Version française prochainement disponible
Call it the paradox of digital transformation.
No two companies or work environments are the same, but organizations across industries experience similar obstacles and opportunities when driving change. I’m reminded of this each time I discuss technology modernization with other CIOs.
These conversations reaffirm that most of us try to innovate while maintaining secure and resilient operations. We work to create unique experiences for customers and employees without disrupting business continuity. And we focus on driving growth without neglecting our established partnerships.
Deep down, I suspect many technology executives wish they could redesign their entire technology estate, free from legacy challenges, for a clean state to imagine the future. This kind of opportunity is rarely possible.
Transitioning off old and onto new systems and applications while sustaining “business as usual” is complex and time-consuming. Gaining buy-in from cross-functional peers and orchestrating change management across an entire company—especially with workers and customers spread around the world—complicates the process even more.
Difficult though it may be, organization-wide transformation isn’t impossible. Recently, my colleagues and I set out to prove as much when we initiated an end-to-end technology modernization for our global enterprise. The goal: enable continuous modernization and innovation in a secure, resilient environment so Kyndryl can be its best for customers and stand out from competition in any market.
Our transformation is ongoing. Although we’ve encountered some challenges along the way, we remain committed to creating a simplified and modern technology environment that can support our business and improve the way we engage with customers and employees.
This is our modernization story. Hopefully, there are ideas and insights you can apply to your own transformation journey.
Unique challenges as a new company
In November 2021, IBM Global Technology Services became a standalone public company named Kyndryl. The spin-off created the world’s largest IT infrastructure services provider, a global company with tens of thousands of employees working remotely or in hybrid environments to serve thousands of enterprise customers across industries.
As part of our separation, Kyndryl entered into a transition service agreement (TSA) with IBM. This agreement provided time for both organizations to develop the services needed to operate independently. It also established a deadline—November 2023—for Kyndryl to exit all existing platforms and applications or face fines and penalties.
Most of the technology, infrastructure, and employee work environments Kyndryl inherited through the TSA weren’t fit for purpose. Developed over 40 years and customized specifically for IBM’s needs, the legacy systems and tools were unable to support our long-term vision of a lean, modern, and secure operating environment.
Simply put, neither the technology systems nor the costs to operate them aligned with the type of modern organization we were trying to create.
2 years to exit ~1,400 applications
Seizing a rare opportunity
Our TSA provided a rare opportunity to design a fit-for-purpose technology estate ideally suited for our evolving business model and expanding alliance ecosystem. Modern systems and applications could help our employees work faster, smarter, and more collaboratively, increasing their engagement while delivering greater value to customers.
With a two-year transition period, our CIO office set out to radically simplify our infrastructure, choosing to modernize our IT environment and deliberately move away from the types of technology stacks we inherited. We focused on the function of each application and how it would mesh with other technology to benefit three key groups:
- Our customers. Simplifying and optimizing our technology estate would allow us to serve customers with greater speed, accuracy, and transparency.
- Our employees. Streamlining approvals and decision-making, reducing organizational complexity, and improving user experiences would improve productivity.
- Our business. Using technology to simplify business processes, improve collaboration, and enhance resource allocation would boost operational and financial performance.
After weighing business needs, security considerations, maintenance requirements, and operating costs, we began the phased replacement of legacy systems and applications with our newer IT infrastructure. Our technology transformation enabled changing the way we work and will play a major role in reducing our company’s selling, general, and administrative expenses (SG&A) by USD $200 to $300 million over time.
Aligning our transformation to mission-critical outcomes
The Kyndryl technology transformation aligns with three mission-critical outcomes that we believe are essential to business success:
- Modernize for efficiency and growth. Modernizing our applications and infrastructure allows us to be more efficient, agile, and responsive to business needs.
- Innovate for differentiated experiences. Unlocking the value of our data and emerging technologies enables us to deliver distinctive experiences for employees and customers.
- Secure for resilient business. Integrating cybersecurity and resiliency into our technology systems and processes enhances protection and speeds recovery.
Our TSA provided a rare opportunity to design a fit-for-purpose technology estate ideally suited for our evolving business model and expanding alliance ecosystem.
