Carhartt’s signature workwear is near ubiquitous, and its continuing presence on factory floors and at skate parks alike is fueled in part thanks to an ongoing digital transformation that is advancing the 133-year-old Midwest company’s operations to make the most of advanced digital technologies, including the cloud, data analytics, and AI.

The company, which operates four factories in Kentucky and Tennessee and designs all its products at its Dearborn, Mich., headquarters, began its digital transformation roughly four years ago. Today, more than 90% of its applications run in the cloud, with most of its data is housed and analyzed in a homegrown enterprise data warehouse.

Katrina Agusti, a 19-year veteran of the company who was named CIO six months ago, has played a pivotal role retooling the workwear retailer for the modern era, under previous CIO John Hill.

Now Agusti, who began her Carhartt tenure as a senior programmer analyst, is charged with leading the company’s transformation into its next phase, one that is accelerating daily with the barrage of complex technologies changing the global supply chain and business practices, Agusti says.

As part of that transformation, Agusti has plans to integrate a data lake into the company’s data architecture and expects two AI proofs of concept (POCs) to be ready to move into production within the quarter. Like all manufacturers in the information age, Carhartt is also increasing relying on automation and robotics at its service and fulfillment centers as it faces challenges in finding talent on the technology side and in the labor force to meet growing demand.

And demand certainly is on the rise for the workwear manufacturer, which is currently experiencing double-digit growth in all three of its lines of its business — direct to consumer, direct to business, and wholesale.

Tuning a transformation to make the most of data

Carhartt launched its Cloud Express initiative as part of a foundational transformation to shift the company’s 220 applications to Microsoft Azure. Two legacy applications, its warehouse management solution and its payroll and benefits solutions, still run on premises but those applications may soon be replaced in favor of cloud-native solutions, Agusti says.

Moving to the cloud — even amidst the pandemic — was a major win for Carhartt. Aside from the obvious speed to market and scalability gains, the vast improvements in stability, performance, uptime, maintenance, failover monitoring, and alerting has automated many of the costly, time-consuming IT tasks, thereby freeing up the IT team to tackle advanced data analytics and to experiment with other new technologies.

Agusti says Carhartt will likely embrace a multicloud architecture in the long run, but for now she and her team are ramping up their cloud expertise in part through conversations with other CIOs about best practices.

“We’re still learning and building the muscle internally to properly run in the cloud and how to manage in the cloud, and not just the management of systems but how to size them,” she says, adding that she is also homing in on data architecture and retention strategies. “It’s a different beast to manage workloads in the cloud versus workloads on premise. We’re still in that journey.”

Like many CIOs, Carhartt’s top digital leader is aware that data is the key to making advanced technologies work. Carhartt opted to build its own enterprise data warehouse even as it built a data lake with Microsoft and Databricks to ensure that its handful of data scientists have both engines with which to manipulate structured and unstructured data sets.

“Today, we backflush our data lake through our data warehouse. Architecturally, what we’d like to do is bring the data in first into the data lake, whether it is structured or unstructured, and then feed it into our data warehouse,” Agusti says, adding that they continue to design a data architecture that is ideal for different data sets.

She does not currently have plans to retire the homegrown data warehouse in favor of the data lake because the team has customized many types of certified data sets for it.

“The data lake will be more in service to our data science team and consumer-facing teams that are building out journeys using unstructured data to inform those personalization,” Agusti says, noting Carhartt’s six data scientists have built several machine learning models that are currently in test mode.

Two such projects are nearing production, the first of which supports Carhartt’s replication of inventory for its five distribution centers and three different businesses.

“We’re trying to use it for decision support and to plan all of that inventory into different distribution centers based on service levels,” she says, noting that the model can optimize Carhartt’s distribution network by taking into account capacities as well as supply and demand and inventory levels.

The second POC is aimed at helping data scientists collect consumer data that can be leveraged to “personalize the consumer journey,” including demographics information and data from consumer surveys, Agusti says.

The power of tech

Like many CIOs, Agusti’s biggest challenge is change management — especially when it comes to persuading employees that the company’s AI models really work.

“Teams are skeptical that technology can provide the decision support and automation that they do today,” the CIO says. “We have a lot of use cases and we’re running them in POC mode because we need to prove to our end users and business community that these models can make those decisions for you.”

Agusti expects many companies are in this transition mode. “There are different functions along the maturity curve,” she says of the AI efforts under way, “but I think there are so many potential applications that can leverage technology especially in data analytical spaces.”

To pique her resolve about the power of technology, all the CIO has to do is think about how, without investments in technology and talent, the pandemic might have derailed the company’s business.

At first, during the pandemic, many essential workers needed to be equipped with Carhartt work gear for extra protection. As a result, the company’s revenue stream grew in the double digits, even when certain business segments were curtailed due to widespread work stoppages.

Once work stoppages started taking hold, Carhartt gained a rare glimpse into its supply chain, enabling its data analysts to view the steps of the supply chain in exquisite detail, like the individual frames in a film.

“What the pandemic did was create the need for that visibility and proactive exception management,” Agusti says. “Every leg of that journey becomes important when you’re having disruption. It was the catalyst for us to get more granular in the visibility and exception management of every single step in the supply chain.”

Thanks to that visibility — and IT’s push to keep Carhartt’s businesses humming — the company is in a better place with its supply chain. It’s still not at the “predictable” level that it was pre-pandemic, Agusti says, but “we’re starting to see logistical lead times level out and improvements of lead times for goods creation getting better.”

Analytics, Artificial Intelligence, Data Management

Data is the new currency of business. We hear that constantly and it is an accurate description of the value that data provides for the successful operation of a business.  Put simply, organizations with “better” data management and use it more effectively, win in the market.  This blog summarizes a recent podcast that featured Graeme Thompson, CIO of Informatica. 

Mr. Thompson started the podcast with an example that drives home the differences between how data and currency are managed in companies today.  A simple comparison of how a CIO and a CFO would answer four key questions set the tone. 

When the CFO is asked “do you know where all your currency is stored?”, the quick answer is yes.  The CIO can’t say the same for the data.If asked, “can you categorize all of your currency?”, the CFO nods in the affirmative, but the CIO knows that many data labels are vague or inaccurate.Asking the CFO if they know who has access to currency, they are certain they do.  The CIO cannot say the same for corporate data.Finally, when asked if currency can be directed for the most profitable use by the company, the CFO can make a positive assertion.  The CIO knows this is not the case.

These four questions provide the foundation for a strategy to enhance the management of data and creating a data platform that enables an organization to leverage it. 

Taking this strategic view of the data asset and making the data the platform for a successful business is also a fundamental change in the role of the CIO.  Rather than focusing on terabytes, cloud services, or how many laptops are in use, a CIO that is focusing on delivering accurate, documented, consistent, managed, and secured data becomes part the firm’s strategic discussions.  This is a fundamental change that enables the CIO to get “a seat at the table”. 

Informatica is enabling this trend with their Intelligent Data Management Cloud, an end-to-end data management platform that acts as the unifying force for making data the currency of your organization.  For more information on how you can create a data platform that gives the organization the same certainty for its information as it has for its money, visit our website.

Data Architecture

Over the past several years, IT has undergone a profound shift in which a formerly support-oriented organization has taken on a much more prominent customer-centric role. Much of this has occurred thanks to the power of data to drive decisions and digital transformation’s impact in enabling companies to create new service- and data-based offerings around their core products.    

After hearing recently that Art Hu’s CIO role at Lenovo had been significantly expanded to incorporate customer solutions, I was eager to talk to him and learn more about how he has approached this shift to a “CIO-plus,” customer-centric IT leadership position. Our conversation touched on how this new opportunity evolved, the central role that data plays for CIOs today, and how his new CTO duties differ from those of his CIO post. What follows is an edited version of our interview.

Martha Heller: In addition to Lenovo CIO, this past April you became CTO of Lenovo Solutions and Services Group. What is that new business?

Art Hu: Last year, Lenovo stood up our Solutions and Services Group (SSG) as a part of our pivot from hardware sales to solutions, including offering our products as a service. Device-as-a-service (DaaS), for example, is our fastest growing business. It allows customers to avoid making large hardware capital expenditures and move to a “consume as you go” model where we manage, configure, and deploy their devices for them. 

Think of SSG as a high-growth startup. Last year, Lenovo earned more than $70 billion in revenue, of which SSG contributed a little more than $5 billion. Our goal is to double our revenue in the next few years.

