Multiple perspectives: Why boards need a multicloud strategy, too, and where to start
Karenann Terrell
Founder, KAT Advisory, former CIO, Walmart
Coaching your board on multicloud? The former CIO of Walmart and chief digital and technology officer at GSK shares her decades-worth of advice.
If you’re a CIO, CTO, CISO, or other technology leader, you know that your colleagues in the C-suite and members of the board love to talk about digital transformation. Agreeing on what this means, and having a shared understanding of digital transformation in the first place, is an essential first step for organizations to take. The digital strategy cannot overlook, and should probably start with, the cloud strategy and the role public cloud will play in future projects.
How and why that work is done is often more important than the questions of what must be done — and executives and boards must get that right. I’ve seen firsthand how leadership’s technology decisions, and whether there is unity or disagreement on them, can make or break an organization’s cloud journey. Nor does it matter whether that work is just beginning or in the middle of a years-long transition; a unified front is necessary throughout.
I’ve spent the past two decades in IT leadership positions at Fortune 500 companies, including stints at Walmart, DaimlerChrysler, and Baxter International as their CIO. Most recently, I was the chief digital and technology officer at GlaxoSmithKline. During that time, I’ve learned a lot about communicating technology’s value in business goals without making my colleagues' eyes glaze over.
Why does this matter? Because digital transformation doesn’t just happen. Its success depends on making the right technology investments at the right time, and that means making the business case for these investments as best you can. Here are some lessons I’ve learned.
The board already knows about the cloud
The first thing to understand is that you don’t have to educate the board about the value of the public cloud in digital transformation. If you try, you’ll fall flat on your face. It may have taken them 15 years to figure it out, but boards now know – and even care – about cloud. The inevitability of the cloud in every enterprise is no longer in question.
There isn’t a single boardroom that would tolerate hearing from a chief technologist who told them, “We're not using the public cloud, we’ll build our own.” Pretty much everyone knows they're not going to achieve the scale necessary to operate as effectively, securely, or with as many rich features as the hyperscalers already are.
But they only care about cloud for a couple of reasons
Remember: The board's number-one job is to oversee the strategy of the company – and to ensure that the company strategy is succeeding on behalf of shareholders and society. The second part of their job is to ensure that the strategy is appropriately risk-managed. There are other priorities, of course, but these are the ones that, as a senior technologist, will grab their attention: supporting strategy, and managing risk.
Supporting strategy: A CIO coming into a boardroom to talk about tech strategy is probably going to discuss the modernization of the IT foundation, and this is where cloud will fit into the discussion. The board will want to hear how investing in the cloud will help build new revenue streams and growth opportunities, or drive innovation in R&D.
Managing risk: When you're teeing up the topic of the cloud, another focus will be its potential for reducing risks across the company’s various business goals. Spelling out the technological feats cloud can support will always be an exciting topic; the issues it can help address and help prevent, while less obvious, are often even more compelling reasons for the board to embrace cloud. Modernization and scaling — or rather a lack thereof in an organization’s tech stack — have become major focus areas for cyber breaches and technological breakdowns, like those recently seen in the airline, healthcare, banking, and energy sectors.
The board will be interested in a dialogue around risk management, and in particular, the choice of cloud provider. Ensuring there is trust with the partner or partners is critical to achieving that all-important alignment. The board may have concerns about whether the cloud is sufficiently secure; many of those are outdated or unfounded. Almost all of the malware and bad actors causing cyber risk are coming in through non-cloud entities, and cloud, by virtue of its scale and resources, has generally become more secure than on-premises solutions.
What about multicloud?
When CIOs discuss cloud, they inevitably touch upon the hot topic of multicloud. There are lots of reasons you might be excited about adopting more than one public cloud provider on your digital transformation journey.
A multicloud strategy allows you to choose your cloud providers based on the services they provide, to accommodate data residency requirements, or to increase resilience by reducing reliance on a single vendor. Or your organization may be multicloud simply because it inherited one or more cloud providers following a merger or acquisition.
Don’t just let multicloud happen, though. Multicloud must be a strategy. You can’t effectively support or integrate everything, so be clear on your reasons and relate them to the business strategy. Making this connection in a board dialog is mandatory if you are to convey a tech strategy relevant to what they are charged with overseeing on behalf of shareholders.
When it comes to discussing multicloud approaches with the board, these conversations break down into two topics of greatest interest: merger and acquisitions and regulatory risk.
Mergers and acquisitions are a top concern for the board. They want the flexibility to support M&A activity while minimizing IT consolidation and integration costs. This goes for the entities you acquire and the ones you divest. If you already operate in a multicloud environment, you have this flexibility built in. Your architecture will be able to support the incoming clouds with minimal difficulty, so you can proceed with IT integration at pace, without being the slow lagging variable in an M&A timeline.
Data residency requirements play into the conversation around risk management, particularly as it pertains to compliance, and will definitely interest the board. With growth and global markets top of mind, even during times of economic uncertainty, easy integrations across borders will be prioritized.
Cost-containment strategies, however, such as minimizing vendor lock-in, are outside the board’s purview, so you needn’t spend time discussing these.
Don’t just let multicloud happen. Multicloud must be a strategy. You can’t effectively support or integrate everything, so be clear on your reasons and relate them to the business strategy.
Overall, multicloud topics may not be something that requires extensive discussion in the boardroom, they’re nonetheless an area that you definitely need to tackle in a systematic and strategic manner.
The number one thing I recommend is having a unifying capability across your multiple clouds. It helps you in the future of your security and helps you in your optimization. Make sure you and your cloud partners can orchestrate processes across multiple clouds so that you can readily accommodate future growth.
Get the board on board to propel digital transformation
As CIOs and other tech leaders grow in stature and influence, they will inevitably find themselves working with corporate boards more and more. Boards have a lot to absorb in a limited time, and the decisions they make are critical for the company’s future.
For that reason, tech leaders have to stick to subjects that are important to them, in order to gain buy-in for digital transformation initiatives that start by leveraging the cloud. These two concerns are strategy and risk.
By understanding how best to present the business case to your colleagues and the board, you’ll be able to turn that first step into cloud computing into a giant leap toward the future.