Why Your IT Strategy Is Probably Stuck in 2023 (And How to Fix It)

Why Your IT Strategy Is Probably Stuck in 2023 (And How to Fix It)

I've been thinking a lot lately about the gap between what businesses think they need to do with their technology and what actually matters. It's a weird time to be running a company—we're drowning in buzzwords like AI, cybersecurity threats, and digital transformation, but most organizations still can't nail the basics.

Let me be honest: if you're relying on the same IT approach you had three years ago, you're already behind. But not for the reasons you might think.

The Real Problem Isn't Technology—It's Strategy

Here's what I've noticed talking to business owners across different industries: they're not struggling because technology is too complicated. They're struggling because they're trying to solve 2026 problems with 2023 thinking.

Think about it. Five years ago, most companies had an internal IT person (or maybe a small team) who handled everything from password resets to server maintenance. It made sense at the time. But here's the thing—businesses grew, technology expanded, and suddenly that poor IT person was drowning in work they were never equipped to handle.

The result? Technology started holding your business back instead of pushing it forward.

The Middle Ground Nobody Talks About

I call it the "frustration zone," and I bet you recognize it. Your company is too big to ignore IT, but you don't have the budget or headcount to build a world-class tech operation. So what happens? You get inconsistent support, patches that don't get applied on time, security gaps nobody noticed until it's too late.

Sound familiar?

This is where a lot of companies are getting stuck. They've got some internal talent, but it's stretched thin. They know they need help, but they're not sure what kind.

The answer isn't always an all-or-nothing choice. Sometimes it's about finding the right partnership—someone who can work alongside your team to cover the gaps, handle the routine stuff, and give your people the breathing room to focus on strategy instead of firefighting.

AI Is Coming—But Not How You Think

Let me tackle the elephant in the room: artificial intelligence. Every vendor on the planet is screaming about AI, and honestly, most of it feels like marketing noise.

Here's what I actually think matters: AI isn't going to replace your IT team or your business strategy. But it will change how you work—both inside your organization and with the tools you use every day. The question isn't whether to use AI. It's how to use it smartly, with eyes wide open about what it can and can't do.

Smart companies are thinking about AI in three ways:

• How we use it internally (faster analysis, better automation, smarter workflows)
• How our clients should use it (without creating new security vulnerabilities)
• Where it's heading (so we're not caught off guard next year)

If you're not thinking about it that way, you're either ignoring a real opportunity or chasing shiny objects. Neither is great.

Passwords Are Actually Dying (And That's Good News)

This one gets me excited because it's such a simple fix that solves a massive problem. We've been creating passwords for 30 years, and they suck. I know I'm not alone in having a document somewhere with 47 passwords I can barely remember, each one a variation on the same theme.

Passkeys change that. Instead of passwords, you use biometric authentication (your fingerprint, face ID) or a hardware key. It's more secure and less painful. No more "I forgot my password" emails. No more password reset cycles that just create new weak passwords anyway.

The weird part? This technology already exists. Services like Apple, Google, and Microsoft are already supporting it. But adoption is slow because, well, change is hard.

The point is: the future of identity isn't more complex passwords. It's simpler, stronger authentication that doesn't make you want to tear your hair out.

Your Identity Is Your Weakest Link (And Hackers Know It)

Here's something that keeps me up at night: most cyberattacks these days don't hack their way in. They walk in the front door using legitimate credentials.

That's the shift that changed everything. Companies spent millions on firewalls and perimeter security, which is good. But meanwhile, hackers figured out that if you can steal an identity or social engineer someone into giving up their credentials, the fancy firewall doesn't matter.

It's like building a massive wall around your castle but leaving the front gate unlocked.

This is why passkeys matter. This is why training your people actually impacts security outcomes. This is why identity has become the #1 target in cyberattacks.

If you're not treating identity protection as your priority—not just IT's priority—you're vulnerable.

What Actually Matters Right Now

So here's my take on what every business leader should be thinking about in 2026:

1. Do you have the right people? Not necessarily in-house, but accessible. You need people who understand your business, not just technology.

2. Are you protected where it matters? Focus on identity security, not just perimeter security. That's where the real threats are.

3. Is your technology working for you or against you? If you're constantly firefighting instead of strategizing, something needs to change.

4. Are you actually prepared for what's next? Whether it's AI, new authentication methods, or emerging threats—do you have a roadmap?

The Bottom Line

Your IT strategy needs an update. Not because technology is moving fast (it always is), but because the nature of IT challenges has fundamentally shifted. It's not about having fancy equipment anymore. It's about having the right strategy, the right people, and the right partnerships.

If your current approach feels stuck, you're probably right. The good news? There are better options than you might think.

The question is whether you're ready to explore them.

Tags: ['it strategy', 'cybersecurity', 'managed it services', 'passkeys', 'identity security', 'ai business impact', 'co-managed it', 'small business technology']