音频文字.

Peter: Onofrio, your stage. Let us know who you are, who you work for, what you do.

Onofrio: Sure. So my name's Onofrio Pirrotta. I'm the Senior Vice President and Managing Partner for our manufacturing and energy industry vertical for the United States of America. So I work for Kyndryl. We're the world's largest infrastructure services provider. We are servicing well over 100 different markets. At a global level, we've got over 85,000 employees, and we run critical systems for over 75% of the Fortune 100 companies globally. We are approximately three years old. We spun out of IBM. We were their global services division that spun out into a separately publicly-traded company a little over three years ago now. That's who we are. So I run our manufacturing energy vertical for the United States. We go to market, like I said, at a global level. Our manufacturing energy market really consists of, well, I would break that down to two subsegments. In energy, we consider that natural resources, also known as oil, gas, petroleum products. Then we've got the energy continuum on the provider side and transport side. So both upstream and downstream. So we deal with utilities in that segment as well. In the manufacturing segment, we've got a couple of different units in that organization. Obviously, we have auto, aero, space, and traditional, discrete manufacturing customers in that segment.

Peter: Okay. Kyndryl has really recently released a report, the 2024 Readiness Report, right? What are the key findings there?

Onofrio: Yeah, so the interesting thing about the readiness report — just for background and context, like I said, we're a solutions and services company, right? So we're not necessarily a product company. We're running and providing consultative services to a large number of enterprises both at a local and global scale. What we want to do is commission a study of not only our current clients but also other entities within the industries that they operate in to get an understanding of their point of view, of where they're at in terms of their technology journey, what they're seeing as opportunities and challenges as things evolve. Then what we also did with the readiness report is, we coupled that with insights that we're seeing in our customers' environments. What I mean by that is, being in the unique position to actually run and support and provide consultative services for a lot of what we think as the largest entities in the world, we run their environments on what we call the Kyndryl Bridge platform. Right? So that's our delivery platform. That's how we provide services to them. We monitor the environment. We use AI machine learning to understand more about what's happening in their environments and run predictive, preventative measures around their operational and transactional systems.

So what we did is, we did a survey of our customers and clients, as well as entities and companies that aren't current clients. Then we actually pulled insights from Kyndryl Bridge on what we're seeing in their environment and kind of coupled those to see if there were insights that we could draw, or the data that we're seeing actually happening in their environment real-time supported what they were telling us as their opportunities, challenges, and threats. So that was part of the uniqueness of what we did in the Kyndryl Readiness Report. So it focused on a couple of different areas. It focused on something that we call the technology readiness, their ability to kind of accelerate their digital transformation, what they're seeing is modernization challenges, what their thoughts are on AI and emerging technology, their point of view on people and skills as it relates to some of these emerging and disruptive trends, their point of view on cybersecurity and risk in general, not just of what we consider traditional cyber risk but resiliency risk, supply chain risk. From that, we also were able to draw some global insights from some of the entities connecting either threads that we saw across different industries at a global level or connecting different geo points of views. Those were kind of the areas we focused in the Kyndryl Readiness Report. You know, I could touch upon, if you'd like, some of the interesting findings.

Peter: Maybe, in general, the three key findings maybe to highlight.

Onofrio: Yeah, I can. So some of these will not come as a complete surprise, especially those of us that worked in both process industry, manufacturing industries over the past five to 10 years, but specifically as it relates to the businesses that fell into that sector, interesting, and what drove us to kind of phrase it as a paradox, the readiness paradox. So 88% of the manufacturing sector leaders are confident in their technology environments and consider it best in class, which to me was a surprising number. That was fairly high. At the same time, 55 % of those same respondents are concerned that their tools and processes are outdated or close to end of life, which does not surprise me. Actually, quite frankly, I would have put that number a bit higher than 55%. And only 31% of them feel that their IT environments are completely ready to manage future risks, which the 31% is actually lower than the average of all respondents across all sectors which was closer to 39%, 40%. So, to me, that is an interesting response. And it creates this odd paradox where almost 90% of the respondents think they're confident in their technology footprint and think that it's best in class, but almost half of them feel that their environments, their tools, their processes are outdated or close to end of life. And far less than half, only 30% feel that it's ready manage future risks. So that was a really interesting insight. And when we coupled their respondents to what we were seeing in our client's actual environments that we can see and manage within the Kyndryl Bridge environment—both at the infrastructure and data application layer—we saw that well over 55%, well over 60% of their environments were end of life. So we saw some of the data support, what they were telling us, in their response.

