Leadership Archives - Northstar IT & Cyber Advisory Limited

The fractional model – where a senior executive provides part-time leadership to a business that does not need or cannot afford a full-time hire – is well established in finance and HR. Most SMEs understand the concept of a part-time FD or a fractional HR director.

In IT and cyber, the model is less widely understood, despite being a near-perfect fit for the governance challenge facing most UK SMEs.

The problem the fractional model solves

Most businesses below 100 to 150 people reach a point where their IT and cyber risk has become too significant to manage informally, but where hiring a full-time IT Director is not commercially justified.

A full-time IT Director in the UK costs between £80,000 and £130,000 per year in salary, before pension, national insurance, benefits and the overhead of a permanent hire. For a 30 or 50-person business, that is a significant commitment – and in most cases, the role does not require full-time attention.

What the business actually needs is senior IT and cyber leadership for perhaps one to three days per month. Someone who attends board meetings and provides honest risk reporting. Someone who manages the MSP relationship and holds suppliers to account. Someone who sets IT policy, oversees technology spend, and provides independent counsel when the business faces significant IT decisions.

That is exactly what a fractional IT director provides.

What a fractional IT director actually does day to day

The scope varies by business, but typically covers:

Board-level reporting – attending relevant board or leadership meetings to provide a clear, plain-English update on IT performance, cyber risk and technology strategy. Not a technical briefing – a commercial one.

Supplier management – acting as the informed, senior point of contact for the MSP and other IT suppliers. Conducting service reviews, challenging performance, and managing contracts on behalf of the business.

Risk oversight – maintaining an ongoing view of the organisation’s cyber and IT risk posture, and ensuring that risk is being actively managed rather than accumulated.

Technology decisions – providing independent advice when the business is evaluating new systems, considering significant IT investments, or responding to supplier proposals. The fractional IT director has no commercial interest in any particular solution – their interest is in what is right for the business.

Incident support – providing leadership and coordination in the event of a significant IT or cyber incident, when having a calm, experienced hand can make a material difference to the outcome.

Policy and compliance – ensuring that appropriate IT and cyber policies exist, are current, and are being followed. Advising on regulatory and contractual obligations around data and security.

How it differs from your MSP

This is probably the most important distinction to understand.

Your MSP is responsible for delivering IT services – keeping your systems running, resolving issues, managing infrastructure. A good MSP does this well. But your MSP has a commercial relationship with you that creates inherent conflicts of interest. They are not going to recommend you consolidate your licences if that reduces their revenue. They are not going to advise you to switch providers. They are not going to tell the board that the service they provide is underperforming.

A fractional IT director sits above the MSP, not alongside them. Their job is to represent the interests of the business – not the supplier. They hold the MSP accountable, challenge costs, and provide the independent perspective that no supplier relationship can provide.

Is it right for your business?

A fractional IT director is likely to be the right fit if:

– You have an MSP but no senior IT leadership above them

– Your board has limited visibility of IT and cyber risk

– You have experienced IT problems that felt avoidable with better oversight

– You are growing and your IT complexity is increasing

– You are facing a specific challenge – a contract renewal, a cyber incident, a compliance requirement – where independent expertise would help

– You want the benefits of senior IT leadership without the cost of a full-time hire

It is probably not the right fit if you already have a capable internal IT director or head of technology who is providing genuine leadership – in that case, what you may need is a specific advisory project rather than ongoing fractional support.

What to look for in a fractional IT director

Not all fractional IT directors are equal. The key qualities to look for are:

Commercial depth – do they understand business, not just technology? Can they translate IT risk into commercial consequence and speak to a board in terms that land?

Independence – do they have any commercial relationships with IT suppliers that could compromise their advice? A fractional IT director should be genuinely independent.

SME experience – enterprise IT leadership and SME IT leadership are not the same thing. The constraints, priorities and commercial dynamics are different. Look for someone who has worked with businesses of your size and complexity. **Honest communication** – the value of a fractional IT director is in part their willingness to tell you things your suppliers won’t. That requires a degree of directness that not every consultant possesses.