Every December I repeat the same exercise with my team: we close out the year's projects, look at what we promised in January and ask ourselves what we left undone. But the most valuable exercise isn't looking back; it's preparing the conversation every CIO will have with their leadership committee in the first weeks of 2018. That conversation is rarely about technology: it's about where to put capital, which risks to take on and which capabilities to build. In these lines I want to share the trends that, as I read them, will define that agenda and, above all, what each one means for the business.
In short: 2018 will be the year cloud stops being an experiment and becomes the default architecture, the year data comes to be governed as a regulated asset, and the year automation and machine learning begin to touch real processes. For the committee, the question isn't whether to adopt these trends, but in what order and with what discipline.
For years cloud was a pilot project living on the margins of the core business. In 2018 that center of gravity flips: the question stops being "what do we move to the cloud?" and becomes "what reason do we have not to move it?". For a leadership committee this changes the very nature of IT spending, which shifts from capital investment to operating expense and demands new financial discipline.
If your organization still treats cloud as an infrastructure project rather than an operating model, it's worth revisiting your cloud adoption approach before committing next year's budget.
The natural consequence of depending on the cloud is not wanting to depend on a single one. In 2018 we'll see more committees asking about multicloud strategies and about containers as a way to avoid getting locked in. Kubernetes is consolidating as the standard for orchestrating those containers, and that matters to the business because it turns portability into a negotiating lever.
My recommendation to the committee is a sober one: portability is valuable, but it isn't free. Adopt it where the risk of lock-in justifies the cost of the complexity, not as dogma.
2018 brings a date no executive should ignore: in May the new European data protection framework (GDPR) takes effect. Even if your company operates in LATAM, if you touch the data of European residents or aspire to do business with them, compliance stops being optional. Beyond the specific regulation, the underlying trend is that data comes to be treated as an asset that is inventoried, protected and accounted for.
My advice is to see compliance as the opportunity to put order into something that was needed anyway: knowing what data you have, where it lives and who touches it.
2017 left us a lesson that's hard to forget. Global-scale ransomware attacks, like the one that paralyzed hospitals and companies mid-year, showed that security is no longer a matter for the technical team but for business continuity. In 2018 the committee will have to accept that the question isn't whether we'll be attacked, but when and how quickly we'll recover.
Mature security is designed in from the start of every project, not bolted on at the end. If you want a deeper read on the approach, take a look at our perspective on cybersecurity.
Machine learning has been in the headlines for years, but 2018 is when it begins to land in concrete processes: demand forecasting, fraud detection, customer segmentation, predictive maintenance. I'm not talking about futuristic promises, but about models that improve a decision your company already makes every day.
I recommend starting with a narrow use case, with measurable return, before talking about an "artificial intelligence strategy." If you want to see how we approach that adoption pragmatically, here is our view on artificial intelligence.
While machine learning works on the decisions, robotic process automation (RPA) works on the repetitive tasks: reconciliations, data loads, report generation. It's one of the trends with the fastest, most visible return for 2018, precisely because it doesn't require redesigning systems, only mimicking what a person does today in front of the screen.
I'll close with the trend that rarely appears in technology presentations and yet conditions all the others: talent. Cloud, security, data and automation compete for the same scarce people. In 2018 the bottleneck for most transformations won't be technology or budget, but finding and retaining the people who know how to execute it.
Seven trends are too many for an organization that wants to execute well. My recommendation to the committee is to order the agenda with three simple questions:
A few well-executed bets are worth more than an ambitious catalog no one finishes.
Where should a committee that's behind start?
With the foundations: putting order into data governance and raising security maturity. Without that base, bets on machine learning or automation won't hold, and the risk grows.
Is cloud always cheaper?
Not necessarily. Cloud trades speed and elasticity for a cost that grows with consumption. Well governed it's efficient; without financial discipline, the bill surprises you. The value is in the agility, not just the savings.
Do we need to comply with GDPR if we operate in LATAM?
If you handle the data of European residents or want to do business in that market, yes. And even where it doesn't apply directly, adopting good data governance practices prepares you for the local regulations that are coming.
How many of these trends should we take on at once?
Fewer than you'd be tempted to include. Two or three well-executed initiatives, with an owner and clear return, beat a plan with seven open fronts and none finished.
Before committing the 2018 budget, it's worth an honest assessment: where your organization stands on each of these fronts and which two or three moves will most move the needle for the business this year. At SUMāTO we work alongside leadership committees on that prioritization exercise, translating trends into a roadmap with owners, returns and realistic timelines. If you want to prepare that conversation with data rather than headlines, let's talk and build the starting diagnostic together.