chombosan -

CIO interview: Simon Liste, chief information technology officer, Pension Protection Fund

While aspects of the PPF’s three-year digital transformation plan were delayed by the pandemic, the organisation is now pressing ahead with widespread improvements to IT

Simon Liste, chief information technology officer (CITO) at the Pension Protection Fund (PPF), looks back on the progress his team has made over the past two years with satisfaction. When he last spoke with Computer Weekly in May 2020, Liste was using his organisation’s commitment to the cloud to overcome the challenges of a rapid shift to remote working.

The PPF protects the financial futures of close to 10 million people who belong to more than 5,200 UK defined benefit pension schemes. One of Liste’s key roles since assuming the CITO role at the organisation towards the end of 2018 has been delivering a three-year strategic plan to support this work, including a move to the cloud, disaggregation of the PPF’s support model and a tougher stance on cyber security.

Now, with most of that work complete, the PPF is entering a new three-year strategic plan. Liste says his organisation is using the strong foundations it’s already built to help prepare for a new wave of digital-led services.

“We’ve come a long way from where we were,” he says. “We were transforming and changing, but we were doing that while the plane was still in the air. But it’s been really good. I think everybody’s embraced the change.”

Liste says that while the past three years have been focused on transforming the perception of IT across the business, including how it’s used by the organisation and how it could benefit its members, the new plan aims to take digital transformation to the next stage.

“There was always a bridge opportunity for the next three years,” he says. “Our work now is about interconnecting. And technology and digital is one of the strategic pillars for the business going forward.”

Embracing the cloud

When Liste last spoke with Computer Weekly, he explained how he’d brought IT management back in-house. He’d disaggregated the support model to spread provision across a series of suppliers, reducing the level of potential risk from being over-reliant on one provider.

Liste also outlined his desire for a cloud-first approach to IT implementation, using technologies and providers such as Microsoft 365, Azure, Teams, Zoom and VMware. He says the pace of the shift to the cloud has quickened considerably during the past two years.

“We’re about 90% there now – and that’s not just testing and development, that includes production,” he says. “We’ve got live critical enterprise resource planning systems sitting in the cloud.”

Many of the PPF’s cloud services are based on Microsoft applications. Liste says using the Microsoft stack, including its data analytics tool Power BI, gives his business on-demand access to trusted tools that support ongoing digital transformation.

“There’s no point reinventing the wheel when you have very successful services and solutions out there,” he says.

“Technology is now about enabling the business as opposed to just being a-side-of-the-table conversation. It’s at the forefront of discussions about the future of the business across all of our services”

Simon Liste, Pension Protection Fund

“Our focus is the appropriateness of services. Everything’s always about value. The digital platform we’re building is quite an investment for the business, but we also believe the return on investment is going to come back pretty quick.”

Liste says the perception of technology has been boosted during the past two years. While responding to the coronavirus pandemic was a significant challenge, he says the executive team has seen first-hand how a combination of cloud-based services and the tactical use of data can provide big benefits for the PPF, its workers and its members.

“The technology came into its own during Covid-19 by supporting the organisation,” he says. “Luckily, our employees were able to work from home, to collaborate well with internal stakeholders and the quality of the service for our members was maintained.”

Picking good partners

While the PPF is a heavy user of Microsoft products, Liste is keen to ensure his organisation is not hemmed into an over-reliance on a single provider. Having already overseen a shift to a disaggregated hybrid model managed by the company’s internal technology team, Liste says any potential new provider must meet some key criteria.

“It’s all about engagement,” he says. “Any vendor we work with must buy into our values. After all, it’s not just about what you do, it’s about how you do it as well. So, we’re constantly reviewing who we’re working with. We’re always challenging our partners and making sure they understand it’s a partnership.”

The PPF recently onboarded three strategic partners in security and network design. One of the key requirements for that work covered values and ethics. Liste says sustainability is at the core of his business principles. Any partners must also have a strong diversity and inclusion (D&I) commitment.

“We’re very selective about who we work with and we make sure they mirror our values around what we deliver internally within the organisation. We do a vendor assurance programme as well, where we check our partners. If you say you abide by D&I, show us that commitment,” he says.