What does SSG’s rapid growth indicate about the evolving world of business and technology?

The first point is the shift from delivery to outcomes. It is no longer our goal to simply manufacture and ship a piece of hardware. Our goal is to deliver value through business outcomes. But you can only pivot to a customer-outcomes mindset if you have customer intimacy and understand the context in which your technology is being used.

One example is Lenovo’s AIOps service, where we analyze a customer’s data about hybrid cloud service and make recommendations to optimize it for stability and performance. The rapid growth of SSG points to the fact that today, you need more than the right technology: The technology needs to make your data visible, accessible, and actionable.

What lessons learned can you offer CIOs on generating actionable data?

The first lesson is to create clear data standards. We learned that some data needs to be common (the definition of a ‘shipment,’ for example), but we also learned that we cannot standardize everything. We need to allow for some variation in how people operate, even within a global model.

The second is to start building guardrails around the data. When we told our business partners what they could and could not do with the data, they just went off on their own and did it anyway. We realized that we needed to strike the right balance between standards, guardrails, and flexibility. It took us a couple of iterations to get it right.

The third lesson is all about education. You cannot assume that your business partners know what to do with the data. Early adopters will know exactly what they want, but others may not. As an example, we had significantly upgraded our ability to gather feedback on social media, and we started to send customer comments from Twitter and LinkedIn back to our product development teams. We assumed those teams would love all that data, but we were wrong. Someone actually said, “Please stop sending me all of this data. I don’t know what to do with it.” We learned that delivering data is not enough. We need to help our business partners understand it and then use it, to take advantage of these marketplace insights.

What does the SGG CTO role entail?

The first part of my job is to choose the technology investments that will enhance our customer offerings. Where can RPA (robotic process automation) complement our solutions portfolio? How will AR and VR extend our capabilities? The second is to expand the solutions portfolio to bring more choices to our customers. And the third is to leverage SSG as a platform for innovation that drives the future of our solutions and services strategy.

How is that job different from your CIO role?

In both roles, I am continuously scanning the technology landscape to identify opportunities and building a strong engineering team and culture to deliver. But there are differences as well.

For example, my level of external engagement. A CIO’s stakeholders are typically the business users within the company. As Lenovo’s CIO, I build our core business applications, social media and e-commerce sites, and spend time thinking about business scenarios, deployment, and ways to capture value. As CTO, I spend more time in the market, understanding emerging trends and the competitive landscape. Those give me a strong perspective of customer insights, which are then sharpened in discussions with our business leaders and the sales teams. The result is a better-informed offering development process.

My perspective on budgets and investments is also different. As CIO, you typically have a budget against which you prioritize investments and initiatives. But as the CTO in a new P&L, if I cannot articulate a clear value proposition for my technology investment roadmap, my development budget is zero. The conversation shifts from “your budget needs to decrease by 10%, so you can do some but not all of your priorities” to “your budget is zero because we don’t believe your technology strategy will grow our P&L.” (That hasn’t happened yet, fortunately.)

Finally, there is the difference of working in a startup versus working at global scale. As CIO of Lenovo, I manage the teams that support a multibillion-dollar business. The SSG CTO role, on the other hand, has required me to get into the nitty-gritty of incubating a business. Being a leader in a $70 billion business is very different than supporting a new line of business in the “from-zero-to-one” stage of maturity. 

How did you wind up in the role?  

I was asked to take on both roles for several reasons. The first is that for years, industry trends have indicated that the future would be increasingly software-defined, so we have been building up our software capability within IT for quite a while. 

At the same time, SSG’s approach to developing our offerings has been to tap into the best of Lenovo’s assets from across the enterprise and integrate them into a single offering, with software being part of the “glue” that ties it together. The requirements to execute this type of exercise were a natural fit with IT’s software capabilities, especially the engineering methodologies, processes, and platforms that were needed to build SSG’s R&D platform.

Second is our “Lenovo powers Lenovo” concept. Over the years, our customers have wanted to know how we, at Lenovo, run our business: Supply chain planning, warehouse operations, and globalization are good examples. They also wanted to know more about the hybrid cloud solution we built in-house. They said, ‘Can’t we just buy what you’re doing?’ So, we took some of the solutions we had developed internally to run Lenovo, productized them, and began offering those to our customers. Although I didn’t know it then, I was incubating a small business within IT, and that was one of the seeds that ultimately led to my taking on the CTO role.

What advice do you have for CIOs who would like to take on a CTO position?

Don’t wait. If you are developing software solutions internally that could be valuable to your customers, start thinking about those solutions as the beginning of a business. As CIO, you are perfectly positioned to do this, since so many ingredients of a software-enabled solutions business are already sitting within your purview. My advice to CIOs who are looking to do more would be to look at the assets they already have.

IT Leadership

Veeam is all set to shift its selling strategy to appeal to CIOs with performance guarantees that could penalize the data replication, backup and recovery company if it fails to meet agreed-on outcomes.

“CIOs more and more seek outcomes, not just services,” said Anand Eswaran, CEO at Veeam. “They need to hedge their risks. They are starting to demand outcomes from their technology providers. If it is a vendor in backup and recovery area, historically, you would simply charge for a backup solution. Going forward, you’ll need a recovery outcome, and you’ll be paid based on the recovery outcome or you’d be penalised.”

Veeam has already been working on an outcome-based engagement with select clients, where it helps them meet stringent business continuity requirements with an RTO/RPO (recovery time objective and recovery point objective) of less than 15 minutes. “We are now trying to formalize this and letting people know that this actually something you should focus on,” Eswaran said. 

In an outcome-based engagement, Veeam’s global systems integrator (GSI) partners work with end customers to understand their business objectives—such as their RTO/RPO requirements, appetite for data loss and time loss in case of an incident—and then work backward to build the data architecture required to meet the objectives.

“On top of our product, we work with our GSI partners to make sure the architecture, the workflow, and the processes put in place are the right ones to meet the customer objectives. Currently, there are no penalties clauses in these contracts but that’s where CIOs are trying to push on and that’s where we are thinking through this,” Eswaran said. 

While Eswaran refused to give the exact timeline of the official launch of the new offering, he said it will be a part of the company’s larger objective of doubling its market share and expanding its revenue from the current $1 billion to $10 billion.

Veeam eyes 25% market share

Veeam, which is one of the very few data replication players in the market continuing to see growth momentum, came out as the close second behind Dell Technologies in IDC’s semi-annual software tracker for data replication and protection for the second half of 2021, with about 12% market share. The company is now betting on innovations such as outcome-based engagement to more than double that market share to more than 25% and expand its revenue tenfold.

Eswaran is confident that despite economic headwinds, the company will continue to win new business and expand its product lines, given the continued risks posed by ransomware attacks. “It’s true that companies are being more cautious with macroeconomic environments in play, there are pauses in capital expenditure, hiring etc. But the reality is given what’s happening with the geopolitical environment, the nation state actors are on the rise, malicious actors are on the rise. This category of ransomware, data protection, ability to recover data without delay is now a board priority, not just an infrastructure admin or IT priority,” Eswaran said.

Eswaran agrees, though, that the goal of achieving 25% market share is very ambitious. “We are talking about more than doubling our market share, which is pretty ambitious, pretty aggressive, but we feel very confident about that for a variety of reasons. First, we are on a steady increase of market share over the past two-three years. So, if we just execute as we have been on product innovation, we will see us cross 20% market share in not very distant future,” he said.

Over the past few years, Veeam has been aggressively expanding its product portfolio—it launched native backup for Microsoft 365, native backup for GCP, native backup for Azure, and is expected to soon launch native backup for Salesforce. “Microsoft 365 alone is billions of dollars of total addressable market for us. This accelerated pace of innovation is also one of the reasons why we are going to take several points of market share, beyond execution,” Eswaran said.

Backup and Recovery, Technology Industry

The world of the UK CIO is a dynamic one. It’s not unusual to find tech leaders seeking new challenging roles where they can bring their experience and digital transformation vision to fruition, especially in the current climate and as a new year approaches.

If you have any appointment or job news to share, or any other information you feel may be relevant and interesting to the UK CIO community, please contact us here.

October

Jacky Wright will join consultancy McKinsey as its first Chief Technology and Platform Officer next month to lead McKinsey’s overall technology portfolio and strategy.

Wright had been at Microsoft for over a decade, most recently as the US CDO since 2019, and a corporate VP since 2016. She took on the CDIO role at HM Revenue and Customs during a secondment from 2017 to 2019, and had held CIO roles at BP and GE in the past. Earlier this year, she was named as the UK’s most influential Black person by Powerful Media.

