virtual machines to offer confidential computing – an environment where computing can be done securely without risk of interception or snooping by a third party.
Aware of the recent risks seen in the software supply chain, Edgeless Systems wanted to improve the security of its own solution for customers. Existing approaches to providing this type of assurance involve working with existing certificate-issuing authorities. But that process requires managing highly sensitive keys and is cost prohibitive.
Instead, Senior Security Engineer Fabian Kammel suggested using Sigstore, from The Linux Foundation. Available both as a service and as an open-source repository, the Sigstore solution combines three components to sign code, verify signatures, and monitor activity. Meant to provide security for open-source software, Edgeless Systems deployed it for Constellation’s command line interface and the measurements of its node images.
Using Sigstore meant Constellation didn’t have to invest in key management. All that’s required is a way to prove you own the email account you’re using to sign the software. The developer simply logs in and signs their code. “It’s great, helping the average Joe make software more secure,” Kammel says.
Sigstore brings together three different services in its solution: Fulcio, Cosign, and Rekor. Fulcio signs the code, Cosign verifies the signatures, and Rekor monitors the activity using a publicly available and transparent log. The combination of services creates a safe chain of custody for open-source software in one seamless package.
In addition, Constellation also implemented The Update Framework (TUF), which is hosted by The Linux Foundation. It helps developers maintain the security of their software update systems against attackers who aim to compromise the core repository or signing keys. TUF adds verifiable records using metadata that can be used to authenticate update files. It works in the background of a software update system in an automated fashion.
“We are selling a security product, so we need to make sure that between when we build the product and when it reaches the customer, no one attacks it along the way.” Fabian Kammel
Senior Security Engineer
Edgeless Systems has protected its client base against attacks that alter its code base between the repository and compilation. It’s further assured them that the updates they receive will not be altered to be an older version in disguise, leaving them open to discovered vulnerabilities. It eventually chose to switch from Fulcio to a key-based certificate management authority, but Sigstore is flexible enough that it can still use the other two components for signing and verification.
“Our product aims to remove the cloud provider from the trusted compute base … therefore we decided having a long-term private key better suits our security concept,” Kammel says. “I am very happy with Sigstore’s architecture, they decoupled their features nicely. So, I still get the benefit of using Cosign and Rekor while bringing my own key.”
Despite its sponsorship from large companies, Sigstore makes clear it’s currently run on a best-effort basis. So, the threat of the service not being available one year from now may scare away some enterprises. But the way to mitigate that risk is to simply download the Sigstore open-source code and run the service yourself.
“Once we get the integration of all these different tools, we can get a very secure software ecosystem over the next few months or years,” Kammel says.
Whether the integration will be achieved on a widespread basis is the big question.
what’s next? The rise of confidential computing
In Info-Tech’s 2021 Tech Trends report, we featured the self-sovereign cloud trend. The concept is that organizations will look to maintain the maximum control over their infrastructure even as they extend out into cloud environments. One way they will achieve this is with a new type of architecture that allows data to remain encrypted while being processed. Previously, end-to-end encryption meant that data was encrypted only while at rest and while in transit. Now it can be encrypted while in use. The capability is now being broadly referred to by confidential computing. Using a trusted execution environment for processing that is software defined, confidential computing will be a public cloud enabler for many highly sensitive industries such as healthcare and government.
The Linux Foundation formed the Confidential Computing Consortium in 2022, attracting membership from major technology providers: Arm, AMD, Cisco, Google, Huawei, Intel, Meta, Microsoft, NVIDIA, Red Hat, and VMware, to name a few.
Many new confidential computing solutions are coming to market as well. Edgeless Systems, featured in this trend report’s case study, is one of them. Hyperscale cloud vendors are offering their customers confidential computing environments and a growing list of vendors such as Fortinet, Anjuna Security, Gradient Flow, and HUB Security are providing solutions. One estimation sees the confidential computing market growing as fast as 90% per year to a value of $54 billion by 2026 (Everest Group via VentureBeat, 2022).
recommendations and resources Put high effort into zero-trust security
Determine your organization’s zero-trust readiness and clarify the benefits of zero trust for the organization. Not everyone can achieve absolute zero-trust environments, but everyone can adopt its methods.
