Why ‘hybrid’ IT operating models fall short

Today’s technology leaders face a defining organisational challenge: how to structure IT to defend against escalating cyber risk, operate under sustained cost pressure and still enable rapid innovation. 

For organisations operating across regions, product lines, or brands, the challenge is particularly acute. These federated organisations must balance enterprise-wide efficiency, security and control with the autonomy required for local responsiveness and differentiation. As a result, many now view a ‘hybrid’ IT operating model as the default viable solution. 

Yet despite this consensus, many organisations struggle to realise the benefits hybrid models promise. Various market reports estimate that less than 50% of digital transformations meet their target outcomes, contributing to an estimated  $2.3 trillion in wasted investment globally each year.  

IT operating models

Historically, federated organisations have oscillated between centralised and decentralised IT operating models as strategic priorities shift. 

Centralised models – where IT for the whole organisation is primarily run by a single team – optimise for security, efficiency and consistency through shared platforms, common standards and central governance. They enable economies of scale, stronger enterprise-wide security controls and improved visibility of cost and risk. However, centralisation often struggles to accommodate diverse local requirements, resulting in slower decision-making, reduced responsiveness and solutions that may not fully align with individual business divisions’ needs. 

Decentralised models – where individual business divisions run their own IT – prioritise business alignment, speed and flexibility by embedding IT capabilities close to local markets and customers. This enables rapid decision-making and tailored solutions. However, decentralisation typically drives duplicated platforms, higher aggregate IT costs, inconsistent security controls and limited enterprise-wide visibility of spend and risk. 

Why hybrid IT operating models have become essential

Neither fully centralised nor fully decentralised models can adequately address the converging pressures organisations face today. 

First, cyber threats are increasing in scale and sophistication. Without centrally governed security controls and coordinated incident response, federated organisations are left with fragmented defences, slower incident response and containment, and heightened regulatory and reputational exposure. 

Second, economic uncertainty has intensified scrutiny of technology spend. Without centralising foundational IT services, organisations bleed cost through duplicated platforms, overlapping vendors and technology investments that, while they may be locally optimised, undermine enterprise-wide efficiency. 

Third, advances in AI, automation and data platforms are creating significant opportunities for growth and differentiation. Without operating models that enable local adaptability and rapid scaling, organisations may miss narrow windows of opportunity and fall behind more agile competitors. 

In response, the hybrid IT operating model – where foundational IT services are centrally run while business-specific or differentiating capabilities remain decentralised – has emerged as the deliberate design choice. 

Why hybrid operating models often fall short

While hybrid IT operating models are widely adopted, many organisations fail to realise their full potential. In our experience, failure is driven by a set of challenges that surface before implementation begins.

First, organisations often lack a clear and shared ‘why.’ Given the complexity of implementing a hybrid model across multiple divisions, a compelling rationale is essential to secure sustained buy-in. Too often, benefits are articulated only at an enterprise level and not translated into clear value for individual business divisions. When divisions perceive a loss of control without corresponding benefit, resistance emerges and mobilisation slows.

Second, organisations frequently fail to agree on what constitutes a truly ‘foundational’ capability versus one that should remain business specific. These debates are often influenced by a desire to retain high-performing teams or avoid workforce impacts. When difficult decisions are deferred, ambiguity persists and the model stalls before meaningful progress can be made.

Third, funding the initial design and build phase is a recurring barrier. Business divisions are typically willing to pay for shared services once operational but are reluctant to fund upfront investment until value is proven. This creates a funding gap at the point where investment is most critical, particularly for benefits such as improved security, which represent an opportunity cost realised only through the absence of incidents.

Implementation is further constrained by access to scarce skills. The individuals required to design and operationalise shared services are often domain experts with critical responsibilities within their home divisions. Mobilising these individuals across organisational boundaries introduces HR complexity and requires strong, sustained senior sponsorship.

Finally, governance is frequently established too late. Without clear decision rights, funding mechanisms, and escalation paths from the outset, organisations default to familiar behaviours, undermining the hybrid model before it has a chance to take hold.

Conclusion 

For large, federated organisations, hybrid IT operating models offer a compelling promise: improved security and cost efficiency without sacrificing local differentiation. Yet choosing the model is only the starting point. Too often, hybrid models fail not because the design is flawed, but because the conditions for success are never established. 

Ambiguous rationale, unresolved capability boundaries, early funding gaps, constrained access to talent, and delayed governance can undermine delivery before value can be realised. Similarly, the sustained enrolment of leadership teams, within IT but critically beyond such as the business/divisional leadership, is of great importance. 

We help organisations address these challenges early, clarifying the ‘why,’ defining what is truly foundational, and shaping a cohesive strategy that is aligned to wider Group priorities. We support the design of pragmatic funding mechanisms and governance that enable mobilisation. By focusing on implementation discipline as much as operating model design, we help clients ensure their hybrid IT models deliver tangible and lasting business value.