She will report to McKinsey’s global managing partner, and will become a senior partner at the consultancy firm later this year.

Careers, CIO

Changes Microsoft made to its cloud licensing of Windows and application software to “make bringing workloads and licenses to partners’ clouds easier,” the company says, have drawn the ire of those cloud partners, some of whom have jointly filed an antitrust complaint in the European Union.

They’re concerned that Microsoft is using software licensing to limit European businesses’ choice of cloud service provider for services including desktop virtualization and application hosting.

Microsoft’s licensing changes came into effect on October 1, 2022.

Microsoft chief partner officer Nicole Dezen described the changes as making it easier for enterprises to bring software they had licensed to a partner’s cloud — for example running applications on Windows 11 on multi-tenant servers — and for service providers to build and sell solutions more easily in their preferred cloud.

However, changes also include some notable restrictions. Enterprises can’t move their existing licensed software to the clouds of Alibaba, Amazon Web Services, Google Cloud Platform, Microsoft Azure or any outsourcer relying on their infrastructure, and they would instead have to acquire new licenses from the relevant hosting service.

That’s great news for small regional cloud hosts — unless their services, like those of Netherlands-based Leaseweb, include the creation of hybrid clouds involving their own infrastructure and that of Microsoft Azure, or one of the other hyperscalers on Microsoft’s exclusion list.

It was those restrictions that annoyed Cloud Infrastructure Service Providers in Europe (CISPE), a Belgian non-profit whose members include Amazon Web Services, a raft of French web and application hosting companies (of which the best-known is OVH), Leaseweb in the Netherlands, and other domestic and multinational hosting companies based in Finland, Italy, and Spain.

Formal complaint

On November 9, 2022, CISPE filed a formal complaint with the European Commission’s Directorate-General for Competition (DG Comp), the top antitrust authority for the European Union’s 27 member states. It said, “Microsoft uses its dominance in productivity software to direct European customers to its own Azure cloud infrastructure to the detriment of European cloud infrastructure providers and users of IT services.”

CISPE declined to provide full details of its complaint, citing the need to give the European Commission’s case team time to read it first, but has released an executive summary.

A European Commission spokeswoman said that CISPE had informed the Commission it would submit a complaint against Microsoft, and that the Commission would assess it based on its standard procedure.

The first step in that procedure is to determine whether Microsoft holds a dominant position in the market the complaint concerns. Then, it may choose to open an investigation into whether that dominance is being abused. At the end of that investigation, it may issue a statement of objections, to which the parties to the case may respond before the Commission reaches a formal decision, which may result in enforcing action or a fine.

Three in a row

It’s not the first such complaint the Commission has received from Microsoft rivals, though. In early 2021, German online storage service provider NextCloud filed a complaint with DG Comp regarding Microsoft bundling Onedrive with its Microsoft365 software suite. Its complaint later won the support of a host of European online service providers, different from CISPE’s membership.

OVH, along with fellow CISPE member Aruba.it and a consortium of Danish cloud service providers, then followed, filing a joint complaint about Microsoft’s practices in early 2022, an OVH spokeswoman said.

After those two complaints became public, Microsoft president Brad Smith acknowledged on the company’s blog in May the validity of some claims and announced plans to support European cloud providers through changes to licensing — the changes that came into effect on October 1, 2022.

Whether the third complaint, CISPE’s, will prompt further changes in Microsoft’s stance remains to be seen. But this is perhaps the best hope for enterprises and service providers affected by the licensing rules. While European Union antitrust cases can result in big fines, they proceed extremely slowly.

Previous European antitrust actions against Microsoft over the bundling of one its products with another have dragged on for years. In 2004 the company paid a $611 million fine after the Commission found it guilty of illegally bundling media player software with Windows XP (launched in 2001), and then $357 million in 2006 and another $1.3 billion in 2008 for failing to comply with the 2004 ruling.

In 2013, it was also fined $731 million for bundling its Internet Explorer browser with Windows 7, a case that began in 2011 against an operating system launched in 2009.

Cloud Computing, Cloud Management, Cloud Storage, Microsoft, Software Licensing

Movers & Shakers is where you can keep up with new CIO appointments and gain valuable insight into the job market and CIO hiring trends. As every company becomes a technology company, CEOs and corporate boards are seeking multi-dimensional CIOs with superior skills in technology, communications, business strategy and digital innovation. The role is more challenging than ever before but even more exciting and rewarding! If you have CIO job news to share, please email me!

Karen Higgins-Carter joins Gilbane Building Co. as CIDO

Karen Higgins-Carter, CIDO, Gilbane Building Co.

Gilbane Building Co.

Gilbane is a global integrated construction and facility management services firm based in Providence, R.I. Previously, Higgins-Carter was CIO at Webster Financial. She earned a dual degree in Mechanical Engineering (BSME) and Economics and Business (BA) at Lafayette College. She has served since May 2022 on the Boards of Otsuka America Pharmaceutical and Otsuka Pharmaceutical Development & Commercialization. She is also active as Chair of the Events Committee of the T200 Foundation, a nonprofit supporting the development of women executives in technology, and as a CIO Mentor at Columbia University.

Atefeh (“Atti”) Riazi Named CIO of Hearst

Atefeh (“Atti”) Riazi, CIO, Hearst

Hearst

Hearst is a global diversified information, services, and media company with operations in 40 countries. Most recently, Riazi worked at Memorial Sloan Kettering where she was responsible for digital strategy and transformation. Earlier, she served as Assistant Secretary-General and Chief Information Technology Officer at the United Nations. She has also held the position of CIO at the New York City Housing Authority. She earned a degree in Electrical Engineering from SUNY Stony Brook.

Jim Palermo moves into CIO role at Red Hat

Jim Palermo, CIO, Red Hat

Red Hat

Red Hat is a worldwide provider of enterprise open-source software solutions that help clients deliver reliable and high-performing Linux, hybrid cloud, container, and Kubernetes technologies. Palermo joined Red Hat in 2010 and most recently served as VP of Digital Solutions Delivery. He will report to Carolyn Nash who was recently named COO. Palermo received a Bachelor of Science degree in Computer Science from The College of William & Mary.

Etsy names Rachana Kumar Chief Technology Officer

Rachana Kumar, CTO, Etsy

Etsy

Based in Brooklyn, New York, Etsy operates two-sided online marketplaces that connect millions of buyers and sellers of creative good and crafts around the world. Kumar will assume her new role on Jan. 1. She currently is serving as VP of Engineering at Etsy. Previously, she worked with the UN, Council on Foreign Relations, and ran her own nonprofit organization. Kumar holds a bachelor’s degree from RV College of Engineering in Bengaluru, India, and a Master of Public Administration from Columbia University. She has been recognized as one of the Top 50 Women in Tech by the National Diversity Council, and has received the Digital Diversity Network’s Innovation and Inclusion CodeBreakers Award, Innovators & Disrupters Award from New York on Tech and Future CIO Award at Women in IT Awards.

Crowley names Erika Graziuso as CIO

Erika Graziuso, CIO, Crowley

Crowley

Crowley is a $2.9B maritime, energy, and logistics solutions company serving the commercial and government sectors. Prior to Crowley, Graziuso served as Global CIO for LHH, a human resources solutions firm, and Group SVP of Technology, both under The Adecco Group. She holds a Master’s degree in financial institutions from Bocconi University in Milan, Italy, and completed the Global Leadership Program at ISEI Business School in Shanghai, China.

Thorlabs announces Michael Cheng as new head of IT

Michael Cheng, new head of IT, Thorlabs

Thorlabs

A global company with 2,300 employees and headquartered in Newton, N.J., Thorlabs designs and manufactures photonics equipment for research, manufacturing, and biomedical applications. Cheng most recently was VP of IT at Troy Corp., a global specialty chemicals manufacturer. He earned a BS in Business Administration, an MS in Information Systems and Computer Science, and an MBA, all from Hawaii Pacific University.

BakerHostetler names Katherine Lowry as CIO

Katherine Lowry, CIO, BakerHostetler

BakerHostetler

BakerHostetler is one of the largest law firms in the US and has more than 1,000 attorneys. Lowry will assume the CIO role on Jan. 1. She currently serves as co-chair of the Emerging Technology team of BakerHostetler’s Digital Assets and Data Management Practice Group and leads the firm’s legal technology consulting and R&D team, IncuBaker. She was on the Annual list of AI Visionaries in 2022 and was a 2021 Fastcase 50 Honoree. Lowry received her Bachelor of Arts from Stetson University and a Juris Doctorate from the University of Dayton School of Law.

