CIO Network News

Issue #2
November 2002

Network News serves as a vehicle to provide our members with value added information and resources relating to CIOs. With our industry experience as well as content from various publications NN will serve you with information on technology trends, a CIOs role in business, best practices, and methods on how to leverage your overall success. Through NN you will also be informed on M.Wood Company’s scope of services, our current searches and potential networking and referral opportunities.


Message From the Partners: Information Security and CIOs...Things to Consider

Feature: Tips From the Trenches: How Today’s CIOs Succeed -- An Interview with Roy Cashman

Current Searches: Potential Opportunities

Tips to Lead & Succeed: What Does a CIO Want to Know Upon Entering a New Company

Recently Completed Searches: In and Outside the Scope of IT

Hot Topics: Become a Better CIO

Company News: M. Wood Ranked in Crains

Sites to Surf: Point and Click to Some of IT's Most Valuable Resources

Contact Information


Over the past year, our country has experienced many challenges which have significantly impacted Chief Information Officers and the role they play in privacy and data security within organizations. Events including the terrorist attacks of September 11th and corporate scandals such as the collapse of Enron, WorldCom and Arthur Andersen have all heightened the measures companies take to secure their data. In light of these occurrences CIOs, now more than ever, should be aware of the new challenges:

  1. Thoroughly assessing the integrity, credibility and accessibility of current and historical information of the organization;

  2. Ensuring regulatory compliance of ISO17799 standards, HIPAA regulations, the Gramm-Leach Bliley Act, along with new SEC mandates;

  3. Reinforcement and championing of the checks and balance process;

  4. Preparing the organization for accurate disclosure of financial and regulatory information; and

  5. Ensuring detailed plans and contingencies are in place to guarantee scalable, fault tolerant data center ability including disaster recovery plans, change control procedures, network redundancy, data security standards, technical infrastructure standards, fire wall and encryption policies.

Organizations should not just assume they meet safeguard rules simply because they have a security program or have taken steps to implement security measures. Rather, they should begin to review the security programs with the obligation being to ensure the program adequately supports its privacy objectives and related information management controls. This should be combined with various regulatory compliance and impact assessments.

As CIOs, you must re-evaluate the present safeguards for privacy and data security of your organization. Further, you should formalize an information security program if this is not already in place. This program should be a written, coordinated document across all business functions, which describes program elements. Such program elements should identify and inventory policy and procedures for the security program. In addition, documentation of information management roles and responsibilities or designations of an employee (i.e. Chief Information Security Officer - CISO/Chief Security Officer - CSO) to coordinate the organization’s information security programs is a must.

Assigning security management to a single individual better prepares your organization against potential threats. As such, if your organization is looking to acquire a security professional, keep in mind this individual must work across the internal and external risks to the security privacy and integrity of data to prevent misuse, alteration, unauthorized disclosure, destruction, etc. of such information and assess safeguards to control risks. Specific duties of a CISO/CSO include:

  1. Formulation of a comprehensive information security strategy. Ensure that a clear concise plan, including scope, approach, benefits realization, is developed in order to deliver to the IT Policy Board and the Executive Board the Information Risk Management (IRM) vision and objectives.

  2. Development of an IRM governance structure for appoval and decision making. Ensure all major policies and initiatives are steered through these committees for endorsement and approval.

  3. Help significantly raise the level of the organization’s awareness and understanding of our business heads of the importance of IRM within all aspects of the business and ensure that all future strategies and plans have IRM built into their foundation in order to help achieve the Executive Board’s vision.

  4. Development and coordination company-wide information protection awareness programs and communicate security strategies and status to management. Must communicate and deliver risk assessment and impact to executive group. IRM is a company-wide issue...not just technical.

  5. Leadership and management the implementation of the necessary controls and procedures to cost-effectively protect information assets from intentional or inadvertent modifications, disclosure or destruction. Ensure compliance with policies, procedures, standards and guidelines. This includes access controls and restrictions, encryption, control procedures, intrusion detection, penetration testing, incident response and disaster recovery processes.

(Click here to return to the top of the page.)


It is ever apparent in today’s market that to be successful, a CIO must develop a set of skills extending far beyond the tech savvyness the profession required years ago. Climbing up the corporate ladder to join others at the executive table is more realistic than ever, however for a future CIO to be truly successful one must take charge of their careers early on prior to taking on the challenge. So how is that done?

