Why Cloud Maturity Matters

By Alex Hammond and Tristan Sifantus

Cloud computing has become an essential component of technology transformation for organisations across various industries. The benefits of adopting the public cloud are well-known and extensively discussed, including increased speed and agility, scalability, innovation enablement, better security, cost savings, and access to cutting-edge technologies that will allow you to reap the true benefits of digital transformation: make the most of your data, build better and more compelling products and services for your customers, and ultimately be more competitive in a crowded market. 

The reality, however? Cloud bills are skyrocketing, new products and services releases are slow, and teams keep on fighting fires instead of innovating… Realising these benefits is not always straightforward, and is often due to a lack of maturity when it comes to technology adoption.

Some organisations will simply quantify their level of maturity by the number of workloads they migrated on to the cloud, the number of SaaS solutions they’re using, or even the number of staff they’ve trained and certified on the cloud. The reality is that maturity is much more complex than this, you only have to look at the Open Alliance for Cloud Adoption’s maturity framework which has 31 different components to determine maturity (everything from financial operations, to compliance, governance, delivery approach, through to architecture, security, engineering, etc). We assert that, in the UK at least, the vast majority of organisations remain highly immature in the vast majority of these lenses, and that for you to realise the benefits of the cloud, to deliver genuine, tangible value to your organisation as a result of your cloud adoption, you need to be addressing as many of these as you can. Or you risk a significant missed opportunity, at best, and significant risk and cost at worst.

Whereas tackling all 31 components of the maturity framework can seem daunting and maybe unnecessary, some fundamentals can be tackled quickly to make serious improvements in your cloud maturity – the remainder of this article will focus on four of those: 


  1. Architecture
  2. Security
  3. Finance, Governance and Controls
  4. Skills and Delivery Structures


Cloud architecture is the key to modern operations, but many organisations face challenges in this area. They often lack a holistic view and fail to define the purpose and expected outcomes of cloud adoption. Standards and consistency are also lacking, with organisations using outdated approaches. Embracing modern architectural principles will be a game changer. Leveraging automation, building security into your design, moving towards a componentised architecture, and promoting a pattern-based approach (design it once, properly, and reuse) are all essential for success. You will benefit from greater consistency and efficiency from design to delivery. By improving your architecture capabilities and asking yourself important questions about the roadmap, outcomes, skills, and appetite for change, you can drive significant improvements and achieve much higher-quality outcomes for your organisation.

Outdated security practices won't suffice in the cloud era. Traditional one-time audits and checklist-based frameworks fall short. Cloud security demands an integrated, automated approach with built-in measures throughout development and engineering processes so that your developers cannot break things or make your systems vulnerable. Building security into your designs – rather than treating it as an afterthought – will also save you a considerable amount of stress. True cloud expertise involves adapting legacy controls and standards, making security a shared responsibility across the business. By embracing these principles, organisations can elevate their security to a new level, gaining enhanced visibility and control. Here are some key questions you should ask yourself, and seek support if the answers are ‘no’: Do you have clear visibility of your cloud assets and their security? Are your controls effective? Does your security team possess the necessary cloud-focused skills?

Cloud finance, governance and controls encompass managing and operating cloud services within an organisation. However, organisations often fail to recognise the unique nature of cloud costs and control compared to traditional models (capex vs opex) and without proper management, they can get out of hand very quickly. Moreover, a lack of a defined risk framework results in uncertainty about what should be on the cloud – and why – and the level of business criticality. To address these challenges, you need a clear cloud strategy, architectural principles, and effective governance. This includes implementing cost-control mechanisms and guardrails that will ensure everyone operates within the agreed constraints, holding teams accountable and improving visibility of cost and usage, and adopting a cloud-specific governance approach that balances speed, security, and risk. It's crucial to evaluate the organisation's maturity and control in cloud FinOps and define a risk appetite that aligns with a tailored governance approach, to ensure that everything you do is bringing tangible value to the organisation.

New skills and delivery structures are crucial to succeed in the cloud. Legacy approaches and siloed teams hinder scalability and innovation so it's important to reassess the operating model, team organisation, and skills needed for cloud transformation. Simply sending employees on short courses and continuing to operate in the same ways as you did on-premises can lead to knowledge gaps and increased risk. Achieving a successful cloud transition requires a cultural shift and investment in existing employees, and keep in mind that recruitment alone will not be sufficient. You must invest in enabling your workforce for enduring technology delivery capabilities and must question the effectiveness of your current operating model, skills mix, and investment in cultural transformation. By addressing these areas, you can embrace the full potential of the cloud.

In conclusion, achieving cloud maturity is essential for organisations seeking to maximise the benefits of cloud adoption. Whilst the whole journey can seem daunting and will take time to achieve, by addressing the key areas we’ve just explored you will be able to set up your organisation for success and unlock the true potential and benefits of the cloud, at last. 

Igniting digital transformation and embedding operational resilience into highly regulated organisations Read more