Sheila Carpenter appointed CIO at Everbridge

Sheila Carpenter, CIO, Everbridge

Everbridge

Everbridge is a public global company that provides enterprise software applications that automate and accelerate organizations’ operational response to critical events. Previously, Carpenter served as CIO of Zix, an email security firm, and before that she was VP of IT, Cloud Services Operation for Entrust Datacard. She launched the Women’s Network of Ottawa for Entrust Datacard and has also implemented the Women in Security group at Zix/AppRiver.

Southwell welcomes James ‘Jamey’ Pennington as new CIO

James ‘Jamey’ Pennington, CIO, Southwell

Southwell

Southwell is a not-for-profit health system providing a wide range of care services across 12 counties in South Central Georgia. Pennington most recently served as an IT consultant with Coker Group Holdings, which is based in Alpharetta, Ga. Pennington holds a Bachelor’s degree in Computer Science from the University of Arkansas-Monticello.

Krishna Seetharam announced as new CIO of CyrusOne

Krishna Seetharam, CIO, CyrusOne

CyrusOne

CyrusOne is a global developer and operator of data centers and digital infrastructure solutions. Most recently, Krishna served as VP and CIO of National Grid’s New York business unit. Earlier, he held various leadership roles at GE, including VP of Data and Analytics for GE Power. Seetharam received a Bachelor of Engineering degree from Bangalore University and an MBA from Indian Institute of Management, Kozhikode.

Joyce Oh joins Moffitt Cancer Center as CIO

Joyce Oh, CIO, Moffitt Cancer Center

Moffitt Cancer Center

Moffitt Cancer Center is one of 53 National Cancer Institute-designated Comprehensive Cancer Centers. Previously, Oh served as divisional CIO at Beaumont Health, Michigan’s largest healthcare system. She earned her Bachelor’s degree from Northwestern University with a dual degree in Economics and Mathematics, and she studied Business Analytics at UC Berkeley Executive Education.

Columbia Bank appoints Manesh Prabhu as CIO

Manesh Prabhu, CIO, Columbia Bank

Columbia Bank

Columbia Bank is a full-service community bank with 60 branches in New Jersey. Most recently, Prabhu held the title of CTO at People’s United Bank He earned an MBA from Thiagarajar School of Management (TSM) – Madurai Kamaraj University in India, and a Bachelor of Technology in Electrical & Electronics Engineering from Rajiv Gandhi Institute of Technology (RIT) – Mahatma Gandhi University in India.

Scott Frost named CIO at 3Pillar Global

Scott Frost, CIO, 3Pillar Global

3Pillar Global

3Pillar Global is a developer of digital software products based in Fairfax, Va. Frost has been with the company since 2020 serving as SVP of Business Technology & Security. Previously, he served as VP of Enterprise Systems & Security at ScienceLogic and held positions at Hobsons, AOL, and Discovery Communications. He received a Bachelor’s degree in Management Science from Virginia Tech – Pamplin College of Business.

Pam Presswood is named CIO of Valor

Pam Presswood, CIO, Valor

Valor

Valor is a professional service provider specializing in mineral rights management and software-based business solutions. Presswood most recently served as the Vice-President of Information Systems for Luther King Capital Management, a financial and investment services firm based in Texas. She is a founding member of the Women Steering Business, a civic-minded nonprofit dedicated to the development and mentorship of the next generation of female business leaders in Fort Worth, Texas. Presswood graduated from Texas A&M University with a B.S. with honors in Computer Science.

Brian Wesselhoff promoted to CIO at Waterstone Mortgage

Waterstone Mortgage is a Milwaukee-based mortgage lending company founded in 2000.  Wesselhoff joined the company in 2018 and most recently served as VP, Information Technology. Earlier, he spent 20 years in various IT roles at Kalmbach Media. Wesselhoff earned a Bachelor of Science degree from Carroll University.

Alice Fournier joins ISS as CIO for Americas Region

ISS is a leading global workplace experience and facilities management company, with a total of 350,000 employees worldwide and headquarters in Denmark. Prior to joining ISS, Fournier held senior leadership roles at WD-40 and Kantar, an analytics and market research firm. She holds a bachelor’s degree from the Université du Quebec à Montreal.

New CIO appointments, October 2022

Allstate names Zulfi Jeevanjee to newly created CIO position

The NFL hires Gary Brantley as new CIO

Grady Ligon joins RE/MAX as CIO

XPO promotes Jay Silberkleit to CIO

Chevron Phillips Chemical expands remit of CIO Allison Martinez 

Delta Dental of California promotes two executives into CIO and CTO roles

Ryan Olivier is named CIO of AAM (American Axle & Manufacturing)

Excela Health welcomes Vasanth Balu as CIO

Velcro Companies selects Rob Trotter as CIO

Potawatomi Hotel & Casino welcomes Garret Finocchiaro as its first CIO

Slalom hires Michelle Grover as first CTO

Sharon Pitt is named CIO at Brown University

University of Cincinnati hires Bharath Prabhakaran as CDO

Vuori Clothing names Bryan Muehlberger to be its CIO

Eduard de Vries is named CIO for Axia Women’s Health

Matt Postulka returns to Arbella Insurance as CIO

Biju Samuel joins Frazier & Deeter as CIO

Creative Testing Solutions welcomes new CIO Jeff Modell

TGen names Kevin Campbell CIO

New CIO appointments, September 2022

Walgreens Boots Alliance appoints Hsiao Wang as CIO

American Airlines Names Ganesh Jayaram CDIO

Fletcher Previn is named CIO of Cisco Systems

Mike Sullivan promoted to CIO of Post Holdings

Omni Hotels & Resorts hires Lance Kobza as CIO

Water Street Healthcare Partners appoints Deepak Batheja as CIO

Aon appoints James Platt as Chief Digital Officer and Mindy Simon as Chief Operating Officer

Conagra promotes Tracy Schaefer to CIO

Robert Curtis is named IT leader at Danbury Mission Technologies

RealTruck hires Tom Luttrell as its first CIO

Wesley Eugene has been named CIO at IDEO

Andy Rhodes named CIO at Ultimate Medical Academy

Amit Gaur joins HALO Branded Solutions as CIO

Archkey Solutions names Scott Welch to lead IT

REV Group hires Sagar Murty as CIO

Marcus Manning is named CIO of Smart Financial Credit Union

Mark Sander is the new CDIO at Azurity Pharmaceuticals

Allied Electronics & Automation Appoints Jason Taylor as CIO

Michael Early is named CTO of Francesca’s

New CIO appointments, August 2022

Michelle Greene is the new CIO at Cardinal Health

United Airlines announces technology leadership promotions

McDonald’s appoints Brian Rice as CIO

Kimberly-Clark names Zack Hicks as chief digital and technology officer

Hyatt Hotels appoints Eben Hewitt as CIO

Kohl’s promotes Siobhan McFeeney to CTO

Denise Fleming is named CIO of Becton Dickinson

Bobby Aflatooni joins Dollar Tree as CIO

Patty Patria is named CIO of Babson College

Sevita hires Patrick Piccininno to be its CIO

Sharay Erkine is named CIO of Atlanta Community Food Bank

Cranial Technologies names Pete Foster CIO

Ryan Specialty hires Bradley Bodell as CIO

Dwain Wilcox joins J.M. Huber as CIO

Amalgamated Family of Companies announces Sanjay Chojar as CIO

Xerxes Gazder appointed as CIO of AAON

Atlanta Hawks and State Farm Arena announce Chief Innovation and Technology Officer Kimberly Rometo