Peter: Kyndryl Bridge is your internal system where you basically monitor the client systems, client infrastructures.

Onofrio: Yeah, it's certainly a lot more than just monitoring. It started and emerged years ago. You obviously are probably both familiar with AIOps, observability. These are all, have been trends in terms of running environments over the past 10 to 15 years. So it started as a platform in which we can monitor and manage enterprises' environments. So as they ran transactional systems, or data systems, or ERP, think of SAP, et cetera, as well as large transactional systems, we use Kyndryl Bridge to kind of give us a sense of what was happening and then begin years ago to run AIOps and observability through those transactions. The key on the operational side for us is, we were able to begin to pull data, anonymous data. So this obviously followed all the guidelines around confidentiality. But because we have so many clients and because we're spread at a global level, we were able to begin saying, "If we're seeing an issue arise in one of our customers in Japan associated with a specific technology layer or application, can we use machine learning to take the nature and the characteristics of the issue we saw here and run a few algorithms to tell us which of other customers have that same configuration, that same environment, that same opportunity for that issue to happen?"

At first, years ago, it started with just analyzing it and telling us, hey, customer XYZ had this issue. We have 55 other customers that have the same profile. We should be aware that something could happen there. We're at the point now where we're in our best of class clients. We're auto-resolving potential issues in their environment without any human intervention at the scale of 30%, 40%, 50%. So think of 30%, 40%, 50% of potential issues happening being resolved now by AI and machine learning that's applying a specific set of patches, fixes, corrective actions because we learned something in one customer and are leveraging the data in our data lake. So that's where it started really from an operational perspective. But now it's advanced to where we're leveraging Kyndryl Bridge, to really run and develop applications for our customers and help them connect. Many of them, as you can imagine, especially in the enterprise space that we serve, work in a hybrid, cloud model or hybrid IT fashion. Some still have on-premise technology and investments, and that's not going to change. Certainly, that may even increase with the rise of generative AI and the investments and the GPUs to support them. Many of them are leveraging, as you can imagine, hyperscalers.

So as we've taken our customers on this journey of modernizing their environments, leveraging cloud and hyperscalers for their services, we use Kyndryl Bridge to manage that hybrid IT environment. Right? So now you've got a single layer, a single ecosystem, that can run a global enterprise's environment and help give them observability into that environment, both in a hyperscaler environment and their on-prem investments. Then as they manage that and deploy updates and new capabilities, new services, that's all done within Kyndryl Bridge. That's what we use and leverage Kyndryl Bridge for.

Peter: I understand. Okay. So since it's an IoT podcast, do you mind if we go into more specifics about a project where you in Kyndryl, which you delivered to one of your clients in manufacturing or energy and where IoT basically or IoT — and now we talk AI as well, that's part of the theme now — solved a major challenge for the customer? Something interesting for the listeners how maybe we can take it from there.

Onofrio: Yeah, we can certainly talk a little bit about that. So, clearly, I won't give customer-specific names.

Peter: No. Sure, sure.

Onofrio: But for us, we've been involved in a number of interesting IoT-related opportunities and projects. Of course, being a solutions and services entity that typically has dealt at the enterprise layer, what we've seen as opportunities for us to engage and add value in has been less about implementing a specific, unique technology from a POC perspective on the shop floor. But a lot of what we're talking to our customers about is leveraging kind of their enterprise systems and providing a solution that connects back to those enterprise systems, integrates with the data they're collecting at the shop floor, for example, to really solve a challenge that needs both. So as these enterprises really leveraged a deeper level of connectivity between the SCADA systems and the PLM systems that ran their plants, and what they were doing from an ERP perspective, that level of integration was critically important.

