The energy CIO agenda: New governance can maximize IT-OT innovation securely

The HFS Research Horizons study for the energy sector has outlined a clear agenda for the chief information officer (CIO; see Exhibit 1). The industry needs new clarity from its CIOs. As it mercilessly targets efficiency, it’s imperative that technology, systems, and processes play an interconnected role, with security ensured in a streamlined way that maximizes innovation from AI to the energy transition.

Exhibit 1: The energy CIO agenda: New governance can maximize IT-OT innovation securely

Source: HFS Research, 2025

IT-OT integration must be secure, but reforming governance can maximize collaboration and innovation

Cybersecurity is a dominant concern throughout the whole energy, power, and broader utilities sector (see Exhibit 2). Challenges remain in blending IT and operating technology (OT) data while meeting (rightly) strict security standards. Beyond direct attacks intended to cause physical harm, critical infrastructure downtime affects a company and all of society—with devastating potential consequences for access to water, heat, electricity, or connectivity.

But security processes have layered on top of each other to such an extent that innovation, and the necessary collaboration between IT and OT teams are often stifled. Energy and utilities enterprises are struggling to find a pragmatic middle ground. There also remains a disconnect between innovation teams and operations across all time horizons (we outline here before our study launch).

One major energy firm we spoke to as part of the study illustrates this agenda for CIOs. Its efforts to improve collaboration between innovation and operating teams included transitioning to smaller, more agile innovation projects. However, barriers remain across the enterprise ‘debts’ built up since an organization’s existence, which we frequently cover at HFS (see one example here).

The energy industry requires a new governance mindset and system to maximize innovation that meets global challenges, from sustainability to ensuring the cybersecurity of vital infrastructure. That governance must start with overarching business and regulatory goals and provide clear processes that minimize barriers while maintaining clarity on security. Collaboration must reach a new level throughout the organization and with external partners from the energy value chain, as well as technology partners, regulators, and industry bodies.

Exhibit 2: Cybersecurity is top of mind in energy and utilities enterprises – driven by IT-OT integration and legacy infrastructure

Source: HFS Research; 56 energy, resources, and utilities executives from the wider HFS Pulse study of 605 Global 2000 enterprise executives, 2024

Governance evolution in energy: A shift to agile and scalable collaboration

The energy firm has been on a journey to modernize its governance structure and foster greater collaboration between research and product teams. As a senior product manager explained to us:

“We’ve been gradually scaling Agile innovation methods for seven years—adopting a framework across our value streams. Key to this transformation was including operations personnel in planning and deployment—they own a lot of the process.”

The company’s approach recognizes that innovation cannot be driven solely by IT or research teams in isolation. By embedding operational leaders into the planning process, IT-OT integration was better aligned with real-world operational needs.

Overcoming structural barriers and organizational ‘debts’

Our energy major encountered significant hurdles in reforming its innovation processes, underpinned by its enterprise debts (see Exhibit 3). Integrating IT product managers into operational teams has been particularly challenging:

“We assigned specific IT product managers to our teams. It led to some friction—egos, toes being stepped on—but ultimately, it worked well. However, one of our ongoing blockers is defining the right level of software quality assurance”

We’re not NASA, but in oil and gas, getting it wrong can have serious consequences.

Think Deepwater Horizon.”

Finding the right balance between quality, agility, and security remains a fundamental governance challenge in energy and utilities. Too much oversight can stifle progress, while too little introduces operational risks.

Even well-intentioned, top-down mandates can disrupt workflows:

“Our software engineering excellence team told us to migrate by a certain date or face a freeze on deployments. That doesn’t help anyone. There needs to be some arbitration on what’s truly essential.”

Exhibit 3: Technical, process, and data debt is tripping up an old industry

Source: HFS Research; 56 energy, resources, and utilities executives from the wider HFS Pulse study of 605 Global 2000 enterprise executives, 2024

The CIO agenda must intersect security with a wide range of outcomes

IT-OT governance must ensure alignment between innovation teams and core operational priorities. As referenced above, many energy firms still struggle with this disconnect. Innovation teams focusing on medium and long-term (Horizon 2 and 3) initiatives are not aligned with the day-to-day IT and innovation teams or the operational teams more burdened with immediate business needs.

Previous attempts by our energy firm to integrate research and innovation into operations faced structural hurdles:

“When our department merged with research teams to create a clearer funnel for productizing research, it didn’t fully work—research teams operated on different timelines. They’d ask if we had capacity at the last minute, and we’d be locked into a quarterly planning cycle.”

The company has restructured its governance model to break down monolithic platforms into smaller, more agile innovation cycles:

“We’re moving away from big, structured frameworks to more fixed-scope projects. Tell us the scope, time, and cost—then a team moves on. It’s more exciting for developers and partner organizations. Will it fully break down all barriers? We’ll see.”

The Bottom Line: Energy CIOs can lead a new wave of pragmatic governance to unlock the best of IT-OT integration.

The experience of the energy major outlined in this report offers several key takeaways for industry CIOs looking to optimize IT-OT integration and innovation without compromising quality and security:

• Embed operations early in the process: Governance models should ensure operational leaders are deeply involved in innovation planning and deployment, not just IT or R&D innovation teams.
• Balance security with agility: Security measures should be continuously evaluated to avoid unnecessary burdens on innovation teams while maintaining essential risk controls.
• Streamline collaboration between innovation and operations: Aligning planning cycles between IT, innovation, R&D, and operational teams can prevent bottlenecks and improve the productization of innovations.
• Pioneer flexible governance models: Fixed-scope projects and smaller, agile innovation cycles may be more effective than large, rigid frameworks. As long as those projects maintain alignment with the overarching company strategy and goals—and embed security in the most efficient manner possible.
• Establish clear decision-making authority: Arbitrating between security, quality assurance, and speed requires clear governance structures that can make pragmatic decisions.

In the energy sector, IT-OT integration is a governance challenge as much as a technical or data one. By embracing a new governance mindset led by the CIO in collaboration across the company and with external ecosystem partners, enterprises can maximize the full potential of IT-OT collaboration.

With the energy industry becoming laser-focused on efficiency but still struggling to recruit the talent needed to effectively adopt AI or meet the energy transition, the whole world needs the sector to find the right balance of security with innovation.