Steve Klohn is named CIO of Dave & Buster’s

Julie Nash promoted to CIO at Arlo Technologies

Tom Sweet is named CIO of Industrial Refrigeration Pros

Christian Eidt joins Davis-Standard as CIO

Big Brothers Big Sisters of America selects Travis Gibson to be CTO

The Federal Communications Commission names Allen Hill as CIO

Owens & Minor elects Carissa Rollins to its board of directors

New CIO appointments, July 2022

Neeru Arora named CIO and CDO for Volkswagen Group of America

Monica Caldas will become CIO of Liberty Mutual

Deere promotes CIO Raj Kalathur to CFO, appoints Ganesh Jayaram as new CIO

Ingersoll Rand Names Kathryn Freytag Chief Information Officer

eXp World Holdings names Shoeb Ansari as CIO

FM Global promotes Todd Mazza to CTO

Enovis names Ariane Schiereck Chief Digital and Information Officer

Colonial Pipeline names Darrell Riekena CIO

CareFirst BlueCross BlueShield announces Dorothea (“Dori”) Henderson as CDIO

Carol Lee Joins La-Z-Boy as CIO

Webster Bank appoints Vikram Nafde as CIO

Skillsoft has named Orla Daly as CIO

Brad Warezak Joins Rocket Lab as CIO

Milton’s Distributing and Gordon Logistics hires Scott Gardner as CIO

Baystate Health names Kevin Conway CIDO

Nicole White Joins Odyssey Logistics & Technology as CIO

FuelCell Energy hires John Dutsar to lead IT

Limbach Holdings promotes Christos Ruci to CIO

Yale University elevates John Barden’s CIO role

Medtronic appoints Lidia Fonseca as a new board director

New CIO appointments, June 2022

Northwestern Mutual appoints Jeff Sippel Chief Information Officer

Brett Craig promoted to EVP & CIO at Target

Springs Window Fashions names Chetan Balsara CIO

Chris Clark joins Black Rifle Coffee Company as CTO

Brown & Brown hires Kiet Tran as CTO

Craig Kwiatkowski, PharmD, named CIO at Cedars-Sinai

Donatos names Steven Graves Chief Information Officer

XIFIN appoints John Kelly as Chief Information Officer

Cenlar FSB appoints Steven Taylor as SVP & CIO

Foley Equipment welcomes Kirk Hay as its new CIO

Lincoln Electric names Lisa Dietrich EVP & CIO

Brown Harris Stevens names Chris Reyes Chief Information & Product Officer

Adventist Health appoints Jennifer Stemmler as Chief Digital Officer

First Bank hires Terrence Thomas as CIO

Saket Srivastava joins Asana as CIO

Mike Macrie has joined Melissa & Doug as CIO

New CIO appointments, May 2022

The Home Depot Promotes Matt Carey to EVP of Customer Experience and names Fahim Siddiqui EVP and CIO

Deb Hall Lefevre hired as CTO of Starbucks

Dentons Names Ash Banerjee as Global Chief Information Officer

John Hill joins MSC Industrial Supply as SVP and Chief Digital Officer

Carhartt appoints Katrina Agusti as CIO

Lenovo adds CTO of Solutions & Services Group to Arthur Hu’s CIO responsibilities

AMD appoints Hasmukh Ranjan to SVP & CIO following Xilinx acquisition

Craig Richardville named CDIO at Intermountain Health after merger with SCL Health

FirstEnergy Promotes Ernest N. Maley to VP & CIO

OneDigital Hires Marcia Calleja-Matsko as CIO

CarParts.com names a new CTO and a new CIO

Jessie Minton is the new CIO at Washington University in St. Louis

U.S. Medical Management appoints Kristin Darby as CIO

The Lovesac Company Appoints Todd Duran as CIO

Shokie Lopez is Santa Cruz Bicycles’ new CIO

Supplemental Health Care names Simon Curtis Chief Digital Officer

City of Oakland appoints Tony Batalla as new CIO

New CIO appointments, April 2022

PayPal Appoints Archana (Archie) Deskus as EVP & CIO

Jennifer Hartsock joins Cargill as Chief Information & Digital Officer (CIDO)

Rite Aid expands Justin Mennen’s role

Juan Perez joins Salesforce as Chief Information Officer

Mark Bloom joins Gallagher as CIO

Republic National Distributing Co. names Sanjay Shringarpure as CIO

Keolis North America appoints Alex Wu as CIO

Chico Moline assumes CIO position at Amentum

Partha Srinivasa is the new EVP & CIO at Erie Insurance

Waitr names Matthew Coy Chief Information Officer

Michael Smith is named CIO at InnovaPrep

Illumina welcomes Carissa Rollins as Chief Information Officer

Serta Simmons Bedding announces Shoukat Ali Bhamani as its new CTO

The CIA appoints La’Naia Jones as CIO of the agency

Dr. Karl Mathias appointed CIO for U.S. Department of Health and Human Services

Boston Mayor appoints Santiago Garces as new CIO

Monogram Foods announces incoming CIO Dawn Drewry

Ann Madea has joined Simmons Bank as CIO

Matthew Gunkel is named Associate Vice Chancellor & CIO at UC Riverside

WOWorks hires Kyle Mark as its first CIO

Insight appoints Sumana Nallapati as CIO

New CIO appointments, March 2022

Sanofi selects Lakshmi Eleswarpu as SVP & Global CIO

Dupe Akinyede is named CIO of Resideo Technologies

CME Group promotes Sunil Cutinho to CIO

Joe Carroll Named CITGO Chief Information Officer

Mark Mospan is the new CIO at Foundation Partners Group

Painters Supply & Equipment appoints Tareq Falah to CIO post

MarketAxess announces new CIO, Nash Panchal

Just Born Quality Confections names Chidi Alams to CIO post

United Natural Foods elects Shamim Mohammad to its board of directors

Cadence Appoints Mary Louise Krakauer to Board of Directors

Former Morgan Stanley CIO, Sigal Zarmi, joins BigID’s board of advisors

New CIO appointments, February 2022

Wayfair names Fiona Tan Chief Technology Officer

USAA appoints Amala Duggirala to Enterprise CIO post

Sharmeelee Bala named CIO of J.C. Penney

U.S. Senate Confirms Kurt DelBene as CIO of the VA

Excellus BlueCross BlueShield appoints Cindy Langston as its first female CIO

FirstEnergy Names Steve Fortune Vice President & CIO

Research Triangle Institute International hires Jorge Elguera as CIO

Matthew Kurpinski named CIO for ITC Holdings

Matt Watkins is the new CIO at IMA Financial Group

EmployBridge appoints Don Sloan to Chief Digital Officer position

Neiman Marcus has promoted Vijay Karthik to SVP & CTO

Flexsys appoints Jose Boloqui to be CIO

Gelson’s Markets promotes Ron Johnson to VP & CIO

Integral Ad Science Appoints Robert Janecek as CIO

Innoveo Adds Veteran CIO Al-Noor Ramji to its Board of Directors

New CIO appointments, January 2022

TIAA Appoints Sastry Durvasula Chief Information & Client Services Officer

Fannie Mae appoints Ramon Richards as Chief Information Officer

John Sherman sworn in as Department of Defense Chief Information Officer

DXC Technology names Kristie Grinnell as its Chief Information Officer

Jane Moran has joined Mass General Brigham as CIDO

Genesys names Wesley Story Chief Information Officer

Farmers Business Network hires Kumud Kokal to be its first CIO

Dave Berry is the new CIO at Boardriders

Atlanticus Holdings promotes Kas Naderi to the CIO position

Matrix Medical Network Selects Tom Catchings as CIO

St. Luke’s names Chris Sorenson Chief Information Officer

Bindu Purushothaman named CIO of Satellite Healthcare

Ram Balasubramanian joins Canoo as Chief Information Officer

Careers, CIO, IT Leadership

One reason open source is popular in the enterprise is that it provides well-tested building blocks that can speed up the creation of sophisticated applications and services. But third-party software components and the convenience of packages and containers bring risks along with the benefits because the applications you build are only as secure as those dependencies.

Software supply chain attacks are becoming so widespread that Gartner listed them as the second biggest threat on for 2022. By 2025, the research firm predicts 45% of organizations globally will have experienced one or more software supply chain attacks — and 82% of CIOs think they will be vulnerable to them. These include attacks via vulnerabilities in widely used software components such as Log4j, attacks against the build pipeline (c.f., SolarWinds, Kaseya, and Codecov hacks), or hackers compromising package repositories themselves.

“Attackers have shifted priority from production environments to software supply chains because software supply chains are the weakest link,” explains Lior Levy, CEO of Cycode. “As long as software supply chains remain relatively easy targets, software supply chain attacks will increase.”

Recent high-profile incidents have been a wake-up call for the software development industry, says Rani Osnat, senior vice president of strategy at Aqua Security. “We’ve uncovered decades of opacity and lack of transparency and that’s why it’s such a big deal.”

Studies of codebases that use open source code shows that vulnerabilities and out-of-date or abandoned components are common: 81% of codebases had at least one vulnerability, 50% had more than one high-risk vulnerability, and 88% used components that weren’t the latest version or had no new development in two years.

