erm-articleA couple of weeks ago, I was having lunch with a prominent technology executive who confidently assured me that blockchain would remain a marginal phenomenon for the foreseeable future.

From my perspective, it's usually not a good idea to bet against transformational technologies and products. I still remember senior tech leaders telling me the internet would never amount to much, that mobile phones had no place in the modern enterprise and that Facebook was a passing fad.

The wisest people I know avoid making predictions about the future of specific products and services. Instead, they usually talk about broader trends and shifts. For example, I'm hearing a lot about the need for CIOs to take leadership roles in developing enterprise risk management (ERM) strategies.

To me, getting involved in the ERM discussion makes complete sense, on multiple levels. First, it offers a great opportunity for CIOs to build bridges across the C-suite and executive boards. Second, ERM is essential for developing successful cyber security strategies.

Here's why it's essential: ERM provides a roadmap for identifying, assessing, managing and mitigating risk. Without ERM, you're flying blind. You have no way of telling for sure whether you're protecting the firm's most valuable assets or wasting money protecting assets that are worth less than you're spending to protect them!

ERM is a trend worth following. Another trend that's here to stay, at least for the next ten years, is the shift from products to services. For CIOs, that translates into a major shift in vendor management strategy.

In the near future, when we talk about vendor management, we won't be talking about software or hardware vendors; we'll be talking about cloud vendors or providers of managed services. It's unlikely that we'll be dealing with one or two service vendors - we'll probably be dealing with many of them.

That means we'll have a lot on our plates, at least in terms of vendor management. In addition to managing vendors separately, we'll also need to manage them holistically. In other words, we'll need to orchestrate their activities to make sure they're providing the services we need, at the right levels and the right prices, and not undercutting each other's efforts.

Will there be a role for blockchain in those kinds of vendor management processes? I can't say for certain, but I wouldn't rule it out.