It has never been more challenging to be a chief information security officer. But it has also never been a more important role to successfully manage business risk. Over the past year in the United States alone, we’ve seen new regulations from the US Securities and Exchange Commission (SEC) as they focus on how security risks materially impact business performance. Despite this, only 30% of this year’s respondents said that they have a process to determine whether a security incident constituted a material event, although another 30% are developing such a process. More recently we’ve seen new regulations from the state of New York and other state-level bodies that seek to exercise even greater control over how businesses manage their cyber risks. For the CSO, 2023 has proven to be a wakeup call that has finally shown the true personal risks that CSO’s face.

The board of directors – better alignment but more to come

CSOs reporting to the board of directors jumped to 25% – up from 20% last year – and 85% of CSOs are reporting regular engagement with their board of directors, with nearly half reporting engagement at least monthly. At the same time the number of CSOs who have little to no engagement with their board of directors has fallen to 15%. On the surface these numbers may appear good, yet only 46% report any level of cyber expertise on their board of directors and that can prove to be a major challenge. Managing cyber risk is not for the faint of heart nor for those without expertise in the area. Since 2011, when the NACD first issued guidance around this issue, there has been a drive to invest boards with greater levels of cybersecurity expertise. Twelve years later we’re still seeing mixed results.

Regulations – driving investment but lagging results

As the study has found in years past, a large number of security leaders believe they are falling short in managing their risks. They most often find it difficult to convince all the parts of their organizations of the severity of the risks that they face. Despite rising budgets, they believe that they’re still not investing enough resources (budget, people, technologies, etc.) to address the risks that they face, and they struggle to find, acquire, and/or retain the technical or professional expertise that they need.

Budgets – going up

But at the end of the day the most telling metric as to how organizations perceive the importance of investing in security is budget. Forty-three percent of this year’s respondents will have increased budgets next year. Only 2% expect budgets to decline – the smallest number indicating decline in the history of the study. Some leading areas where there will be increasing investment: zero trust technologies cyber risk insurance and customer identity and access management. They expressed the most interest in future spending around zero trust, SASE, deception technology, and XDR. To learn more about what’s on the horizon for security leaders in 2024, view our blog highlighting the adoption of AI and cyber risk insurance here.

Technical debt

Security leaders continued to saddle themselves with technical debt. And as a CISO once noted to me, ransomware is the technical debt collector. When asked about their acquisition and retirement of security tools the typical organization was retiring 2+ security tools per year, but they were also acquiring 3+ tools during that same time. In conversations with CISOs I consistently hear an understanding of the risks from technical debt, but I also hear the challenges they have around moving to platform-centric solutions that may integrate better but provide less efficacy. The industry needs to find a way to move beyond its reliance on best of breed solutions to a more proactive approach to managing cyber risks.

Final thoughts

As an observer of this market for the past 21 years I’ve witnessed security leaders mature to address any challenge that faced them. But the changes we’re witnessing over the past few years are transformational. CSOs are now business leaders who are well versed in technology as opposed to technology leaders that struggle to understand the business, and we’re seeing that reflected in the findings of this year’s study. But challenges remain:

• The expectations of the business, given the evolving role of the CSO, can easily create a chasm between what security leaders can deliver and what is expected of them.
• Technology challenges continue to complicate the landscape from the growing number of tools and level of technical debt that businesses carry.
• While budgets continue to grow the options for offloading risk are becoming more expensive which creates challenges, particularly for small and medium businesses.

The big thing to watch over the next year will be how third parties – regulators, insurers, and business partners – impact the way businesses address their risks and types of security solutions they adopt. The risk is that their mandates will shift resources away from the most pressing security issues identified by CSOs in order to meet the demands of those third parties, creating risk gaps that will be targeted for exploitation. I’ll also be watching how aggressively regulators go after businesses and their CSOs in the wake of security lapses.

Q. What are your primary responsibilities in your CIO role?  

My responsibilities are mainly around strategic leadership within our department and across the organization – making sure our IT strategy is aligned with the business strategy and our digital strategy. Just like everybody else, I do a lot of meetings, with my team, internally with the business, and also with our vendors and business partners. 

We’re also doing a lot more collaboration with our external customers. Building those relationships in this digital world is really key right now for us.  

Like other CIOs, I’m also looking at what innovations are out there that we should be exploring. Which ones are more hype, which ones do we feel could benefit the organization? For example, everybody’s looking at generative AI. There’s a lot of opportunity at Southwire for AI and ML [machine learning], given what we do in the manufacturing world.  

And then on top of all that, [my role also involves] cyber risk, data governance, and digital and AI governance.  

Q. How would you describe a “typical” day?  

A typical day for me generally is a lot of meetings. Maybe more than I’d like, but I like to meet with people face to face, whether it’s our employees or our external customers. Networking is really important to me. When you’re in IT, you spend a lot of time listening to both internal and external customers, and having conversations on where the organization is going.

Q. What role do you and your team play in technology purchases? 

For a while, a lot of companies were moving so fast and just buying what they needed without putting out a true RFP. Now, we’ve settled back into saying we need an RFP for purchases over a certain amount. We need to talk to three or four vendors and compare notes and make sure we’re getting the right solution for the problem we’re trying to solve.  

My involvement generally comes near the end of the deal. I allow my leadership team to do their thing without stepping into their power alleys. I focus on the business aspect of it.  