With the help and advice of Roy Cashman, an MWC Network member and former candidate, we have sourced a list of tips to aide, both, newly appointed CIOs and those individuals climbing the IT ranks. Roy Cashman is intimately familiar with Information Technology, having been in the field his entire professional career. In November 2001, Roy was hired at Ruan Transportation Management Systems, a transportation management company. As CIO, Roy has complete responsibility for all of Ruan’s IT capability. Prior to Ruan, Roy served as Senior Vice President of Applications Development for Information Resources Inc., a leading sales and marketing research partner in the expanding global consumer goods industry.

With this being his first representative role as CIO, we asked Roy to provide our Network members with advice on what he has learned throughout his career, furthermore what he feels is central in taking on the challenge of becoming a CIO. Below is Roy’s list of tips to succeed as a new CIO.

    Becoming a CIO had been on my agenda for almost 8 years. To achieve this goal I learned early on in my career, the importance of maintaining a healthy balance between business strategy and technology. I spent a great deal of time working on my soft skills and understanding the business strategy. I did my best to help align technology with the business strategy. Most recently however, I tried to be very selective in the opportunities I took within U.S. Freightways in order to increase exposure to the business strategy.

    I believe being part of the business strategy is a conscious choice an IT person makes. There is a tremendous amount of information out there but it takes a motivated individual to be proactive and do something with that information. You have to be willing track to it down and make appropriate investments. In transforming that information into ideas, plans and strategies you will concurrently build momentum for yourself. Bounce those ideas off to other members of your leadership team, particularly within the peer network.

    I spent a great deal of time learning the value of soft skills and networking. I learned how to put myself in situations where I gained the confidence of others in order to to influence some of the more informal decisions that seemed to steer most organizations.

    Managing effectively can be difficult if you lack proper communication skills. In essence, the best way to manage is to communicate effectively at all levels (upwards, downwards, across and externally). This entails talking with people to really understand their concerns. In considering their opinions you begin to build relationships. If you do this enough on all levels you will find that you are welcomed into conversations where an issue is being debated where many times the policy is set long before the official word comes out from management.

    My ability to communicate at all levels was critical to my success at IRI, particularly in getting some challenging things across and being able to be collaborative and decisive. I had a reputation for being the "bad news" guy because I was always straightforward in delivering my message, whether it was good or bad. My priority has always been on knowing where the problems are and what the issues, not necessarily spending time discussing where we’ve done well. This is where success and failure leaps out. You have to be able to communicate with people and make sure you are getting the bad news out there in order to manage expectations. In the end people may not necessarily be happy with the outcome but they will understand why you made certain decisions.

    Do not operate in too much detail As CIO, I definitely see my role as a strategic planner and someone who understands the business plan and creates an IT plan along with its reflective budget. I am also the person who can effectively educate the management team (by communicating and setting expectations) on the issues we face as an organization, from both a technology and organizational process perspective, and someone who can ultimately convince them to provide IT funding.

    I have been pleased with my success to date. From an enterprise architecture view at Ruan, I am currently trying to take a long range look in the three to five year horizon and make sure we are setting the underpinnings in place so that we have applications that talk effectively to one another and databases that are well integrated and easily give way to analytics. In addition, we have to ensure IT quickly delivers applications as the business demands more and more adaptive range in terms of where they want to take the business process.

    I believe it is essential for a CIO to be well grounded in their understanding of technology in order to be effective. You have to understand concepts such as understanding the value of enterprise architecture, how a good PMO organization communicates effectively and sets expectations and understanding that is really the face of our service organization internally to our clients and in many cases externally as well.

    The CIO is really a change agent of the highest caliber so in jumping into that role you have to establish and communicate your IT agenda. A CIO is clearly involved in shifting the culture of the company therefore, having a well grounded process, knowing how to prioritize and allocate funds and ensuring alignment with the business needs are all components for success as a change agent.

    One of the things I underestimated before I became a CIO was the nature of the gap between the business units and technology and what a real challenge it is to help people understand why certain IT decisions are essential not only to the Information Technology department but to the organization as a whole.

    Getting management to buy into the concept of enterprise architecture is just one example of the importance of effectively communicating your agenda. Restructuring Ruan’s PMO organization has been a leap of faith and demonstrating the value to management has been a real challenge. Getting their buy in has only been successful through educating our management team on the importance of making these types of investments for the long haul. To be effective, a CIO needs to find ways to educate, communicate and set expectations.

    Communicating with the other officers of the company is crucial in developing networks to improve skills. I have had enough leadership roles at a fairly high level where my expectations had been realized, however I was not quite aware of how critical building informal peer networks was to my success as a CIO. It is essential that I nurture and maintain those relationships. They tell me where they feel pain and as a result I am able to ascertain what their real strategy is and what they’d like to see happen. If that network were not in place then I would ultimately fail.

