Cloud, security, and corporate acquisitions are main tech drivers when rethinking enterprise restructuring. CIOs naturally play a strong leadership role at each step, and with the right approach, here's how, and how quickly, they can manage to keep things simple.
Among the many headaches facing CIOs, IT complexity is inevitable in the era of digitalization and AI, but it must be mitigated to promote innovation. If, for example, a company has undergone some M&A, resulting in layered systems, it wouldn’t be much of an issue during a lull in technology acceleration, so disruption is limited. But those days are scarce now since technology is rapidly accelerating with an abundance of solutions on the market, especially with cloud. So while options, functionality, and business benefits have increased, so have the number of projects within companies.
“Over the past 20 years, the advent and pervasiveness of the cloud has completely reshaped the technology landscape for businesses,” says Daniele Massara, head of information systems at multi-utility Contarina. “Where previously we managed centralized IT environments, with proprietary infrastructures and in-house development teams, we’re now faced with a distributed, constantly evolving ecosystem of multi-cloud services, continuous updates, and new security threats. For medium-sized companies, this translates into more opportunities, but greater complexity and initiatives to manage.”
Barbara Martini, CIO of BFM Consulting, adds that this exponential increase in IT system complication can put the brakes on innovation if not managed strategically.
The difficulties of today’s IT
Massara adds that the cloud has multiplied the fragmentation of solutions within companies, expanding the number of environments, vendors, APIs, and integration approaches, which has raised the skill set, necessitated more complex governance, and prompted the emergence of cross-functional roles between IT and business.
Cybersecurity also introduces further levels of complexity, introducing new platforms, monitoring tools, regulatory requirements, and risk management approaches that must be overseen by expert personnel.
And then there’s shadow IT. With the ease of access to cloud technologies, it’s not uncommon for business units to independently activate services without involving IT, generating further risks.
“Shadow IT is fought with precise mapping of digital assets and IT management tools, but above all with corporate culture,” Massara says. “Businesses must understand that activating services without oversight creates exposure to security risks and governance issues. And ultimately, when something goes wrong, IT is still responsible for fixing it.”
More training and better project management
The rapid evolution in strategic areas like cloud, cybersecurity, analytics, and business intelligence requires companies to invest on two fronts: skills and method.
“Structured upskilling and reskilling programs are needed to prepare people to manage new technologies,” says Massara. “So is an organizational model capable of managing a growing number of projects, which can no longer be handled in a one-off manner. The approach to project management is changing because the project portfolio has expanded significantly, and a structured PMO is required, with project managers who often no longer reside solely in IT, but directly within the business.”
One of the most notable developments is the direct involvement of the business in IT projects. Massara says that today’s business is jointly responsible for digital initiatives in that it must sponsor projects and invest resources and time in innovation, and no longer delegate everything to IT.
“This cultural shift underpins cross-departmental collaboration and requires company management to develop a greater awareness of technological complexity, actively contributing to prioritization through demand management models integrated with the project portfolio,” he adds.
Managing corporate acquisitions
Another factor that creates complexity is growth through acquisitions since each acquired company brings along its own IT system. Standardization requires investments and accompanying activities like change management. In these cases, CIOs often prioritize the goal to unify IT, but they start with one or two platforms, such as a single company management system, and the rest is built over the years.
While it’s true that an IT system with disparate systems leads to greater complexity, companies are still very cost-conscious and wary about heavily investing in unification right away. But as systems become obsolete, they become more harmonized.
Igor Dimitri, IT manager for UPS Italy, finds himself overseeing IT that’s grown through acquisitions. Until now, there’s been no real systems integration strategy, and the company finds itself with numerous disparate applications to converge. The various applications were originally managed separately, with their associated contracts for consulting, analysts, support, development, suppliers, networks, and contracts. All of this translates into inefficiencies and spiralling costs.
The first step to navigate this, he says, is a thorough understanding of existing systems, and their use and management. “Then you need to divide the systems into mission-critical ones — those that handle a large number of customers and revenue, or are otherwise relevant to the company — and those that aren’t,” he adds. “Once you’ve gained control, you can plan simplification actions and understand how to manage complexity. And that’s what I’m doing now.”
He admits, however, it’ll take years to achieve that goal because operations must always be guaranteed.
“Continuity is our number-one priority,” he says. “We can’t stop just to migrate systems. Digital transformation is a cultural transformation of an entire company.”
Many CIOs proceed along this pattern and others try to conduct due diligence on the companies they intend to acquire first, including an IT inventory and compiling a playbook with timelines for training and bringing the new subsidiary onto shared systems. This is especially true for core systems on which operations and security are closely dependent, while non-strategic systems are merged only if the cost-benefit analysis is convincing. Therefore, here too, if the balance is tipped toward costs, the merger will be postponed, most likely.
Steps to ease complexity
According to BFM’s Martini, there are some key strategies to reduce IT complexity, starting with standardization and rationalization, eliminating overlaps, consolidating tools, and reducing fragmentation, she says. Another is to implement intelligent automation aimed at repetitive tasks.
“People aren’t enthusiastic about these valueless and unrewarding tasks,” she says. “My team and I have implemented AI solutions here, which streamlines tasks and makes people happier.”
Another suggestion is to focus on cloud governance and hybrid management, using tools that centralize control and visibility across multicloud environments, as well as adopting a modular and API-first architecture, with composable systems facilitating integration and evolution. And then, measure the value of IT with KPIs and metrics related to efficiency, resilience, and value creation.
Equally important is making IT a strategic partner of the business, encouraging collaboration between different areas and adopting agile and DevOps methodologies.
“Every month we hold Sharing Friday, a half-day where we share company news with all our staff, whether they’re in the office or online,” Martini says. “When I joined BFM, I introduced myself not as an IT expert but a partner who helps solve problems. I have agile certification and apply this method because I find it effective to complete projects faster, and I manage my team by assigning objectives, and allowing them to work however they like, which stops turnover and is a step toward simplification.”
NIS2 and many digital laws have also brought about changes and complexity. “In this area, I find there are many little known products that help IT leaders with management,” Martini says. “I think CIOs should explore local offerings more. I try to participate in industry associations and events because within the ecosystem, you can gather more information and meet other managers and vendors to share experiences.”
Methodology, culture, and experience
When she joined BFM, Martini encountered a complex IT environment. Today, she’s managed to streamline the process, but it took years. The process isn’t quick because, beyond best practices and assistive technologies, there’s a lot of change management to do, as is always the case during transformation.
“We need to make people and management understand the need to change processes, that IT isn’t just a useful tool, but a strategic function,” says Martini. “There’s a lot of talk about digital transformation, but actually implementing it is entirely another matter.”
Massara agrees, saying that a change in mentality at the board level, among management, and among department heads is needed, and consolidated frameworks such as ITIL should be applied. “Methodology and culture are my key words for managing complexity,” he says.
Technology tools, such as orchestrators and IT management platforms, can also help, but they alone aren’t enough.
“If there’s no effective organizational structure or collaborative mindset, even the most advanced tools remain underutilized,” he adds.
In this complex and dynamic landscape, the CIO’s role is strategic and transversal, having to guide governance, represent IT and organizational complexity to the board, and facilitate adoption of new methodologies. It’s sometimes necessary to also rely on support from external consultants, who bring current expertise and a new perspective.
Consultants are invaluable, says Massara, since they keep pace with change and offer objective insight to help introduce new approaches. From there, CIOs can draw on their skills and experience, knowing that reducing IT complexity is expensive but necessary. Timing is critical to know when to seize the chance to make the investment case to the CEO.
