ACI Leadership Series: Future proofing your tech investments: Strategies for modern leaders 

leadership series profile images of top industry leaders in audit, cybersecurity and IT

ACI Learning Leadership Series Study guide- Future proofing your tech investments: Strategies for modern leaders

Guest expert: Gerry Auger, PhD Host: Sophie Goodwin

The purpose of this guide is to serve as a complementary aide to help you follow along in our recent Leadership Series webinar episode, “Future-proofing your tech investments: Strategies for Modern Leaders.” In this webinar, our friend Gerry Auger, PhD, discusses how tech leaders can ensure that investments they make into their company’s tech solutions yield the results they truly need. During his discussion with ACI Learning Edutainer Sophie Goodwin, Auger goes over the key things leaders should know and consider as they pay for tech solutions. Have these notes ready, then watch our full interview.

Key Insights:

1. Avoiding Duplicative Controls and Managing Costs:

  • Purchasing a new tech solution is not a guaranteed way to reduce cyber risk.

  • Leaders should be aware of existing controls that might already address the intended risk.

  • Duplicative controls, especially in multiyear contracts, can be costly and inefficient.

2. Consideration of Hidden Costs:

  • Leaders should be mindful of hidden costs such as operational and procedural expenses.

  • Ongoing vendor maintenance plans and the decommissioning process should also be taken into account.

3. Risk Assessment in Technology Implementation:

  • When implementing technology, consider the time and effort required for integration into the existing IT ecosystem.

  • Hidden costs include manual efforts, compliance maintenance, and potential impact on existing infrastructure.

4. AI Implementation Considerations:

  • Caution should be exercised when implementing AI technologies too quickly.

  • Consider where data is going, especially when dealing with emerging technology vendors.

  • Assess the supply chain risks, ensuring data protection assurances from vendors.

5. Criteria-based Solution Evaluation:

  • Before evaluating solutions, establish criteria and weight them according to importance.

  • Objective criteria help maintain focus on what is essential for reducing cyber risk.

  • Communicate your criteria to vendors during the evaluation process.

6. Stewardship of Organizational Resources:

  • Leaders must act as stewards of the organization and its budget.

  • Emphasize the importance of reducing risk and being accountable for budget allocation.

  • Boards may seek evidence of the return on investment, so be prepared to defend purchasing decisions.

7. Opportunities for Budget Acquisition:

  • Utilize incidents in similar organizations to highlight potential risks and justify budget requests.

  • Take advantage of lessons learned from others' incidents without experiencing them firsthand.

  • Asking hard questions during vendor discussions is crucial for informed decision-making.

Final Thoughts:

1. Opportunities in Incidents:

  • Use other entities' incidents as an opportunity to secure budget by demonstrating preventative measures.

  • Emphasize the potential pain points and showcase preventive measures to stakeholders.

2. Critical Vendor Communication:

  • Engage vendors with tough questions to gain a clear understanding of the purchasing decision.

  • Recognize that salespeople are incentivized to make sales, making thorough inquiries vital.

ACI Learning



Learning areas