Ice Lounge Media

Ice Lounge Media

New year’s resolutions for CIOs

IceLoungeMedia IceLoungeMedia

From security to quantum, AI and edge to cloud, our digital world is evolving and expanding more quickly than ever. With so much “noise,” it can be hard to concentrate, let alone figure out where to start beyond the bits and bytes, speeds and feeds. I hear this from everyone I meet with, and it’s clear that CIOs, in particular, are feeling the pressure. So this year, I’m going to outline four emerging technologies and describe how CIOs can take action on them today. Consider these your new year’s resolutions.  

1. I will not use cloud without understanding the long-term costs. I’ve been hearing from CIOs that their initial eagerness to take advantage of cloud computing has put them over budget, as they weren’t thinking strategically about how to distribute IT capabilities across different cloud providers—let alone how to make them work together. My recommendation is to both characterize the technical viability of running a workload or placing data into a specific cloud, and also fully identify the short- and long-term costs of using that cloud. If you know going in what the costs are, you can better target workloads to the right long-term home. This will also set you up to evaluate new cloud options and find potential cost reductions over time.

2. I will define my zero-trust control plane. We will continue to see an increase in industries requiring zero-trust frameworks, such as those set forth by the U.S. government. These requirements will have a global ripple effect across critical infrastructure industries. So where do you begin? You need to have an authoritative identity management, policy management, and threat management framework to do zero trust properly. And if you don’t have a well-defined and authoritative control plane over your multi-cloud environment, how can you possibly achieve consistent identity, policy, or threat management for your total enterprise? Security in the multi-cloud, more than any other aspect, needs to be consistent and common. Silos are the enemy of real zero-trust security.

3A. I will establish early skill sets to take advantage of quantum. Quantum computing is getting real, and if you don’t have someone in your business who understands how this technology works and how it influences your business, you will miss this technology wave. Identify the team, tools, and tasks you’ll devote to quantum and start experimenting. Just last month we announced the on-premises Dell Quantum Computing Solution, which enables organizations across industries to begin taking advantage of accelerated compute through quantum technology otherwise not available to them today. Investing in quantum simulation and enabling your data science and AI teams to learn the new languages and capability of quantum is critical in 2023.

3B. I will determine where my quantum-safe cryptography risks lie. Quantum computing is so disruptive because it changes many elements of modern IT. With the rise of quantum computing comes the need to better understand post-quantum cryptography, the development of cryptographic systems for classical computers that are able to prevent attacks launched by quantum computers. Bad actors globally are actively trying to capture and archive encrypted traffic on the assumption that sufficiently powerful quantum computers will eventually be able to decrypt that data.

Want to mitigate your risk? I suggest starting with understanding where your biggest risk exists—as well as the time horizon you are worried about. You can do this by first cataloging your crypto assets and then identifying which encrypted data is most exposed to public networks and possible capture. That is the first place you need post-quantum cryptography. In 2022, NIST selected the first few viable post-quantum algorithms, and in 2023 these tools will start to emerge. Over time they will be needed everywhere, but in 2023, knowing where to use them first is a critical step.

4. I will decide whether my multi-cloud edge architecture needs to be cloud extension or cloud-first. In 2023 more of your data and processing will be needed in the real world. From processing real-time data in factories to powering robot control systems, edge is expanding rapidly in the multi-cloud world. This year you will need to make a choice about which edge architecture you want long term.

Option one is to treat edges as extension of your clouds. In that common model, for each cloud you have an equivalent edge (for example, GPCP-Anthos, Azure-ARC, AWS-EKS). This works well if you only have one or a few clouds. Option two is to treat your edge as a platform for all your clouds to share. This edge-first architecture is new but with efforts like Project Frontier, we are seeing a path to build out a stable shared edge platform that can be used by any software-defined edge (for example, ARC, Anthos, EKS, IoT apps, or data management tools). Though multi-cloud edge platforms are just emerging, it’s critical to make a decision now about what you want your edge to look like in the future. Do you want a proliferation of edges for each cloud service you use or do you want those cloud services to be delivered as software on a common platform? 

Hopefully these four resolutions will make all of us better prepared for the multi-cloud future. Innovation has never been as pervasive and fast moving as we expect in 2023, which increases the urgency to make forward-looking decisions that will help us navigate the technology stream coming at us.

For more information, visit dell.com/2023predictions.

This content was produced by Dell. It was not written by MIT Technology Review’s editorial staff.