Tell us about your hiring needs

Every month, Harvey Nash’s CIO Voices brings together some of the most forward-thinking technology leaders to decode what’s happening in the world of digital transformation. This month’s discussion was especially energizing. Our contributors Roberto Galdamez, Premkumar Balasubramanian, and Joe Evangelisto brought sharp insight, candid realism, and healthy skepticism to make the conversation meaningful. The discussion ultimately centered on a key question: Is AI actually going to rule 2026?With adoption accelerating across industries, the question reflects genuine strategic uncertainty rather than hype. Enterprises are moving faster, risks are multiplying, and suddenly everyone wants to know whether AI will be the decision-maker, the co-pilot, or just another tool on the IT shelf. Let’s walk through what these leaders had to say.   The New Shape of IT Leadership in 2026 If 2024 and 2025 were transitional years, 2026 is shaping up to be a redefining one. Interestingly, Galdamez sees CIO and CISO responsibilities blurring in ways that feel both natural and necessary. He described it as “two roles gradually sharing the same dashboard,” where technology decisions and security decisions can no longer be treated as separate tracks. According to him, 2026 could be the year this unified leadership model becomes standard rather than experimental. Premkumar agreed but he added something subtle: while leadership responsibilities are converging, the skills required are actually diverging. He emphasized that leaders now need to understand not just infrastructure and cloud, but regulatory frameworks, AI model behavior, and even risk psychology. He put it simply: “A CIO can’t avoid understanding AI governance anymore.” That’s a shift many leaders still underestimate. Joe offered a slightly different angle. In his view, leadership isn’t being restructured; it’s being stretched. He pointed out that CIOs are being asked to lead transformation, reduce cost, modernize platforms, maintain security, and now layer on top of everything oversee AI strategy. It sounded almost contradictory: leaders need to specialize more while simultaneously becoming more generalist. But Joe later clarified that contradiction: “Specialization applies to the technology; generalization applies to the mindset.” And he’s right 2026 won’t be the year of single-track technology executives. It will be the year of holistic ones.   Which Technologies Will Truly Matter in 2026? Ask ten industry analysts what will define 2026 and you’ll hear ten different buzzwords. What stood out here was how these three leaders cut through that noise to focus on what’s influencing organizations right nowGaldamez believes 2026 will be driven not by new technologies, but by technologies that finally become trustworthy. He talked about AI systems that can explain themselves, systems where you can trace why they made a decision. “AI without explainability will be useless by 2026,” he said. It wasn’t hype; it was a warning. Premkumar took that further. In his view, the technologies gaining traction aren’t the flashy ones they’re the ones that reduce doubt. Identity-first security, AI-driven threat detection, and automated remediation workflows will become the backbone of enterprise operations. He framed it nicely: “Technology only wins when people stop questioning its reliability.” That hit hard because it captures the emotional undercurrent behind every modernization initiative. Joe, on the other hand, highlighted how these emerging tools will affect daily work. He specifically noted that developers and operators are going to rely on AI in a more ambient, background way. Think of it like traffic navigation you don’t notice it unless something goes wrong. “The tools won’t feel futuristic,” he said. “They’ll feel normal.” Yet he also pointed out an important counterbalance: some technologies will remain overhyped. Fully autonomous SOCs, for example, might sound tempting, but they simply won’t replace situational judgment. And quantum? Great for research; not a 2026 disruptor.   What Trends Are We Overrating and Completely Underrating? This was the moment in the discussion when everyone leaned in. Because trends are easy to romanticize, especially in tech but the reality behind them is usually much more grounded. Galdamez argued that the most underestimated trend is AI governance. Not AI itself AI governance. He stressed that enterprises still aren’t prepared for the audit trail that generative AI will require. “Everyone wants models that think like humans,” he said, “but nobody wants to manage them like humans.” That line captured the contradiction perfectly. Premkumar echoed this, but with a practical twist. He said companies are underestimating the maturity gap between experimentation and enterprise deployment. People