“The biggest barrier to transformation is culture. Forty-four percent of CIOs reported culture is the biggest barrier to digital transformation.”

#1 Minimalist Hack: What If Security Did the Bare Minimum

• “CISOs need to figure out a way to sketch a vision where security is focused on the most important aspects of the job and the prioritizations of the job. It fosters a culture of taking risks and a culture of authenticity. ”

#2 Share Hack: Create a Security Community!

• “You need to be visible in your organization. Create a dedicated security page, focus on transparency by collecting policy feedback in real time. Be more engaging, develop a common security language that everybody understands.”

#3 Gamification Hack: Can Security Be Fun and Intrusive?

• “Gamify the experience, develop a gamification badging system, award your people and incentivize them. It fosters collaboration, inclusivity and innovation.”

#4 [In] Equality Hack: How Much of Your Time Is Spent Servicing the Most Important Business Units?

• “Focusing on the most important business units that drive the most important value for the organization creates a culture where accountability can be implemented and decisions can be made a lot faster with the risk owner.”

“Don’t treat security like it is a function that has to deliver services to everybody in the organization. Ultimately, it turns cybersecurity into a value-generating function.”

“ESG is becoming more strategic.”

“Boards need to be seen as if something is happening when it comes to ESG, and all signs point to doing good not just trying to look good.”

“First step as a CIO is to understand if a materiality assessment has been conducted to identify those issues that are the most important for the enterprise to be addressing.”

All CIOs that we work with are being asked to make their own IT programs more sustainable. Identify the metrics in your own IT department that you should be measuring.”

“There are four main types of data that you are going to be pursuing in an ESG program: material issues, goals and targets, data for reporting frameworks, and ad hoc requests.”

“It’s really important that ESG data be trustworthy and accurate, so focus on data quality and reliability.”

“Boards are increasingly concerned about the risks from social polarization as society gets more divided about issues like the environment and diversity, equity and inclusion (DEI).”

“Boards are now amending their risk appetite to take this new—and for many, unfamiliar—risk, and factor it into their digital acceleration strategy and investments.”

“Economic uncertainty continues to be the biggest source of risk that Boards are concerned about.”

“Digital business remains the top priority for BoDs. This is broader than just IT, encompassing the landscape of technologies like artificial intelligence (AI), 3D printing, AR/VR and blockchain.”

“The workforce becomes a significant challenge as companies increase their digital acceleration. IT and HR will be at center stage for Boards focusing on workforce, whether it’s retention, training, hiring or partnerships.”

“For executive leaders looking to align with Board priorities, look at three areas that have become a massive focus: workforce; environmental, social and governance; (ESG) and risk management.”

See more key findings from the 2022 Gartner Board of Directors Survey in the associated Gartner press release.