One of the interesting projects we were involved in involved being able to take data from sensors, from cameras, and other IoT-related devices and being able to — this started about three years ago. We deployed a first-of-a-kind private 5G instance for a corporation across a large, very large, multi-square-mile facility that they ran. So their issue was, they had already built out a use case for a couple of different specific applications. One was around worker safety; one was around digital procedures. There was a few others that they had built out. Their issue was, they could easily frame out an application. That's if we can collect this type of data, we'd be able to provide this insight to an engineer, they could leverage these digital procedures versus actually having manual procedures, which would make them more efficient. Or, potentially, they can pull data off of machine systems, our plant systems, and run them through lifecycle management application to determine predictive maintenance and other things like that. Those use cases have been around for a while. There's nothing really novel and new about it. But their issue was, although they had sensorized some elements of their manufacturing environment, they haven't done all of it. And it was incredibly expensive to deploy a kind of, think of, a traditional mesh Wi-Fi environment to begin to pull this data back. And they weren't at the point, neither were we, where we could do edge processing. Right? So we weren't bringing the application intelligence layer at the edge.

So we work with them to develop a first-of-a-kind private 5G LTE solution that was able to create a grid across their manufacturing environment, pull the data off of these sensors, and then bring it back to their Cloud environment that was running the application to do the processing of the data, and either provide that digital procedure solution, provide the connected worker solution. So it really served as that layer between the actual application that was doing the customization of the data and pulling the information out of the manufacturing environment so that the application can actually do its work. So that was really interesting. And we're seeing, once you're able to create an environment that makes it more effective and more, what I would consider, frictionless to draw and move data around an enterprise and begin to connect data in a data lake to some of the enterprise information that control their supply chain, their pricing, things of that nature, it really opens up and accelerates those use cases that are more specific to the manufacturing IoT or shop floor.

Peter: Yeah, once you get the data, of course, it opens up a totally new perspective, right?

Onofrio: Yeah, it is. And in what we've seen, especially, it depends on the type of data you're dealing with and the actual—as we were talking about earlier on this podcast—security and risks around. So depending on what the data is, how that data is treated and where it's moved becomes more critical. You know, obviously, there's data associated with some machine systems which is fairly innocuous, right? There's no confidentiality. There's nothing interesting in it. But there's other data, especially when you begin to really integrate back into sensitive information around your supply chain, your pricing, you begin to expose the environment to third-party and fourth-party risk. So controlling that and doing that in a way that's effective. And also, by the way, which is really important, it doesn't cost a fortune. Right? Because we've seen — I don't know. You both may have probably seen this as well in your journeys. A lot of our customers are doing 20, 30 different POCs at a time, but they're not scaling because they haven't solved the ROI around some of these POCs. Yes, the technology works. Yes, it has some interesting results. But when they look to scale it across two or three manufacturing environments or at a global level sometimes, the math doesn't close. Right? So you've got to be able to do some of this work and scale this work in a fashion where there's still business value and an ROI for the actual project you're running. Which I see, especially at the enterprise level, that's where things tend to get or grind to a halt. Especially as our customers are looking at conflicting investments, right? I mean, yeah, they want to invest and accelerate some of the work in some of these IoT POCs, but they're also getting a ton of pressure from their board on investments and accelerating the use of AI and generative AI. So managing that and balancing that has become a real challenge, especially in the customers that we work.

Erik: Maybe we can dive more into this question of ROI. Because for IoT, but also if we look beyond IoT, if we look at things like AI solutions, for example, right, there's a lot of interest there. But you have a similar set of challenges where you can do a pilot. You say this looks interesting. It feels like maybe somebody is satisfied that this is providing value. But nonetheless, scaling that up and saying, "We're now going to deploy this," I mean, you also have a particular set of challenges with AI, where often a predictive maintenance solution might work well on one production line. It might work differently on a different production line, right? So there's certain scalability issues there. So how do you look at scaling deployment of solutions and creating a business case around those that enables the financing of that scale?