Create a roadmap with prioritized initiatives that will improve your zero-trust architecture. Deploy zero trust to the most relevant protect surfaces first.
Identify the progress metrics that will illustrate your evolution from a perimeter-based defense to a zero-trust model. Reports on progress should be made directly to the board of directors or top executive decision makers.
Determine Your Zero Trust Readiness
Assess your current state and determine the benefits of adopting zero trust to help plan your roadmap.
Build a Zero Trust Roadmap
Move from a perimeter-based approach to security toward an “Always Verify” approach by creating a zero-trust strategy and the roadmap to deploy it.
Assess and Govern Identity Security
Learn how to assign identity security roles and responsibilities, inventory your identity types and repositories, assess your identity security threats and mitigations, and build an identity security architecture.
Be proactive about an economic downturn by aligning IT spending with business priorities.
Does a recession always require a concession?
In addition to all the new technologies that could yield innovation and all the risks that IT must work to mitigate, a financial risk to the IT budget looms for 2023. An economic downturn threatens to diminish IT’s resources. That diminishes the degree to which IT can pursue growth opportunities and can offer protection from regulatory burdens and bad actors.
“An economic downturn threatens to diminish IT’s resources. That diminishes the degree to which IT can pursue growth opportunities and can offer protection from regulatory burdens and bad actors.”
A majority of economists are predicting that a recession will take hold in many regions in 2023 or sooner. The root of the problem is that demand for certain products and services is higher than can be supplied. This is putting inflationary pressure on prices, particularly energy prices. Central banks around the world responded during 2022 by hiking primary interest rates, but the pace of inflation hasn’t slowed as much as they hoped. Rates are likely to go higher yet in 2023, making capital more expensive. At the same time, GDP is slowing or declining worldwide.
Despite the negative signals, most IT professionals expect their budgets will increase in 2023. Fifty-five percent of respondents anticipate a bigger budget next year, with 28% expecting an increase between 6% to 15%, and another 8% expecting an increase between 16% to 30%.
IT professionals in the US are more optimistic than their international counterparts. Seven out of ten expected a budget increase in 2023, compared to 55% for the global average.
Looking ahead to 2023, how do you anticipate your IT spending will change compared to spending in 2022?
Decrease of more than 30% 2% Decrease between 16-30% 3% Decrease between 6-15% 5% Decrease between 1-5% 5% No change 19% Increase between 1-5% 27% Increase between 6-15% 28% Increase between 16-30% 8%
signalsNew technology investment plans remain strong
During the short recession that followed the onset of the pandemic in 2020, many firms were spending on IT budgets out of necessity. Non-essential workers couldn’t gather in the office and needed the capability to work from home. Businesses that still relied on in-person customer interactions were motivated to open up digital touchpoints instead. It appears that experience is influencing IT professionals to expect continued investment during the next recession as well.
Out of 621 respondents, only six indicated they were not planning to invest in any new technologies by the end of 2023. Areas that are most popular to invest in for 2023 include cloud computing (58%), AI or machine learning (44%), data lake / lakehouse (41%), application programming interfaces (APIs) (41%), and next-gen cybersecurity (39%).
IT departments are still planning to invest in the technologies to pursue their digital transformations and protect their organizations’ new digital infrastructure.
Cloud Computing 58% Artificial Intelligence (AI) or Machine Learning 44% Data Lake / Lakehouse 41% Application Programming Interfaces (APIs) 41% Next-Gen Cybersecurity 39% No-Code/Low-Code Platforms 31% Workforce Management Solutions 29% Internet of Things (IoT) 28% Robotics 18% Edge Computing 16% ESG Metrics Reporting 15% 5G 15% Data Mesh / Data Fabric 14% Mixed Reality (Augmented or Virtual Reality) 12% Biometrics 11% Blockchain 10% Quantum Computing 5%
driversInflating prices, shrinking workforce
Signals: Indicators that a recession may occur
Many governments responded to the pandemic’s disruption to the economy with a new money supply. This drove more demand for goods. Meanwhile, China’s zero-COVID policy hampered manufacturing in the region, limiting the supply side of many goods. Russia’s invasion of Ukraine caused commodity prices to soar, causing costs to balloon even more.