Outcome 1: Modernize for efficiency and growth
Every company has unique needs. Priorities can range from accelerating time to market and enhancing platform scalability to increasing energy efficiency and ensuring data governance.
Regardless of business goals, strategic modernization of an organization’s applications, data, and infrastructure is the key to achieving desired outcomes. In fact, the ability to support continuous innovation is the main reason IDC predicts 80% or more of IT-led enterprise application deployments will have cloud-native architecture by 2026.1
Enterprises that continuously and strategically modernize their technology environment can operate with the speed and agility that the market demands. With a clear cloud strategy in place, companies are also better positioned to leverage automation, meet sustainability goals, and foster organizational growth.
Moving to a platform-based environment for better business outcomes
At Kyndryl, we chose a platform-based approach for our technology modernization, pivoting from a functional view of business operations to a customer-centric view.
Adjusting our mindset allowed us to envision a secure, modern work environment running in hyperscaler cloud environments. Architectural principles drive our modernization, enabling informed decision-making, improved margins, and efficient operations—all delivered with speed, consistency, and transparency.
Our platform-based strategy requires business and IT teams to synchronize their priorities and identify ways they can use technology to enhance overall business performance. It isn’t easy, but the results can produce the business agility and innovation required to efficiently compete in an environment constantly reshaped by unforeseen market dynamics.
CIO to CIO: Gain executive buy-in
The success of your transformation journey depends on buy-in and support from your peers and other leaders throughout the organization. Engage colleagues who can help you:
- Design a cohesive strategy to eliminate applications and align to strategic platforms.
- Create, initiate, and champion change management and enablement programs.
- Communicate with employees often and share regular updates on changes taking place.
Using strategic business platforms to transform at speed and scale
One of the guiding principles for Kyndryl’s transformation is using out-of-the-box configurations whenever possible to structure our process flows.
Standardized business platforms and agile delivery methods—anchored by a strong change management process and an organization-wide governance model—allow us to modernize our technology environment at speed and scale. Minimizing software customization also reduces complexity, prevents unwanted technical debt, and lowers the total cost of ownership.
Our standardization journey began in early 2022, when we established a minimum viable product (MVP) deployment approach with the Microsoft 365 platform. This approach enabled employees to start using common collaboration tools as quickly as possible. We introduced more capabilities from the tool suite over time while simultaneously sunsetting legacy technology to minimize business disruptions, an iterative process we eventually used with all systems and applications.
With the phased transition to strategic business platforms, Kyndryl is on track to consolidate or eliminate more than 80% of the application portfolio we inherited, from over 1,800 business applications to fewer than 360. This approach—which includes using process models already engineered into solutions like SAP, Workday, and Microsoft 365—unifies our organization on common platforms and creates a substantially leaner and less costly infrastructure.
More importantly, our new, platform-based application landscape lays the foundation for Kyndryl’s technology services business model and enhances overall experiences for customers and employees. By integrating business processes and data, we simplify customer interactions and reduce the chances of systems and data disconnects, all while giving our teams more real-time visibility into the work we’re performing for customers.
Enhancing data management with enterprise data platforms
Data powers our end-to-end business processes. However, our legacy applications and systems produced disjointed insights from multiple data sources.
Our new data strategy simplifies the management of our data environment, making it easier for teams to get insights in real time. The goals of our data management plan are to:
- Ensure a single source of truth by aligning data sources to our strategic platforms and creating a single data catalog to map data lineage from source to dashboard.
- Simplify reporting and visualization by consolidating cross-enterprise analytics and delivering multi-domain and executive reporting through our data and AI platform.
- Engage with data stewards and business leaders across the organization to oversee data standards and develop business-aligned executive dashboards for real-time decision-making.
Enterprise platforms play pivotal roles in our strategy, performing data analysis and reporting requirements in-platform before integrating these components within the enterprise data framework. The platforms eliminate previously siloed views of the business data that flows through these systems—along with data from external sources—and facilitate the delivery of dashboards and insights built around a single source of truth.