“What’s your actual plan for sustainability? How will you adhere to our security requirements? We know what we believe. We’re not perfect, but we do expect the partners we work with to drive that same agenda. There’s a responsibility for companies to hold their partners to account and make sure they’re doing what they say they will.”

Strengthening cyber defences

Liste has also spent the past two years helping to bolster the PPF’s cyber defences. One key element has been meeting the requirements associated to Cyber Essentials Plus, the extended version of the National Cyber Security Centre’s (NCSC) certification programme, which includes a hands-on technical verification.

“When we last spoke, we were looking at maturing our security profile,” he says. “NCSC changed the requirements last year and so we recertified. All our efforts here are about supporting and securing collaboration internally and externally. Access to data is being made easier, safer and more seamless.”

“All our efforts here are about supporting and securing collaboration internally and externally. Access to data is being made easier, safer and more seamless”
Simon Liste, Pension Protection Fund

As part of the PPF’s efforts to make the most of data, the organisation continues to rationalise internal hardware and storage. Liste says moving to the cloud and reducing the commitment to traditional in-house IT also helps the organisation meet sustainability targets.

“We’ve rationalised and we’re really lowering the footprint. We’ve moved away from the traditional way of looking at datacentres and disaster recovery. Because we’re moving so much to the cloud, we’re getting rid of one of our datacentres. And that ties into our commitments around sustainability,” he says.  

“We’ve focused on bring your own device and giving options around portability and accessibility, but securely. So, technology is now about enabling the business as opposed to just being a-side-of-the-table conversation. It’s at the forefront of discussions about the future of the business across all of our services.”

Providing digital services

While the progress the PPF has made in many areas over the past two years is impressive, Liste recognises the movement forward has been slower in others. Back in 2020, he mentioned long-term plans for the digitisation of services and the creation of multi-channel options. Two years on and Liste says there’s still much work to do here.

“If I’m honest, we’re not where we wanted to be, because I wanted to introduce automation and artificial intelligence (AI) – so things like web chat and chatbots – to lead and guide the members a lot more,” he says.

Read more financial services CIO interviews

Liste says the challenge of delivering the magnitude of change projects relating to cloud services, plus the issues connected to dealing with Covid-19, mean some of those multi-channel capabilities are going to be delivered during the next 12 months.

“We’re not that far behind where we need to be, but there was a lot of legacy code and technical debt that we had to address. We’ve rationalised – so now, if you’re a member, it’s easier to engage with us and contact us through digital forms. There’s now a lot more to do in terms of workflows and automation,” he says.

“But we’re going to be really pushing AI and chatbots. And that's the focus for the next 12 months and beyond. We want a chatbot that can help our members get the answers to their questions automatically. So, putting AI-led intelligence into our back-end will be the next stage of the services we’re providing for our members.”

Building enthusiasm for IT

Liste says the objective for the next three years is to shift the IT operating model and to improve the digital capability that sits outside the technology department.

The PPF’s new strategic plan aims to change how the organisation uses data. While the IT team will focus on developing the right platforms to support this approach, there will also be a large amount of work to ensure people across the business are comfortable with new ways of working.

“Like anything, change is a personal thing, so some people are much more adaptive, and others take a little bit more time to adapt. But from a value-generation side, I think there’ll be efficiencies and time savings, and there’ll be excitement,” he says.

“We’ve been holding town hall meetings with people outside the IT department to build their enthusiasm. What we’re seeing is they want to use more technology because they know it’s going to make their working life easier and more productive.”

As people across the business become comfortable with digital and data, Liste hopes line-of-business units start making some of their own IT decisions, with support from a core technology unit. Liste’s vision, therefore, is to put data at the core of the way that the PPF operates – without causing complex challenges.

“We’re not just talking about technology as a separate conversation,” he says. “By the end of this three-year plan, I hope we’ll see that there’ll be technical functions that are sitting outside of technology. The governance controls are still centrally managed, but you’ll see the use of data and digital will have grown across the business itself.”

Read more on CW500 and IT leadership skills

Data Center
Data Management