The pandemic created an employee’s market as employers found it hard to hire the talent they wanted and keep them engaged. Productivity did not keep up with the upward trend and this further contributed to inflation as companies’ overhead costs increased.
The post–World War II population boom period is now expressed as a large demographic bulge of senior citizens. Workers must support a larger proportion of retirees, who also require more healthcare attention. Older people also tend to save more as they prepare for retirement, translating to less money fueling growth. (The Economist, Oct. 2022)
Counter Signals: Indicators that a recession may not occur
The share of working-age people who are currently working is at an all-time high in many developed countries.
Consumers feel good about their personal finances and are confident about paying off debts. They are still spending.
The price of oil peaked in mid-2022 and then slowly retreated. If it continues downwards in 2023, there will be less inflationary pressure. (The Economist, July 2022)
Attack opportunity – protect from riskIdentify champions, negotiate with vendors
Demonstrate how IT projects improve efficiency
If a recession affects your company’s fiscal outlook and budgets are being trimmed, an IT leader can justify their spending by demonstrating that it will yield a high return on investment. Enabling workers to do their jobs faster or better with less resource commitment will be desirable at a time of belt-tightening.
Find champions for IT investment
A well-aligned IT department should be supporting business development initiatives. To highlight the value of IT spending, recruit an executive that leads another line of business to acknowledge that IT’s support is crucial to their success.
Retire highly customized legacy environments
Investing in new IT initiatives is possible even when the overall budget is reduced. CIOs must find ways to remove wasteful spending on maintenance of non-standard processes and customized environments that consume resources. Doing this can sometimes be difficult because the business is hesitant to change. Use any budget tightening measures as a directive to take action despite those fears.
Know your organization’s position in the business cycle
Whether it’s preparing for an economic downturn or participating in an industry sector expansion, understanding where your business stands in the cycle will help you determine your IT budget posture. The longer you have to plan, the more strategic you can be. The less time you have, the more reactive you must be.
Forge strategic relationships with vendors
Avoid creating too many transactional relationships with vendors at low spend if possible. Instead, spend more with one vendor that can deliver many different capabilities to your organization. This will give you opportunities to negotiate better prices and earn the vendor’s ear on what product features to add next to meet your needs.
Control asset costs
Avoid rising costs of software maintenance by rationalizing your applications and ditching the tools you don’t need. Put off upgrades and hardware refreshes that won’t provide a differentiating advantage. Review contracts with service providers and determine which should be renegotiated, canceled, or suspended.
case studyComing to grips with budget cuts
Gary Davenport is a board member of the Information and Communications Technology Council in Canada and a former National President of the CIO Association of Canada. With two decades of experience as a CIO in the private sector, Davenport has seen his share of budget fluctuations during recessions or otherwise.
On his first day as CIO of a telecom firm, Davenport attended a meeting with the company’s leadership and learned that a 20% cut was necessary across all departments – including IT. He was so new to the role that he hadn’t even reviewed the IT budget yet.
“As soon as you successfully achieve the level of required improvements for the current recession cycle, it will be time to start planning for the next one.” Gary Davenport
Director at Large
CIO Association of Canada
Davenport fell back on his framework for financial management, which focuses on five areas:
- Managing the demand of IT services
- Managing the supply side
- Using new technology to replace costly legacy technology
- Managing internal productivity: seeking to improve internal skill level and to do more with less
- Streamlining operations: optimizing organizational structures and controls
“Strategy drives structure, not the other way around,” he says.
He also made use of his IT leadership team, calling a meeting to tap into their familiarity with the organization. Davenport understood IT wouldn’t be treated differently from other departments in the organization and didn’t waste any time arguing against the cuts.
Davenport assembled his IT leadership team and some extended staff members for a brainstorming session. He was up front about the request from management and by the end of the session he had enough good ideas to put together a plan. He went back to management the next day with his approach while other departments remained in denial.