This simplified environment even aids our data protection and regulatory compliance efforts, ensuring Kyndryl maintains compliance in a rapidly evolving regulatory landscape while fulfilling our own sense of corporate responsibility.
Automating processes to improve efficiency and productivity
Automation is a key enabler of our technology modernization. Standardized tools in general—and infrastructure as code (IaC) in particular—increase worker productivity and improve overall operational efficiency across hosting services, including networking, infrastructure as a service (IaaS), and platform as a service (PaaS).
For example, by leveraging Terraform and Ansible in automated CI/CD pipelines, we can automate the provisioning and configuration of cloud-based resources. This automation improves the quality of our environment builds and management, freeing time for specialists to work on higher-value activities.
An automation-first approach to infrastructure design and management has already improved the speed and consistency of our systems while dramatically reducing downtime. For instance, we can now build out an entire container-based service environment in four hours as opposed to several weeks and can roll back infrastructure changes within minutes using our IaC practices.
Transitioning to 100% cloud-based operations
Since early 2022, we’ve downsized from more than 50 data centers worldwide to four hyperscaler locations with Microsoft Azure, effectively eliminating Kyndryl’s internal data center footprint.
In the near term, consolidating our infrastructure to leverage hyperscalers lowers our operational run models by 80% and removes country-specific processes. Transitioning to a 100% cloud-based infrastructure will yield even greater long-term efficiencies. With no on-premises data centers to manage, we’ll erase capital expenditures for hardware and floor space as well as operating costs associated with running and maintaining the infrastructure.
Our comprehensive portfolio of security and monitoring tools—in conjunction with native hyperscaler management tooling—allows us to monitor and manage our IT environment as one. This capability also establishes a single account structure with associated governance for all uses of the hyperscaler space.
54 data centers to 4 hyperscaler locations
Evolving our network for efficiency and security
As with our data center transformation, Kyndryl is moving to a network infrastructure hosted almost exclusively in the cloud. However, due to the time constraints of our two-year TSA, we initially replicated our legacy network architecture, moving from IBM’s network to Kyndryl’s network at 180 sites in 50 countries.
To maximize availability and reliability, we spread the transition network across the globe with points of presence in North America, Europe, and Asia. Employees, vendors, and partners accessed the network through a centrally managed, cloud-based VPN to bolster our network security and manageability. This approach provided visibility and protection when connected to the network, not only when VPN software was activated.
Network replication was always designed as a stopgap to ensure we met our TSA deadline. As the exit date approached, we began pivoting to a secure access service edge (SASE) architecture, beginning the permanent migration off a traditional, on-premises network configuration.
Integrating networking and security into a single, cloud-centric delivery model dramatically simplifies the architecture of our technology infrastructure and creates a continuously updated security posture. SASE will help us lower maintenance costs, reduce network downtime, and maximize user experiences for remote and hybrid workers.
With this network architecture, we can also maintain a minimal amount of equipment in each Kyndryl office to support internet access for employees and use SASE to protect our network and data wherever employees are working.
CIO to CIO: Establish a transformation team
To help ensure the success of modernization initiatives, establish a core transformation team that includes SMEs from all service areas to help you:
- Consolidate applications into key business workstreams.
- Scrutinize and manage phase-outs of legacy systems and applications.
- Track progress continually and address risks and issues promptly.
- Set targets and develop contingency plans for your final deadline.
Outcome 2: Innovate for differentiated experiences
From the customers a company serves to the employees who create or supply the products and services, the expectations for seamless, intuitive, and distinctive experiences are growing.
In fact, Forrester reported that 79% of customer experience officers (CXOs) are prioritizing employee experiences and 76% are focused on customer experiences.2 The findings suggest most leaders understand employee engagement is inextricably linked to customer satisfaction and, by extension, better business outcomes.
Improving employee experiences for better customer experiences
As an organization, Kyndryl is committed to producing better business outcomes as efficiently as possible for our customers and our company. One of the first steps we took as a new company was to form a strategic partnership with Microsoft. Soon after, we adopted Microsoft 365, with its suite of fully integrated applications, and prioritized a swift but managed migration to the platform. Now, all levels of our organization use MS 365 tools to engage in shared work outcomes.
