Madoc Batters likes a challenge. As head of cloud and IT security at Warner Leisure Hotels, he’s inherited a big task – leading the UK hotel chain on a digital transformation journey, including moving the business to the cloud to build a platform for long-term innovation.
“I gravitate to change – that’s what brought me into the position,” he says. Previously head of the cloud centre of excellence and operational security at holiday operator Haven, Batters assumed his position at Warner in February 2024.
“I’d already taken Haven through a digital transformation, standing up all the AWS infrastructure, getting the teams ready and putting the organisation in a good place operationally. I like pushing companies forward technologically with what they can deploy and their capabilities.”
Batters is completing a similar transformation at Warner. His team is coming to the end of a large on-premise IT to cloud migration. All the company’s apps and services are being moved to Amazon Web Services (AWS) and Microsoft Azure.
“We’ve got about 100 different applications and services that were living on-premise. We’ve been moving those workloads over for the past year now, and we’re getting to the end of that process,” he says. “Within the next three months, we should have finished all that on-premise to cloud migration.”
Moving to the cloud
How’s that transition going? So far, so good, says Batters, outlining a series of issues familiar to any IT leader who’s led a similar large-scale digital transformation initiative.
“Some of these on-premise machines have been sitting there for 30 years. Every time you move something, another bunch of technology runs out from underneath the rock you’ve just lifted, and you’re untangling a range of organically grown systems introduced over time,” he says.
“We’ve had old bits of equipment that may not have been turned off or tested, or they’re running on old software versions. This transformation process gives us a great chance to re-factor older systems. There’s never a dull day. We’re always working at high speed.”
He gives an example of the replatforming work in progress: “We’re putting in place a new booking system from a third party. Instead of migrating our legacy system, we’ll sunset that technology and then put our new booking system live. That system is due to go live this year as well.”
Batters reflects on his first year in the role and says the big achievement has been establishing the cloud capabilities and pushing full-steam ahead with the transition to on-demand IT. He says another success has been establishing an internal security practice at Warner and implementing a new approach to networking to support the shift to the cloud.
“We’ve redefined our whole approach. We’ve gone with a Microsoft-centric stack for security. We’re also using infrastructure-as-a-service [IaaS] specialist Alkira, which means we’re bringing our networking in line with how we deliver our cloud resources,” he says.
“That approach means we’ve moved from a traditional, long-winded change management system to a distributed, asynchronous change paradigm. Now we can deliver change to networks and security at the same pace as in the cloud.”
Shifting security left
Batters says there are two key components to his security strategy. One is end-user compute. In addition to implementing a Microsoft-focused stack that uses Defender for endpoint protection, Sentinel for analysing internet traffic and Microsoft 365 for productivity, he’s bolstered IT security awareness by providing cyber training for people across Warner.
“Humans are usually the weakest point,” he says. “If you do get hit with some issues, that’s usually due to an action by one of the team accidentally. So, the training is about ensuring everyone knows what they should and shouldn’t be doing and supporting them as best as we can in that area.”
Batters says the second core element of his strategy focuses on infrastructure security. He’s a “massive believer” in “shifting left” with security, a practice that moves testing to the beginning of the development process. Warner uses a mix of in-house and outsourced developers and is keen to create an enterprise-wide approach to data protection.
“What we try to do is secure by design. Security is a team game. Shifting left is like increasing the size of your security team. If you give capabilities and assistance to the developers, it’s almost like they become part of your security team,” he says.
“The more people involved in security from the start, the better. So, we have static code analysis in our pipeline. We surface any issues in the infrastructure that they’re looking to build within the cloud. They can deal with these issues before anything’s deployed.”
“Security is a team game…the more people involved in security from the start, the better”
Madoc Batters, Warner Leisure Hotels
Batters says shifting left effectively is more than standing back and admiring your work once the strategy is established. Smart digital leaders take a proactive stance and ensure vulnerabilities are tracked and traced. He says the aim is to reduce administration and risks.
“There’s so much noise in security. When there is an actual issue, we will raise it automatically. We use the Wiz cloud security platform and plug that insight into our pipeline. We have Wiz in our back end and a single pane of glass for security,” he says.
“We have connectors going into our cloud and on-premise systems. And we’ll raise tickets automatically. The teams can look at those issues and make modifications, and any concerns are closed down automatically. That approach takes away some of the administrative burden for the teams.”
Building strong network capabilities
Batters says his IT organisation is focused on creating the technological foundations for the business, enabling the hotel chain’s customers to have the best possible experiences.
“We’re the platform team, and we make sure that all the guardrails and the base infrastructure are set up to allow the stream-aligned teams in the business to work on top of those systems and services,” he says.
Networks are a key element of this infrastructure. One of the most important foundational elements is the company’s relationship with Alkira. The networking specialist’s end-to-end platform connects users and branches to multiple clouds. Batters says he’s been looking for this as-a-service approach for a long time.
“I’ve worked in networks for many years,” he says. “I worked at BT in 1997, so I’ve got a long legacy working in networks and know how things are implemented and deployed. I was aware the speed of innovation within networks was nowhere near as fast as the cloud. I’ve always wanted networks to catch up.”
Batters says that’s where Alkira’s as-a-service provision comes in. “The technology can be deployed with infrastructure as code,” he says. “And I’m very code-first for our cloud infrastructure. It’s all deployed as code using Terraform. When I saw Alkira, I thought, ‘Well, this is exactly what we’re looking for.’ Because it’s deployed as code, we can plug it into our pipeline and add all the other tools we have.”
For example, complex changes to firewalls and other security settings that might have taken weeks before can now be sorted in minutes. Batters says the combination of cloud, security and infrastructure-as-code makes it easier to roll out innovations to front-end services to hotels quickly and effectively.
“Our use of technology is all about giving our customers a great experience during their short breaks at our locations around the UK. We have several ways to enable those experiences. One is customers have apps that they can use to book activities, like spa days, golf, dining experiences and shows,” he says.
“We also have a website and a direct booking system. We want to be able to give the best experiences we can across all those platforms. We’re also rolling out Alexa [devices] in our hotel rooms so customers can see what’s happening, order things to their rooms, check different events that are going on, or book time slots.”
Empowering staff to make decisions
Batters says his priority for the next year is to finish off Warner’s cloud migration. That process will be followed by a period of refactoring to ensure the on-demand services and networks are in the best possible state and running optimally.
As with security, the refactoring will involve shifting left, this time using FinOps, an operational framework that helps organisations manage their cloud spending. “One of the key issues with on-demand IT is cost,” he says.
“When we deploy things into the cloud, FinOps will tell us exactly how much the move will cost before we make it. We’re empowering the engineers. We’ll get them to revisit what they put in before and get them to go through and see what we can refactor.”
Batters says this proactive approach to service management is the key to success for a modern digital leader. IT chiefs must enable their teams, giving developers, operations specialists and security staff space to innovate. That process must include exploiting emerging technologies, such as generative artificial intelligence (GenAI).
“You need guardrails in place,” he says. “But you’ve got to let people innovate. Give your teams access to secure GenAI. If they don’t have access to a service you’ve created for your internal teams, they’ll experiment themselves using a tool like ChatGPT. That approach creates the risk of people using company-confidential information for their prompts.”
Batters also likes to empower his staff. Instead of dictating what people should do, he’s eager for staff to get involved in decision-making processes. Successful IT chiefs create diverse teams with a range of skills that are confident enough to make big calls.
“Being a digital leader now is not about directing from the front of the ship,” he says. “It’s about enabling people to make intelligent decisions based on data they can collect from as many places and people as possible.”
