CTO Insights January Newsletter

CTO Insights January 2024  

A new year, a new set of technology challenges and opportunities to tackle in 2024. As always with a new year, it’s a chance to look forward. This being IT let’s not look too far forward though! What’s likely to be challenging us in the first part of 2024? 

No escaping the AI beast 

The use of AI will continue to dominate business IT conversations. Microsoft’s co-pilot, OpenAI, Google etc are all continuing to push driving these technologies into every area of our lives. Co-Pilot is a particularly interesting one, with Microsoft already including it as an app in Windows 11, free as part of its Bing Chat service, and of course as an increasing presence across Microsoft 365.   

It’s not just here though. At the recent Consumer Electronics Show (CES2024) AI was front and centre. This included the intriguing Rabbit R1 which is an AI-powered “pocket companion”, imagine a smartphone with an AI interface. Techradar also ran a story from CES about Volkswagen being the latest car manufacturer to build ChatGPT into their cars, although I’m not sure I’m quite ready for that, it shows how AI will continue to become ever more pervasive. 

As IT business leaders we do need to prepare for this and have the appropriate controls in place to protect to ensure we use AI appropriately in both business and personal settings. 

The Cybersecurity threat isn’t going anywhere 

No surprise here as cybersecurity is never going to be done. A friend of, Kirk Ryan, recently posted this blog regarding cybersecurity trends in 2024.  Two tips caught my attention. His “AI Arms Race” pointed towards the cyber security threat posed by AI. How technology such as deepfake presented new threats that in reality are difficult to stop. This is an emerging area business and security leaders need to understand and find ways to identify these threats, much of this will need to be manual, however, as right now it’s hard for technology alone to stop. 

He also discusses “The Great Cloud Caper. Cloud has certainly increased the threat posed by leaked credentials and poorly configured security. While leaked credentials leading to the deletion of cloud infrastructure is thankfully rare, less rare is the threat posed by misconfigured cloud accounts and services, we continue to hear of misconfigured cloud repositories leading to significant data leaks.  

How secure is your cloud infrastructure? This is a question we should all be asking. Certainly, we should be carrying out regular basic security auditing to ensure we don’t have basic misconfigurations. We should ensure we are not over-provisioning guest access to our Teams groups and SharePoint sites or having under-protected, over-elevated accounts that if breached can be used to raise havoc in our cloud environments.  

Managing Costs  

Not surprisingly, we are going to see continued economic pressures on business and IT is a part of that. Whether it’s capital expenditure or operational costs the need for better insights into them is becoming increasingly in demand, especially with cloud spend. Having insights, especially predictive insight, into cloud costs should be a consideration for anyone with any kind of complexity to their cloud environments, especially those with multi-cloud setups. Knowing the best place to run a workload, and understanding how to ensure you are right-sizing them can have a significant impact on overall costs reducing them significantly.  But this is also true on-premises, making sure we are running a right-sized environment can reduce capital and operational costs. It’s a difficult area to manage, but it is, and rightly, going to stay high on the agenda as we move through 2024. 

While no doubt there are other areas of interest, I imagine much of the initial part of 2024 will see us dealing with those three areas. 

Tech Takeaways 

New year, new episodes! In 2024’s first episode, we are discussing alternative networks. These are connectivity providers who live outside of the UK’s traditional BT and Virgin media networks. Alt-nets own their infrastructure and build their services, which opens a range of custom services that can appeal to businesses of all types. Is an Alt-Net something that you could use? Dave Ferry of ITS joins us to explain more. Find the video version here or if you prefer audio it’s here 

CTO Insights  

In episode 2 of CTO Insights, I’m joined by NetApp field CTO, Grant Caley. With 20+ years at storage vendor NetApp, Grant has great experience and he shares a broad set of insights into the data industry. Join me as we explore the future of data ranging from cost optimisation to backup and recovery. 

You can watch the video here or if you prefer listen to the audio version here. 

Thanks for reading CTO Insights, look out for more coming soon. 


CTO Insights Newsletter Edition 1

Welcome to our first CTO Insights newsletter. The aim is to provide you with some insights into what I’m seeing from our customers, vendors and the general IT trends in the key technology areas that are challenging us all as CTOs in our businesses. 

