It’s the start of a new year, which means planning cycles and priority setting. I’ve been through enough of these to be cynical about grand plans. Half of what we prioritise won’t get done. Urgent issues will consume time we allocated to strategic work. The year will end differently than we expect.

That said, the planning exercise forces clarity about what matters. Here are the five technology priorities we’re focusing on this year and why they made the cut.

Priority One: Security Posture Improvement

Security has been on the priority list every year for the past decade. It never stops being important. This year we’re focusing specifically on identity and access management.

Our current state is a mess. User permissions accumulated organically over years. People have access to systems they no longer need. We lack consistent processes for access reviews. Former employees sometimes retain access longer than they should.

We’re implementing proper identity governance. Regular access reviews with business owner approval. Automated provisioning and deprovisioning. Role-based access control instead of individual grants. Multifactor authentication everywhere.

This work is unglamorous and won’t be visible to most of the organisation. But it’s fundamental security hygiene that we’ve deferred too long. The risk of a breach from compromised credentials is substantial and growing.

Success metric: pass our next security audit with zero findings related to access management. That’s the bar.

Priority Two: Cloud Cost Optimisation

Our cloud costs have grown forty percent year over year for three consecutive years. Some of that is business growth. Much of it is inefficiency and waste.

We’re dedicating engineering time specifically to cost optimisation. Right-sizing instances that are over-provisioned. Eliminating orphaned resources. Moving infrequently accessed data to cheaper storage tiers. Implementing auto-scaling to match resources to actual demand.

This requires changing team culture. Engineers default to over-provisioning because it’s easier than optimising. Cloud makes it trivially easy to consume resources. We need to build cost awareness into everyday decisions.

We’re implementing cost allocation tagging so teams can see their actual cloud spending. Transparency creates accountability. When teams see what their services cost, they’re more motivated to optimise.

Success metric: reduce cloud cost growth to match business growth rate. Stop the runaway expansion of cloud spending.

Priority Three: Application Modernisation

We have a portfolio of applications built over the past fifteen years. Some are modern and well-architected. Others are legacy systems that barely limp along. The latter category needs attention.

We’re not trying to modernise everything this year. That’s unrealistic. We’ve identified three applications that are high business value and high technical risk. Those are the focus.

One application needs to be retired and replaced with a modern alternative. Another needs significant refactoring to improve performance and maintainability. The third needs better observability and monitoring so we can actually understand what it’s doing.

This work is challenging because these are production systems supporting active business processes. We can’t just take them offline and rebuild them. Modernisation needs to happen incrementally without disrupting users.

Success metric: complete the replacement project and make measurable progress on the refactoring effort. Ship improved monitoring for the third application.

Priority Four: Data Platform Consolidation

We have data scattered across a dozen systems. Data warehouses, data lakes, departmental databases, SaaS application stores. Nobody has a complete picture of our data landscape.

This year we’re building a proper data platform. Consolidated data storage, consistent data governance, clear ownership and access policies. Modern analytics capabilities that work across all our data, not just specific silos.

This is a multi-year effort. This year’s goal is to get the foundation in place and migrate our first few critical datasets. Prove the architecture works and demonstrates value. Build momentum for the longer journey.

The business value is substantial. Better analytics, faster reporting, consistent metrics across departments. But the payoff won’t be immediate. We’re investing in infrastructure that enables future capabilities.

Success metric: data platform operational with three critical datasets migrated. Demonstrate analytics capabilities that weren’t possible before.

Priority Five: IT Service Delivery Improvement

Our relationship with business units isn’t where it should be. We’re seen as slow and bureaucratic. Requests sit in queues too long. Communication is poor. Users are frustrated.

We’re overhauling our service delivery model. Clearer service catalogues so people know what IT provides. Transparent SLAs so expectations are set appropriately. Better communication throughout request lifecycles so people know status.

We’re also implementing a ticketing system that doesn’t actively make users angry. Our current tool is painful to use and lacks basic functionality. The replacement will be user-friendly and provide the visibility people need.

This is partly technology improvement and partly cultural change. We need IT staff to see their job as serving business needs, not just keeping systems running. That mindset shift is harder than implementing new tools.

Success metric: measurable improvement in user satisfaction scores and reduced average time to fulfill service requests.

What’s Not on the List

Notably absent from priorities: exciting new technologies. We’re not doing blockchain or quantum computing or whatever the latest hype cycle promotes. We’re doing fundamentals.

Security, cost management, application health, data capabilities, service delivery. These aren’t glamorous. They won’t generate conference speaking opportunities. But they’re what actually matters for business operations.

I spent the first half of my career chasing shiny new technologies. I’ve learned that getting fundamentals right delivers more value than implementing the latest trend poorly.

The Reality Check

We’ll accomplish maybe three of these five priorities fully. One or two will make partial progress. Urgent issues will derail plans. Budgets will get cut. Priorities will shift mid-year.

That’s fine. Perfect execution of annual plans is neither possible nor necessary. What matters is that we’re focused on important work rather than just reacting to whatever screams loudest.

Having clear priorities helps with decision-making throughout the year. When new requests arrive, we can evaluate them against stated priorities. Work that aligns gets resourced. Work that doesn’t gets deferred or declined.

The priorities also set expectations with business leadership about what IT is focused on and what progress looks like. That alignment is valuable even if execution is imperfect.

What I Hope Happens

Beyond the formal priorities, I hope we build a stronger IT culture this year. Better collaboration, more knowledge sharing, clearer career paths for technical staff. Culture isn’t on the priority list because it’s not a project. It’s the foundation everything else builds on.

I hope we get better at saying no. Not every request needs to be fulfilled. Not every idea is good. Learning to decline work that doesn’t align with priorities is essential for actually accomplishing anything.

I hope we celebrate wins more. IT work is often invisible when it goes well. People only notice when things break. Taking time to recognise accomplishments matters for morale.

Finally, I hope we maintain some flexibility for the unexpected. The most important work this year might be something we haven’t thought of yet. Rigid adherence to the plan isn’t the goal. Delivering value is.

Here’s to 2026. Let’s see what actually happens.