These issues are unlikely to dent the popularity of open source though — and commercial software and services are also vulnerable. When LastPass was attacked it didn’t lose customer data, but an unauthorized party was able to view and download some of its source code, which might make it easier to attack users of the password manager in the future, and the Twilio breach enabled attackers to launch supply-chain attacks on downstream organizations.

The ‘shadow code’ threat

Just as security teams defend their networks as if already breached, CIOs must assume all code, internal or external, and even the development environments and tools their developers use have already been compromised and put policies in place to protect against and minimize the impact of attacks against their software supply chains.

In fact, Osnat suggests CIOs think about this “shadow code” the way they do about shadow IT. “This needs to be looked at as something that is not just a security problem, but really something that goes deep into how you obtain software, whether it’s open source or commercial: how you bring it into your environment, how you update it, what kind of controls you want to have in place and what kind of controls you want to demand from your suppliers,” he says.

Transparency: Toward a software bill of materials

Physical supply chains already use labels, ingredient lists, safety data sheets, and bills of materials so regulators and consumers know what ends up in products. New initiatives aim to apply similar approaches to software, helping organizations understand the web of dependencies and the attack surface of their software development process.

White House executive order 14028 on software supply chain security requires software vendors supplying the federal government to provide a software bill of materials (SBOM) and use the supply chain levels for software artifacts (SLSA) security checklist to prevent tampering. Because of this, “we’re seeing a lot of enterprises take a much more serious look at their software supply chain,” says senior Forrester analyst Janet Worthington. “All companies today both produce and consume software and we’re seeing more of the producers come to us and say, ‘How do I produce software that is secure and that I can attest to with a software bill of materials.’”

There are numerous cross-industry projects, including NIST’s National Initiative for Improving Cybersecurity in Supply Chains (NIICS), the Supply Chain Integrity, Transparency, and Trust (SCITT) initiative from Microsoft and other IETF members, as well as the OpenSSF Supply Chain Integrity Working Group.

“Everybody is taking a more holistic approach and saying, wait a minute, I need to know what I’m bringing into my supply chain that I’m creating the software with,” Worthington says.

A recent Linux Foundation survey found that SBOM awareness is high, with 47% of IT vendors, service providers, and regulated industries using SBOMs today and 88% expecting to use them in 2023.

SBOMs will be most useful to organizations that already have asset management for software components and APIs. “People who have robust software development processes today find it easier to slot in tools that can generate a software bill of materials,” Worthington says.

SBOMs can be created by the build system, or they can be generated by software composition analysis tools after the fact. Many tools can integrate into CI/CD pipelines and run as part of a build, or even when you pull down libraries, she says. “It can warn you: ‘Hey, you have this component in your pipeline and it’s got a critical issue, do you want to continue?’”

For that to be useful, you need clear policies on how developer teams acquire open-source software, says Chainguard CEO Dan Lorenc. “How do developers know what their company’s policies are for what’s considered ‘secure’ and how do they know that the open source they are acquiring, which constitutes the great majority of all software being used by developers these days, is indeed untampered with?”

He points at the open-source Sigstore project that JavaScript, Java, Kubernetes, and Python use to establish provenance for software packages. “Sigstore is to software integrity sort of what certs are to websites; they basically establish a chain of custody and trust verification system,” he says.

“I think a CIO should start by indoctrinating their developer teams in these fundamental steps of using emerging industry standard approaches for one, locking down build systems, and two, creating a repeatable method to verify trustworthiness of software artifacts before bringing them into the environment,” Lorenc says.

Making the contribution

Whether it’s components, APIs, or serverless functions, most organizations underestimate what they’re using by an order of magnitude unless they run routine inventories, Worthington points out. “They find out that some of these APIs aren’t using proper authentication methods or are maybe not written in a way that they expected them to be and maybe some of them are even deprecated,” she says.

Beyond vulnerabilities, evaluating the community support behind a package is as important as understanding what the code does because not all maintainers want the burden of having their code treated as a critical resource. “Not all open source is made the same,” she warns.

“Open source may be free to download but certainly the use of it is not free. Your use of it means that you as are responsible for understanding the security posture behind it, because it’s in your supply chain. You need to contribute back to it. Your developers need to participate in fixing vulnerabilities,” says Worthington, who suggests organizations should also be prepared to contribute monetarily, either directly to open-source projects or to initiatives that support them with resources and funds. “When you create an open-source strategy, part of that is understanding the budget and implications.”

Don’t think of that as just an expense, but as an opportunity to better understand the components you depend on. “It even helps retain developers because they feel like they’re part of the community. They’re being able to contribute their skills. They can use this on their resume,” she adds.

Remember that vulnerabilities can be found anywhere in your technology stack, including mainframes, which increasingly run Linux and open source as part of the workload but often lack the security processes and frameworks that have become common in other environments.

Protecting your pipeline

Protecting your software delivery pipeline is also important. NIST’s Secure Software Development Framework (SSDF) and SLSA is a good place to start: This covers best practices at various maturity levels starting with a simple build system, then using logs and metadata for audit and incident response through to a fully-secured build pipeline. The CNCF’s Software Supply Chain Best Practices white paper, Gartner’s guidance on mitigating software supply chain security risks, and Microsoft’s OSS Secure Supply Chain Framework, which includes both processes and tools, are also helpful.

It’s important to note, however, that simply turning on automated scanning tools intended to find malicious code can produce too many false positives to be helpful. And although version control systems such as BitBucket, GitHub, GitLab, and others include security and access protection features (including increasingly granular access policy controls, branch protection, code signing, requiring MFA for all contributors, and scanning for secrets and credentials), they often have to be explicitly enabled.

Also, projects such as Factory for Repeatable Secure Creation of Artifacts (FRSCA) that aim to secure build pipelines by implementing SLSA in a single stack aren’t yet ready for production, but CIOs should expect build systems to include more of these practices in future.

Indeed, while SBOMs are only part of the answer, the tools to create and work with them are also still maturing, as are the processes for requesting and consuming them. Contracts need to specify not only that you want SBOMs but how often you expect them to be updated and whether they will include vulnerability reports and notifications, Worthington advises. “If a new important vulnerability like Log4j is found, is the vendor going to tell me or am I going to have to search myself in the SBOM to see if I’m affected?”

Organizations will also need tools to read SBOMs and put in place processes to take actions on what these tools find. “I need a tool that can tell me what are the known vulnerabilities [in the SBOM], what are the licence implications, and does that happen continuously,” Worthington says.

CIOs should keep in mind that an SBOM “is an enabler but it doesn’t actually solve anything in terms of securing your supply chain. It helps you cope with incidents that might come your way,” says Osnat, who is optimistic about both the speed of industry response and the broad collaboration that’s going on around standards for SBOMs  and code attestation that will help make tools interoperable (something organizations raised as a particular concern in the Linux Foundation research). That could lead to the same improvements in the standards of transparency and reporting across the industry that SOC 2 delivered.

That said, CIOs don’t have to wait for new standards or tools to begin making security as much a part of the developer role as quality has become in recent years, Osnat says. His suggestion: “Start by getting your CISO and lead engineer in a room together to figure out what the right model is to make that work for your organization and how that transformation will occur.”

Application Security, Security Practices, Software Deployment, Software Development

“The barriers confronting organizations in South Africa that want to achieve carbon neutral status by 2030 are significant. Among them is the simple reality that most of the nation’s power production originates from coal-fired plants located in the northeastern part of the country while the greatest potential impact for sustainable approaches like solar and wind lie in the south. We can’t immediately upend the entire power grid structure, but together with a willing and enthusiastic government and strong partners like VMware, we can make a difference. We now have a framework in place to support Africa’s nascent efforts to achieve zero carbon emissions and support providers intent to achieve and apply the tenets of VMware Zero Carbon Committed program to their operations.” 

Bryce Allan, head of sustainability at Teraco Data Environments

Sumeeth Singh, head of VMware’s Cloud Provider Business in sub-Saharan Africa, was not surprised when the region’s leading cloud solutions and services companies enthusiastically embraced the VMware Cloud Verified initiative. With an established track record of success and extensive experience with the full VMware stack, many were ideally prepared to complete the rigorous process to apply for and receive the distinction.

The VMware Zero Carbon Committed initiative was, however, a different story. Singh knew that among providers the intent and desire to decrease their carbon footprints was strong. But the requirements, difficult in areas with an already mature sustainable energy infrastructure in place, were overwhelming in sub-Saharan Africa.