talk about plugging AI into every process, yet they underestimate the integration friction, the security conversations, and the model validation cycles that follow. In contrast, they overestimate how fast AI can or should take over decision-making. Joe took the relatable analogy route. He compared the industry’s view of AI autonomy to self-driving cars: “We talk about Level 5 autonomy, but we’re still living in a world that needs human hands on the wheel.” Underestimated? The role of human oversight. Overestimated? The belief that AI will magically run an entire IT operation. You know what? He’s absolutely right. Our own findings mirror this, similar data from the DLR report shows that organizations with human-in-the-loop models outperform fully automated approaches in reliability and risk management, reinforcing that AI is an amplifier of expertise, not a replacement for it.   The Global and Economic Forces Shaping 2026 Even though AI steals the spotlight, global and economic forces are pulling the strings behind the scenes. And each of our contributors had distinct but connected perspectives. Galdamez sees regulation as the biggest force. He talked about the EU AI Act, U.S. regulatory momentum, and the tightening requirements from cyber insurers. In his eyes, 2026 will be the year enterprises can no longer treat compliance as an afterthought. Premkumar added that macroeconomic pressure will push organizations toward consolidation. Instead of sprawling tech stacks, companies will double down on smaller, more integrated platforms that deliver more value with fewer moving parts. He called it “economic gravity” the natural pull towards efficiency. Joe emphasized something else: global instability. He pointed out that cyber risks increase during periods of geopolitical tension, and 2026 will demand stronger detection, faster response, and more resilient infrastructure. “Global instability and rising cyber risk,” he said, “will define 2026 more than any single technology.” Honestly? It’s hard to argue with that. As attacks grow faster and more coordinated, organizations can no longer rely on prevention alone; success in 2026 will hinge on early detection, rapid response, and infrastructure designed to absorb and recover from impact rather than assuming it can be avoided.   Will AI Actually Make Major Decisions in 2026? Short answer: yes and no. And here’s where the nuance matters. Galdamez was clear: AI will handle micro-decisions risk scoring, alert triage, anomaly detection but not macro ones. He said something insightful: “AI will choose what to surface, but humans will choose what to act on.” That’s a powerful distinction. Premkumar reinforced this by explaining how AI will evaluate threats faster, but the ethical and strategic decisions will still rest with people. He stressed that AI must support transparency. Not because it’s a compliance checkbox, but because without transparency, trust collapses. Joe took the practical route once again. He agreed that AI will make operational decisions but not business-critical ones. He described AI as a “decision accelerator,” not a decision-maker. That framing helps leaders understand what AI will and won’t replace. The takeaway?AI will make your work faster, smarter, and more efficient but it won’t take your judgment away.   Will AI Rule the Enterprise or Blend into the Background? After all the discussion, this question captured the essence of the debate. Galdamez believes AI will become part of the fabric of enterprise operations almost invisible, yet indispensable. Like electricity. You don’t think about it unless it stops working. Premkumar noted that what will actually “rule” isn’t AI it’s AI governance. The companies that master governance will outperform, out-innovate, and out-secure everyone else. His perspective was pragmatic, but it carried a hopeful undertone. Joe summed it up beautifully: “AI won’t rule 2026. But the companies that learn to partner with it will.” And he’s right AI’s power in 2026 won’t come from dominance; it will come from alignment.   So… Is AI Going to Rule 2026? After hearing from Galdamez, Premkumar, and Joe, the answer becomes surprisingly clear. AI will be the engine, but humans will remain the drivers especially the CIOs, CTOs, and decision makers who understand that technology is only as strong as the trust that surrounds it. A huge thank you again to our contributors for their insights. Their voices are what make Harvey Nash’s CIO Voices not just informative, but truly meaningful. And before you go, here’s something to look forward to:Next month’s edition will explore “Data-Driven Decisions: Choosing the Right Analytics Platform for Maximum ROI”Stay tuned because the talent landscape is evolving faster than ever, and the strategies you build now will define your competitive edge for years to come.

