IBM 2Q 2020 earnings are a tale of two business models. Revenue from its cloud-related businesses surged 30% to $6.3b, while overall group revenue declined 5.4% to $18.12b. 2Q net income was $1.36b. Services and Consulting businesses were weak spots as client companies look for cost savings and postpone spending in the wake of COVID‑19, with CFO Kavanaugh noting that “many clients continued to delay projects, defer purchases, and favor opex over capex spending.”
IBM’s results highlight the bifurcation in how the ongoing digital transformation across business models and economies globally is driving huge growth in SaaS and outsourced IT functions at the expense of traditional hardware and licensed software sales. This trend is likely still in its early stages, and the COVID‑19 driven recession may in fact accelerate this shift as companies seeking to minimize capex budgets look favorably at this capex-light model.
In addition to the impact of accelerated digital transformation, including outsourcing, is having on company business and product strategies, it also has critical implications for companies’ cybersecurity strategy, planning, monitoring and oversight. As enterprises continue to shift more of their IT operations to third party providers, there is an increased need for attention on the cyber posture of those third parties as well as a company’s own management of new technologies and services such as the cloud. The cases involving Citrix and plethora of data breaches stemming from company misconfiguration of cloud services like AWS over the past year serve as a reminder of how a vulnerability within a key service provider or mismanagement of a new technology can create significant downside financial risks. One report earlier this year outlined nearly 200 breaches between 2018 and 2019 stemming from cloud misconfigurations.
As IBM’s results show, there are huge growth opportunities for the companies that meet increasing digital transformation needs across all sectors. But with that opportunity comes an even greater importance in having best-in-class cyber governance to protect its own and its clients most important assets, their data and increasingly digitized operations.