Specifically, partners would be required to commit that their data centers achieve zero carbon emissions by 2030, an effort that would require the use of 100% renewable energy. For partners in Europe where significant renewable energy sources exist in conjunction with a mature regulatory system of carbon offsets and credits, the process is still difficult.

“Like their counterparts in Europe, South African companies are increasingly mindful of resource constraints and the impact of fossil fuels on climate change,” said Singh. “They are also becoming more and more aware that their data center operations are a very large contributor to their overall carbon footprint. They also know that electricity in sub-Saharan Africa is primarily sourced from coal-fired plants. They want to do the right thing and minimize their emissions, but they are also seeing a dramatic increase in demand for hybrid and multi-cloud solutions and services – a reality that means they need more power, not less.”

Singh notes that for most partners, the resulting reality is that it would simply be unrealistic to pledge to achieve zero carbon emissions by 2030 because there are not enough renewable sources of energy in place to make it feasible. When no partners signed up for the VMware Zero Carbon Committed initiative, it was both a disappointment and a validation.

“Partners here didn’t sign up for this initiative not because they didn’t want to achieve zero carbon emissions by 2030, but because they didn’t think it was a realistic goal,” he says. More to the point, they didn’t view VMware Zero Carbon Committed as a marketing effort, but rather as a genuine commitment that should only be made if they believed they could achieve what they signed up for.”

Singh had a choice. He could either accept that the requirements for VMware Zero Carbon Committed were too challenging for the region, or he could find an alternative.

“We don’t have the luxury to postpone taking action when it comes to climate change,” he adds. “We have to do something now. In our case, we could either wait to ramp up the Zero Carbon Committed initiative until South Africa’s sustainability efforts are more mature – in other words do nothing now – or we could modify the requirements to find a more manageable solution.”

That solution came in the form of Teraco, South Africa’s largest and most interconnected data center platform. With four ultra high-performance data centers in South Africa – including facilities in Cape Town, Durban, and Johannesburg – the company forms the core of the nation’s internet backbone, and serves as the interconnection for both local and global cloud services. Providing the connectivity for the Africa Cloud Exchange, Teraco’s carrier and cloud neutral platform is also Africa’s largest hub for AWS, Google Cloud, and Microsoft Azure.

In addition, it serves as the direct access point for more than 300 network providers, including telecommunications, terrestrial fiber, satellite connectivity, and submarine cable carriers; as well as more than 130 IT service providers, leading enterprises and financial services companies, and innumerable Internet eXchange points. Recently acquired by Digital Reality – the world’s largest provider of cloud and carrier neutral data center, colocation, and interconnection solutions – the company’s role connecting Africa to the world’s IT infrastructure will only increase.

Teraco is also the co-location provider of choice for most VMware Cloud Verified partners. But perhaps most importantly for those organizations that want to embrace VMware Zero Carbon committed, it is also no stranger to efforts to reduce carbon emissions. In fact, it was already in the midst of Africa’s most ambitious effort to produce 100% sustainable power.

Singh saw an opportunity. If VMware Cloud Verified partners could engage Teraco for data center services that use the company’s renewable energy, they could offset their own power usage and realistically commit to significantly decrease their own carbon footprint.

It was an effort Bryce Allan, head of sustainability at Teraco Data Environments, immediately embraced.

“At Teraco we are aggressively pushing to increase our use of renewable energy sources,” he says. One of our two newest and most significant solar projects is already under construction and we’ve set aside nearly $250 million over the next five years for the development of renewable energy sources and facilities. We also entered into a development service agreement with an experienced renewable energy developer and are already working with them to build two 100 megawatt solar facilities in Cape Town.” 

Allan expects the first of those to go online early in 2023 and to produce 500 million kilowatt hours of electricity per year. Notably, this is in addition to the company’s extensive solar projects at its data centers, with the facility in Johannesburg already including a high-output solar system that is the first of its kind on the continent. Similar systems are being constructed for each of the company’s data centers, with those expected to be operational by the end of this year.

“We’re really excited to start building big solar plants that make a real impact on the region’s use of fossil fuels,” says Allan. “The fact that we can simultaneously provide motivated VMware Cloud Verified partners with the access to the power they need to make zero carbon emissions a realistic goal is another great benefit.”

Notably, Teraco committed to achieving the use of 50% renewable energy sources by 2027 and 100% renewable energy sources by 2035. Given the difficulty of achieving both goals in Africa, the decision was made to allow VMware Cloud Verified Partners who want to achieve the VMware Zero Carbon Committed distinction to pursue it in conjunction with Teraco and those metrics.

“We are years behind our partners in other areas of the world in our efforts to lower emissions,” adds Singh. “But if we can work together to achieve the use of 50% renewable sources of energy in five years, we will have accomplished something truly significant while simultaneously enabling Africa’s cloud solutions and services providers to pursue contracts that reward and encourage additional efforts to decrease emissions. That is a win for all involved.”

Within days of the partnership with Teraco being announced, five companies in South Africa joined the VMware Zero Carbon Committed initiative.

The inaugural partners in Africa’s VMware Zero Carbon Committed initiative

The first five VMware Cloud Verified partners to embrace the tenets of the VMware Zero Carbon Committed initiative – and to make the transition to renewable sources of energy a key focus with the goal of using only renewable sources of energy by 2035 –  include Network Platforms, Routed, Saicom, Silicon Sky, and Strategix. We recently asked senior leaders at each company to share why they believe it’s crucial to radically decrease carbon emissions.

Network Platforms – Servicing businesses since 2003, Network Platforms provides a host of solutions to create effective ICT business environments. Its services are tailored to help businesses grow through increased productivity, profitability, and peace of mind. Its range of world-class, innovative products and services enables businesses to connect, communicate, and collaborate.

“It is imperative for all companies in Africa to look at the big picture and how we can collectively transition to renewable sources of energy. By transitioning to the cloud and software-defined data centers enterprises are taking a positive step for the environment. If we can run the hardware required for those endeavors with renewable sources of energy, we can collectively make a huge difference.”

– Bradley Love, founder and CEO of Network Platforms.

Routed – Routed is an experienced South African specialist VMware Cloud Operator offering scalable – full or hybrid cloud – vendor neutral hosting solutions. As a VMware Principal Partner, Routed proudly boast many “firsts”: first VMware Cloud Verified provider in Africa; first Validated VMware DRaaS provider in Africa; and now also a VMware Zero Carbon Committed partner, backed by the highest levels of sales, service, and support for its partners and customers.

“Routed empowers its partners and its customers to prosper and grow, grounded by solid and secure cloud infrastructure foundations. In much the same way, the baobob tree, our company symbol, provides for people in Africa’s savannah regions – serving as the tree of life and giving them the materials they need for shelter, clothing, food, and water – all while providing the roots that serve as a strong foundation. We like to think of ourselves as the baobob of cloud infrastructure providers. That means we must safeguard our environment here in Africa and that starts with a commitment to decrease emissions.”

– Andrew Cruise, managing director of Routed

Saicom – Saicom is a leading service provider in the local market delivering a host of solutions designed to help organizations move to the cloud, improve their collaboration and deliver an unsurpassed customer experience. Saicom understands that what businesses need most, as they navigate the move to the cloud, is choice, support, and flexible solution architecture.

“The environment in Africa is one of the world’s richest and most beautiful. We must take action to ensure that we can pass it on to future generations. Climate change is a horrific danger, but it’s also a wakeup call that we cannot continue to build our businesses and our lives around sources of energy that are finite and that once used cannot be replaced. As an ICT leader, we have an opportunity to help our customers do more with less impact on the environment by embracing a software-defined approach that simultaneously delivers unprecedented computing power and potential.”

– Kyle Woolf, CEO of Saicom

Silicon Sky – Silicon Sky is a specialist IT infrastructure service provider. Silicon Sky specializes in Infrastructure as a Service (IaaS). Silicon Sky has a vast IaaS portfolio including compute, network, storage, security, backup, recovery and disaster recovery. Silicon Sky has enterprise grade managed cloud platforms co-located in multiple carrier natural data centers in South Africa and the USA.

“ICT has transformed how companies do business and so many aspects of how we live our lives. As a cloud services and solutions leaders, we have an opportunity, and an obligation, to demonstrate in our words and more importantly in our actions, how technology can combat climate change and make a difference. VMware Zero Carbon Committed presents us with an exceptional opportunity to do just that.”