Insights from Harvey Nash CIO Voices Welcome to the latest edition of Harvey Nash’s CIO Voices, where we spotlight the perspectives of technology leaders shaping the digital future. This month, we explore a challenge that every CIO, CTO, and digital decision-maker has faced since 2020: how to build resilient, high-performing tech teams in a hybrid world. We spoke with two leaders who have navigated this challenge firsthand: Michael Goldberg, Vice President of Strategic Partnerships at Harvey Nash, and Roberto Galdamez, Chief Information Security Officer at Kovack Financial Network. Their experiences span tech recruitment and cybersecurity, but both agree that resilience in hybrid teams is shaped more by the reasons for and methods of work than by location. Before we dive in, a huge thank you to both leaders for their candor and depth. What follows is not just a checklist, but a lens into modern leadership one that centers on adaptability, trust, and purpose.   Clarity and Connection Drive Engagement Engagement in hybrid teams doesn’t come from office perks or flashy incentives - it starts with clarity. As Michael Goldberg explains, “Engagement starts with clarity and connection. Every team member needs to know how their work ties directly to the organization’s objectives and goals.” This clarity is essential for technology teams operating across multiple time zones and regions. In the past, co-located teams could rely on non-verbal cues and informal discussions to facilitate communication. Today, effective engagement depends on everyone understanding not just what they’re doing, but why it matters. Roberto Galdamez, viewing this through a cybersecurity lens, adds, “Engagement starts with clarity of purpose… every control, every patch, every risk decision ties directly to our mission of safeguarding the firm and its clients.” The importance of clarity cannot be overstated. Whether developing software or safeguarding infrastructure, clear communication transforms dispersed teams into well-coordinated ecosystems.. Both leaders also emphasize the importance of creating a culture of accountability, where individuals take ownership of outcomes. In a hybrid teams, this might mean short, focused huddles, security “time blocks,” or daily scrums that empower individuals to lead from wherever they are. As Goldberg notes, the biggest difference isn’t the tools - it’s giving people permission to own the mission.   Accountability and Autonomy in Action The shift to hybrid structures has fundamentally changed traditional working practices. What was once organized around physical offices is now built on goals, outcomes, and trust. Goldberg describes his organization’s approach: “Every team operates like its own mini-business, with clear ownership for sales, recruiting, and delivery.” This model thrives on autonomy but is anchored by accountability. Teams are self-contained yet interconnected, meeting in person twice a quarter for strategy and alignment, while performance is measured by impact, not hours. Galdamez echoes this sentiment: “In a hybrid environment, the structure has to balance accountability and autonomy. You want people to do the work, but you also don’t want to be breathing on top of them.” His team organizes around security outcomes - reducing risk exposure, strengthening detection, and improving compliance—replacing traditional task lists with clear, agile goals. He also highlights the distinct purposes of office versus remote time. For Galdamez, in-person meetings are for strategy, mentorship, and problem-solving, while deep work, documentation, and technical delivery are best done remotely. The secret to keeping hybrid teams connected and resilient isn’t about replicating the office - it’s about reimagining it and how you lead. It’s a balance: trust, but verify; guide when needed, but create an environment where people can learn and grow.   Tools That Empower, Not Overwhelm No hybrid team runs without technology, but tools only help when people feel empowered to use them. At Harvey Nash, Bullhorn is the recruiting backbone, while Microsoft Teams and Power BI keep collaboration transparent. As Goldberg explains, “Teams keeps conversations continuous and accessible, while Power BI helps us visualize performance and productivity across offices. That visibility fosters alignment and quick decision-making. It turns dashboards into dialogues.” For Galdamez, the essential toolkit revolves around security visibility and continuous access integrity. His team relies on advanced Endpoint Detection and Response (EDR) systems and cloud-based platforms like Microsoft 365 and Zoom. He emphasizes, “Security and productivity can’t have separate lanes.” In too many organizations, security is seen as something that slows progress, rather than as an essential component that enables the business to move forward safely and confidently. For Galdamez, resilience depends on enabling both protection and productivity simultaneously. While the choice of tools is important, the most significant results come when processes retain a human touch. If a Teams meeting feels unengaging, the issue often lies not with the platform, but with a lack of trust, engagement, and psychological safety among participants. Tools enable collaboration; culture sustains it.   