I understand what problem we’re trying to solve. I know the vendors my team is looking at, but I let them do a lot of the due diligence, which gives them the opportunity to learn how to deal with vendors and create those relationships. They’ll present the findings of the RFP and the different bids that came in. We [discuss] which one fits our culture the best, which one solves the problem. Where we can, we do a proof of concept.  

Q. Besides your IT team, what other business stakeholders might you bring in for technology purchases? 

If we’re working on a business problem, we bring in the business leaders to help with the selection of our tools. The IT and business groups work closely together to solve problems.  

If we’re looking at software or hardware or some type of as a service solution, we bring in not only our IT group, but also the business users and key subject matter experts who are going to be using the technology. They’re the ones I get most concerned with about adoption and change management.  

Q. You mentioned the security piece earlier as part of your overall responsibilities. Is that a different type of buying process? 

We have a CISO who’s pretty diligent with everything. Security is a different beast, so we bring in the broader IT team in part for the educational piece. Whether it’s the network team or the cloud team or the application team, I want them to understand the risk factors around security and what we need to do, because security has to be part of every program. Any type of software or hardware we’re thinking of buying goes through an architectural review board, which addresses security.  

We look at security not just from the IT side, but the operations technology [OT] side of the house, too. As a manufacturing company, OT is becoming just as important as IT. Everything’s now IoT and network connected. We have sensors everywhere. That heightens the security aspect of our IT and OT buying decisions.  

Q. How has the tech buying process evolved over the four-plus years you’ve been at Southwire?  

For a company that was growing as quickly as Southwire was over the past four or five years, our buying cycles were pretty short because we were involved in a lot of acquisitions and we have accelerated our digital program. Now we’re starting to get back into better planning cycles.  

In today’s world, it’s much more collaborative, which is why one of my key roles is creating partnerships with my business peers. They’re more actively involved in looking at technology with us, identifying what problem it will solve, which is much better than them doing shadow IT. Our Business Transformation team is a nice model for us to have because of the complexity in our business. 

Q. What guidance would you give to technology vendors on what they can do better, or do less of, to get your attention? 

I feel bad sometimes for these technology vendors, because they’re trying to drive their business and trying to get conversations with me, which is hard to do in my role.  

Being in the right place at the right time is always a good thing. I try to give vendors as much time as I can to walk through their value proposition. 

In the best-case scenarios, we have time to evaluate different vendors and different technologies. But sometimes there are projects that need to start within four to six weeks. You’re going to remember those vendors that have contacted you in the past. 

When we do meet with vendors, they need to understand they have very limited time with us. I don’t need a 30-page PowerPoint – I need three to five slides that show they understand our business and the problem we’re trying to solve. 

Q. What are your primary responsibilities as the MBTA’s Chief Digital Officer? 

As Chief Digital Officer, I’m responsible for the . Our mission is to use the modern principles of research, design, and technology to make the transit system more accessible for all riders. That pairing – modern principles and rider focus – drives our success and shapes our value proposition to the agency and the public. We build almost all of our technology in-house as we have found that to be the most efficient and effective approach. 

In terms of my role specifically, it is translational. My role is to bridge the gap between the agency’s priorities and our technology solutions. I need to understand what the priorities are for people across the agency and communicate our work in a way that matters to them. By understanding what their priorities are, this helps me to translate the agency’s priorities into technical terms for my team.  

Q. How would you describe a typical day?  

I try to structure my weeks a little bit because, as the psychologists say, context-switching is hard. So I try to group meetings onto different days of the week. For example: one-on-ones with my staff are on Fridays, and one-on-ones with folks across the authority are generally on Tuesdays, sometimes Mondays. There are various standing meetings and committees, etc.  

Having to be remote through the pandemic, we quickly shifted to running most of our operations through Slack. And so, I spend a lot of time in Slack managing, delegating, giving guidance, etc.  

In addition to managing a 100-person department, I have projects I am individually responsible for. So, I block off time for reviewing the deliverables from those.  

Because we’re a 24/7 essential public service, full control over my schedule is limited.  

Q. What role do you play in technology purchases?  

It depends on the scope, the dollar amounts, and other things. As a public agency, we have a very rigorous procurement process. By and large, I set the approach by which we do technology procurements.  

We want to have a great experience for our riders, so we do all of the in-house software development for that [customer-facing] interface. And then we bring in modular pieces behind it. We love it when there’s an opportunity for third parties to show their excellence and be able to contribute. To create a level playing field, as much as possible, we want to use industry-standard interfaces so that [vendors] are not building something custom just for us. One that means it is going to be continuously updated, and two, it means they can sell to other [customers]. It becomes a win-win.  

Q. What other internal stakeholders do you collaborate with on technology decisions? 

Collaboration is essential. In the public sector, we have the opportunity and the challenge of managing to multiple bottom lines. So you can only be successful by taking a collaborative, partnership approach.  

For example, one key partner is our systemwide accessibility group. Going back to our mission, making sure that all riders can use the system well, a big focus is on providing better information to folks who are elevator-dependent. If you’re taking the subway and go to a station and the elevators are out of service, the station might as well be closed to you, given a lack of accessibility. We should make sure we’re giving folks that information upfront. This stakeholder collaboration is the most critical work that we do. 

Q. How has the technology buying process evolved over the past 3-5 years?  

With a lot of traditional government IT procurement, the name of the game is risk mitigation, which can make the procurement very prescriptive, describing outputs. In striving to use those modern principles of research, design, and technology, we want to set the bar on the outcomes and leave it to the vendor to figure out how they will deliver the results, not prescribing how they get there. What is the latency? What is the throughput? What is the resolution of the screen, etc.?  

