As digital ecosystems expand across cloud, AI, and data, the responsibilities of today’s technology leaders have shifted dramatically. The modern CIO is no longer defined solely by operational excellence — but by the ability to connect technology decisions to business outcomes, customer value, and enterprise resilience.

This expanded mandate is familiar to Mike Anderson, Chief Digital and Information Officer at Netskope, Inc., a company at the forefront of redefining networking and security through cloud and AI innovation. At Netskope, Anderson’s dual remit as CDO and CIO spans internal transformation and external engagement, positioning him to bridge strategy, technology, and market insight in equal measure.

In this first part of a three-part series, Anderson speaks with Kirk Ball, CIO of Worldpay, about the evolving scope of the CIO role — one that now touches go-to-market strategy, customer advocacy, and value creation. He also shares a grounded perspective on what it truly means to “do Zero Trust right” in a world where identity, context, and behavior must continuously adapt to new risks.

Blending CIO leadership with customer engagement

Reflecting on his career path, Anderson explains how his experience across technology and customer-facing roles prepared him for his position at Netskope.

“I spent my entire career in technology,” he says. “But the first decade or more I spent working in technology roles in technology companies — whether it was running a sales engineering team, a sales overlay organization, operations in a Microsoft joint venture, or being a GM for a systems integrator.”

Transitioning into the CIO role, Anderson notes that this background shaped how he approaches leadership.

“As a CIO, you’re trying to sell your peers and stakeholders on whatever strategy or initiative you’re bringing forward. That’s why I always tell peers, ‘You’ve got to put your selling shoes on every day.’”

At Netskope, his dual focus extends beyond IT operations into direct collaboration with the company’s go-to-market teams.

“What’s always been second nature to me as a CIO is being engaged with our go-to-market team,” he explains. “How do we leverage technology to help drive revenue for the organization? One of my key phrases is ‘follow the revenue’ — understand how your company makes money and align what you do to that.”

‘Customer Zero’ — Using the product before the customer does

Anderson highlights the unique aspect of working at a technology company like Netskope: Being both the buyer and the tester of the product.

“I am the customer for our technology,” he says. “We have our Customer Zero program, which means I test everything before customers ever see it. I get to use our technology and talk to customers about how we use it and the value it delivers.”

He recalls learning from a customer who used Netskope technology in an unexpected way. “A CIO told me they were using our technology for change management,” Anderson recalls. “They coach users when applications change — instead of just sending emails or running webinars no one attends, they use Netskope to guide users toward the new approved applications.”

This two-way exchange — learning from customers while influencing product direction — has become central to Anderson’s leadership approach.

“I lead our Strategy Office, which looks at go-to-market strategy, product strategy, and market competitiveness,” he says. “It makes the role much more exciting than just looking after corporate IT.”

Creating value for the customer and the company

Anderson also built a value engineering team within Netskope to help sales teams articulate business impact.

“When I look at a purchase, the first thing I ask my team is, do I need more budget or can I work within the existing one?” he explains. “That frames how I think internally and what I’ll need to tell my CFO or CEO. I need a succinct story about the value it’s creating, even if I already have the budget.”

He adds that competitive and strategic market awareness are now essential parts of his CIO remit.

“What is the market doing? What are our competitors doing? And how does that inform our strategy? Those things make up my role at Netskope,” he says.

Doing Zero Trust right

Turning to cybersecurity, Anderson addresses one of the most overused terms in the field — Zero Trust.

“When you say ‘Zero Trust,’ you either get, ‘Yeah, we’ve got a program on that,’ or you get eye rolls,” he says. “It’s like zero-based budgeting — you start with zero and build up justification for whatever access or investment you’re going to make.”

He points out that organizations sometimes undermine their Zero Trust approach by not inspecting all network traffic.

“We had a customer who realized they were bypassing 70% of their internet traffic,” Anderson says. “If they’re not inspecting that traffic, how can they apply Zero Trust to it?”

Anderson breaks down Zero Trust into several dimensions: identity, device trust, browser trust, application trust, and location.

“Do we know who that person or workload is? Do we trust the device — is it patched and secure? Do we trust the browser? Do we trust the application or the destination? Is the person connecting from a trusted location?”

He also describes browser trust as a new layer Netskope is investing in, expanding protection down to how users interact with enterprise applications.

Context and behavior matter

Using a real-world analogy, Anderson illustrates how Zero Trust must go beyond initial authentication.

“It’s like a multi-family building in New York City,” he says. “The doorman recognizes you and lets you in, but once you’re on the elevator, you could go to any floor. Real Zero Trust means making sure you’re not just in the building — you’re in the right room, and doing the right things inside it.”

He explains that context determines whether access is safe — particularly in the age of generative AI.

“If I’m using ChatGPT, am I in my enterprise instance or a personal one? Am I uploading data or just asking for a recipe? Those details change the risk level.”

Anderson prefers to think of Zero Trust as continuous adaptive trust — adjusting access decisions based on identity, device posture, behavior, and data sensitivity.

“Not everyone has good security hygiene,” he notes. “Ironically, the higher you go in the organization, the worse it can get because executives are busy. So that has to be part of the equation too.”

He concludes that modern security must be dynamic.

“When I think about Zero Trust, I think about continuous adaptive trust — making the right decision in the moment, depending on where I’m at and what I’m doing,” Anderson says.

CDO Magazine appreciates Mike Anderson for sharing his insights with our global community.