Coats plc CIO Richard Cammish explains his growing frustration with 'legacy vendors' IBM and SAP

World's largest thread manufacturer terminated IBM data centre contract and Cammish warns SAP that it could be next on the chopping block

Anything that you're currently wearing with a stitch in it - be it footwear, upholstery or otherwise - is likely to have used Coats plc's thread. The company may not be a household name, but it is the world's largest thread manufacturer, making an operating profit of $131m in 2014, and counting the likes of Nike, Adidas, Levi's, Gap and IKEA as its customers.

The company employs 20,000 staff in more than 70 countries across six continents, and its products are used in a huge variety of products, from jeans and trainers, to teabags, surgical threads and fibre-optic cables.

With such a wide range of products, and an employee base spread across the world, the company's CIO, Richard Cammish, has had a tough job on his hands in terms of reducing IT complexity, enabling mobility and ensuring the firm safeguards itself from cyber threats.

To enable mobility, and encourage collaboration, the company moved away from what Coats employees labelled a "wretched email system" - Lotus Notes - to Microsoft Office 365, and this then triggered an interest in other unified communications capabilities offered by Microsoft.

"We now have a highly sophisticated integrated unified communications capability with enterprise voice built into it," Cammish says.

He adds that the company now aims to move at least half of its 2,000 mobile workers from Windows 7 to Windows 10 over the next 12 months, while it is also looking at using Microsoft's Intune mobile device management system to create a remote desktop capability.

"For me, there is a broader philosophy here; we need to make sure that all our mobile white-collar workers - particularly our senior executives - have the tools they need to do their job anywhere in the world," he says.

But while shifting to a new operating system is a huge change, it isn't as hard as some of Cammish's other challenges; chiefly reducing complexity and beefing up the firm's security.

Lashing out at the "legacy vendors"

Cammish slams the likes of SAP and IBM, who he calls "legacy vendors", because of their complicated software licensing models.

"This is an industry issue, where companies like SAP, Oracle, IBM and to a lesser extent Microsoft may find it mildly insulting to be called legacy vendors. But to pick through their licensing model is incredibly complex," he says.

"These companies have had products that have been running in organisations like mine for a few years and they have renamed products and upgraded products so that when you come to do a licence audit, you struggle to see [what is going on], and the first rule is to stay compliant.

"It's one of the contractual obligations, but it's very difficult to stay compliant if you cannot understand, with a degree of clarity, what products you have running," he adds.

Cammish says these vendors "make life so darned confusing".

"[We spend a lot time] just trying to understand what their licensing and revenue model is, when we should be focused on implementation and delivering value," he says.

But for Coats plc, the issues with IBM ran far deeper than just confusion over its licensing terms.

The UK firm terminated its data centre services contract with IBM because it felt the tech giant simply could not meet its requirements.

"IBM was the biggest data centre provider for us in 2012, but by the end of 2014, it was no longer a service provider to Coats because they lacked relevance, they lacked the service portfolio, they lacked the commercial flexibility and they lacked organisational agility," Cammish says.

Removing IBM as a service provider took a couple of years, during which time Cammish said he used virtualisation as a way to continue to squeeze out value from the technology that it had.

"First you have to take what you've got and squeeze the living daylights out of it, so you make sure you've only got the number of services you need," he says.

"What IBM would say is, [virtualisation] means a reduction in revenue, when all we're doing is making sure our data centre engine is efficient and as slick as possible.

"Once you've squeezed it, you can look at alternative vendors, so we moved to a service provider based in Austria who were running at a much cheaper price point [than IBM]," he adds.

Coats is now moving to Microsoft Azure because of its strong relationship with the software giant.

Cammish says that the termination of IBM's contract should serve as a warning to another Coats plc's IT service provider: SAP.

"SAP's product set is effectively 20 years old, and they've realised now that they need to re-architect their technology stack - it's quite ‘sticky'," he says.

But Cammish believes that the best way to use SAP is to "modularise" what it has to offer.

"If SAP want to stay in relevance, people like me have a choice. There are other tools on the market, you do not need to have SAP for everything, you can go best of breed.

"For example, we use BlackLine accounting and finance software, which costs us less than £100,000 in commercial terms, but if we had the same capability from SAP it would cost us in excess of £2bn," he claims.

Cammish suggests that if SAP was looking to increase its market share, it would have to bring better tools to the table.

"It's all about relevance, they have to have the right tools, the right price point, they have to have agility," he says.

"Even though we're a £2bn company, we'd like to think we're quite agile. We make decisions quickly and implement quickly and I see that trend growing ... you need flexible, agile service partners to work alongside you if they are to be relevant, and work alongside you as part of the journey," he adds.

One company that Cammish is fond of is internet security firm Zscaler.

"Zscaler was easy to understand. You have absolute confidence that you have purchased what you needed to, you can track usage and it's just a much simpler model, and it makes them easier to do business with [than 'legacy vendors']," he says.

Coats uses Zscaler as a web-filtering, internet-access control tool that helps the company's risk management committee to decide which websites its users can and cannot access, and which websites require a "proceed with caution" warning.

It's just one part of the firm's cyber defences, which Cammish believes will come under increased now that the firm has re-listed on the London Stock Exchange.

"Because of the nature of our business, with 80 per cent being B2B operations, we are not quite as vulnerable as [US adultery website] Ashley Madison, where there is a lot of personal consumer data. Our crafts business does have consumer data and protecting it is critically important, but whereas Ashley Madison would be a reputational and personal issue, in our world the bigger risk would be a hack to access personal banking information," Cammish explains.

But Coats has a number of measures in place to prevent this from happening, including a third-party payment provider that manages the data on its behalf.

Cammish believes Coats' intellectual property presents a tempting target for hackers.

"We have thread that has been impregnated with insecticide for mattresses, so that it kills bed bugs, and the patent and IP around that product we need to keep safe. We're also doing research on creating spider silk to create the world's lightest and strongest thread," Cammish says, adding that if the technology and research behind such inovations got into the hands of competitors it would be highly damaging to the company.

DDoS attacks are the third form of cyber threat that Coats needs to be wary of, while Cammish says that a key issue within enterprises is to ensure that the workforce has been educated and that the right controls have been put in place.

"You can spend a stack of money on cyber security, but it is about increasing levels of controls and awareness," he says.

Cammish believes the main challenge is around applying controls and protocols across the entire organisation.

"You can be bullet proof with 99 per cent of your site, but you only need to leave one door open and you have ruined all of your cyber security controls," he says.