Interacting with stakeholders is a lot easier when we’re talking in terms of outcomes. You don’t want to talk about network switches; you want to talk about the impact of that switch on the rider, the staff, and the organization. That makes it a lot easier for us to meet them where they are and walk them through solutions in a human-centered way.  

One of the innovative things that our procurement department is pushing us toward is using many more RFIs [requests for information]. An RFI gives the government an opportunity to go into the market and invite folks to submit their ideas, approach, interest, etc., in a more informal, lightweight way. An RFI can really open us up to learning about new ways people are approaching a problem. And that helps us refine the outcomes we’re looking for.  

Things have changed in other ways: The procurement department’s priorities have shifted to reflect the complex needs of our agency. While they are still committed to helping us acquire specialized software, they are also focused on supporting our day-to-day operations. They many want to help us buy whatever software we need, but they’re also trying to figure out how to order 10 tons of cement by yesterday. 

First, we’re making a big push toward standardized terms and conditions.  Technology vendors with the flexibility to review and accept our terms and conditions make things go a lot faster. 

Second, InfoSec. Government is often the biggest, most attractive target. So give me an industry standard – the stricter, the better – and we’re going to say you have to adopt that. The importance and the non-negotiability of adhering to InfoSec standards is something that has really changed over the last couple of years.  

Last is software accessibility. I’ve talked about this, but states like Massachusetts are making a big push on software accessibility. It’s long overdue. But there’s a lack of expertise in the industry.  

Q. What can technology vendors do better to get your attention? 

The best approach is for companies to inform, not sell. I know that vendors are developing new and different solutions, and I’m eager to learn about those solutions and technologies.   

A sales approach is going to be less successful. I can’t and don’t want to buy a piece of software based on a personal relationship I have with the salesperson. We go through an open, equitable, and inclusive procurement process. So, show us the value and impact you can deliver rather than trying to create a personal relationship. When vendors lead with marketing buzzwords, it’s easy to tune them out.  

The last thing I’ll note is that historically, many software vendors will only take credit card payments. That’s hard for a government agency. The ability to do purchase orders helps to pave the way.  

It comes down to this: Make it easy for us to say yes. 

This wasn’t a solo decision, as its outcome affects multiple people. I had a team of stakeholders with various viewpoints to consider. Mom, with her master’s in education, had strong opinions about the methodology and function of the education. My daughter (the end-user) had concerns about the execution and process of the education. Grandparents weighed in on the lifetime value and character of the education. And while I’d like to believe I was concerned about all of these; prestige and cost of the education were top of mind for me. 

One rainy Saturday morning the “stakeholder team” toured the campus of a prospective school (grandparents included). Over the next several weeks we shared our perspectives, weighed our requirements, and discussed our views in both groups and in 1:1 conversations. Together we arrived at a purchase decision. And on a spring afternoon, I authorized the first of many tuition payments. 

My daughter is a good student. We live in a decent school system. So what prompted the need for this decision? Inspiration. Inspiration that occurred for each of the buying team members, all independent of one another and all unique. I was inspired by the stories I heard about the school’s pedigree. Other members of my team responded to stories of academic success and the promise of a more fulfilling future. 

It became obvious each of our roles were defined by the school’s admissions office. We each had different conversations and read different web sites. In some instances, members of the school reached out to talk to us and share their stories. A student peer hand wrote a letter to my daughter telling her how wonderful the school food was. The financial office spoke to me about tuition plans. The school not only knew their audience, but knew how to address each person, knew the time sensitive triggers that we would respond to and how to build a consensus based in trust that inevitably led us to proudly choose a new school for our daughter. 

I’ve come to recognize that B2B marketing is even more complicated than selecting a school for my daughter. It requires establishing buyer confidence through narratives. Telling engaging stories that resonate. Identifying, through intent data signals, the individual roles, and influencers of 20+ (average) buying team members. (That’s like grandparents, aunts, uncles, and second cousins.) And then having the processes, knowledge, and technical ability to address each individual, on a personal level, as they collectively advance through their unique buyer journeys. If done impeccably, B2B marketing would result not just in buyers deciding on a purchase, but in actually taking pride in their decision—as my family did when we came to a decision on my daughter’s new school. 

…&�Բ�����;

Today, Foundry is launching not a new approach to B2B marketing, but a unified one – engaging the buying team through the combination of unique content narratives powered in part by data-driven tools and intent signals.   

“Stories inspire, data connects” is our maxim for approaching the four focus areas intrinsic in B2B marketing: buying teams, buyer intent, buyer journey, and buyer engagement. Ultimately a celebration of buyer centricity in marketing, Inspire to Connect shows how aligning these pillars allows marketers, sellers, and brands to build real relationships with buyers—relationships rooted in deep understanding and positive, personal connection. And relationships built upon nuanced observation, behavioral data, and true empathy. 

Now a handwritten peer letter to a prospective student may seem small and quaint and even a bit old-fashioned, with only a minor connection to the subject at hand. Ironically, it’s even more relevant now than ever, because knowing that level of detail, knowing those catalysts, are the path to inspiration and action.  What’s more the letter was human, emotional, and engaged my daughter in a method she preferred. 

B2B marketers increasingly have robust data, advanced tech, and the ability to scale content to create any number of experiences for buyers – and we’ve mastered the logistics of execution.  But we treat buyers as if they are numbers in our lead counts.  B2B buyers still bring their emotions and hopes and vulnerabilities to the purchasing table—and �ٳ󲹳�’s where brands and marketers need to start making connections with them.  

