Digital Transformation and Cybersecurity are the top issues CIO’s are rightly focused on for 2021, but regulatory issues cannot be ignored


A survey by Constellation Research conducted between September and October revealed that the top budget priorities for CIO’s in 2021 are Digital Transformation and Cybersecurity, with those two categories significantly ahead of other areas of focus. Close to 1/3 of respondents report that their IT spending had declined during Covid-19, many by more than 10%, while only 7% saw their IT budget increase during the pandemic despite the universal increase in IT dependence amid the shift to remote work.

CIO’s also report being focused on ‘automation’ as the most important way to improve returns from IT spending, ahead of ‘portfolio assessment and rationalization’, or ‘using untapped by high leverage features/capabilities of already owned IT assets’.



Digital Transformation and Cybersecurity are rightly the top priorities for CIO’s—both in budget terms and in time allocation. Successful digital transformations have rapidly become one of the most critical elements of corporate success, and so the priority of protecting digital environment has never been more important.

However, it is somewhat concerning to see ‘Regulatory Issues’ dead last on the list with only 2.3% of the responding CIO’s identifying it as one of their top 5 priorities in 2021. One consequence of the SolarWinds breach is that there is highly likely to be a new focus placed on cybersecurity by regulators in the US, and likely in other countries as well. Indeed the recently passed National Defense Authorization Act in the US contained directives for cybersecurity positions and policy that were drawn from many of the recommendations in the bipartisan Cyberspace Solarium Commission. This will increase regulatory attention on corporate cybersecurity practices. CIO’s, C-Suites and BoD’s would be well-advised to prepare for this new environment.

Additionally, the focus on ‘Automation’ ahead of ‘Portfolio assessment and rationalization’ and ‘using untapped by high leverage features/capabilities of already owned IT assets’ is problematic. The latter two categories have been shown to deliver better results for most organizations, both in terms of impact on corporate budgets (i.e. they are cheaper) as well as being more effective for improving the company’s overall cybersecurity posture.

We use cookies to make our website more user-friendly and effective

The Cyberhedge Indices Cookie Policy

What are the Cyberhedge Cyber Governance Indices?

These first ever benchmarks prove good cyber governance matters to shareholder value. They measure stock market performance of companies with good and with bad cyber governance scores. Scores are based on Cyberhedge’s proprietary cyber governance rating methodology. Market performance is tracked by an independent firm. The results show that companies with good cyber governance outperform their peers in US, UK, and EU markets.

Information that we collect

Here you can see and customize the information that we collect about you. To learn more, please read our privacy policy

Continue on website