Culture by Design, Not Perks Culture didn’t die in 2020, it evolved. As Goldberg puts it, “Culture can’t be replicated with a ping-pong table, it has to be intentional.” The move to hybrid work exposed a truth we’d long ignored: culture isn’t a place, it’s a practice. It’s built through transparency, shared values, and recognizing contributions that truly move the needle. Galdamez takes this further: “Security culture is people culture.” After the pandemic, his team had to rebuild not just systems but trust. Every team member needed to feel empowered to speak up, challenge assumptions, and report anomalies without fear. That’s psychological safety in action - the invisible glue of resilient teams. He describes “cyber moments” - short discussions in meetings to recognize proactive behavior and highlight learning. It’s culture by design, not default. Today, connection isn’t measured in emojis, but in empathy. When leaders model openness, teams respond with honesty. Culture survives distance because it lives in people, not places.   Preventing Burnout in a World That Never Logs Off Hybrid work has blurred the boundaries we once relied on. Work hours, personal time, and mental space have started to merge, increasing the risk of burnout. “Burnout isn’t just about workload, it’s about control and recognition,” Goldberg explains. When people feel seen, supported, and trusted, they can handle a lot. But when control slips away, when every ping feels like a demand, resilience erodes. Galdamez knows this well: “Cyber and IT teams live in constant alert cycles. Addressing burnout means managing both risk and rhythm.” His team uses automation to eliminate repetitive tasks, freeing analysts to focus on high-impact work. They rotate on-call duties fairly and keep mental health part of leadership conversations. Hybrid resilience is about teaching teams where the off switch is and giving them permission to use it. Resilience doesn’t mean working longer; it means bouncing back stronger.   Listening: The Key to Retention Metrics tell a story, but not the whole story. Goldberg shares that Harvey Nash relies less on formal surveys and more on regular conversations: “We stay close to our teams through one-on-ones and open discussions. People stay when they feel supported, heard, and part of something moving forward.” This marks a shift from managing through dashboards to managing through dialogue. Galdamez adds another layer, focusing on empowerment through growth training, certifications, and skill expansion in areas like threat intelligence and GRC (Governance, Risk, and Compliance). “Team members who see their work reducing risk in measurable ways feel a deeper sense of impact,” he explains. Cross-training isn’t just good for resilience, it’s an antidote to stagnation, creating a workforce that’s adaptive, confident, and motivated. When paired with real listening, not just HR data, you achieve engagement that’s earned, not enforced. In hybrid work, listening is the new analytics.   The Unexpected Upside of Hybrid Teams If there’s one twist in the hybrid story, it’s this: people adapted better than anyone expected. Galdamez admits, “Hybrid work improved security discipline. With distributed access, everyone became more conscious of authentication, data handling, and zero trust principles.” Distance has made teams more self-aware. Instead of relying on physical oversight, employees are internalizing security and accountability as personal habits. Goldberg saw something similar: when ownership and trust increase, people don’t just comply, they care. Hybrid work isn’t a compromise between office and remote; it’s a catalyst for maturity. Resilience is built not by control, but by consciousness.   Looking Ahead: The Future of Hybrid Teams Building resilient tech teams in a hybrid world isn’t a one-time playbook, it’s a continuous act of leadership. It’s about providing clarity amid noise, connection amid distance, and autonomy amid complexity. From Michael Goldberg’s people-first approach to Roberto Galdamez’s security-driven culture, one truth stands out: resilience begins with purpose and thrives on trust. Hybrid work isn’t about location, it’s about liberation. It gives teams room to breathe, grow, and define success on human terms. As AI, automation, and remote collaboration continue to reshape the workplace, the leaders who master the balance between technology and trust will define the next decade of digital transformation. Thank you to our contributors for their invaluable perspectives, and to you, our readers, for joining us in exploring what resilience really means. Next Month’s Topic: CIO Predictions for 2026 – Is AI Going to Rule 2026? Stay tuned for a fascinating conversation about the future of tech leadership and the role AI will play in shaping it.