This model encourages marketers to observe and embrace the non-linear, emotional, often messy side of B2B decision making. On their own, marketers and martech already execute along these four pillars. But aligning them brings the buyer to light as a human, not just a stakeholder, persona, or audience member, which prioritizes putting greater care into the narrative and the experience to elicit a feeling. 

In this new collection of thought leadership, we’ve gathered the insights of tech marketing’s brightest B2B marketers, data from research, and perspectives from multiple sources to provide deep insights and practical solutions to influence each stage of your demand generation strategy – from what matters to customers, to identifying buyer intent, to delivering more personalized, memorable moments that capture the hearts and minds of buyers throughout the journey. 

Your thoughts and suggestions are encouraged, and your participation would be even better. 

Gen Z consists of those born between 1997 and 2010, placing me at the older end. This means younger members of Gen Z have even more profoundly grown up in the digital world. Take for example, my younger brother born in 2007, who is the same age as the iPhone. He does not ever remember a time when Blackberry was the ‘cool kid’ phone. 

Which brings me to the point of this blog. Earlier this year, during a Foundry marketing all-hands meeting, the topic came up – what generation do you belong to? 

In this conversation, we poked fun at Baby boomers for struggling with iPhones, and at Millennials for using Instagram reels instead of TikTok. However, there was a much more serious conversation to be had. Foundry’s had just come out. This year’s study was the first to include a Gen Z breakout in the results, along with Baby boomers (born between 1946 and 1964), Gen X (1965 – 1980), and Millennials (1981 – 1996).   

The generational divide 

The research found that content preferences among the older age groups are fairly consistent, but they change radically with Gen Z respondents. Although technology content sites are the number one source for everyone, Gen Z lists our other top preferences as online communities, peers outside the company consulted via electronic media, infographics, and podcasts. And just one of those sources – online communities – made the top-five list in any other age group (Boomers listed them fifth).  

Older generation groups tend to have fairly consistent content preferences, suggesting that they may have grown up with certain types of media and are comfortable with those formats. In contrast, my generation’s preferences indicate a departure from traditional content sources, reflecting the impact of our unique exposure to technology and an upbringing in the digital age. 

Take buying a pair of sneakers for example, or rather how that buying process varies by generation. When my parents go to buy a pair of sneakers, they might browse online, or go to the mall, and that is the extent of their journey. My journey is a bit different – rather I look at TikTok and see what others have, I check what influencers are wearing, I might post on Facebook asking friends for advice, and I browse the Reddit community (not kidding I love this subreddit). Bottom line? The buyer’s journey is evolving along with the digital age. 

The bigger, more serious conversation to be had – what does this mean for B2B marketers?  

Looking ahead

Before we know it, Gen Z’ers will play a pivotal role in the buyers’ journey, requiring every marketer, regardless of their generation, to include our preferences. 

This means it’s time to get a head start so as Gen Z’s representation in the buyers’ journey grows, your organization has already adapted. Based on my perspective as a B2B Gen Z marketer, I have a few ideas on how we can get started:  

Experiment with new channels

There is no time like the present to begin experimenting with new channels for content delivery. Channels like , and , making these great options to begin exploring. Try starting with organic efforts, see how those perform, then begin experimenting with paid ads, or influencer marketing. This is your chance to be creative! 

earning fifth place among Gen Z’s preferences, are also a great channel to start with. Foundry found that 94% of Gen Z ITDMs listen to business related podcasts, and 40% have used them to find out about emerging technology. This trend will only continue to grow as the Gen Z matures. In fact, I often found myself turning to Spotify and browsing the top podcasts speaking on B2B and SaaS trends.  

Out of all the generations, Gen Z is the most comfortable with technological developments, suggesting trends will continue to shift as new technology emerges. To combat this, encourage conversation among leadership around recent technologies like machine learning and AI tools. Embrace innovation and stay open to the evolving landscape of content consumption to effectively engage with Gen Z.  

Invest in thought leadership and encourage conversation

Online communities consumed information sources by Gen Z. This suggests a desire for authentic connections and genuine experiences among our generation. Gen Z is sick of linear marketing, we don’t want to download your content. Instead, we want information at our fingertips in a second, and to have real conversations about what’s working, and what is not.  

Tap into this opportunity by identifying social media groups, platforms, or key industry forums like . Begin by participating in discussions, sharing valuable insights, and positioning your brand as a trusted source of information. Also attend offering a real face-to-face connection that humanizes your brand and shows us that there are real people behind it. Despite Gen Z’s reliance on technology, we care deeply about forming real relationships, trust, and authenticity. We care about brands and often buy from brands that we know our peers and community trust. Take me, for example. Every morning that I’m on my way to the office, I refuse to buy anything other than a Starbucks latte. And when a big celebration rolls around, my go-to champagne is Veuve Clicquot. Why? Because I trust these brands. I know they’re consistent, and I’ve seen my friends enjoy them too. That trust goes a long way for Gen Z.  

Talk to your Gen Z team members 

Engaging with your Gen Z team members is not just a valuable opportunity but also a strategic advantage. Many Gen Z professionals, including myself and those in entry-level roles like specialists and associates, are eager to contribute their ideas, passions, and inspirations to the workplace. Ask how we are doing research, ask what channels we prefer to use, and ask what content we are consuming. Perhaps it’s a good idea to send out a quarterly survey to the younger team members at your organization. This could spark conversations around new ideas, campaigns, and messaging that resonates with the growing Gen Z buyer group. 