“Productivity versus reactivity was my learning,” he says. “That’s what CIOs should be doing, get in front of the inevitable changes in funding that you come across.”
The plan to cut 20% of the IT budget didn’t remove resources from Davenport’s team. Instead it removed budget from the supplier side. The team rationalized its software tools, ending licenses of tools that no longer served a useful purpose. They changed how their third-party hosting services were billed to attenuate fees paid for peak demand capabilities.
On the organization side, the structure was streamlined as Davenport flattened the management structure. He reduced the number of people reporting him from nine to five. He points out that lower value positions aren’t always more junior positions. Organizations tend to continuously add new jobs and positions without taking away, so an opportunity to revise structure can reduce redundancies.
Davenport says that despite the overall budget cut, he was able to invest into certain areas of IT. He increased resources on the IT business operations side, hiring more resources to the PMO and financial controls side. To find the funds, he diverted the savings that came from supporting the legacy environment as it was retired.
Looking at the economic forecast for 2023 and seeing that most IT decision makers expect a budget increase, Davenport sees two possible explanations. Either businesses are so dependent on their digital transformation investments that they are reluctant to reduce IT spending despite a recession, or IT leaders are overly confident and out of touch with the business realities.
“It surprises me they are so optimistic. I don’t think it will play out that way in the end,” he says. “It will be somewhere in the middle.”
Most wouldn’t have predicted a dramatic increase in IT spending during the beginning of the pandemic, but companies were forced to address the need for employees to work remotely. The “work from home” vision of the future that had been long discussed finally became a reality through necessity.
“That crisis turned into a great opportunity,” Davenport says. “So you have to find new and better ways to do business.”
A recession demands a sharpened focus on clear business benefits from IT projects. IT leaders can use that to raise the bar on requirements for what projects requested by the business will be prioritized.
Most importantly, Davenport advises not to wait for the recession to arrive but instead to take a proactive approach. The depth and the length of the recession can significantly impact the pain felt by IT departments that are ill-prepared, especially in private sector.
“This is where the most important attribute for CIOs comes through, resiliency, and the ability to push forward your digital transformation objectives and all the benefits for the business while still managing the money,” he says.
If IT leaders don’t consider money management a strength, be sure to hire people that can provide support. A CIO can provide strategic direction and rely on a direct report to manage the budget.
what’s next?Seeking new tools to guide the economy
The US Federal Reserve holds its next strategy review in 2024. It will review a period of slow growth during very low prime interest rates in the 2010s, followed by specific crises that disrupted the economy in the pandemic and a ground war in Europe. In this scenario, it may be tempting to raise the inflation target from 2% to 4%. This could help avoid a painful recession and create more room to stimulate the economy with reduced rates (The Economist, Oct. 2022).
In last year’s Tech Trends report, we noted the rise of central bank digital currencies around the world, with some banks already deploying the modern money to their economies, others doing proofs of concept, and most still in research mode. A recession could motivate central banks to fast-track plans for digital money. It could provide more tools more finely attuned to treat a recession, such as issuing different categories of money to targeted populations and attaching rules for how and when the money should be spent.
recommendations and resourcesPrepare for pain and find a penny pincher
Get tough on suppliers
Instead of reducing internal resources, find opportunities to cut spending with vendors where possible. Look to reduce software licenses, renegotiate contracts, and focus on strategic partnerships with third parties over transactional relationships.
Don’t be overly optimistic
IT leaders may expect bigger budgets will continue based on their experience with the pandemic-induced recession, but this economic downturn is driven by different factors. Don’t assume immunity from cuts made to other departments.
Put a strong financial manager in place
If CIOs are not masters of balancing the budget and scrutinizing the resources awarded to each new project, they should hire an operational leader who can oversee the finances and hold accountability for the PMO.
Optimize IT Project Intake, Approval, and Prioritization
Approve only the right projects that you have capacity to deliver. Failure to align projects with strategic goals and resource capacity are the most common causes of portfolio waste across organizations.
Reimagine IT Operations for a Cloud-First World
Well-implemented cloud infrastructure reduces tedious, repetitive tasks, and gives operations teams time to take a greater role in planning, management, and governance.
