- CIOsurge
- Posts
- 📉 Shadow IT costs enterprises $100M+ annually, driving security risks
📉 Shadow IT costs enterprises $100M+ annually, driving security risks
Shadow IT Costs Soar, Broadcom Reshapes VMware, New CIOs at Wells Fargo and Absolute Security
Zack Tembi
March 18, 2025
Powered by Single Fin
Welcome to this week’s edition of CIOsurge!
This week:
Shadow IT is costing enterprises over $100M annually, with employees bypassing IT-approved tools, creating security and compliance risks.
Broadcom’s VMware transition drives a 47% revenue surge but sparks backlash over pricing shifts and forced subscription migrations.
Wells Fargo and Absolute Security appoint new CIOs to lead major tech transformations and cybersecurity initiatives.
Let’s make this week a game-changer.
Stay sharp. Stay ahead.
📉 Shadow IT costs enterprises $100M+ annually, driving security risks
A new study reveals large enterprises lost $104 million in productivity in 2024 due to IT inefficiencies, with employees resorting to nearly 600 unauthorized apps to bypass slow or restrictive systems. The gap between IT-approved tools and user needs has fueled the rise of shadow IT, creating security, compliance, and governance risks as employees seek faster, more effective solutions outside official IT channels.
The numbers might seem extreme, but every CIO knows this problem all too well. When IT-approved solutions don’t meet employees’ needs, they find their own—often at the cost of security and compliance. This isn't just about lost productivity; it’s about operational blind spots that could lead to data leaks, regulatory issues, or costly redundancies.
The challenge for IT isn’t just locking down shadow IT—it’s enabling a better, more intuitive digital experience. Governance must be balanced with flexibility, ensuring employees have the tools they need while keeping IT in control. CIOs who embrace structured, well-communicated policies will curb the worst of shadow IT while fostering innovation within secure parameters.
- Zack Tembi
đź’Ľ Broadcom Bets on AI with VMware Transition
Broadcom’s Hock Tan reported a 47% YoY jump in software revenue to $6.7B, driven by VMware’s private cloud bundle and a shift to subscription models. 60% of vSphere customers moved from perpetual licenses to subscriptions, and 70% of VMware’s top 10K customers adopted the full VMware Cloud Foundation suite. But these gains came with backlash, as many customers saw costs spike post-merger—AT&T even sued Broadcom over price hikes before settling last year.
This is a classic case of “new boss, new costs.” CIOs often fear vendor acquisitions will trigger pricing shifts—and that’s exactly what happened. VMware customers who budgeted for existing licenses were suddenly pressured into new bundles, straining IT budgets. The AT&T lawsuit underscores the frustration; most CIOs can’t sue, but it shows just how disruptive these changes were. The key lesson? Negotiate price protections and escalation clauses before acquisitions shake up the market.
Broadcom’s strategy is part of a bigger trend: vendor consolidation leading to “simplified” bundles that mostly benefit the vendor. Trimming VMware’s portfolio to just four packages forces customers into costly upgrades, making vendor risk management more critical than ever. CIOs should diversify key infrastructure where possible and push back through user groups or industry coalitions. While Broadcom is reinvesting in AI-driven data center tech, unless the ROI benefits customers, cost predictability will remain a major concern.
- Zack Tembi
đź’¬ Zack's Take
🔄 Building Stronger Teams Through Development and Cross-Training
One of the biggest missed opportunities I see in IT leadership is the failure to invest in employee development. Too many companies focus solely on hiring for immediate needs without thinking about long-term growth. The reality is, if you develop your people, they’ll not only stick around longer, but they’ll also drive significantly more value. Employees who feel supported in their professional growth are more engaged, adaptable, and willing to take ownership of challenges that arise.
Cross-training is a huge part of this. Imagine a security specialist spending time with the infrastructure team—suddenly, they gain a broader perspective on how security decisions impact overall system performance. Likewise, an engineer learning from the compliance team understands how regulatory concerns shape technical implementations. These kinds of cross-functional experiences break down silos, encourage collaboration, and often lead to more innovative problem-solving across departments.
Without structured development and cross-training programs, companies risk stagnation. Employees get frustrated when they feel boxed into a narrow role, leading them to seek opportunities elsewhere. Worse, businesses miss out on the compounding benefits of a well-rounded, dynamic workforce. The best organizations recognize that investing in their people isn’t just about retention—it’s about building a smarter, more resilient team capable of driving long-term success.
🗞️ At A Glance
đź’ˇ CIO Spotlights
Wells Fargo Welcomes Heather Blair as CIO for Branch and ATM Division
Heather Blair joins Wells Fargo as CIO for branch and ATM tech, reporting to Tracy Kerrins, amid the bank’s $900M tech transformation.
With 20 years in financial tech, Blair’s expertise includes leading roles at Discover Financial and JPMorgan Chase.
Blair will leverage her technical depth from JPMorgan days, based in Columbus, Ohio’s tech hub.
Absolute Security names Harold Rivas as CISO to lead global cybersecurity
Harold Rivas joins Absolute Security as CISO, bringing over 20 years of experience in cybersecurity leadership.
He will oversee security for products, threat management, compliance, and global security operations.
CEO Christy Wyatt highlights Rivas’ expertise as key to scaling the company’s platform amid growing cybersecurity challenges.