We are the next era of buyers, and based on Foundry’s findings, change does not seem to scare us. Talking to your Gen Z team members opens the door to a wealth of knowledge and a fresh perspective on various aspects of your organization. 

Gen Z rising

It should be noted, however, that us Gen Zers comprised only 6% of the respondent base compared to 41% of GenXers, who are in the prime of their careers. While Gen Z is currently in the minority, time moves quickly. Gen Z is rising – the younger part of our generation is still in grade school, while on the other hand, many of us in our later twenties are already climbing the corporate ladder. 

As marketers, we’re always looking for the best and new ways to capture buyers’ attention. And if we want to continue doing so, we cannot ignore these stats. The buyer’s journey is changing and changing fast, and to stay relevant, we must adapt. 

Of course, keeping in mind that sources for marketing information may differ from those for information technology, and that as these professionals mature into their roles, their information preferences may shift depending on the type and level of information needed in their advancing roles. 

Q. What are your primary responsibilities as global CIO?  

I have accountability for all of our information technology, globally. In this era, �ٳ󲹳�’s a big focus on digital transformation, analytics, cybersecurity, operational technology, and ensuring that our enterprise platforms are modern and ready to scale with the growth of the company. 

Q. Who do you report to?  

I report to the CEO and Board Chair. 

Q. How would you describe a “typical” day?  

I would break it down into three pieces that I think show up every single day for me. First and foremost, focusing on the team. I’m a firm believer that you get great outcomes if you have a really engaged team that feels connected and supported. If the team feels closely connected to the work, and they feel that it’s challenging but also motivating, we get the best out of everyone. This has enabled us to have very strong retention. So I spend a lot of time on talent.  

Second, I spend a proportion of my time looking forward on strategy. That means connecting with the executive team and the business leaders on the future direction of the company to influence and be influenced by business strategies. I work with my team to be in lockstep with strategizing the technology and the talent needs that we’ll need for the coming years.  

The third piece is connected to the active portfolio of work. It’s important that the team continues to hit the mark on execution so that our active technology initiatives are driving business value in the near term. 

I have a very senior leadership team and have great trust in them for the active work around the portfolio, which means I can spend more time than I have in the past on our talent, engaging with the executive team and the Board of Directors on strategy, and out in the industry with fellow CIOs and our customers.  

Q. What role do you play in technology purchases?  

My leadership team and I are connected to every technology purchase or service. We want to make sure we get enterprise leverage as much as possible. We have a variety of business units spread globally, so the more we can buy once and share that across the various business units, the better for everybody.  

Also, as the security posture of technology becomes more and more important, we need to get involved in the process as early as possible, especially for new vendors and new technology to mitigate risk. We want to expedite the process, but we also need to make sure that if there are gaps to be closed, we’re doing that early.  

Someone from my leadership team sits on every business president’s leadership team, so we have strong partnerships with our businesses, and the team can quickly respond to evolving needs. That makes it pretty easy for us to be actively involved early on. 

Q. What other internal stakeholders do you collaborate with on technology purchases, either within IT or across other departments or business functions? 

The size of the group flexes based on the size of the spend, the size of the risks, the duration of the evaluation, and the complexity of the technologies. We work hard to make sure the main users of the technology are in it from the beginning for evaluating new technology. They have the best perspective to weigh in on both the usability of the technology and the business value we’re trying to create. 

Rowing together from the start around what the problem statement or opportunity is creates far more speed to value in both the implementation and the long-term results. Our job is to move at the speed of business, so that if there is a need, we make sure that we can create the right solution, whether in-house or through a technology partner. 

Digital technology and analytics are true enablers of growth, so they’re showing up in business plans by our business presidents and our executive team. Ideas emerge from all corners of the company. We want to make sure the right data is in the right hands for people across the globe to be able to learn and experiment and find insights and their own use cases. I’m a firm believer that if the insights are only coming from the top, or only coming from a centralized function, we’re missing tons of opportunities.  

But that does require striking the right balance to make the value proposition of new technologies is in line with our risk profile. Taking the time with security reviews to make sure we’re being prudent up front gives us benefits on the back end.  

Q. How has the tech buying process changed or evolved in the last 3-5 years? 

A few things are changing. As every company charts out what digital transformation means for them, we’ve seen an emergence of niche technology, which creates interesting solutions, but also puts tension on the enterprise leverage and long-term stability of those solutions. That requires a different level of due diligence and evaluation.  

And then we’ve seen more technology moving to “as a service” models. That changes not just the sourcing process and evaluation of how that fits into our landscape, but also creates new risks and starts to shift some of the funding models. That requires different thinking about the buying process as we consider budgets and growth over the course of the coming year.  

Q. What can technology vendors be doing better, or doing less of, to get your attention and your team’s attention?  

Knowing as much about the company as they can in advance of early discussions makes it far more efficient and useful for everyone, vendors included. I wouldn’t want anyone wasting their time, so if they have a sense of where the company is going, even if it’s just from a business strategy point of view, understanding what we do and the growth potential of the company, that leapfrogs the conversation a bit.  

Candidly, the cold call doesn’t do much for me. It’s about forging relationships. My best providers are the ones that I feel like I have a true relationship with. They’ve taken the time to understand what we need and make sure that gets prioritized. Building relationships, as opposed to trying for the quick sale, is good for the long term. 

