Depending on the organization, CTOs are traditionally known for overseeing the IT department and strategically aligning technology to business needs. As the world becomes more volatile and visibility to threats that impact businesses’ operations or employees become more prevalent, having a CTO who can understand risk is more important than ever.
From natural disasters and civil unrest to supply chain disruption and failing critical infrastructure, there are many threats to businesses these days. These threats have varied cascading effects and are growing at a significant rate. According to OnSolve’s Global Risk Impact Report, extreme weather events, violence, transportation accidents and diplomatic tensions that impact company assets and/or operations have all doubled or tripled from 2020 to 2022. This can have significant impacts across a business’s people, operations and customers’ demands. Just a few years ago, risks like this were manually identified—if they could be identified at all—via spreadsheets with public sources of information and teams of analysts.
Risks evolve quickly, so it’s critical to make informed decisions fast. Technology is the most efficient and accurate way to mitigate risk by providing better data, insights and communication channels, highlighting the critical role the CTO plays. While risk management doesn’t fall directly to the CTO, the decisions the CTO makes significantly impact the teams responsible for managing and mitigating all business risks. The role now includes counseling and guiding the CEO and the rest of the C-suite on how technology can help the business understand actual threats to the business and how to prepare and manage those threats better.
In addition to exploring options to upgrade their technological ability to identify and mitigate risks, CTOs must also accomplish these tasks to have full visibility into risk:
Be a part of the strategic process.
CTOs can’t just focus on their products anymore. They must look at the broader business landscape so they can be strategic partners for the executive team. You gotta love the technology, but you have to love the business, too. For CTOs to succeed, they need to not just focus on what will drive business, not just create the next big thing. That means taking risk into consideration.
Be a people person.
As a change agent, a CTO needs to be prepared to manage pushback from teams that have historically relied on manual processes to get things done. To manage this pushback, a CTO must empathize with why some may be reluctant to adopt new practices. This will make the road to change less resistant and even make it easier to persuade some to join the journey.
Lead GRC.
Overall, the CTO must become a leading voice and partner in governance, risk and compliance (GRC). As risks become more diverse, more frequent and regulations become more complicated, GRC will be harder to achieve. The CTO needs to work hand-in-hand with the CEO and executive team to find the balance between meeting GRC regulations and mitigating risk, ultimately protecting employees and community members, meeting the needs of customers and preserving business value.
To properly guide business leaders, CTOs need a broad understanding of factors that can cause business disruption, and some are not so obvious. For example, a seemingly simple flight delay can cause a ripple effect by stranding employees who are conducting important business. A CTO has to understand what the threats to an on-time flying schedule are—things like a pilot not making it on time to the airport due to extreme weather near his home or the plane getting stuck at another airport due to fuel shortages following supply chain disruptions. A CTO can help the appropriate departments plan ahead and adapt to avoid interrupting operations.
CTOs should also use their expertise to corroborate or dismiss any company decisions regarding the release and implementation of technology. More high-level questions should come to the CTOs’ mind, like: “How will this change affect my customer’s privacy?” or “How will this mitigate risk for the overall business?” Not only will these questions protect the company from risks like compliance, but they will protect the company from scrutiny and support the business goals.
The CTO role is rapidly changing as the world relies on cutting-edge technology to remain resilient. The CTO is now a risk leader who must fully understand business goals and can strategically oversee the development and implementation of technology across the board to ensure a resilient organization.
To learn more about trends in risk and strategies for management in the CEO Brief: Global Risk Impact Report.
Originally published November 2022 in Forbes.