    They say imitation is the greatest flattery. A mentor can truly serve, as a spring board for your career in building your own management style. Intuitively we all learn the same way, but there is some type of synthesis that goes on as you discard the things that you think are not effective and pick up the pieces that you like.

    I can point to several individuals that guided me throughout my career. The person who educated me on the CIO role was my former boss at USF who I worked with for 10 years. When he left the organization I took over his position and it turned out to be the first leadership role I held, having complete IT responsibility for a $1Billion company.

    I really emulated his style. I also observed his strengths and evaluated him both positively and negatively questioning what he did in situations where things were not functioning. I also took note of those techniques that were effective. In addition to showing me how to be a good role model, my mentor also made it clear to me that at the CIO level of leadership, you need quite a bit of backbone. You have to be strong enough to stand your ground, take a position on an issue and be willing to debate it in good faith.

    Although the statistics are now changing, the average tenure of a CIO has been 18 months. To maintain the CIO role beyond that timeframe it is crucial to establish confidence and credibility during the first months on the job. Turn downward and evaluate the organization’s processes, learn the business, understand the business strategy, build peer networks and communicate to others that you understand how to bring IT in alignment with the business strategy.

    This is what I have been working on since my start at Ruan. The reality is that for the first 18 months I am very much turning downward and evaluating: processes, our own technologies and taking an active role in rebuilding the organization through the selection of partners for co-sourcing opportunities, working with the chief architect to build an enterprise architecture, etc.

    Being new to an organization, you have to be able to move in the direction that you want to go while simultaneously helping everyone in the organization understand what you are trying to accomplish. Certainly it is not always possible to get their buy in and support for your entire agenda, but I’d like to stress that a new CIO should concentrate on networking, layering into the strategy and communicating expectations during the first year on the job.

M. Wood Company’s relationship with Roy began in 1999. With an extensive focus on application development, M. Wood Company successfully recruited Roy for his previous role as Senior Vice President, Application Development at Information Resources Inc. If you have any questions or comments on Roy’s climb to the CIO position, he can be reached via email at

(Click here to return to the top of the page.)


What’s New in October 2002
Please contact John Poracky at or Milton Wood at if you know of anyone (including yourself) that could be appropriate for these roles. Additional information and a complete listing of our current searches can be found on our website

Corporate Information Security Officer
The Company’s banking, insurance, and diversified financial services businesses make it one of the world's largest financial services firms. The Corporate Information Security Officer will occupy a pivotal role in providing assessment, planning, policy, standards, and remediation activities to support the global efforts of the enterprise to support efficiencies and economies of scale in the security field. As the senior IT Security Official, the incumbent is also responsible for education, awareness, and training at all levels up through executive to enhance the security awareness and business impact of properly functioning security programs and processes.

Director, IS Technology (CTO)
An incredible opportunity exists for a seasoned IT manager to lead the technical architecture strategy and implementation for one of the leading academic hospital systems. Reporting to the Chief Information Officer, this IT Director will be responsible for developing and maintaining the IT infrastructure including all production systems, underlying technologies, hardware, software, networks, LANS/WANS, operating systems and security. The Director will also be responsible for setting and communicating technology standards, identifying new technologies and for all technology focused (e.g., Web, Middleware, etc.) resources.

Director, Managed Care Services
A leading, values-driven healthcare system in Central Indiana which promotes and advocates a healthier society, in strong partnership with communities, physicians, and others is seeking a Director of Managed Care Services to lead its Financial Services Department. This role will direct development and implementation of managed care strategies on behalf of the company and affiliated medical group. The Director will also be charged with directing managed care contracting process for all medical, ancillary, and facility services and will serve as principal relationship manager between payers and the company.

Director, Project Management Office
One of the leading research and academic hospital systems in the country is presently seeking a seasoned project management executive to come in at the ground floor to lead the development and execution of a first class technology project management office. Reporting to the CIO, this PM executive will lead the development and execution of the project management vision, work with other IT leaders and customers to establish and implement standards, analyze current workflows (if any) and processes and recommend opportunities to improve.

Product Manager
This position has profit and loss responsibility for running an importing division for our client, a manufacturer and seller of a variety of sporting goods. The Product Manager will be accountable for goods manufactured under contract in China that are sold to U.S. retailers. Further, the position will lead and manage market analysis; product innovation and creation; customer collaboration; product and prototype development; prototype testing; final product development, completion and pricing; line structure design; line "selling" to sales and customers; lead product manufacturing; and delivery and inventory control.