Insights from Harvey Nash CIO Voices Cybersecurity isn’t just a technical concern anymore. It’s a leadership challenge, a business enabler, and, frankly, a nightly stressor for many executives. Harvey Nash’s CIO Voices, our monthly spotlight series, brings together tech leaders shaping the digital future, and this month we delve into what truly means to lead in the age of cyber threats. But first, a thank you to our contributors - Chris Logan VP Information Security at DCU - Digital Federal Credit Union, Darren Remblence CISO at 8x8, Sammy Basu CISO at Careful Security, Roberto Galdamez CISO at Kovack Financial Network, and Roberto Rubiano CISO at Osigu. Their candid insights highlight how leaders are navigating risk, embracing AI, and turning cybersecurity from a checkbox into a strategic advantage. So, what does cybersecurity as a leadership imperative really look like? Let’s unpack it.   What Keeps Board Up at Night: Evolving Threats and Boardroom Concerns Let’s start with the obvious: what keeps tech leaders awake at night? For Roberto Galdamez, it’s the rise of AI-driven threats and a constantly evolving regulatory landscape. “Compliance is a given,” he notes, “but what truly matters to the board are resilience, trust, and reputation.” Meanwhile, Roberto Rubiano offers a surprising perspective: he sleeps well because he accepts what he can’t control. “I can only manage the risk and communicate what’s critical to C-level management,” he says. This isn’t complacency, it’s clarity. Rubiano also warns about the risks of developers using AI tools to generate code - by-coding practices. These innovations offer speed but carry hidden risks, demanding ongoing awareness and vigilance. Sammy Basu echoes a nuanced point “Cybersecurity is an evolving puzzle. Endpoint security, firewalls, compliance certifications are essential, but their effectiveness depends on ongoing assessment and evaluation.” Here’s the thing: cybersecurity today is like steering a ship through unpredictable waters. You can’t control the waves, but with the right preparations, you can navigate safely.   Moving Beyond Compliance: Cybersecurity as a Strategic Business Driver Traditionally, cybersecurity was seen as a “tick-box” exercise mainly to satisfy ISO certifications, audit reports, compliance checklists. Today, leaders like Darren Remblence and Chris Logan insist that it must go deeper. “It’s about embedding cybersecurity into business strategy,” Darren says, emphasizing that risk management and regulatory compliance can also enable growth. Rubiano provides a tangible example: when explaining ransomware risk to the board, he translates technical threats into financial terms. “If a ransomware attack could cost $3 million, spending $500,000 on prevention becomes an easy conversation,” he explains. It’s simple, relatable, and effective; suddenly cybersecurity is not a cost center, but a strategic investment. Similarly, Sammy Basu highlights a holistic approach. Compliance isn’t an end in itself; it’s a lever to drive operational discipline, client trust, and growth. The takeaway? Cybersecurity becomes a business differentiator when leaders speak in the language that boards understand.   The Art of Communication: Speaking Cyber in Business Let’s be honest, technical jargon rarely resonates with non-technical executives. That’s why clear communication is critical. Roberto Galdamez avoids referencing technical terms like common vulnerabilities and exposures (CVEs) or endpoint detection and response (EDR) alerts when speaking with the C-suite. Instead, he talks about financial penalties, downtime costs, and reputational impact. Rubiano takes a similar approach, relying on business impact analysis. “If you get too technical, you lose them. Talk in terms they understand,” he says. Chris Logan adds another layer: contextual storytelling. By sharing real-world incidents, like breaches in similar companies, he makes risks tangible and relatable. Leaders can more clearly visualize the impact of lost clients, interrupted operations, damaged reputation. Here’s the subtle emotional cue: trust is built not through fear, but clarity. You don’t need to terrify your board with the infinite ways things can go wrong. You need them to see the stakes and act decisively.   AI: The Double-Edged Sword in Cyber Defense AI is a game-changer for both attackers and defenders. Leaders across our discussions highlighted its dual role. Roberto Rubiano is particularly cautious about “by-coding” practices, emphasizing data-level protection as the most critical priority. “Identity and threat detection matter, yes, but if the data itself is exposed, no layer of perimeter defense is enough.” Meanwhile, Roberto Galdamez explains that AI helps defenders too. “AI-driven analytics for anomaly detection and insider risk are embedded in a defense-in-depth model,” he says. Identity is now the new perimeter, and AI can help monitor it efficiently. Sammy Basu offers practical guidance, “Enforce policies at the browser or endpoint level, train employees on AI usage, and ensure corporate accounts are used for company-sensitive data. Without these, even the best AI tools can be a vulnerability.” Here’s the thing, you can build higher walls, but the real defense is protecting what’s inside the vault. Data-level awareness, identity safeguards, and human training together form the best line for defense.   