Establish an Effective PMO for IT
Implementing a PMO can help to ensure that resources are being used effectively, projects are completed successfully, standardized processes are being followed, and accurate information is being used for decision making.
Info-Tech’s Tech Trends and Priorities 2023 survey collected responses from Aug. 9 to Sept. 9, 2022. The online survey received 813 total responses, with 521 completing every question and 292 partially completing the survey. More than 90% of respondents worked in IT departments.
Note that in the tables below totals do not equal 100% in cases where multiple selections were allowed per question or due to rounding.
Developing the trends
Info-Tech conducts brainstorming exercises with its industry experts and former CIOs to determine the implications of megatrends for technology decision makers. The Tech Trends and Priorities Survey is developed based on the lines of inquiry suggested by those implications. Analysts with functional area expertise design hypotheses that are tested in the survey results. The trends featured in this report are based on those results.
Info-Tech’s Priorities reports also leverage this research, which determines the external pressures that different functional roles must respond to with urgency.
Size of organization
(1) 0-100 17.47%
(2) 101-250 12.30%
(3) 251-500 12.18%
(4) 501-1,000 12.05%
(5) More than 1,000 46.00%
(1) Manager 24.11%
(2) Director-level 22.63%
(3) C-level officer 17.22%
(4) VP-level 9.10%
(5) Team lead / supervisor 8.00%
(6) Team member 7.01%
(7) Owner / President / CEO 5.54%
(8) Consultant 5.17%
(9) Contractor 1.23%
(1) United States 43.9%
(2) Canada 12.3%
(3) Africa 11.1%
(4) Other (Europe) 8.1%
(5) Australia 6.6%
(6) Great Britain 6.5%
(7) Latin America, South America, or Caribbean 2.8%
(8) New Zealand 2.7%
(9) Middle East 2.5%
(10) Germany 2.2%
(11) Other (Asia) 2.0%
(12) India 1.6%
(13) Netherlands 1.1%
(14) Japan 1.1%
(15) Mexico 1.0%
(16) China 0.4%
(1) Government 15.62%
(2) Professional Services 14.51%
(3) Media, Information, Telecom & Technology 12.92%
(4) Manufacturing 11.56%
(5) Financial Services (including banking & insurance) 11.32%
(6) Healthcare & Life Sciences 10.70%
(7) Education 9.47%
(8) Other (Please specify) 7.87%
(9) Not for Profit (including professional associations) 5.78%
(10) Retail & Wholesale 4.43%
(11) Utilities 3.57%
(12) Construction 3.32%
(13) Transportation & Warehousing 3.32%
(14) Gaming & Hospitality 2.09%
(15) Arts & Entertainment (including sports) 0.49%
Juris Doctor Graduate
University of Ottawa
Ritesh Kotak is a digital/cyber strategist, tech entrepreneur, and small business evangelist. His work has been published in the Financial Times, The Economist, and several other publications. He frequently appears in mainstream media as a subject matter expert on tech and cyber-related stories.
Director, Center for Discovery, Innovation and Development
Children’s Specialized Hospital
Victoria P. Gregorio is the chief operations officer at Predictive Health Solutions and the director of the Center for Discovery, Innovation, and Development at Children’s Specialized Hospital in Milburn, New Jersey. Victoria is a passionate healthcare leader fostering growth through positive disruption. Victoria holds a PhD in public policy analysis from Rutgers University and has more than 13 years of experience working on innovation within social service organizations.
Director, Technology Support, Logistics and Client Services
Denise Wallace has been leading technology strategic initiatives and transformational programs for over 15 years. She led an IT spin-off of Resideo Technologies from Honeywell International that was completed within 18 months. She also led various IT enterprise roles at Honeywell where she was recognized for her leadership in operations and service delivery. Denise holds a bachelor’s degree in engineering from the University of Waterloo.
Product Manager, Webex Hologram
Edel Joyce is a product manager at Cisco with over 15 years of industry experience. In her career journey so far, she’s held pivotal management roles in the telecommunications technology sector across engineering design & operations, customer experience, strategy, financial planning, and cost optimization.
