What Enterprise CIOs Can Learn From Startups

Quick learning and hypothesis testing should drive technology approaches to new opportunities no matter the size of the organization, says Luca Grulla, CIO at Signal AI.

Tech leaders at large established companies would do well to take a startup approach to technology these days, according to Luca Grulla, CTO at Signal AI, a company that provides AI-powered decisioning solutions, with offices in New York City, London and Hong Kong.

Grulla spoke with StrategicCIO360 about his thinking, why video calls should be the last resort for a hybrid workplace and how machine learning is booming.

How do you think the role of technology changes in a startup environment vs. an enterprise company?

In startups, the work is around finding product market fit, and once found, startups scale by solving one problem at a time. In the enterprise, often the product market fit is established, so work is more about extracting value. Early-stage technology is all about faster time to market, optimized for a quick learning cycle in the market. In contrast, later-stage technology is often an investment in scale and depth, and cross-functional requirements—security, availability, accessibility, etc.—become core to be ready for market offer.

The types of learning and validation are different. More than company size, I consider technology for PMF vs. technology for scale as a factor of the product stage maturity. Enterprises have to reinvent themselves regularly to retain market leadership with new products and market verticals. A healthy enterprise should act like a startup when exploring new opportunities, optimizing for quick learning and hypothesis testing.

What technology trends have you seen recently?

Machine learning has boomed. From MLOps friendly tools to more ready to use models, the last 12 months have seen a consolidation of ML as a differentiation. 

As companies are utilizing a hybrid work model, what action do you recommend companies should have in place to ensure productivity?

Companies should redesign decision-making and communication processes to take full advantage of the opportunities offered by the hybrid model. I recommend two steps to support productivity in a hybrid model: default to asynchronous work and architect for creativity and collaboration when co-located.

First and foremost, if you embrace a hybrid model, you should default to asynchronous decision-making where possible. In an asynchronous model, as contradictory as it could sound, video calls are the last resort. Asynchronous work means document-based collaborations and effective use of email and messaging software as the de facto way to align, discuss ideas and move initiatives forward. 

Companies should be the catalyst of these changes and encourage more writing in the form of memos, progress updates and vision and strategy documents. Business writing has become critical at all levels, and companies should invest in employee training.

Asynchronous work requires a different cadence than fully co-located work. Companies should tailor their tempo around the newly emerged interaction patterns, where contributions will land over several hours and days rather than at a specific time.

With a hybrid model, we also acknowledge the unique characteristics of being co-located and want to maximize the value of the time spent together. The collaboration style enabled by co-location is hard, if not impossible at this stage, to replicate online. Organizations and managers should encourage teams to fuel creativity and focus on collaboration when co-located. Companies should reinvent the office space toward collaborative space, where flexibility is the fundamental design principle. 

With the number of cyberattacks increasing, what systems do you recommend companies should have in place to ensure data security and privacy?

The information security industry is relatively mature, with several products supporting everyone’s needs. Companies should immediately adopt industry-standard identity and authentication practices, such as single sign-on and multifactor authentication, combined with user and systems best practices.

It’s critical to understand your attack surfaces and identify the correct services available in the market to give you relevant protection. Resist the temptation of rolling out your security solution quickly, and instead invest time and resources to have a good understanding of the market offering.

Internal training around InfoSec topics is becoming a must, helping everyone in the organization to build a better awareness against social engineering attacks and making the organization more resilient.

Get the StrategicCIO360 Briefing

Sign up today to get weekly access to the latest issues affecting CIOs in every industry


Strategy, Insights, Action

In our weekly newsletter, get insight into the biggest issues facing CIOs, along with strategic ideas, solutions, and interviews.

Strategy, Insights, Action

Once a week, get insight into the biggest issues facing CIOs, along with strategic ideas, solutions, and interviews.

Your information is secure – we don’t sell or rent your data to any third-parties.