Beyond our Microsoft partnership, we’re constructing a digital-first, proactively supported workplace environment. Our approach emphasizes inclusivity for in-office and remote employees and drives positive experiences to influence greater customer satisfaction and business performance.
…We’re constructing a digital-first, proactively supported workplace environment.
Streamlining support services
Through a combination of services engineering and automation, we’re overhauling Kyndryl’s internal support systems and programs. Specifically, we’re blending virtual, on-demand, and live services that allow employees to choose the level of support they need from four core channels:
- Service desks. We’re staffing service desks with highly skilled professionals rather than using less-experienced agents who rely on scripts to address specific technical problems. With their experience and internal search tools, our service desk agents can quickly address employees’ concerns and uncover other issues that may be causing dissatisfaction.
- Self-service tools. Our self-service tools function as automated extensions of our service desks. We use curated self-help capabilities, which will soon be augmented by generative AI tools like Microsoft Copilot, to resolve common issues and direct more complex problems to service desk support agents.
- Call centers. Our CIO team is taking over all internal call center operations for Kyndryl, so when employees have questions they can’t resolve with self-help tools, they have one number to call or place to go for answers. Consolidating internal call centers eliminates unnecessary redundancy, improves efficiency, and provides a better experience.
- Tech Bars. In locations that meet the criteria, Kyndryl offers onsite Tech Bar services for training and support. We’re also developing a strategy for single-point digital engagement using platforms like ServiceNow and Microsoft 365, making it easier for employees to access information, support, and services.
The bottom line is, we don’t measure success by the number of service tickets we create. We gauge achievement by how quickly and effectively employees can resolve an issue, whether it’s using self-help tools or with assistance from an experienced professional. Making it easy for employees to get the support they need in turn improves their ability to serve customers, leading to better experiences all around.
We gauge achievement by how quickly and effectively employees can resolve an issue.
Simplifying device management
Kyndryl is shifting to an evergreen model for device management. This agile approach emphasizes making small, iterative updates on an ongoing basis to speed issue resolution, minimize machine downtime, and improve network security.
As device controls become more standardized across the enterprise, we can use proactive, zero-touch support automation, along with updates and auto-patching policies, to patch machines within days of release. These capabilities reduce cyber risks and eliminate the need to test all patch variations against multiple images. Digital Experience Monitoring (DEM) allows us to proactively address users’ device needs and guide refresh investments based on device health, not simply age.
Our programs maximize employee choice, lower capital expenses, reduce waste associated with replacing usable devices, and enhance enterprise security.
Enabling a digital-first enterprise
Positive workplace experiences are typically determined by how productive, empowered, and connected employees feel rather than the size, style, or location of an office building. That’s why Kyndryl is, and will remain, a digital-first organization.
After our launch, we downsized our real estate portfolio in favor of a hybrid workplace model for most workers. Now, tens of thousands of employees in more than 60 countries use industry-leading collaboration and productivity tools to perform their jobs, whether they’re working remotely, in the office, or have a hybrid work arrangement.
Modern technology platforms will continue to power and sustain this strategy, even as the digital landscape evolves. This consistency is a hallmark of an equitable and inclusive workplace and one of numerous driving forces behind Kyndryl’s emergence as an Employer of Choice.
In geographic areas where we have corporate offices, Kyndryl is moving from isolated facilities management and security systems to integrated platforms, providing real-time insights on usage, the environment, and technical issues or security problems. This in-office workplace experience includes:
- Shifting to on-demand models that allow employees to reserve desks and collaboration spaces when they need to work in an office.
- Deploying digital credential tools that use smartphones, biometrics, user and entity behavior analytics (UBEA), and other technology for authentication.
- Transforming to an adaptive workplace with modern amenities that encourage employees to interact with each other and customers, both physically and virtually.
If our transformation has highlighted anything, it’s the need for alignment across the organization. Technology and facility investments should fit our financial parameters while supporting the work we’re doing for customers.
Embracing emerging technologies for competitive advantage
Artificial intelligence (AI), machine learning, and other emerging technologies are critically important for Kyndryl and our customers. A powerful example of this is our open-integration technology platform with integrated AI, Kyndryl Bridge. It will be the mechanism we use to optimize operations and advance our delivery for customers.