Co-Founder and CCO
Rob Sheridan is the co-founder (along with his wife Stephanie Sheridan) and CCO of Glitch Goods, a fashion lifestyle brand featuring his original glitch art and designs. He is also an art director, writer, designer, illustrator, photographer, director, and editor, amongst other things.
Vice President, Business Systems
Jim Richards works as a vice president, enterprise business systems, at Albemarle. With three decades of experience in the technology sector, Jim is a proven leader of enterprise software delivery teams. Jim holds a master’s degree from Weatherhead School of Management at Case Western Reserve University.
Former National President
CIO Association of Canada
Gary Davenport is an independent management consultant providing CIO mentoring and strategy development services for a variety of clients across Canada. He was also notably past-president of the CIO Association of Canada (CIOCAN), which is a not-for profit and vendor-independent organization representing over 400 CIOs from across Canada.
Senior Security Engineer
Fabian Kammel is an experienced senior security engineer and architect with a history of working in enterprise cloud and automotive security. He is skilled in Google and Amazon public cloud, DevOps, and automation, as well as Go, Terraform, and Ansible.
“A New Macroeconomic Era Is Emerging. What Will It Look Like?” The Economist, 6 Oct. 2022. Accessed 10 Oct. 2022.
Anderson, Tim. “GitHub proposes Sigstore adoption to link npm packages to their source, faces dev pushback.” DevClass, 9 Aug. 2022. Web.
Axon, Samuel. “Meta Announces Plans to Monetize the Metaverse, and Creators Are Not Happy.” Ars Technica, 13 April 2022. Web.
Bellamy, Fredric D. “Looking to the Future of Biometric Data Privacy Laws.” Reuters, 6 April 2022. Web.
Bornstein, Matt, et al. “Data Architecture Revisited: The Platform Hypothesis.” Future, 15 Oct. 2020. Web
Bove, Tristan. “Over Two Thirds of Economists Think a Recession Will Hit the U.S. next Year.” Fortune, 13 June 2022. Accessed 8 Oct. 2022.
Bowling, Mark. “The Midgame Could Be Beginning of End for Ransomware Perpetrators.” ISACA, 27 July 2022. Accessed 27 July 2022.
Canadian Centre for Cyber Security. “Cyber Threat Bulletin: Cyber Threat Activity Related to the Russian Invasion of Ukraine.” Canadian Centre for Cyber Security, Canada.ca, n.d. Accessed 8 July 2022.
Diab, Khaled. “Greenwashing Exposes Climate of Corporate Inaction.” Carbon Market Watch, 23 March 2022. Accessed 8 Sept. 2022.
Dilmegani, Cem. “11 Benefits of Process Mining.” AI Multiple, 30 Sept. 2019. Accessed 5 Oct. 2022.
Doshi, Ronak, et al. “Confidential Computing – The Next Frontier in Data Security.” Everest Group, October 2021. Web.
Dyck, Chris. “2022 Data and Analytics Trends.” Info-Tech Research Group, LIVE 2022, Las Vegas, Sept. 20-22, 2022. Conference Presentation.
Edwards, Benj. “Fearing Copyright Issues, Getty Images Bans AI-Generated Artwork.” Ars Technica, 21 Sept. 2022. Web.
“EIDAS 2: The Countdown to a Single European Digital ID Wallet Has Begun.” Thales Group, n.d. Accessed 24 April 2022.
“Executive Order on Improving the Nation’s Cybersecurity.” The White House, 12 May 2021. Web.
“Generative AI: A New Approach to Overcome Data Scarcity.” Hello Future, 21 March 2022. Web.
Gilbert, Samuel. “The Political Economy of the Metaverse.” IFRI, 21 June 2022. Web.
Ginnis, Tod. “The Rise of the Metaverse: A Brave New World for Risk Managers?” GARP, 15 April 2022. Accessed 7 Sept. 2022.
Grace, Christine LaFave. “Walmart Seeks More Sustainability Action from Suppliers.” Winsight Grocery Business, 8 Dec. 2021. Web.