As far as the actual technology, there are a few areas. One is making sure that security is at the forefront of the technology designs for the company. Another is the ability to integrate with other technologies. As we think of all the data flows, and all the automation that people are going to be investing in in the coming years, it’s far less likely for standalone solutions to be additive at the enterprise level. Making sure that your solutions are nimble and can be integrated into our tech stack is important.  

Lastly, during the evaluation phase, we want small proof-of-concepts that show us the value proposition really quickly. Decisions are made with a rigorous process, but everybody wants to move as quickly as they can.  

Budgets remain stable during economic uncertainty

As organizations continue to realize the business value of technology solutions and their necessity to keep the business moving forward during this time, IT budgets look resilient. ITDMs in all three regions expect their tech budgets to increase or remain the same over the next 12 months (88% NA; 89% EMEA, and 88% APAC).

It shouldn’t be a surprise that budget direction is aligned with revenue expectations reflecting the same stability. EMEA respondents are especially optimistic with 62% predicting revenue growth, compared to NA (51%) and APAC (54%).

The tech purchase process is complex

The tech buying process is not simple. The complexity arises from the things like dynamic nature of the industry, the need for thorough evaluation and decision-making, budget constraints, and the diverse range of factors that must be considered to make informed choices that benefit the organization.

Respondents in all three regions agreed upon the sentiment that the purchase process is becoming increasingly complex (60% NA; 63% EMEA; 61% APAC). Given this growing complexity, it’s not surprising that the length of time organizations spend on decisions is increasing. In NA, 6.0 months is the average length of the tech purchase process compared to 5.5 months in EMEA and 7.8 months in APAC – the longest of the 3 regions.

The length of time goes hand-in-hand with the size of the buying team. The average buying team in each region is as follows:

• NA – 22
• EMEA – 29
• APAC – 29

Leadership Throughout the Tech Purchase Process

So, are there regional differences on who leads the tech purchase process? At nearly every stage of the APAC purchase process, the CIO takes control of the operation, supplemented by aid other tech specific roles (i.e., IT management, CTO). In the EMEA and NA processes, the CIO maintains control; however, opinions from outside departments are more likely to be taken into consideration, such is the case with CFO authorizing or approving the purchase of products and services.

For more on tech leadership initiatives around the globe, view our infographics detailing research from our State of the CIO research study in all three regions below:

• North America
• EMEA
• APAC

Sources relied upon

Looking at the information sources that ITDMs rely upon throughout the tech purchase process, there are certainly some regional differences. NA organizations rely heavily upon information sources from their peers (56% vs. 35% in APAC) and NA and EMEA organizations source their info from events (both 59%) more so than APAC organizations (47%).

The top sources per region are as follows –

• North America: 1) tech content sites, white papers, online communities/discussion forums
• EMEA: 1) white papers, 2) tech content sites, 3) webcasts/webinars
• APAC: 1) tech content sites, 2) tech vendors (in-person), 3) tech vendors (phone, email)

When it comes to the amount of information consumed when researching throughout the purchase process, all 3 regions averaged the same – 5-6 pieces of information.

The top two objectives of companies’ digital business strategy are 1) improving employee productivity/collaboration (cited by 51% of respondents, up from 44% in 2021) and 2) reducing costs/inefficiencies (50%, up from 38% two years ago). Seeing these two objectives at the top is no surprise given the socioeconomic shocks of the past three years and their subsequent impact on work models and business performance.  

Despite these broadly shared objectives, all digital transformation journeys are not the same. For tech marketers, it’s important to understand where organizations are on their quest and how that impacts their information needs and their technology buying decisions. To that end, this year’s Digital Business Study includes a new Digital Maturity Index, which breaks down responding organizations into four levels of digital adoption:  

Let’s look at some of the characteristics of each segment, along with some guidance for tech marketers on how to adjust their messaging to create deeper interest and engagement from each group.  

Nascent  

These early-stage digital businesses (go ahead, call them laggards) are more likely than other organizations to face a broad set of hurdles in executing transformation initiatives. Their top five challenges include:  

1. Lack of sufficient budget 

2. Gaps in staffing/skill sets 

3. Cultural issues 

4. Too many competing priorities 

5. Lack of corporate vision/buy-in 

In addition, 67% of nascent digital adopters view cost savings as a top objective of digital business strategies, compared to 50% of all respondents. Just 16% say customer experience has become more of a priority over the past 12 months, compared with 95% of advanced companies.  

This narrow focus likely limits the ability of IT leaders at these companies to get buy-in for new initiatives and, combined with their long list of challenges, indicates that the issues these companies face are more often rooted in culture and mindset than the technology itself.  

For tech marketers, messaging that emphasizes the importance of change management, creating a business case, measuring return on investment, and addressing skills gaps can help turn skeptics into advocates for increased digital spending.  

Emerging  

As with nascent organizations, companies in this early maturity stage still tend to prioritize their digital investments more around cost-cutting and productivity rather than growth-oriented goals such as improving business agility and customer experience. In addition, these companies tend to lag well behind their more mature peers in investing in core digital technologies such as analytics, 5G, and mobile technologies. More than one-third (36%), however, are researching AI/ML with an eye toward deploying these technologies over the next 12 months.  

For tech marketers, the opportunity with these digital emergents includes guidance that helps them prioritize digital initiatives based on business needs and how to find the right skill sets to help them accelerate their progress. Providing thought leadership on the value of emerging technologies such as cloud-native platforms and generative AI can also establish your position as a credible source of information with IT teams that are beginning to research these topics.  