Onofrio: It's a good question. And something that in our space, because we're not a product company, we deal with that dilemma quite a bit, right? So we're providing a lot of consulting and services to our customers specifically around this question of, what does this opportunity space look like once we're able to scale it out? Or, can we scale it out? What's the ROI? What's the financials around that? So we've created a model that we work with some of our partners with that actually provide either the on-prem or cloud-based LLMs, some of the AI models we can deploy, that's worked fairly well with our customers. That really came from our own internal deployment of early-stage generative AI.

So a couple of years after, we had spun out into our own public company. Our CIO's office had a fantastic job. We completely re-platformed all of the tools we use internally, all the collaboration. We went to a brand new, clean quarry or p environment at a global level. So all that was done as part of the separation effort from our original parent company. That also allowed us to make some investments in very early stages, where I think this is back. And it's amazing to think how fast things have changed in a year. But a year and a half ago, generative AI and leveraging it even for collaboration—think like Microsoft Copilot—was relatively new. I mean, early corporate adopters just bought that licensing late 2023. So at a corporate level, we had created a process or a framework around evaluating the business case efficacy of Copilot use cases. So we've leveraged that into a governance model around how you manage deployment of these generative AI POCs. And it starts with being able to lay out the framework in partnership. This cannot be a technology-only conversation, right? This is not an in-the-lab-technology pet project. You have to work with the stakeholders that run the P&L for the line of business to determine whether or not, if you extrapolate out the scaling of this project, there's an ROI. There has to be consistent, constant phase gates along the way to see if you're making progress.

But for many of our customers, just starting that journey and not being paralyzed by analysis paralysis is the biggest step. So putting a framework in place to quickly being able to get to that level of early-stage ROI definition, business case framework, is actually critical. Because that also helps you prioritize your investments. A lot of times, there are three, or four, or eight different projects at the team's surface. Putting a process and a governance process around that and saying we're going to go forward — by the way, communicating this back to your organization is also critical. Because one of the other dynamics in this conversation around the deployment of AI and machine learning and generative AI is skills. Right? You can easily find hundreds of technology companies, product companies, service companies to come in and talk to you about something they'd like to do with you. I have yet to work with one of my clients that doesn't rely on their own internal expertise of their environment to help make that a reality. And in order for them to do that, they need to have and keep a focus on retaining and developing their own talent, right? So, yes, they work in partnership with companies like Kyndryl and others that would develop and deploy this technology. But to really make it work, there's got to be synergies and partnerships between the companies that are investing in the innovation and services and the actual company themselves who deeply are familiar with their own processes and the details around their specifics.

And so a lot of our customers are really concerned with developing, curating, and nurturing that skill base. Because if they decide that the investment in some of these POCs is not yielding what they want and start to slow down that investment — they've seen a skill drainage, right? They've seen folks that have a background in some of these technologies leave to go to other companies, that are willing to invest and take some risks even though it may not pay out in the long run because that develops their career path. So balancing this is not just — interestingly enough, it's really not just about the technology, and it's not just about that POC. It's really about your corporate culture and your strategy for developing and elevating the capabilities of your own skills so that you can really maintain a sustained transformation and competitive advantage. Not just complete a POC and determine whether or not it's been successful.

Erik: I know we just have a few more minutes here. But if I can dig into this a little bit more maybe selfishly, we have a client right now which is a large chemical manufacturer, and they're facing exactly this challenge. They had a lot of bottom-up POCs that they've done. Many of them have kind of proved interesting, right? But then scaling those, they've found out that their challenge now is kind of, top-down from headquarters, they have a certain strategy, right? But that strategy just says go in this direction. Bottom-up, they have a lot of activity. And in the middle, they're kind of missing this structure, right? And so this structure comes down to governance, you mentioned. It comes down to a lot of competence building, right? So you have the IT teams, but they're not close enough to the business to understand what we should be doing. Then you have the business, but they don't really understand what can we actually do, right? And so, right now, they're trying to put that structure together. And it sounds like you have quite a bit of experience. I'm curious, maybe without mentioning names, if you have any best practices around what that structure might look like for, let's say, a two-billion-dollar business.

Onofrio: Yeah, it's funny. I think you and I have probably been working with the same customers over the past few years. The interesting thing about that, Erik, is there's a dynamic that specifically plays out in process manufacturers, in the chemical, oil and gas space. We also see it in other discrete manufacturers. But in my experience over the past 10 to 15 years, it's heightened in process manufacturing. And that's the dynamic and the interaction between OT and IT organizations. So you've got the organizational technology group that runs a process, control systems. You've got traditional IT teams at a corporate level that run more of your corporate technology environments. And those two organizations, especially over the past, I would say, 16 years, have been forced to collide and interact and interoperate in a way that is not natural to them and the way they typically have run their processes.

Just start out with the pure fact that, from an OT perspective, especially as you layer on cyber resiliency and security over that as an umbrella, the OT environment has operated for the most part as a closed system. Their strategic security was that they were not connected to anything. They didn't need to be. Traditional corporate IT environments were the exact opposite. If they didn't figure out a way to be open and connected to leverage new cloud services being developed, to leverage new applications, SaaS platforms, they were going to be left behind. So you had this kind of dichotomy between OT and IT. That in order to get to what you are talking about, in order to create a high-functioning organization that's able to scale out some of these POCs—with the support of the entities that own the P&L for the line of business—the organizations have to come together and break down those silos between IT and OT. So what we've seen successful in other customers is they create — think of it as a joint task force. So these are organizations that have experts curated with the right roles and responsibilities and experiences that steer the direction of some of these POCs. They actually have ownership and the ability to make funding decisions. So it's not left to a group in corporate IT. It's not left to just one small OT organization that's part of one line of business, that only has this one process control system. But it's really part of this joint task force that's making a decision that benefits the greater good of the enterprise. And just by creating this organization — it doesn't need to be just separate world, and that's all they're working on. But it really is something that they're all invested and passionate about — it gets their buy-in and it creates an ability for them to work together and make decisions that are more beneficial for the organization, and begin to break down some of those challenges around scaling out these POCs versus the typical conflict or construct that delays or prevents it. So the creation of that joint task force or that organization that sits across these typical traditional boundaries and enterprises is critical.

And also, getting buy-in and agreement on the use case structure and business case outline is also really important. More often than not, what we've seen is that a team or an organization will lay out around a POC and lay out kind of a business case, a high-level business case. They have some phase gates along the way. But as things don't play out, or as things change, they begin to change the dynamics of the use case and the business case. And then rather than either shutting down the POC or shutting down two or three other POCs and returning the investments to one that seems to be promising, these POCs begin to drag out. Right? So it just drags out the time it takes to get these done. Because they're kind of changing the rules of the game for the use case along the way. So getting everyone's buy-in on how they're going to determine value, how they define value, what the characteristics are, is critical. That joint task force is critical. Then at some level, these POCs and the deployment of these POCs take investment, right? They take corporate investment. There's no doubt about it. So with rising cost pressures for all of our customers, at the end of the day, sponsorship at a senior executive level, to be part of that task force, to say as a team, "This is not going to be a technology project that we're going to do in a lab somewhere. This is something we're going to do and it's going to have visibility at a senior level. So when it comes time to really plan out the scaling of it, we have sponsorship awareness at a senior level. Someone will stand behind it as something that's a good investment for their P&L or line of business" is also critical.

Peter: Very good. Well, I still have the cybersecurity topic actually, but I think that's a very big topic. I don't think this can be answered within a few minutes, unless you have a straightforward response on how cybersecurity, IT security, is handled. Is that a big concern of companies, or do they put it on a second priority?

Onofrio: Yeah, you're right. That is a big topic, but I can give you a view in a minute or two. Absolutely. Cybersecurity and really resiliency are — and again, always keep in mind my perspective, of the type of clients I've worked with, and we as Kyndryl serve. So you're dealing with typically larger Fortune 500, Fortune 1000 companies. They can't ignore the topic. They literally cannot. Because it's something that is a board-level concern. It's something that in the United States, depending on how you handle certain controls, certain audits, certain disclosures around incidents and your security posture, the board members are personally reliable for. Right? So just by the sheer function of the regulatory environment that our clients operate in, it's not something that can be ignored any longer. So security is not something that was discussed at a lower level, three levels beneath the CIO, by the CISO, as it was ten years ago, making sure they have some internet firewalls and some software running on laptops type of thing and a password authenticator. So it's certainly a huge concern now. And we're seeing a huge impact in this space, especially when you think about some of the capabilities that are being developed using — and I'll use the term in general, AI, but certainly, generative AI to accelerate the capability and the functionality of some of the newer SIM environments that are out there that some of the partners have developed. So that's really driven a lot of progress.

But at the same time—similar to the conversation we had a while back around the IT readiness paradox and the fact that they think they're best in class but don't think they're ready for change and have technical debt—over the past 10 to 15 years, especially in the enterprise space, we've seen our customers and clients develop and buy a plethora of tooling that addresses the cybersecurity. And what they're struggling with now is saying, "We now have 20, 30 different technology tools in the security space. Integrating those, keeping those constant, keeping them functional in our environment, and actually managing that at a governance layer so that when I make a change in one area, I understand what needs to happen, and the 18 other tools I'm running is becoming crippling for the security organization." So simplifying what they're doing is a big priority for them. Certainly, the ability to manage and maintain the appropriate controls, while also giving your enterprise the ability to leverage third-party assets, data, SaaS platforms, is a battle. Right? They don't want to inhibit the ability of the organization to be curious and to leverage capabilities that are developed external to their corporation. But at the same time, controlling the flow of data and understanding what's actually happening and protecting the environment, leveraging a zero trust framework, is a really big challenge and top of mind. So they don't want to tramp down creativity. But the CISOs, especially, and boards now that they're accountable for this, have to protect the integrity of the enterprise.

Then the last area that we're seeing a lot of, this is for a couple of years now, especially since COVID, is the topic of supply chain risk. Right? So it's not just about understanding what's actually happening in your own corporate environment, your own manufacturing setting, but that counter-party risk topic and the supplier, second, third-level supplier, into your supply chain, understanding what's happening there, and in some cases being able to put mitigation plans in place if there are breakdowns in that supply chain, is now really part of that evolving area of focus around resiliency. Right? So that level of resiliency that you're putting in the corporation to deal with some of these exogenous actions that are happening. Which, quite frankly, especially in the manufacturing environments we work in, I don't see any way that's not going to continue to accelerate. You've got some repatriation of manufacturing capabilities. The political winds globally are changing. So I think supply chains — certainly, putting aside what we saw during the pandemic, supply chains, over the next two to three years, are going to be under increasing pressure as these geopolitical factors change the very landscape and the fabric that connects these supply chains for the past 15 to 20 years. And they're going to have to change a lot quicker. Obviously, understanding your supply chain, having visibility, and being able to kind of architect changes to that is critical. But then understanding the risk and the resiliency of that is going to have to be done in parallel to protect the organization.

Erik: Great.

Peter: Good. Thanks very much. Yeah, I think that was very, very valuable information. I hope listeners will also enjoy it and post their comments.

Onofrio: I'm glad to hear it.

Peter: Thanks very much, Onofrio. And, Erik, is there anything you still want to say?

Erik: No. Onofrio, I really appreciate it. Thanks, and we'll put the links in the show notes.

Onofrio: Okay. Well, thank you. Nice meeting you, Peter and Erik. Good luck.

Peter: Thanks, folks.