With Kyndryl Bridge, we can integrate and scale AI, machine learning, and automation across our technology estate. This allows us to extend systems observability and generate real-time insights that can minimize or prevent downtime and be used to forecast future needs and costs more effectively.
Like many companies, we’re also exploring how to capitalize on new but unproven types of artificial intelligence, such as generative AI. The subset has been around for decades,3 yet the recent release of new generative AI systems (for example, ChatGPT, Microsoft Copilot, and Google Bard) rapidly disrupted the technology landscape and brought with it many new opportunities and risks.
Our approach to generative AI is simple: When appropriate, we’ll leverage our partner ecosystem and the capabilities they bring to bear. This strategy ensures we have access to the most advanced generative AI tools without investing millions of dollars to develop our own technology and trying to keep pace with advancements in the field.
Since there are currently no global regulations to govern the use of generative AI, we’re putting guardrails in place to protect our company and our customers.
Initially, we published a policy that prohibits any internal, commercial, or evaluative use of generative AI, unless expressly authorized by Kyndryl management following a detailed analysis and review. In the latter half of 2023, we launched an internal program and governance system to manage responsible uses of AI.
Our new program includes an updated safe harbor policy that outlines how generative AI can be prudently applied. We also have a digital tool that allows developers to submit potential use cases for review and approval. By balancing opportunity and risk, we can explore uses of generative AI that best serve the interests of Kyndryl and our customers.
Framing transformation around our culture
Every aspect of our technology transformation is designed to help us become the company we want to be. But change is hard. And we’re managing a lot of it all at once.
We’ve had to make tough choices, some of which have been less popular than others. Everyone—from executives at the highest levels of the organization to the newest hires—has been asked to do what’s best for the company rather than what’s best for themselves.
A strong culture, with clear and compelling core values, gives our employees a reason to act selflessly and embrace the journey we’re on. This buy-in is critical because many of the changes we’re making impact our people in a very real and personal way.
Six core values form the foundation of our company culture, The Kyndryl Way. These cultural building blocks are as essential to our transformation—and corresponding evolution as a company—as the technology we choose to power our systems.
Outcome 3: Secure for resilient business
Despite the myriad benefits of digital transformation, moving more infrastructure, data, and applications to the cloud can actually expand an organization’s “attack surface,” exposing the company to more cybersecurity threats than ever.4
Traditional, tool-based network defense strategies can’t adequately protect a broader threat landscape. These approaches focus primarily on defending the perimeter (intrusion prevention), leaving the company vulnerable to social engineering tactics that target employees and susceptible to other internal attacks.
Newer cybersecurity strategies address each adversary based on their capabilities, objectives, and limitations. Transitioning from a conventional, vulnerability-focused strategy to an integrated, intelligence-driven framework is essential to creating a resilient network and combatting sophisticated and persistent adversaries.
$200-$300million savings*
*SG&A expense savings over time (USD)
Defending with an integrated security and resiliency model
Kyndryl is taking an integrated approach to organizational security. Rather than separating cybersecurity and resiliency, we’re combining the two disciplines to safeguard our business from cyber threats and help ensure continuity when we face disruptions of any kind.
Our security approach is anchored in principles of cyber fusion and DevSecOps, which treat security as a shared responsibility throughout the threat lifecycle. As part of our strategy, we recently launched a security intelligence center to centralize internal practices for threat intelligence and detection, security automation, incident response, and other security functions.
From a resiliency perspective, we’re committed to minimizing operational, financial, and reputational damage and downtime from cyber incidents, natural disasters, or other business-altering events. We defend platform configurations and applications data with air-gapped protection, immutable storage, and anomaly detection and have rapid recovery capabilities in place to ensure high availability.
Blending cybersecurity and incident prevention and resolution into a holistic, intelligence-based cyber resiliency model enables us to:
- Study our adversaries and develop complete threat profiles that allow us to anticipate future intrusion attempts.
