The CIO of Durham University Carolyn Brown believes the purpose of IT heads and their departments is, and always has been, to increase the net present value (NPV) of their organisation.

It could be done by transforming the business model, creating new products, services or assets, reducing costs or increasing efficiency, she adds. Brown would be featured in the forthcoming 2014 CIO 100. She is also due to speak at the Ovum Industry Congress in May. Here is her brief question and answer session with the consulting firm prior to the event.

Thinking about the phrase "Strategy, technology and the art of the possible", what technology related innovation, transformation or invention would you hope to see in your lifetime?

Carolyn Brown: In the mid-1990s I worked on middleware design for Hewlett Packard, looking at ways we could use a network of communicating devices to change people's world. In those days, even at HP, we had one shared mobile phone for the team. The ideas we worked on – and in some cases prototyped – included being able to phone your house to switch the heating on (nice when you want a hot bath as soon as you get in), being phoned by your car if it was broken into or by your fridge if it was switched off.

We had the idea of the 'internet of things'. What we didn't realise was how quickly all of this would happen. That experience makes me think it is impossible to overestimate the speed of change. What I'd like to have is hypertext in my head for everything. Am I the only person who has wanted to point at the TV to find out who an actor is and what else they have appeared in? I am so used to having information at my fingertips that I expect everything to be information-rich, and am disappointed when it isn't. Perhaps it is the "Google contact lenses" that I'm looking for. The trick will be to make it non-intrusive. 

What has been the most rewarding project you have worked on, and why it was rewarding?

CB: My most rewarding project is usually the most recent. Right now, that's an organisational transformation and a £40 million investment in infrastructure and cultural change. I've often saved companies millions of pounds and have found it to be less satisfying than you might think. Surprisingly, Managing Directors can care more about continuing their pet projects than about the bottom line. Transforming a team or revolutionising the way a business works is a tremendous high for me.

Creating and delivering a new business model is fantastic – examples I've been involved with are the first online administration of flexible employee benefits, the first online AVC calculator for pensions, and putting smartcards on printers for secure printing. It is very satisfying to see printers everywhere today with card technology and to remember the dinner where my team came up with that idea, which was taken up very rapidly within Hewlett Packard. These days, I'm rolling out smartcard-enabled printing across Durham University, saving paper, electricity and hundreds of thousands of pounds. I'm proud of having been part of creating that capability.

A memorable, but small, piece of work was a few days spent improving admissions processes at a hospital. As CIO I happened to be the best business analyst available. A little analysis and automation saved two hours a day for nurses in admissions, leaving them free to look after patients rather than administration. The nurses were literally leaping in the air and screaming with delight when the new processes had been put in place – an image I'll never forget. Knowing that it was improving patients' lives as well made this highly rewarding. 

In your opinion, what will be the next big change in the way that we work and the way in which businesses engage with their employees – and specifically the way IT has to service their customers?

CB: Support for diverse devices and varied ways [and places] for working will continue to increase. Being in a University at present, I am working in an environment where BYOD has been the standard since the 1980s, if not longer. If anything, modern presentation and communication tools make it easier to deliver support to an array of devices, although it remains daunting.

Security is always something of an arms race, but key to one's defence is training, so that everyone in the workforce understands what to watch out for and where risks lie. Additionally, the in-house skills to respond to rather than avert attacks are crucial. By this I mean that in reality you cannot prevent an attack by Anonymous; the best you can hope for is to have the skill and resilience to weather it with minimal risk.

Furthermore, as well as helping educate the workforce in general about how to protect sensitive data – whether it be personal of commercially sensitive data – the CIO has a responsibility to explain to the board the balance of spend and benefit on security.