“GTC 2022: #1 AI Conference.” NVIDIA, GTC Digital September 2022. Accessed 26 Sept. 2022.
“Home Depot, Adobe Partner on Personalization via Customer Data Platform.” Retail Customer Experience, 10 June 2022. Web.
“How It Works.” Sigstore, n.d. Web.
Howell, Elizabeth. “Russia Is Jamming GPS Satellite Signals in Ukraine, US Space Force Says.” Space.com, 12 April 2022. Web.
“In Store. Online. The Home Depot Makes It One Experience.” Adobe Experience Cloud, n.d. Accessed 15 Sept. 2022.
“ISSB Receives Global Response on Proposed Sustainability Disclosure Standards.” IFRS, 5 Aug. 2022. Accessed 7 Sept. 2022.
Jones, Dan. “Private 5G Deployments to Advance in 2022.” SearchNetworking, March 2022. Accessed 2 Aug. 2022.
Kaelble, Steve. “Celonis Process Mining for Dummies.” Celonis, 2022. Accessed 15 Sept. 2022.
Klaaßen, Lena, and Christian Stoll. “Harmonizing Corporate Carbon Footprints.” Nature Communications, vol. 12, no. 1, 1, Oct. 2021, p. 6149. https://doi.org/10.1038/s41467-021-26349-x.
Lawton, George, and Robert Angell. “Why Process Mining Is Seeing Triple-Digit Growth.” VentureBeat, 4 Feb. 2021. Web.
Lawton, George. “GANs vs. VAEs: What Is the Best Generative AI Approach?” SearchEnterpriseAI, 18 Aug. 2022. Accessed 22 Sept. 2022.
Lin, Pellaeon. “Privacy and Security Analysis of the IATA Travel Pass Android App.” Citizen Lab, University of Toronto, 13 April 2022. Web.
Logothetis, Paul. “UOttawa’s Faculty of Law Takes Moot Trials to the Metaverse.” University of Ottawa, 17 March 2022. Accessed 7 Sept. 2022.
Lorenc, Dan. “Zero Trust Supply Chain Security.” Medium, 2 Oct. 2021. Web.
Loten, Angus. “Pricey AI Apps Drive Up Cloud-Computing Spending.” The Wall Street Journal, 19 April 2022. Web.
Madnick, Stuart. “New Cybersecurity Regulations Are Coming. Here’s How to Prepare.” Harvard Business Review, 29 Aug. 2022. Web.
McSherry, Corynne, and Katharine Trendacosta. “What Companies Can Do Now to Protect Digital Rights In A Post-Roe World.” Electronic Frontier Foundation, 10 May 2022. Web.
“Members.” Confidential Computing Consortium, n.d. Accessed 4 Oct. 2022.
Morgan, Charles S., et al. “The Dawn of AI Law: The Canadian Government Introduces Legislation to Regulate Artificial Intelligence in Canada.” McCarthy Tétrault, 11 July 2022. Accessed 23 Sept. 2022.
Mullin, Joe. “Google’s Scans of Private Photos Led to False Accusations of Child Abuse.” Electronic Frontier Foundation, 22 Aug. 2022. Web.
“New Rules on Corporate Sustainability Reporting: Provisional Political Agreement between the Council and the European Parliament.” Council of the EU, 21 June 2022. Accessed October 13, 2022.
Newman, Lily Hay. “GitHub Moves to Guard Open Source Against Supply Chain Attacks.” Wired, 8 Aug. 2022. Accessed 15 Aug. 2022.
Ong, Alexis. “An Experimental Horror ARG Is Testing the Boundaries of AI Art.” The Verge, 15 July 2022. Web
Perez, Sarah. “Tinder to Kill Virtual Currency, Loses Its CEO.” TechCrunch, 2 Aug. 2022. Accessed 4 Aug. 2022.
Plumb, Taryn. “Is Confidential Computing the Future of Cybersecurity? Edgeless Systems Is Counting on It.” VentureBeat, 13 Sept. 2022. Web.
Plumer, Brad, and Henry Fountain. “A Hotter Future Is Certain, Climate Panel Warns. But How Hot Is Up to Us.” The New York Times, 9 Aug. 2021. Web.
Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL LAYING DOWN HARMONISED RULES ON ARTIFICIAL INTELLIGENCE (ARTIFICIAL INTELLIGENCE ACT) AND AMENDING CERTAIN UNION LEGISLATIVE ACTS. European Commission, 21 April 2021. Web.
Radford, Alec. “Introducing Whisper.” OpenAI, 21 Sept. 2022. Web.
Rake, Rachita, and Shreyas Wadodkar. “Private LTE Market Size, Share and Industry Growth | Forecast - 2027.” Allied Market Research, Jan. 2021. Accessed 3 Aug. 2022.
Raywood, Dan. “Putting Faith in Zero Trust.” Infosecurity Magazine, 3 Jan. 2019. Web.
Roose, Kevin. “AI-Generated Art Won a Prize. Artists Aren’t Happy.” The New York Times, 2 Sept. 2022. Accessed 22 Sept. 2022.
Schaeffer, Jonathan. “Kasparov Thinks Deeply about His Battle with a Machine.” MIT Technology Review, 10 July 2017. Accessed 12 Oct. 2022.
Schneider, Tom. “Managing Cybersecurity Risk as Enterprise Risk.” ISACA, 7 Sept. 2022. Web.
Sehgal, Pragya. “Google Canada Announces Second Cohort for Google Cloud Accelerator for Startups.” IT World Canada, 22 March 2022. Web.
Shah, Ronak, et al. “The Future of AI Regulation in Canada: What We Can Learn from the E.U.’s Proposed AI Framework.” Torys, 25 May 2021. Web.
Smith, Brad. “Defending Ukraine: Early Lessons from the Cyber War.” Microsoft On the Issues, 22 June 2022. Web
Solomon, Howard. “Breaking News: Government Files Latest Attempt at Privacy Legislation Reform.” IT World Canada, 16 June 2022. Web.
Sutrich, Nicholas. “Almost 80% of VR headsets sold in 2021 were an Oculus Quest 2.” Android Central, 21 March 2022. Web.
Sutrich, Nicholas. “Looks like the Oculus Quest 2 is still selling better than the Xbox.” Android Central, 7 June 2022. Accessed 19 Sept. 2022.
“Technical Readiness Working Group.” IFRS, n.d. Accessed October 13, 2022.
“The Enhancement and Standardization of Climate-Related Disclosures for Investors.” Federal Register, 11 April 2022. Web.
“The Metaverse Will Reshape Our Lives. Let’s Make Sure It’s for the Better.” Time, 18 July 2022. Accessed 18 July 2022.
Tiku, Nitasha. “The Google Engineer Who Thinks the Company’s AI Has Come to Life.” The Washington Post, 11 June 2022. Accessed 22 Sept. 2022.
Traylor, Jake. “No Quick Fix: How OpenAI’s DALL·E 2 Illustrated the Challenges of Bias in AI.” NBC News, 27 July 2022. Accessed 23 Sept. 2022.
Valentine, Nigel. “I Want A Game Version Of NIN Art Director’s AI Horror Gem Immediately.” ScreenRant, 31 July 2022. Web.
Vincent, James. “Meta’s new text-to-video AI generator is like DALL-E for video.” The Verge, 29 Sept. 2022. Accessed 29 Sept. 2022.
Vyas, Kashyap. “What Is Generative AI?” IT Business Edge, 25 Feb. 2022. Web.
Walk-Morris, Tatiana. “Snapchat: 92% of Gen Z Want to Use AR for Shopping.” Retail Dive, 6 April 2022. Accessed 7 April 2022.
“Why It Is Too Early to Say the World Economy Is in Recession.” The Economist, 24 July 2022. Accessed 10 Oct. 2022.
Wollmert, Peter, and Andrew Hobbs. “Sustainability Reporting: What to Know about the New EU Rules?” EY, 1 Aug. 2022. Web
Xu, Tammy. “Automated Techniques Could Make It Easier to Develop AI.” MIT Technology Review, 5 Aug. 2022. Accessed 15 Aug. 2022.