Established  

These organizations have a more balanced set of objectives for digital investment than their less mature peers, focusing on both cost-management and growth initiatives. More than three-quarters cite customer experience as a priority (78%) and say they’re committed to investing in their digital strategy despite current economic headwinds (76%). Seven in 10 believe their organization is further along on its digital business journey than they would have expected two years ago.  

Among the main challenges for this group, complexity of IT infrastructure stands out relative to the other segments. This presents an opportunity for marketers to engage IT decision makers at these companies with information about how their solutions or services can streamline operations and reduce complexity. Additional messaging that focuses on how organizations can accelerate and scale their transformation efforts will help this segment move to the advanced level of digital maturity.  

Advanced 

Organizations at the top of our maturity scale are well ahead of their peers in several areas of digital business transformation. For example, they are more likely to:  

• Prioritize business agility/resiliency, customer experience, security improvements, and revenue-driving innovation as key digital business objectives. 
• Continue investments in digital business strategy regardless of economic indicators. 

• Adopt a “remote-first” mindset when making technology purchases. 
• Invest in advanced/emerging technologies such as cloud-native platforms, AI engineering, generative AI, and security mesh.  

Some of their challenges reflect how deep these organizations are into the details of optimizing digital investments: IT complexity (31%), data collection, management, and analysis (30%), and integrating new applications with legacy systems (25%). These are all indicative of next-level issues that arise for organizations that are aggressively modernizing their tech stacks to support digital business.  

Engagement with this audience should focus on resources that help them measure the impact of technology deployments, deploy best practices for operationalizing analytics across the business, and demonstrate how AI, automation, and similar capabilities can help to reduce complexity, integrate disparate systems and data, and accelerate innovation.  

Understanding the progress organizations are making with their digital transformations, and the pain points they’re experiencing along the way, is critical for attracting and engaging with IT and business decision makers. The Digital Maturity Index is another tool in the toolbox to inform a brand-to-demand strategy that drives real results. 

 is Foundry’s global director of content strategy, overseeing a global team of content strategists who work with Foundry’s technology clients to develop and deliver award-winning content marketing programs.

Leadership in the tech purchase process

From determining the business need to post sales engagement, a variety of ITDMs play a part in various stages of the technology purchase process and hold different leadership roles in each stage. On average, 25 people make up the buying committee (up from 20 last year) – 13 IT and 12 lines of business – however, there are some differences by company size. Enterprise organizations have an average of 33 influencers (17 IT and 16 LOB) while SMBs have 15 total (7 IT and 8 LOB). 

While we see LOB influencers throughout the purchase process, the CIO or top IT executive and IT management consistently remain the top leader for all stages. Additionally, the engineer has consistent involvement in the purchase process, specifically when determining technical requirements and evaluating products and services. Given compliance requirements and cybersecurity incidents always being top of mind, it is no surprise that security staff is also actively involved when determining technical requirements, evaluating products or services and recommending and selecting vendors. It’s crucial that new technologies meet security requirements and align with current business practices.

Sources relied upon during the purchase process

83% of ITDMs download information to aid them during the tech purchase process, averaging at 6 pieces of content downloaded. In order to be more inclined to download content, brand awareness is key component as 65% of ITDMs say that they typically spend more time-consuming content from known and trusted brands. Brand awareness specifically aids engagement with product reviews (68%), case studies (49%), third-party market research (44%), and technology related-videos (44%). Before content creation and promotion to specific sources, ensure you have a strong and trusted brand identity with your customers and prospects. Once that is in place, provide ITDMs with the information sources they rely on the most. Those being:

Reliance slightly differs by purchase process stage – the research shows that for the first three stages (determining the business need through evaluating products and services), technology content sites are the number one relied upon information source. Given the nature of tech content sites being educational resources with in-depth articles, product reviews, and opinion articles, it makes sense as to why these would be the number one information source when ITDMs are doing the majority of their research prior to purchasing a tech product/service. Once a vendor is selected and moves into the approval process, ITDMs turn to technology vendors, whether that be via their website, email, phone or video conference, as well as their peers for additional information and insight.

New this year, we asked IT decision-makers which stage of the technology purchase process is most likely to stall at their organization, and the majority said the authorization and evaluation stages. Be sure to provide ITDMs with the resources they need to get through these stages and ultimately complete the sale. They actually want to work with vendors to help expedite the process, as 61% say that they work with vendors to help develop the business case around investment in their technology.

Different types of educational formats

While in-person is coming back, ITDMs are still likely to attend virtual events. In fact, 68% agree that given the ease of attending, virtual events will be an important source of information. This increases to 71% for executive IT, likely because of their busy schedules, and decreases to 58% for IT professionals. As the state of events and conferences shifts back to normal, 58% also say that they are more likely to attend in-person industry events in the next year.

Continuing with the virtual format, ITDMs rely on and engage with webcasts. 67% of have registered for a work-related webcast in the past 12 months, increasing to 72% for executive IT.  Technology-related video is also a key content type that ITDMs turn to – 94% say they watch tech videos for business purposes, with the main types being:

Before building out your marketing strategy, it’s necessary to fully understand who’s buying your technology, their involvement throughout the purchase process, and the information sources they need to aid them to make purchase. Download Foundry’s for the full insights to help you start building out your plans. 

To highlight key parts of the research, Foundry partnered with IDC/CIO Executive Council for a , hosted by John Gallant, enterprise consulting director at Foundry and Tim Scannell, VP of strategic content at the CIO Executive Council. They are joined by Jo Abernathy, CIO at Blue Cross Blue Shield of North Carolina and Gary Jeter, EVP & CTO at TruStone Financial Credit Union.

