In conversation with CIO&Leader, Mukesh Rathi, Global Chief Information Officer & Chief Digital Officer, Hinduja Group, on how board expectations from technology are being rewritten for 2026.
CIO&Leader: In 2026, what are the top business outcomes businesses expect from technology, and how have those expectations shifted over the past three years?
Mukesh Rathi: In 2026, the dominant expectation would continue to shift towards measurable business outcomes, not technological progress. Boards expect technology to directly improve revenue productivity, operating margin, resilience, and decision velocity.
CIO&Leader: How are CIOs / enterproses demonstrating measurable value from digital, AI, and transformation investments to the board, and which metrics truly matter today?
Mukesh Rathi: The most credible CIOs have moved away from activity-based metrics (deployments, adoption, feature releases) toward business-linked indicators. These metrics could vary by nature of business some examples are – cost-to-serve reduction, forecast accuracy improvement, cycle-time compression, revenue uplift from personalization, and reduction in operational risk exposure.
CIO&Leader: Where do expectations align with reality, and where do execution complexity and trade-offs create the biggest challenges on the ground?
Mukesh Rathi: Expectations and reality align around the need for modernization and Data maturity. The gap emerges in technology debt, data pipelines, execution sequencing and change capacity.
CIO&Leader: How has the cybersecurity conversation evolved from protection to enterprise-wide resilience, recovery, and accountability?
Mukesh Rathi: Cybersecurity has moved from being an IT control function to a business continuity and trust issue. Boards now expect clear answers on recovery time, blast radius, and decision-making authority during incidents—not just prevention scores. Accountability has expanded beyond the CISO to include business leaders who own critical processes and data. The conversation is not just about “Can we prevent breaches?” to “Can we absorb, recover, and continue operating with minimal value erosion?”
Boards now expect clear answers on recovery time, blast radius, and decision-making authority during incidents—not just prevention scores. The conversation is not just about “Can we prevent breaches?” but also “Can we absorb, recover, and continue operating with minimal value erosion?” ~ Mukesh Rathi, Digital and AI Transformation Advisor and Coach
CIO&Leader: Which technology risks are now viewed as enterprise risks, and where are accountability boundaries still unclear between the CIO, CISO, and business leaders?
Mukesh Rathi: Cloud concentration risk, data integrity, AI model risk, and third-party dependency are now clearly enterprise risks. However, accountability boundaries remain blurred when risk originates from business-driven decisions—such as aggressive timelines, underfunded controls, or fragmented ownership of data.
CIO&Leader: How are boards reassessing cloud costs, ROI, and modernization priorities, and what tensions does this create for long-term digital strategy?
Mukesh Rathi: Scrutiny of tech modernization, data pipelines, cloud costs and other infrastructure decisions are often driven around cost overruns rather than strategic intent. This creates tension between short-term cost containment and long-term platform modernization. CIOs are being asked to justify not just why cloud is needed, but where it creates differentiated value versus commodity capability.
CIO&Leader: What do CIOs need more from boards to deliver outcomes successfully, clearer direction, investment discipline, patience, or shared risk ownership?
Mukesh Rathi: The most critical need is SPONSORSHIP and shared ownership of outcomes and risks. CIOs also need boards to provide clear prioritization when trade-offs are unavoidable and to enforce investment discipline across the enterprise, not just within IT. Patience matters, but only when it is paired with explicit milestones and accountability.
CIO&Leader: What is the most underestimated technology risk or opportunity for 2026–27, and how do expectations differ across sectors?
Mukesh Rathi: The most underestimated risk is organizational overreach with AI—deploying models faster than governance, data quality, and operating maturity can support. Conversely, the most underestimated opportunity is using AI to redesign decision-making processes, not just automate tasks.