– Brenton Halsted, CEO of Silicon Sky

Strategix – Strategix Cloud Services provides flexible, scalable, secure, simplified costings easy to scale. Strategix is the only certified cloud provider as well as VMware PSO certified (Professional Services Organization), thereby offering assurances to assist customers in their digital evolution including, application modernization and digital workspace in public, private, or hybrid Clouds.

“We strive to always make an impact in a positive manner in our work with customers and our interactions with each other. That same philosophy applies to imperatives like sustainability and efforts to address climate change. Action and positive impact begin with making a commitment. For Strategix, that begins with pursuing the VMware Zero Carbon Committed distinction.”

– Jaco Stoltz, CEO of Strategix

For more information on VMware’s partnership with Teraco, view VMware’s “Feature Friday” video podcast here.                                                                                                                                                               

Green IT, IT Leadership, VMware

However we may have defined the “future of work” before 2020, our new reality has advanced technology investments, inspired new operational models, and changed how we work. While the rapid shift to a digital-first world powered by remote work proved mostly successful, some organizations are vying to put the genie back in the bottle by bringing employees back to the office. This is resetting the future of work, placing leaders at an inflection point. While the specifics of the future are hard to predict, what is clear is that the future of work isn’t what it used to be. Work is splintering toward a new trajectory, one without a playbook, proven case studies, or even consensus. Where we go from here, is the conversation we need to have right now. 

Despite the prominence of the topic, expert hypotheses, and an abundance of research, most chief experience officers and organizations still struggle to understand and tackle the topic. For many, the future of work is about hybrid and remote work. To some, it’s about HR and employee experience. To others, the topic is focused on automation and emerging technology. This lack of definition has forced many CXOs to retreat to existing ways of working, while also highlighting a lack of ownership within many organizations. 

The future of work is already here 

Think about how far we’ve come and how quickly what was once a “future” of work is now our new status quo. Collaboration tools enabled synchronous work, meetings moved to virtual environments, email shifted to real-time messaging, and mobile devices have finally brought to life work-from-anywhere models. Once on the “way out list” of technology investments, AI, RPA, machine learning, and other automation innovations are augmenting work itself. At the same time, traditional working hours stretched beyond 9-to-5 and the idea of work/life balance suddenly morphed into work/life blending. Wellness, self-care, and employee experience are front and center in leading organizations. 

The present of work needs to be reimagined to inspire a new and better future of work. We can’t just return to normal and expect to thrive. This is a time to savor the lessons learned during this great experiment to redefine our notions of and aspirations for work – including everything from how we will work to where we will work to what kind of work we will be doing and how that work will be valued. 

So, what is the “future of work” and how should CXOs approach it? 

Not everything about the future is directly related to technology. Much of it starts with perspective and curiosity and how fixed mindsets vs. growth mindsets influence the future of work differently. 

Reimagining the paradigm of work 

Living this new future of work hasn’t yet elasticized or opened fixed mindsets. Legacy processes, tools, and management practices have not kept pace with the rapid rate of tech disruption, behavioral expectations of employees, and emerging operating models. The work itself (tasks, activities, roles) has remained relatively the same over time, except it’s now remote and moving at a faster pace. This prevents organizations from thinking outside the norms and structures of today – stifling innovation and reinforcing legacy practices, measures, and management techniques. If these mindsets were to persist, the future of work would look a lot like yesterday’s normal, just operating under the guise of a new normal. 

Reimagining work begins with understanding the work that needs to get done in context of where an organization aims to be in the future and how that vision aligns with the evolution of behaviors, expectations, and preferences of customers and employees. Just because some leaders are striving for normalcy, people can’t unsee the freedoms, conveniences, and empowerment that come with connectedness. In fact, Salesforce research found that not only is the world forever changed, 76% of workers do not feel prepared for working in a digital-first world.  

In a separate Salesforce study, 54% of workers believe technology will advance faster than the skills of the workforce. The only way to bridge the gap is to assess the existing divide within the organization between current skills, skills in development, and skills needed in the next five-to-ten years. 

The future of work is now about balance and inspired by empathy outside of the mindsets still holding onto pre-2020 ideologies.  

Instead, the new future of work is about enabling experience, value, and productivity by working faster, smarter, and anywhere. It’s about leveling-up skills to collaborate with emerging technology and deliver more meaningful outputs and outcomes externally. This new paradigm for work puts more focus on employee experience, the organization, and how transformation is approached.  

Whereas in the past redesign of work has been focused on process and technology, this new paradigm of work addresses the human component of design and change. 

Working faster – Improving workflow, delivery, and service through automation. Redirecting focus on value-add activities. Simplifying and unifying tooling. Working smarter – Enabling leaders and teams to make better decisions with embedded analytics and predictive insights. Leveraging AI and shared digital capabilities across teams. Working anywhere – Powering asynchronous collaboration and digital collaboration. Powering external connectivity. 

By fundamentally reinventing ways of working, organizations can drive greater customer-centricity & organizational change – resulting in greater agility, operational excellence, revenue growth and lifetime value (for both customers and employees). 

Changing how we change: A new approach to transformation 

The need to adapt has resulted in organizations taking on a myriad of transformation initiatives. However, many organizations are struggling to implement these changes successfully and expediently. Why? Because transforming an organization isn’t as simple as changing an IT system or adopting new software; it’s about rethinking the very foundations on which your company operates. 

To design and prepare for the future of work, CXOs need to change how they transform. This requires challenging the status quo of what work is, how it gets done, and to transform with purpose and forward intention (transforming from doing things differently to doing different things). Rather than focusing transformation on specific use cases, process improvement and technology to do the same things, transforming for the future of work is intentional about designing for experience, workflow, and scale – driving greater agility and value by transforming the organization itself. This transformational goal helps push from incremental transformation to continuous innovation. Designing the future of work also means a focus on human centricity.  

Putting the human at center means focusing on employee experience and transforming holistically, including transforming roles, management, and the organization itself.  

Enabling scalable, integrated, end-to-end transformation also requires a new approach to technology strategy.  

An integrated platform approach enables work to be designed ‘front-to-back’ maximizing interactions, efficiency, and effectiveness. A platform-led approach also allows for greater alignment and connectivity across efforts, at scale. Platform thinking allows CXOs to both transform for operational excellence (efficiency and effectiveness), while also better enabling experience design through shared capabilities (for both customers and employees). 

The future opportunity for CXO’s is here, now 

Designing work for the future will require a fresh approach to how we transform, prioritize connection, and reshape mindsets. CXO’s sit at the center of this revolution. CXO’s today are the trailblazers for tomorrow. Their ability to create, lead and manage change will dictate survival. CXOs need to work together to understand what changes will mean for their business, their employees, and their customers (regardless of their role or title). This means that leaders need to be prepared to embrace change and take an active role in shaping their company’s future. They need to define their organization’s future ways of working and how they will get there.  

So, what’s next?  

CXOs need to prioritize three key shifts that will dictate the design of future work in their transformation programs today: 

Rise of human-centered design and employee experience – Employees are the new customers. Leading CXOs understand the connection between employee experience and customer centricity. By approaching EX like CX, leaders will be able to improve sentiment, satisfaction, and drive revenue growth. Reshaping of the workforce and leadership – Reinventing work has major implications on the people doing the work, and the skills they need to be successful. Operating in a new digital-first environment requires new skills, mindsets, teams, and managers. Connected design – Ecosystem thinking will revolutionize the future organization and operating model. Connected organizations will break down their four walls to better leverage external capabilities, scale, and innovation. By better connecting employees, teams and partners, leaders will be able to design work in a way that leverages key drivers for strategic growth, business optimization, community impact, and highly scalable value creation. 

The future of work starts with you 

The future of work is a growth mindset. It’s an attitude. It’s an experience-led, human-first approach to digital transformation and work itself, rooted in the thoughtful relationship between people, technology, and processes.  

The future of work represents a shift in how we design, prioritize, and engage in work – one that prioritizes value add activities and focuses transformation on future tasks, activities, and roles. It puts a new focus on enabling the employee, leader, organization, and ecosystem. In the future of work, success is defined by your outcomes, not how you get them done. It’s also digital-first, so employees have the flexibility and freedom to succeed from anywhere — however they like. 

What’s also true, is that the new future of work will be shaped by those who choose to see and build a better future for all stakeholders. 

This article was co-authored by Niema Alimohammadi. Niema is an experienced strategist and thought leader who focuses on the future of work, digital transformation, and experience design. He works with leading executives on enabling value creation and innovation through new ways of working, platform thinking, and adaptive operating structures. 

Artificial Intelligence, Employee Experience