This far-ranging conversation covers tech budgets; is tech spending “recession-proof”, are budgets for technology consolidating into the CIOs realm (with side conversations about the impact on security, and citizen developers); earning the right to innovate; how organizational structure around budgets impact security; and more.  

This short excerpt hits the highlights, but watch the to hear much more from our CIO guests, and the key points from the State of the CIO research. 

Budgets holding strong 

Technology budgets are continuing to see growth in 2023. In fact, 91% of CIOs expect their tech budget to either increase or stay the same – the #1 reason for an increase being the need for security improvements. This data point elicits an interesting discussion among the group.

Gary Jeter believes that “…this is common throughout a lot of the financial industry, the view is, I believe, that technology is recession-proof… my budget this year as far as OPEX grew, a part of that was from consolidating IT spend into technology…”. He explains that their focus is to improve productivity through technology and better leverage it to advance analytics to retain and gain customers.  

“In spite of economic concerns, I think the results may indicate that enterprises are taking the long view on tech investments and viewing them as key to either driving down operational costs or driving up revenue or both…” says Jo Abernathy. 

Earning the right to innovate 

Looking at what CIOs are focused on now versus what they want to be focused on in three years – the current list shows security at the top, along with improving IT operations and systems performance, managing infrastructure and applications which could be considered very operationally focused. Three years from now CIOs want to be spending their time driving business innovation, redesigning business processes, aligning IT with business goals. Our experts weighed in on the tension between these two: 

“…when you look at what they’re focusing on as far as from an Ops performance perspective, you have to earn the right to innovate … for us yes, we’re focusing on operational excellence but a good portion of 2023 is going to be about delivering different experiences, removing friction from our members or customers…”, says Jeter. 

For both CIOs, innovation is important. Abernathy believes, “… that’s one of the wonderful things about being a CIO and one of the things that’s extremely challenging about being the CIO…you have to advance the basics all the time whether it’s dealing with legacy tech or security or operations … and be able to swivel chair and show your business partners that you can help lead in innovation and business opportunity …” 

Distributed technology

When technology dollars are controlled by IT versus other parts of the organization – our study found that only 43% of all technology dollars are controlled by IT, this was surprising and problematic to our CIOs. 

“… I would say it did surprise me … I think that just like being a CFO or a chief marketing officer, you have to have that relevant experience. I feel very strongly that CIOs can’t be accountable in title but not in practice….I think that much like running IT, managing technology vendors  and contracts short-term and long term and having strategies around those it’s just not something  that typically is done very well in business areas they just don’t have the experience and  frankly the failures and the scars to learn from it I just think that this always sub-optimizes technology even if it’s unintentional so I am  not a fan of Distributing Tech” says Abernathy. 

“…I’m struck when we look at the concern about security, when we think about things like customer experience, I don’t understand how we can do those things well in a distributed fashion …” explains John Gallant. 

Jeter replies, “I’ve had a similar experience where essentially a business unit would look at the IT rate card and a vendor would  come to them and say hey we can deliver a cheaper [solution] when reality they’re not delivering it cheaper and it creates a lot of tech debt and then when there are issues IT has to come in and basically rectify it and solve it so I’m sure a lot of the  CIOs out there know what I’m talking about because that’s very very painful…” 

CIOs’ role in revenue generation 

Within the research, 44% say they’re managing a team tasked with creating new revenue generating initiatives, another 24% are part of a team that’s doing that and about a third are not responsible for new revenue generating initiatives – our CIOs explain how this looks in their organizations. 

Abernathy explains, “We are not directly accountable for driving innovation, we are seen as a very critical partner. We have a diversified business group, which is also our strategy group, and they’re always looking at new opportunities to partner and to invest. We have a great relationship with them and they always call us in to get our take and to get our opinion to help shape deals…” 

“… the digital banking channel is an IT responsibility, so my solution architect is in charge of development. His responsibility is also called the VP of innovation, so he’s hitting conferences along with others and looking at all the different fintechs that are out there and understanding the business and understanding how it can remove friction and how can it solve problems …so we are responsible for driving revenue” says Jeter. 

The emerging topic of ESG 

The discussion closed out with a lightning round question about ESG – this is the first year we asked about issues in the State of the CIO research, with three different questions regarding if it’s going to shape buying habits and interactions with vendors, and how organizations are dealing with it. 

“We are very much in the nascent phases of ESG – we are beginning to gather reports from our key suppliers and to set a strategy for ourselves. I’ll be honest when I thought about this topic I tended to think about things like manufacturing and industries completely outside of my own until I looked at some statistics around data centers and how we contribute to the carbon footprint. And while a lot of that we don’t directly control, as you said, we can certainly control it by our decisions around which suppliers we use, so we’re in the beginning phases of shaping our strategy. I think it’s going to go from a nice-to-have to something you have to have for your key stakeholders…everybody should be focused on it”, Abernathy explains. 

“I would agree, we’re really in the beginning stage and so we’re still in the process of looking at how do we tie it in, but it’s the right thing to do so we absolutely have to do it, and it’s also key to attract talent.”, says Jeter 

2023 is going to be a year of challenges, changes, and uncertainty, but our CIOs believe organizations see IT as a business driver and they are in better shape than three years ago. 

For additional insight from our CIO guests, . To learn more about how CIOs are spending their time and prioritizing certain initiatives, download the , the , and the .