In this first newsletter, I thought I’d go obvious with a couple of interesting articles and information across two of the hottest technology topics cybersecurity and generative AI (and I promise ChatGPT is not writing this newsletter). 

Generative AI 

The incredible popularity of ChatGPT (until the recent release of Threads, the quickest consumer technology to reach 100 million users, taking just two months, seven quicker than Tik Tok (Incredibly Threads did this in just six days!)) has taken the AI conversation from academic to one right into the heart of day-to-day use and of course day to day business. 

I recently recorded a Tech Takeaways podcast with our COO, Jason Fitzgerald, on this very topic as we discussed the ins and outs of the technology. What it means and importantly what the risks and potential rewards are, feel free to watch or listen here 

What does all this mean for us as a CTO and our business? 

When preparing for the podcast, I found a couple of useful resources that I wanted to share that provides a good overview into the rapidly evolving world of GenAI 

Firstly, is this article for McKinsey What every CEO should know about generative AI | McKinsey. The article discusses what we mean by Gen AI specifically. Some of the use cases you will see across an organisation and some of the responsibilities, this is particularly useful for a CTO, we have before introducing such tech to our business. 

For those who’d rather listen than read, I also find this podcast from an old friend of mine Yadin Porter de Leon who is at VMware, where he talks with Paul Roetzer, CEO of Marketing AI Institute, again, about the possibilities and potential risk. Including an interesting discussion on the impact on people. Find it here Generative AI: What CIOs Need to Know – with Paul Roetzer, CEO of Marketing AI Institute – CIO Exchange (vmware.com). They should provide you with a good overview of the space and what to consider. 

Gen AI is not going to go away; this is going to become an integral part of day-to-day business and life. As CTOs, it’s important to develop a position on the topic for our organisations, that doesn’t necessarily mean being an expert, but it is important to understand how we can use this to drive our business better and what we should be wary of. 

Cyber Security 

Always at the top of the priority list is cybersecurity, it’s of course a problem that continues to evolve, with threats and attack approaches continually changing (see above!) Tackling cybersecurity requires us to continually evolve our understanding of the problem and our approach to tackling it. 

With that in mind, I recently presented alongside Sophos at an event in Liverpool where we were outlining the latest trends. I Was joined by Sophos Technologist Jon Hope who also shared the latest Sophos Ransomware report (you can get a copy of that here – 2023 Ransomware Report: Sophos State of Ransomware).  

I also put together a blog post sharing some thoughts from the event you’ll find it here. 

While we are talking about events. I also attended Infosec Europe in London at the end of June. These are always interesting events and chances to hear from subject experts and by chatting with vendors to gain an understanding of strategic direction and trends in the cybersecurity space.  

It’s a big event and even across the two days I was there it was impossible to visit everyone, but I was lucky enough to get personal briefings from 8 different vendors as well. If you went to Infosec I’d like to hear your thoughts on what you saw, but if not – here’s a blog post I wrote with some of my key takeaways 

Cybersecurity is a multi-layered complex problem and needs us to consider security implications from core to edge. It’s about people, process and technology and balancing those three elements to ensure our security posture is strong and meets the needs of our organization. There’s no surprise that it’s likely to be a regular feature of future newsletters. 

And Finally 

Two bits of Microsoft news. Firstly, it recently made a number of announcements regarding its Entra platform. Entra is the name for Microsoft’s Identity security and access control tools. I’ll share more about this in the next newsletter, as there’s some interesting things in there. One thing I did want to share was the rebranding of Azure Active Directory to Entra ID. It does make sense in terms of the bigger picture of what they are doing, but thought It was worth giving a heads up, so if you see the name Entra ID and wonder what it is, then now you know. (BTW this does not impact Active Directory, just its Azure equivalent). 

Secondly, is the impending end of support coming on Windows 2012 R2, October 10th is the end data and then it will no longer receive updates, including security, bug fixes or technical support. So, if you are still running Windows 2012R2 in your environment, now’s the time to change. More details here from Microsoft.

For now, thanks for taking the time to read this. If there is anything you’d like me to cover, you can drop me a note at cto@gardnersystems.co.uk find me on LinkedIn or Twitter and Threads  @techstringy. 

If you’d like to book in a call, you can also do this here

Free Security Audit

Get a 1 hour FREE security audit!

Get in touch