Velocity, Risk and Cost: Three CIO Imperatives, One Solution

In my last blog post, I argued that enterprise velocity is a matter of survival – if you can’t operate faster and outflank your competition, your company will cease to exist.

Velocity is a competitive advantage and a strategic imperative. It’s one of three priorities I think should be top of mind for every CIO – the other two being cost and risk (Deloitte).  Do these priorities contradict each other? I don’t think so. I think increasing velocity, reducing risk and lowering costs go hand in hand.


Let’s start with cost. When IT shops need to reduce costs, they often do the same things. They consolidate their data centers, they pressure their suppliers, they squeeze their labor costs. These are all important steps, but this approach only takes you so far. You also need to rethink how work gets done in the modern enterprise. Consider self-service for everything, platforms doing most of the work for people, analytics that are actionable.

Done correctly, you will not only decrease costs, you will also increase your company’s velocity while making everyone happier.  When you have a highly automated system where you can inspect your business in real time, the costs will naturally fall out.  It’s not about squeezing IT – it’s about changing the way we work. Accelerating velocity and lowering costs are two sides of the same coin. That’s what I’ve personally seen within ServiceNow, whether it’s accelerating major IT releases while saving $980K, or cutting IT onboarding times from 65 to 10 minutes while reducing labor costs by 85%.

Exactly the same applies to risk. Previously, I talked about cybersecurity, which is just one component of managing risk. As security teams battle cyber threats, many still struggle to mount an effective security incident response. Why? Informal manual processes are a big part of the problem. When Enterprise Strategy Group (ESG) surveyed more than 180 security executives, nearly 75% said they had informal incident response processes, and 93% said that manual processes limited their incident response efficiency and effectiveness. In other words, IT needs consistent, automated processes to improve their company’s security posture.


However, managing risk is much broader than that. It’s also about avoiding loss of intellitecutal property, preventing business service outages and eliminating the inevitable mistakes that come with manual, siloed processes. It’s also about having real-time, end-to-end visibility, rather than waiting six months for the next compliance audit. This means connecting Security with IT and automating the processes between them, accelerating both incident response time and employee productitivy.

Here’s my advice. Don’t look at driving velocity, managing cost, and managing risk as separate silos. Break down the barriers, understand the synergies, and focus on solutions that drive all of these forward. Climbing one mountain is easier than climbing three – you’ll get there faster, and you’ll never have to look back.

Chris Bedi
Chris Bedi joined ServiceNow in September 2015 and currently serves as ServiceNow’s Chief Information Officer. Prior to joining ServiceNow, Bedi served as CIO of JDSU from August 2011 to March 2015 where he was responsible for IT, Facilities, and Indirect Procurement. Prior to JDSU, Bedi held various positions at VeriSign from April 2002 until August 2011, including CIO, VP Corporate Development, and VP HR Operations. Bedi began his career at KPMG Consulting from June 1996 to April 2002. He holds a Bachelor’s degree in Computer Engineering from the University of Michigan.

Leave a Reply Text

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.