7 lies IT leaders should never tell

There are big lies, small lies, white lies, and boldface lies. They all have one thing in common: None should ever be used by a CIO to deceive staff, customers, or management colleagues.

Lying to yourself about the state of your IT operations is one thing — and can certainly get you in trouble. But the pressures placed on IT leaders these days can also invite CIOs to bend the truth about the state of their IT environments in hopes of giving an impression of being on top of everything — or at least to sidestep a difficult conversation.

Telling the truth doesn’t cost anything, but just a single lie could cost you everything, including your job and career. Here’s a look at seven commonly told lies IT leaders should always avoid.

1. ‘IT always knows what’s best for business’

While COVID-19 heroics put IT leaders in the business spotlight, elevating their prominence in the organization and cementing the importance of IT in enterprise planning, operations, and success, CIOs should never deceive themselves — or anyone else — into thinking that their department is the tail that wags the dog.

“The best ideas are born out of collaboration, and that’s why the IT function should act as a partner and consultant to the business, not an all-knowing entity,” says Saket Srivastava, CIO at Asana, which offers a management platform designed to help teams organize, track, and manage their work. “Asking, learning, listening, being curious, and adapting should be the main tools in any IT leader’s toolbox to effectively co-create with key stakeholders and move the business forward.”

CIOs, despite their close involvement with all enterprise departments, aren’t always privy to every team’s challenges. “Anyone who pretends to know all the answers, while avoiding the more difficult but rewarding work of learning and discovery, is missing out on the amazing ideas that may be only a conversation away,” Srivastava says.

Now, more than ever, IT leaders are responsible not only for IT systems, but also for business outcomes and meeting broader enterprise goals. “As such, IT should be considered as a trusted consultant group that’s ready and available to help solve problems collaboratively,” Srivastava advises.

2. ‘Everybody is replaceable’

This lie is typically uttered as a threat: “Do more work, do better work, pick up the slack, or quit.”

The belief that team members can be bullied into working harder is toxic, creating a culture of fear and internal competition that’s not sustainable. “As a leader, you will find yourself without a job due to high turnover and delays in projects and initiatives,” warns Volodymyr Shchegel, vice president of engineering at cybersecurity software developer Clario. “When you have people leaving due to poor leadership and feeling they aren’t valued, you won’t be able to foster knowledge sharing and team building, which are essential to sustaining long term IT projects.”

IT leaders who resort to threats and intimidation because their team seems “out of control,” should realize that it may actually be time for some serious self-exploration. “You must adjust your attitude and be more open to criticism and collaboration,” Shchegel suggests. “Great leadership isn’t about being better than everyone on your team; it’s about assembling a team that has the best people for each job.”

3. ‘We’re now impervious to cyberattacks’

Believing that your environment is completely secure is the same as assuming that a shield is mightier than an opponent’s sword when that sword is evolving minute-by-minute, observes A.J. Lenkaitis, a senior consultant at cybersecurity and compliance firm BARR Advisory. But too often, given the pressure from executive leadership and boards these days, CIOs may be tempting to think so — or at least say so to colleagues inquiring about the state of the company’s cybersecurity posture.

“Having a closed-minded view is the best way to be blindsided by a new attack, often with drastic consequences,” Lenkaitis says. “Not only can this mindset ultimately lead to inappropriately-defined system boundaries and requirements, but it may also eliminate downstream controls that are vital to the organization’s longevity.”

Assuming that an enterprise environment is totally impervious to attacks is highly dangerous because it removes the continuous improvement strategy that’s required to stay resilient in a constantly evolving cybersecurity landscape. “New viruses, malware, and ransomware are specifically made to circumvent archaic cybersecurity controls,” Lenkaitis warns. In today’s environment, it’s not a matter of if an attack will happen, but when. “The time and resources spent on counteracting future attacks pay immense dividends,” he adds.

4. ‘Our technology is failure-proof’

Things break, and in most cases, it comes as a surprise. IT consists of many systems requiring different degrees of connectivity and monitoring, making it difficult to know absolutely everything at every moment. The key to minimizing failures is to be proactive rather than simply waiting for bad things to happen.

CIOs should not only expect things to break but also be honest about this with their team members and business colleagues. “Eat, sleep, and live that life,” advises Andre Preoteasa, internal IT director at IT business management firm Electric. “There are things you know, things you don’t know, and things you don’t know you don’t know,” he observes. “Write down the first two, then think endlessly about the last one — it will make you more prepared for the unknowns when they happen.”

Preoteasa stresses the importance of building and maintaining detailed disaster recovery and business continuity plans. “IT leaders that don’t have [such plans] put the company in a bad position,” he notes. “The exercise alone of writing things down shows you’re thinking about the future.”

5. ‘The hybrid work model is just another fad’

Work has changed. “It’s no longer a specific time and place, but an outcome,” says Chris Anello, director of digital platforms at technology consulting firm iTech AG. The focus has shifted to how organizations support [workplace] changes and enable employees to continue to flourish and deliver on business objectives, he explains.

Anello believes that IT leaders must accept the paradigm shift and invest in a digital transformation that supports the new work reality. “Leadership must accept that we are not going back to the way of work before the pandemic and commit to the new work landscape,” he states.

IT leaders must openly communicate the reality of today’s recast workplace and communicate to management colleagues the investments needed to support the new approach. “Although the IT team will lead the technology efforts, an interdisciplinary team should work together to ensure everyone is aligned and sharing insights and feedback on what they need in order to succeed,” Anello says. “This 360-degree view … ensures that all perspectives are being considered to create a thriving enterprise built on a strong IT foundation.”

6. ‘I’m always available’

This is a phrase leaders commonly say, both to the team members they manage but also to their business colleagues and upper management. But are you really sure of that? Probably not. Constant availability simply isn’t possible, and an obviously hollow promise such as this creates unrealistic expectations among teams and management colleagues. IT leaders need to be honest about their availability and set realistic guidelines for holding one-on-one discussions.

Although this lie sounds innocuous, it can actually be career-destructive because it creates an environment of constant expectation and pressure, says Farzad Rashidi, co-founder of Respona, a company that offers a link-building platform designed to increase traffic from Google.

A better way to address personal availability is to be honest about your preferred access times and to set realistic expectations. “IT leaders need to be able to take breaks and have a life outside of work,” Rashidi observes.

7. ‘We’ve ensured total data resiliency’

This lie often emerges when an IT leader is questioned by management colleagues about the enterprise’s data security status. Wishing to avoid the nasty and frightening fact that total data resiliency is impossible, the CIO hopes that the odds will be on his or her side, and that the security measures already deployed will be sufficient to protect the enterprise, its customers, and its business partners against a possible future data security disaster.

Feeling under pressure, the nervous CIO assures management counterparts that all enterprise data is fully backed up and that there are also resilient copies of backup data available. Additionally, the restore process has been tested, and the ability to conduct a restore-to-business process is in place. In other words, everything is safe.

In reality, there’s a giant gap between business leaders’ expectations regarding technology resiliency and what many IT leaders have actually implemented for them, says Rick Vanover, senior strategy director for data management platform provider Veeam. “Instead of overstating tech capabilities, IT leaders should ensure data portability, utilize ultra-resilient immutable backups of data, and implement recovery verification,” he suggests. But never, ever promise total data resiliency.

CIO, IT Leadership