4 Managerial Mandates
Reward Thy Staff
"We've done well on turnover, but next year we think that'll be a tougher challenge," says Gertrude Van Horn, CIO at Jo-Ann Stores Inc., a $1.81-billion crafts and fabrics retailer based in Hudson, Ohio. "We have some great business analysts, and we've already seen [a] demand increase for people like that."
She articulates a common concern among IT executives as 2006 draws near: Fewer computer science grads, combined with a retiring baby boom generation and a growth in demand for skilled IT workers, will soon equal staffing pain [see "Talent Crisis Redux," CIO Decisions, July 2005]. Keeping your staff happy -- with new projects and quality-of-life-enhancing efforts -- should top your priority list for the new year.
In 2006, IT labor in select areas will become a seller's market. Leading this pack will be business analysts: IT staff who are well versed in the business and fill a hybrid role. Other specialties expected to be in high demand, and thus pricier, are business continuity; data security; data warehousing; wireless; open source software; Web services; and business intelligence, according to Robert Half Technology in Menlo Park, Calif., and Forrester Research Inc. in Cambridge, Mass. (System administrators, database administrators, help desk, programmer/analysts and Web designers -- all highly prized in the late 1990s -- didn't make this year's list.)
"In 2006, businesses will be asking, 'What can we do to grow our business?'" says Melissa Maffettone, manager of Robert Half Technology's Fort Lauderdale, Fla., office. In its fall IT hiring index, the firm reports a steady increase in hiring over the past five quarters. Midmarket enterprises, Maffettone says, are looking for technology skills, but also communication skills and business knowledge.
Whether or not you are hiring, don't take for granted the talent already on staff. Instead, work proactively and creatively to hang on to strong performers. Loosening up the purse strings may be necessary, but it may not be enough. Many IT workers place a premium on work/life balance, so consider offering telecommuting, flextime and other nontraditional benefits.
Employee-recognition programs and continuing education can also keep workers from bolting. That's important in winning the talent war, since it's cheaper to retain top workers than to hire new ones.
Chances are, you aren't just your organization's CIO. You're also the chief information security officer (CISO) or the chief security officer, in charge of physical as well as network and data security. In 2006 you'll need to stay on top of new threats, which are expected to be more of the same and then some.
"In 2006 the midmarket has to look out for more sophisticated attacks," says Jon Oltsik, an analyst at Milford, Mass.-based Enterprise Strategy Group. "We'll see more application-layer attacks and more blended threats, things that require a defense in depth."
E-mail will remain the delivery mechanism of choice, though instant messaging, voice mail networks and cell phones (which are evolving as a prime corporate interface tool for both voice and data) will continue to grow as hacker targets. Experts also say that the era of wunderkind hackers is all but over, as the trend away from vandalism to attacks for extortion or identity theft will continue.
Thus, brace yourself for more of the attacks that were effective in 2005, such as narrowly targeted phishing e-mails that appear to originate from your organization (and frequently succeed because of trusting users). The goals of these attacks may be to steal personal information and raid users' bank accounts and credit lines. Attackers may also probe for confidential company information for extortion purposes or to sell to competitors, creating the potential for a catastrophic loss.
Asked what measures midmarket IT groups should focus on in 2006, Oltsik advises them to be "resolute about scanning networks and penetration testing." He also thinks businesses need to get past their fear of outsourcing security to third parties [see "Security Outsourcing Grabs Hold," CIO Decisions, September 2005]. "There are a lot of good security firms out there, and you've got to be willing to use them, because [threats] are getting so complex," he says.
Merv Tarde, CIO at $700-million Interstate Batteries in Dallas, recently found himself newly responsible for physical security. And in New York City, W.P. Carey & Co., a $225-million real estate investment firm, has taken the concept a step further: "We believe there's a natural aggregation of themes and skills around compliance, infosec, business continuity, internal controls [i.e., audits] and risk management," says Mykolas Rambus, CIO at W.P. Carey. "So we've rolled them all into one discipline."
This was first published in December 2005