Senior Client Outsourcing Relationship Executive
As a global business, our client provides services and technology to commercial businesses and governments throughout most of the world. The company currently employs 38,900 people globally and is now seeking a seasoned outsourcing professional to join their team. The Senior Client Relationship Executive will have nationwide responsibility for the existing and future relationship with one of their most substantial accounts, representing approximately $60M in annual billings and growing. The relationship executive will sell and manage this account’s outsourced technology products and services, people, processes and satisfaction throughout the entire pre and post sales cycle and delivery process.

Senior Vice President, Sales & Market Development
Ranked as one of the top providers of IT solutions to the healthcare market, our client serves more than 500 payors, providers and benefits administrators. Our client offers a tremendous opportunity for an established sales and marketing professional to execute a vision, which increases market share and margins. The SVP will be responsible for all sales operations including, leading, mentoring and re-engineering a sales force to a "customer intimate, solution-based" model. Further, the SVP will be accountable for market penetration with existing clients as well as generating business in new accounts.

Vice President, Brokerage Systems
Our client, a leading real estate services company with operations in the United States and other countries worldwide is seeking a Vice President of Brokerage Development to lead the future development of brokerage applications. This position will support current business requirements while creating a sustainable long-term competitive advantage for the Company.

(Click here to return to the top of the page.)


Are you a new or a seasoned CIO? Whatever stage you are at, in your CIO career track, it is important to understand that leading, as part of the management team, requires you to come into a company with a definite plan of attack. Analyzing certain elements vital to the CIO role can be the difference between success and failure. Based on our extensive experience in recruiting CIOs, here is a checklist we have created on What a CIO Wants to Know Upon Entering a New Company

(Click here to return to the top of the page.)


Consistent with our mission to provide services through a visionary consultative approach, M. Wood Company successfully filled a variety of positions this year. The following is a cross sampling of completed searches.

***Position & Client Description***
Assistant Vice President, Managed Care -- national healthcare company
Chief Financial Officer & Vice President, Finance -- healthcare provider
Vice President, Information Systems -- retail manufacturing company
Vice President, national healthcare company
Commercial Insurance Producer -- insurance company
Vice President, Network Management -- national healthcare company
Vice President & CIO -- infrastructure services provider
Vice President, Operations, Payer Services -- healthcare technology connectivity provider
Chief Financial Officer -- healthcare provider
Executive Vice President, Developmental Markets -- national healthcare company
Director, Clinical Information Systems -- healthcare provider

(Click here to return to the top of the page.)


***Professional Development***
Do you need to jump-start your career? Would you like to become a better CIO? Read this page on for information on salaries, associations and educational choices. Go to:

***Chief Security Officer (CSO) Magazine***
This fall, watch for CSO, the new magazine from the publishers of CIO. It features case studies, in-depth analyses and best practices for balancing the safety, security and privacy of your enterprise with business success. Free charter subscriptions are limited. Go to:

(Click here to return to the top of the page.)


M. Wood Company Recognized in Crains Chicago Business
For the fifth consecutive year, Crains Chicago Business recognized M. WOOD COMPANY as one of the largest executive recruiters in Chicago. Companies were ranked according to net professional fee revenues. To look at the listing just click on the link below.

M. Wood Principal Publishes Article
John Trakselis, a Principal at M. Wood Company specializing in financial searches, recently published an article on Finance Executives. The article, Qualities of a High Performance Finance Executive: An Aggregation of Skills looks at qualities our partners and principals have identified, over the process of recruiting candidates for various roles and functions, that are necessary to become a high performance finance executive. To see view the article click on the link below.

(Click here to return to the top of the page.)


Strategy+Business Media publishes a quarterly magazine, a Web site (, books, and ancillary publications. Its mission is to provide executives with commentary, research, and practical ideas that bridge the gap between theory and practice in contemporary global business.

(Click here to return to the top of the page.)


M. Wood Company
10 South LaSalle Street
Suite 3700
Chicago, IL 60603
(312) 368-0633/Phone
(312) 368-5052/Fax

If you have any questions, comments or if you would like to submit a resume to us, feel free to contact a member of the M. Wood Company team.

Milton M. Wood
President & Chief Executive Officer

John W. Poracky

John Trakselis

Jane R. McCarthy

Katherine Smetana
Director, Research & Recruiting

Silvia Ceballos
Editor, Network News

(Click here to return to the top of the page.)


Content and images © 2000 M. Wood Company, All Rights Reserved.
Website Design Copyright C 2006 Web Design Website designed by: