CIO Mavericks: Introducing Tom South, CIO at Northern Trust
Mike Koleno, CTO, Cloud Practice
The “disruptive CIO” is becoming a popular phrase to describe a new brand of IT leader that introduces radical new approaches and challenges the status quo. At Solstice, we believe in challenging conventional wisdom and honoring the opinions of industry leaders who dare to think differently: the mavericks.
That’s what Solstice’s new CIO Mavericks series is all about — asking demanding questions and discovering what motivates and inspires the most senior IT executives.
A brief introduction: I’m Mike Koleno, CTO of our Cloud Practice here at Solstice. I lead our Cloud and Modern Software Engineering capabilities and oversee full stack development efforts across a wide range of Fortune 500 clients.
Now enough about me, it is with great pleasure that I introduce you to our first CIO Maverick, Tom South, CIO at Northern Trust, a global financial institution headquartered in Chicago. Tom has been with Northern Trust for 19 years, including technology leadership positions across the enterprise. He brings deep and diverse expertise to the position ranging from IT strategy and systems reliability to asset management, operations, and wealth management technologies. We are very excited to have him be a part of our new Solstice CIO Mavericks multi-series campaign.
During our in-person interview, Tom shared his insights across a range of topics including his views on the power of a mission-driven team, the ins and outs of optimizing your digital roadmap, and the role of the CIO as an agent of change.Mike Koleno: From what I know about your background, you’ve never seemed satisfied with the status quo and are always looking for new challenges. Can you tell us a little bit about your experience and the different roles you’ve had over the years?
Tom South: In the 19 years that I have been at Northern Trust, I’ve had 10 different roles. I would love to say that this was my purposeful plan, but part of it was that I had several mentors who were continually pushing me to take chances, and one of the things I did overtly was take risks. A lot of people would build a team and get comfortable, but I would get uncomfortable as soon as I built up a team. The challenge was going into teams where you were unknown as a new leader and trying to make an impact.
"It wasn’t always easy, but I was focused on saying 'yes' to every opportunity that came up, regardless of what it meant to my current role."
MK: In your current position, one of the first things you rolled out was the restructuring and alignment of your lines of business with the IT organization. We know that Northern Trust has moved to a distributed CIO model at the LoB level. Can you talk about that? What were some of the driving forces behind that initiative?
TS: Well, we really wanted to become more nimble in our service delivery capabilities and be more aligned with our lines of business – Wealth Management, Asset Management, Asset Servicing and what we call Shared Services. We wanted to do two things: Find a technology leader for each function who knew the business and could speak the language of that business; and organize technology groups around each business, not by function. So rather than having accounting groups and reporting groups, we are centralized around the function of the business — which makes the clients of that business the clients of our IT function.
As part of this journey, we’ve added some superb talent to the organization and have re-energized many long-time employees around our new mission of technology and business teams working closer than they have before. This summer, during the 50th anniversary of the moon landing, I made a comment to our team about how exciting it was for everyone at that time, particularly for those interested in science and technology. A big takeaway from the media coverage was a story about a maintenance person at Cape Canaveral. When someone asked what his job was, he said, “Well, I’m putting a man on the moon.”
Whether that truly happened I’m not sure, but it was certainly representative of the mission-driven model that NASA had at that time. We want our technology people to think in similar mission related terms: 'I'm providing world-class services to affluent families and endowments around the world,' or, 'I'm helping secure the assets of the largest companies in the world so their employees and retirees can sleep at night knowing that their benefits are there.' If you're mission-driven, you really go the extra mile. And if you know a little bit about our culture, as I know Solstice does, that's really what our mission is all about.
One of our business leaders told me recently that while the organizational changes we’ve made aren’t fully complete, he already sees solid alignment on goals and trust between the teams, and the accomplishments of those teams are far exceeding any expectations he had. That's exciting for me to hear.
"Whenever I see those same two success factors — trust and alignment — come together, I feel there's almost nothing we can't accomplish."
MK: I think ultimately, it also goes to the evolution of IT, which we've seen many organizations move from seeing enterprise as a cost center model to more of a driver of digital collaboration and innovation. What's next on the horizon in terms of decentralization of the CIO function? You mentioned there's work left to be done there.
TS: We're in varying degrees of maturity in that model. We did add a few leaders from outside of the firm who have brought a very exciting set of insights about how to accomplish what we’re doing. This was not a radical change, but we wanted to evolve, and we wanted them to be part of that.
We originally wanted about 70% of the investment we make in IT every year to be at least directly or indirectly instructed and overseen by the line of business leaders and their teams. We're not quite there yet, but that was an aspirational goal — and we’re going to hit it. We want to make sure the business has an ability to help instruct and direct talent, make technological investments, and form third-party partnerships.
MK: In terms of working closer with the lines of business where you are offloading or sharing some of the responsibility and decision making, how does that ebb and flow inside of an evolving IT organization?
TS: One challenge we have is how to maintain consistency in what we deliver and how we deliver it. We know that anytime you start to decentralize, people worry about loss of control, so we really focused on building up the muscle in our architecture practice to make sure that there is a level of consistency.
In addition to maintaining consistency, we’re also leaning towards bringing in people who understand the business domains, who understand how we add value to clients, how our competitors add value to clients. In terms of talent, one of the key things is finding people that understand the business very well, in addition to strong engineering and technical skills. Certainly, that blend of skills has been instrumental in helping to shape my current role. What I’ve done at Northern Trust is take a 19-year journey around almost every part of this business. I did get a feel for how we interacted with clients, how we drove client value, and therefore, how we drove shareholder value.
MK: I know your responsibilities as CIO cast a wide net compared to the traditional role. Where does digital fit into the responsibilities you currently have?
TS: We are completing a digital journey roadmap with our lines of businesses. Our business leaders are keenly aware of the opportunities in front of them and also aware of some challenges. Whether it's in our wealth management business or global asset servicing, we aim to provide a high level of service to our clients, and that drives discussions about how deeply intertwined those services can become with the IT function and how they can expand in ways that we have not thought of before.
In IT, we repeatedly ask ourselves, 'What do we need to be building?' And I think it's clear — our development environment needs to continue to evolve. The speed at which people want things delivered is different than 5 or 10 years ago.
Another element that factors into our strategy is that the total stack supporting our business is comprised of technologies from several eras. It's no secret — financial firms have been around a long time and have a lot of legacy technology in their shop. We need to continue the modernization effort there and are examining that intersection now. We’re looking for opportunities where there's a business case behind modernization.
MK: I see some organizations taking a similar approach in their transformation strategy. But there's also a defensive play when it comes to older technologies and older platforms that are near the end of life. What's that balance here? Is it primarily strategic or opportunistic?
TS: That’s a conundrum for a lot of senior technology people across industry sectors. It can be hard to execute in an environment that has become more complicated.
"If you're about building the next big thing, people get energized around that and it combats the fatigue that can come with pure rationalization and modernization activity."
In the last year or two, our bias has shifted from ‘find the oldest technology and work on that first,’ to ‘find the most important need to your businesses and then deliver the optimal service for that investment.’ That's the model we think really works. Will that leave some things that don't meet that intersection point? Absolutely. We're not kidding ourselves about it, and we'll deal with that over time.
In terms of technological opportunities, some of the things you can do today simply did not exist five years ago. And over the next five years, those are going to expand substantially.
MK: I know security is at the forefront of every CIO that we talk with. I'm sure it keeps you up at night as well. Can you talk about how you keep this consistent security posture when there are so many things under your umbrella to manage?
TS: What a challenge for the industry right now. We’ve made substantial strides in terms of security and we've got some incredibly talented people that are mission driven in this space. But having said that, I don't care how good you are at your job, with the potential risk and responsibility around the management of financial data, it's going to keep you up at night.
At the same time, we have to move fast to meet our clients’ evolving needs. The appetite for application development at our firm is growing about 10 to 12 percent a year, and we're bringing new people into the mix all the time. So secure coding practices, though an unsexy topic, is vitally important. Education, oversight and incentives for people that find the most insecure coding practices and fix those — we're coming at every angle we can. We're reminding developers, there's no such thing as secure and insecure coding. There's only secure coding — there's nothing else that counts to us at this point. So we are adding people into our development teams that have this expertise and we’re growing it internally as well.
MK: As organizations look to bolster their C-level talent with people who can really come in and make an impact, how do you see yourself as being an agent of change within your role?
TS: For me, technical acumen is less relevant in this role because the people around me know more. They're much closer to it. What does this CIO role look like? A lot of it centers on people and talent development.
"It's about getting the right people in the right places to be successful and then giving them the right tools and the right support to be successful."
Everybody likes to quote Steve Jobs, so it's passé I'm sure. But I always loved that quote, "We don't hire smart people and tell them what to do. We hire smart people for them to tell us what to do." I have spent a lot of time listening to some of the folks that came from the outside, as well as a lot of the longtime people that are re-energized by opportunities to do some new things that maybe were more constrained previously.
Continuing with our organizational and line of business alignment journey is job one. Also critical is getting agreement on investment decisions so that we are best prepared to execute on those, including the right partnerships and all the other things that go along with that. We are not going to slow down investing in technology. We see it as vital to our growth and brand value. I'll continue to make sure that we're developing a culture where our people are encouraged to experiment and swing for the fences where they can. But it requires making sure the culture is aligned to attract and develop people who want to be a part of what we’re doing.
Follow Tom on LinkedIn.