CIO100 2017 #31-100: Geoff Leigh, Kordia
We have been able to significantly reduce the overhead of our core systems and services over a number of years, through the strong adoption of I/P/SaaS, re-architecting and consolidating many core platforms to reduce licensing and maintenance costs, virtualisation as the default position, outsourcing non-core IT activities and simplifying systems and processes (never ending) to enable minimal customisation, says Geoff Leigh, CIO at Kordia.
At the same time, his team was able to help the company expand its products offerings into areas like security products, consultation and “backup and archiving as a service”, all the while keeping pace with new technologies.
He says this simultaneous “inward and outward” approach for IT has enabled many of their traditional IT specialists to diversify their efforts from “looking after tin”, which is an intensive and non-business value adding activity, to utilising I/P/SaaS technologies, both for internal use and product development.
Nearly two years ago, Kordia started providing cybersecurity services and he says this and the development of a Security Operations Centre (SOC) are primary goals in upcoming months.
Kordia’s cybersecurity programme is not a "programme of work", but a journey comprising many moving parts, touching all parts of the business and spanning a significant period, he says.
“It is a transformation of the traditional Kordia broadcast and telco business to a much broader offering of products and services.”
He says some of their successes in this space include acquiring Aura Information Security, a leading New Zealand cybersecurity company, being the exclusive agency for RedShield in New Zealand and Australia and appointing a CISO to oversee cybersecurity across the group
“We have implemented a successful cybersecurity awareness and training program and are productising it to become a customer service offering,” he says.
The team has implemented a suite of security systems, processes and roles. These have significantly reduced support overheads through automation and enabled the business through the likes of BYOD, mobility and application whitelisting.
Many other controls have either been implemented or are "in flight", significantly reducing our risk exposure and providing a significant level of protection to both ourselves and our customers, he says.
As well as building a SOC, Kordia is implementing a comprehensive SIEM system. This is core to our strategic goal of becoming a managed security services provider, says Leigh.
On the operations side, he says the IT team will provide a competitive advantage to the business by automating repetitive business activities and providing real time decision ready information through business intelligence tools.
Like many organisations, Kordia has had a long bimodal or two-speed IT strategy, even though this was never given an official name, says Leigh.
“This approach has always been relevant, ever since Moore's Law saw the light of day in the 60s, but has again gained momentum over the last few years, due to the ever-changing possibilities and landscape, like cloud services, IoT and mobility.”
Most organisations, like Kordia, must "multi-home" their resources in order to provide an innovation capability.
“We do this consciously to ensure we get traction, as ‘BAU’ tends to overwhelm if left unchecked.
“All technology resources are encouraged to self-develop and be seen to ‘try things’,” he states. “We don't expect a specific percentage or time allocation, as this approach does not support creative thinking and becomes a forced activity, but we rather encourage people to make it part of their normal activities. Of course, innovation funding will always be a challenge as well, but even that can be overcome with some smart thinking.”
As a technology and engineering company with many very smart people, that is an important source of innovation for us, he says.
“People do some very smart things in order to make their jobs easier and we do recognise and encourage that.”
He cites a recent incident on how thinking innovatively and being customer-centric has delivered a range of benefits to a specific part of their business.
Kordia faced a challenge with a key contract in the area of spares management. For Kordia and its contractor base to resolve faults within the predefined SLAs, the contractor had to have not only the correct parts on hand, but also unused parts quickly added back into the pool, for repairs to be achieved within a defined SLA. An increasing fault rate placed further pressure on Kordia to streamline the management process urgently.
Leigh says the IT team worked directly with the service deliver manager in charge of spares management. The latter identified the problems and worked closely with the IT team on prioritising and finding solutions.
The manager knew this sort of innovation would set us up for future success, says Leigh.
“With this support, we were able to workshop the problem and, over a short period, using a fail fast approach, test new ideas and concepts and incorporate them into an overall design.”
A new process was then built into the Kordia service management platform, utilising workflows and exception based reporting, to simplify and automate most of the routine administration.
“We are now able to accurately report on the status and location of all parts, allowing us to automate the sourcing of new parts as required and easily meet our SLAs,” says Leigh.
Leigh explains the Kordia digital team encompasses traditional IT and networks, product development and cybersecurity, and has direct representation on the executive team.
The team also engages on multiple fronts with both the business units and customers.
We do this through company-wide newsflashes via television screens at all locations; presentations on digital and cyber initiatives via quarterly "state of the nation" broadcasts via satellite, to all locations in NZ and Australia and regular electronic bulletins as part of staff communication and awareness programs, he states.
The team also ensures the internal web and wiki sites contain a wide variety of useful information. They also deploy customer satisfaction and net promoter score surveys, and include digital specific questions as part of these surveys.
“Collectively, these methods are needed to get our message across and influence all levels of the organisation, as well as getting feedback both internally and externally,” he says. He believes they are on the right track as feedback scores and awareness on IT has increased significantly over the past few years.
Focusing on the team, Leigh says the Kordia purpose of "making the digital world more secure, reliable and resilient", results in a naturally diverse organisation of highly skilled and role capable individuals.
Diversity per se, is not the starting point, but the result of our focus on appointing the right people to deliver the results we require, says Leigh.
This applies to the digital team as well. “Team members are encouraged to take ownership of their personal development, both on a technical and soft skill level and are provided with the financial resources required, of course, within a budget.”
All leadership roles are required, as part of a formal performance and development process, to include succession planning and ensure their role is covered should they be absent for whatever reason.
Leigh says over the years he has personally mentored his 2IC, the current business operations manager, to assume his role when required.
The focus of the mentoring was on soft skills and leadership development rather than technical ability, which is a learnt skill, he says.
“Including this person in day-to-day decisions, holding him directly responsible for the outcomes of some, results in a ‘taking of ownership’, a key to success,” says Leigh.