CIOs face the challenging task of balancing various priorities to align their digital infrastructure with business goals. Looking ahead to the next 12-18 months, two top priorities emerge for IT leaders: developing a strong business case for AI infrastructure spending (cited by 35% of respondents to IDC’s Future Enterprise Resiliency and Spending Survey, Wave 3, March 2024) and increasing cyber resilience and security (34%). Interestingly, despite the significance of technical debt as a cost concern and an inhibitor to improving security and implementing innovation (like AI), it ranks much lower on the list of immediate priorities for many organizations (20%). This misalignment between priorities and actions creates a substantial barrier to success.
Future Enterprise Resiliency and Spending (FERS) Survey, Wave 3, IDC, March 2024
The overspending challenge
The same IDC survey data shows that 38% of IT professionals anticipate overspending on digital infrastructure this year (greater than 20% will overspend between 1% and 9%, and 17% will overspend by 10% or more). This overspending is primarily driven by two factors: excessive technical debt (cited by 47% of survey respondents) and a lack of business-aligned infrastructure strategy (43%).
Future Enterprise Resiliency and Spending (FERS) Survey, Wave 3, IDC, March 2024
There seems to be a noticeable gap between the goals CIOs set and the priorities they focus on to reach those goals. Both AI and security modernization require integrated systems and substantial budgets, yet these factors are inhibited by technical debt. As shown in IDC’s survey data, while CIOs recognize that technical debt is a significant barrier to key strategic initiatives, they often don’t prioritize it as a foundational issue. It’s a common scenario among CIOs — it’s often easier to communicate and gain consensus with business stakeholders on the urgent need for innovation (a competitiveness factor) and cybersecurity (an existential threat) than on addressing maintenance tasks (technical debt).
Despite these challenges, CIOs can navigate the complexities by focusing on three key areas: balancing the management of technical debt with future investments, building a strong business case for AI, and enhancing cyber resilience and security.
Developing a balanced technical debt approach
Technical debt often stems from the costs of running and maintaining legacy technology services, especially older applications. It typically arises when organizations make short-term sacrifices or use quick fixes to address immediate needs without ever returning to resolve those temporary solutions.
For CIOs, balancing technical debt with other strategic priorities is a constant challenge. They must decide whether to invest resources in high-profile areas like AI and security or to prioritize reducing technical debt. Ignoring technical debt can lead to escalating costs, inefficiency, and integration challenges, while deprioritizing it to focus on high-impact projects (e.g., AI) may drive short-term business value at the expense of long-term drag. The key is to address critical areas of technical debt to gradually modernize the IT infrastructure needed for innovation and security. This approach helps maintain a balance between managing debt and driving innovation.
Capital One’s cloud migration initiative highlights a strategic approach to managing technical debt. By migrating to the cloud and changing its technology operations, Capital One was able to scale to meet demand, improve agility, accelerate innovation, and reduce costs associated with legacy systems. This example shows that while managing technical debt is crucial, it can be balanced with other priorities.
Building a strong business case for AI
AI is quickly becoming a key asset for organizations seeking to drive innovation, enhance customer experience, and improve operational efficiency. With the right infrastructure, AI has the potential to transform business operations and drive growth. Developing a strong business case for AI infrastructure is essential for demonstrating its potential impact on business outcomes, which means organizations will need to secure the necessary investments and support for AI initiatives.
To make this happen, CIOs need to articulate the tangible benefits and ROI of AI investments. They should work closely with business leaders to align AI projects with business goals and clarify specific problems AI can solve. This involves identifying areas where AI can make the biggest difference, such as customer service, supply chain management, or predictive maintenance. IT teams can run pilot projects to showcase AI’s capabilities and gather data to support broader implementation. These pilots should focus on clear, measurable outcomes to prove success and build confidence in AI solutions. As part of these pilots, technology leaders must assess how the production rollouts might be impacted by technical debt and triage the remediation.
One successful example of AI implementation is Netflix. Netflix uses AI algorithms to provide personalized recommendations to its users. By analyzing viewing habits and preferences, AI helps Netflix suggest content that users are more likely to enjoy, enhancing the customer experience and driving user engagement. This AI-driven approach has helped Netflix retain subscribers and increase viewing time, contributing to the company’s growth and competitive edge.
Enhancing cyber resilience and security
As cyber threats are becoming more sophisticated and unpredictable, they have exposed significant gaps in ensuring security for business operations. Having advanced security measures protects the organization’s assets and ensures compliance with regulatory requirements. CIOs should invest in robust cybersecurity measures, including advanced threat detection, response capabilities, and employee training. Maintaining software updates and implementing multifactor authentication (MFA) and encryption will further strengthen an organization’s defenses.
However, technical debt can significantly undermine these cybersecurity efforts. Legacy systems and outdated software can have vulnerabilities waiting to be exploited. Additionally, technical debt is often represented by multiple, disparate tools acquired over time, which can hinder the implementation of a cohesive security strategy and increase cybersecurity risk. Addressing technical debt is essential for maintaining a strong security posture and ensuring the long-term resilience of the organization against sophisticated cyberthreats.
After a data breach in 2013, Target made substantial investments in cybersecurity. Hackers got into Target’s network through third-party vendors, compromising credit and debit card information for about 40 million customers. After the incident, Target hired a new chief information security officer (CISO) who focused on building advanced cybersecurity capabilities that could develop alongside evolving threats to address some of Target’s vulnerabilities. The new CISO built a team of in-house experts to embed these tools into Target’s website and operating systems to provide a seamless customer experience. Target’s response illustrates the impact that investing in security measures can have and highlights the importance of proactive security investments.
Conclusion
With competing priorities and limited resources available, CIOs are charged with allocating their budgets strategically and ensuring digital infrastructure investments align with their organization’s overarching business strategy. AI and security are top priorities, but technical debt must also be addressed so IT infrastructure can remain efficient and capable of supporting future growth. The key is for CIOs to assess both short- and long-term goals and find a balanced approach to managing technical debt while investing in innovation. CIOs should look at how to frame technical debt within the shadows of AI and cybersecurity to provide concrete reasons to address technical debt.
Learn more about IDC’s research for technology leaders.
International Data Corporation (IDC) is the premier global provider of market intelligence, advisory services, and events for the technology markets. IDC is a wholly owned subsidiary of International Data Group (IDG Inc.), the world’s leading tech media, data, and marketing services company. Recently voted Analyst Firm of the Year for the third consecutive time, IDC’s Technology Leader Solutions provide you with expert guidance backed by our industry-leading research and advisory services, robust leadership and development programs, and best-in-class benchmarking and sourcing intelligence data from the industry’s most experienced advisors. Contact us today to learn more.
Mona Liddell is a research manager for IDC’s IT Executive Programs (IEP). She is responsible for leading the creation, analysis, and delivery of quantitative-based research and related marketing content for business and technology leaders. This research provides guidance on how to leverage technology to achieve innovative and disruptive business outcomes. Mona has over 10 years of experience using data to drive actionable insights and recommendations. Prior to joining IDC, Mona served as a market insights advisor for the IBM infrastructure team. She led large-scale primary research studies and advised the IBM Systems and IBM Cloud teams and executive leadership on strategy, market dynamics and trends, and competitors.