Investing in Resilience: Priorities for the Year Ahead So where are leaders actually investing? The consensus is clear: visibility, identity management and secure development practices. Rubiano is laser-focused on observability at the product level. Tools for static and dynamic analysis, secure SDLC practices, and vendor collaboration are critical. “If you can measure it, you can manage it,” he says. Basu, Remblence, and Logan emphasize continuous monitoring and proactive defenses, whether that’s endpoint security, AI oversight, or supply chain risk management. Vendor accountability is also a priority. “Outsourcing doesn’t mean outsourcing responsibility,” Galdamez notes, recalling the SolarWinds incident as a cautionary tale. In short, resilience isn’t about buying the latest tool. It’s about integrated strategy, multi-layered defenses, and trusted partnerships.   Leadership Under Fire: Learning from Real-World Experience Theory is one thing; practice is another. Rubiano shares a striking anecdote from a past logistics project where management wanted cheaper, less secure ID cards, but through proactive controls and validations, his team mitigated risk without halting operations. Basu tells similar stories, proactive monitoring and full-service support often prevent incidents before they happen. These examples highlight a subtle truth: cybersecurity leadership often means making calculated trade-offs under real constraints. Budget, operations, and risk tolerance all play a role. Chris Logan notes “Leadership under fire requires balancing innovation with protection. It’s a delicate dance, but the best leaders know that perfect security is a myth, strategic preparation and continuous improvement are the real defenses.”   The Evolving Imperative Today’s cybersecurity leaders must blend strategy, communication, technology, and human judgment. As AI-driven threats and vendor dependencies grow, leaders like Logan, Remblence, Basu, Galdamez, and Rubiano demonstrate that the role of a tech executive has never been more dynamic or more critical. Thank you again to all our contributors for sharing insights that are as practical as they are inspiring. Next month, we’ll explore “Building Resilient Tech Teams in Hybrid Work.” Because in today’s world, resilience isn’t just about systems and data, it’s about the people who power them. Stay tuned.

Technology recruitment specialist strengthens leadership team with proven industry executive as company advances growth strategy. LONDON, September 30, 2025 – Harvey Nash, a leading global specialist technology recruitment firm, today announced the appointment of Simon Crichton as Chief Executive Officer. The appointment supports Nash Squared’s strategic evolution following the successful divestiture of its NashTech business and positions Harvey Nash for accelerated growth in the technology talent market. Crichton brings extensive experience in the recruitment and technology services sector, most recently serving as Managing Director of Experis UK, the specialist technology recruitment division of Manpower. Prior to that, he led Akkodis UK as CEO, where he successfully managed the complex merger of the Akka and Modis brands on behalf of Adecco Group. “Simon’s appointment represents a natural evolution in our leadership structure as we enter an exciting new phase of growth,” said Bev White, who will transition from CEO to Executive Chair of Nash Squared, overseeing both Harvey Nash and Crimson businesses. “His proven track record of driving operational excellence in our sector makes him the ideal leader to execute on our strategic growth ambitions.” As CEO, Crichton will oversee day-to-day operations across Harvey Nash’s global markets, leading the continued execution of the company’s strategy, which emphasizes specialization, client growth, and operational excellence to address the critical technology talent needs of clients globally. The leadership transition is supported by recent key appointments including Rudolph Botha as Chief Financial Officer and Jason Pyle as Chief Operating Officer. “I’m excited to join Harvey Nash at this pivotal moment in the company’s development,” said Crichton. “Our strategy provides a clear roadmap for building a more focused and future-ready organization, and I look forward to working with the talented team to deliver exceptional value to our clients and create new opportunities for our people.” About Harvey Nash Harvey Nash is a specialist global technology recruitment firm that connects the world’s most innovative companies with the technology talent they need to succeed. Over the past 30 years, Harvey Nash has been a pioneer and leading voice in the global technology space, having long-term strategic partnerships with blue chip customers. With offices across multiple continents, including North America, the United Kingdom, and Germany, Harvey Nash specializes in contract recruitment for specialized technology talent requirements including Cyber, AI, and Data. www.harveynash.com About Nash Squared Nash Squared is the holding company for the Harvey Nash and Crimson brands. Media & Investor Contact: Rachel Watts, Global Marketing Director, Email: rachel.watts@harveynash.com