- Address cyberattacks using a cyber kill-chain methodology to outline the seven stages of a successful intrusion so we can recognize, intercept, or prevent penetrations.
- Build resilient systems that we can continuously test and adjust based on adversaries’ tactics, techniques, and procedures.
- Restructure risk management models to prioritize risks according to their potential impact, relying on automation to address less critical issues.
- Minimize the impact and severity of any disruptions we experience so we can resume normal operations as quickly as possible.
Traditional, tool-based network defense strategies can’t adequately protect a broader threat landscape.
Essential elements of security and resiliency
The success of Kyndryl’s cyber resiliency strategy depends upon our ability to drive change in our people and processes. As we shift our cybersecurity framework and mindset, we’ve identified several elements that are critical to our success:
- Employees as a defense. A skilled, educated workforce is our first and best line of defense against cyber threats. Training and engaging employees to help identify, analyze, and thwart attacks empowers all Kyndryl team members to proactively manage and reduce cyber risk while driving internal efficiencies.
- Secure by design. Embedding cyber resilience—including zero-trust architecture—into all technology systems and operational strategies enables us to anticipate, protect against, withstand, and recover from adverse cyber events. This approach is less expensive, faster, and more effective than many traditional security approaches that retroactively incorporate security protections.
- Security automation. We use security orchestration, automation, and response (SOAR) to automate necessary but lower-value manual tasks, freeing operators and analysts to spend more time on higher-value tasks like threat hunting. Where appropriate, we’ll also use SOAR to automatically detect and respond to security threats. Asset management plays a key role in this strategy, giving us a current and accurate view of our inventory and providing insight into risk and remediation throughout an asset’s lifecycle.
- Identity management. Kyndryl’s identity management program has two main goals: limit the number of IDs each employee needs to access our systems and applications and, more importantly, establish minimal access privileges for every user and identity. Least privilege birthright reduces operational risks by granting employees access only to the tools and data that are essential for them to perform their jobs.
Our security and resiliency strategy addresses the full spectrum of cyber protection, from design and implementation to governance and maintenance to remediation and recovery. This framework, coupled with our follow-the-sun work model, allows us to continuously monitor our global network, thwart cyberattacks, and minimize disruptions that may threaten our business.
A journey of simplification
Streamlining your systems and applications as you modernize can help create an agile and responsive IT environment that supports business innovation and growth. The outcomes Kyndryl has already achieved illustrate the type of long-term value you can create with a well-planned and strategically executed transformation.
Advancing a story of continuous transformation
Transforming your organization—especially radically simplifying and modernizing your technology estate to make it fit for purpose—isn’t a one-and-done endeavor. It’s an ongoing, enterprise-wide journey.
With so much at stake, the call for continuous transformation should be a business imperative that cascades from the C-suite. A recent McKinsey survey calls for CEOs to take more personal responsibility for the state of their enterprise technology and do more to ensure their organizations are prepared for a future filled with digital disruptions.5 The demand for modern and secure systems and applications will only increase as the needs of customers and the employees who serve them continually change.
For Kyndryl, these imperatives mean our modernization journey has just begun.
We’ll expand our reach and advance our growth initiatives, supported by a modern technology estate that can adapt as our business evolves. We’ll refine our strategic priorities, focusing even more keenly on cyber resiliency, operational excellence, and organizational readiness. We are committed to helping other companies navigate their own transformations, drawing on our lessons learned as “Customer Zero” to deliver even greater value to our customers.
Most importantly, we’ll continue to write Kyndryl’s business transformation narrative. It promises to be a story of continuous innovation that stands testament to what companies can achieve when they choose to be bold in their own enterprise transformations.
Michael Bradshaw is CIO of Kyndryl.
1 IDC FutureScape: Worldwide Intelligent ERP 2022 Predictions, IDC, October 2021, Document No. US47981721
2 Forrester's Buyers Journey Survey, 2022, Forrester, March 2023
3 What is generative AI? Artificial intelligence that creates, InfoWorld, August 2023
4 Your attack surfaces are expanding. These are the three you must defend, CSO, June 2023
5 Actions the best CEOs are taking in 2023, McKinsey and Company, March 2023