BlueSteps chats with Paul Chau, Senior Client Partner, Global Technology Market at Korn Ferry, about the latest trends for technology executives in the CIO, CTO and CISO roles.

How would you describe the outlook for technology executives in Hong Kong and the greater China region?
The CIO/CTO function will play an important role in organizations which embrace technology as one of the key drivers for change and business results. In this information-driven era, technology has become a necessity as it facilitates business leaders and consumers to make decisions based upon facts and numbers. Timely and accurate information from different means is extremely important in a fast-paced economy, like Hong Kong, a trading hub. Therefore, there are functional CIOs/CTOs making sure system performance is optimized, the network is reliable and secured, and applications are running smoothly.

Secondly, information also plays a big part in optimization and consolidation of systems and business processes when companies are looking to provide cost management and transformational initiatives. The CIO/CTO will be a transformational leader who aligns IT strategy with the business strategy and earns the trust of the C-suite executives in order to lead change and process improvement.
 
Lastly, some businesses leverage data to drive revenue, such as mobility and big data analytics, which increases the demand of emerging technology and consumer-level expectations. Thus, the CIO/CTO will be the business strategist who helps develop and refine business strategy for innovation and create competitive differentiation.

What trends are you witnessing in the technology function as it relates to executive search? In which markets and industries are most searches are being conducted?
The CIO role is evolving rapidly as business requirements, customer demands and emerging technologies outpace traditional IT skillsets. The talent demand is accelerating as different organizations at different development stages demand unique types of CIOs – functional, transformational and business strategists. Therefore, compensation is increasing as there is a flight for talent in leading edge technology-based industries. Candidate validation is critical.

Currently, digital and eCommerce talent are sought after across different markets as organizations try to anticipate consumer demand based on data analytics, streamline supply chain management in order to be effective with inventory management, create a new channel for consumers with easy accessibility and develop logistics for efficient and timely fulfilment.

How has cyber security impacted the technology function? How are these leaders managing these challenges?
Cyber security has become a board-level issue in most companies and across all sectors, as a result of recent high profile attacks. More business value and company assets are being placed in online environments – intellectual property, sensitive customer information, financial data, employee records, etc. In addition, mobile devices, “Internet of Things” and ever expanding networks, increase vulnerability when coupled with increased sharing of information with third parties and partners and complex supply chains. The recent sophistication of attacks and pace of development outstrips any single organization’s development of defenses.

Besides the U.S. Government, no other sector has experienced the number and complexity of cyber intrusions than the financial services industry. According to a Deloitte 2012 global financial services study, 25 percent of banking and 45 percent of insurance respondents experienced a security breach in the last 12 months. Therefore, threats are not just financial – they are also reputational, operational and regulatory – CEOs most fear reputational damage according to IBM’s 2013 CISO Assessment.

The response to this threat/challenge is not straightforward:

• A compliance based approach where everything must be protected is too overwhelming and also destroys more business value than it saves. McKinsey estimates banks are losing $300 billion a year globally due to delays in product launches due to security compliance.

• Creating a robust perimeter defense is also not enough – organizations need to realize the importance of preparing for a breach and its potential impact.

• Few organizations have rehearsed and systemized their responses and hence often destroy more value through a poor business response.

Organizations are taking a more integrated view and are starting to focus on a more detailed assessment of risk – which in turn has led to the rise of the Chief Information Security Officer (CISO) as a new role – from 20% penetration in 2006 to around 80% today.