Manutan CIO Builds Digital Factory from Cyberattack

European B2B retailer transformed its technology estate in the wake of a ransomware attack and is now industrializing change. 

“I said what we have is obsolete, and we have to think completely differently,” Group CIO Sylvain Coquio said of the frank discussion he had with the board of French-based Manutan International, a business-to-business retailer. The backdrop for this difficult conversation was a cyberattack that caused widespread damage to Manutan.

It was in February 2021 that Manutan fell victim to a DoppelPaymer ransomware attack, which impacted two-thirds of its 1,200 servers. After the attack, Coquio had the support and opportunity to drive digital transformation at Manutan. He rethought processes and ensured that the company had the infrastructure in place to tackle future challenges.

Founded in 1966, Manutan remains a family-run business and has 27 subsidiaries in 17 European countries. It is a leading supplier of shelves, pallet trucks, lockers, and tools to the education, office supplies and local government markets.

In recent years, Manutan extended its market reach to technology recycling and sports equipment in its native France and online ironmongery in the United Kingdom. The company has also connected its online B2B operations to services such as the installation of tennis courts for schools or local authorities.

Coquio says this is giving Manutan an advantage over pure-play retail providers. “We have five percent of the European market, but in the coming years, the main competition will be from Amazon,” the CIO noted.

Despite the growth of digital disruptors, Manutan reported a turnover of €820 million in the year 2020 to 2021. In March 2022, Manutan reported growth of 11.8%, which it primarily attributed to its enterprise division in the industrial and office supplies market. 

As with all digitally focused businesses, data is key to recent and future growth. Consequently, Coquio works closely with the company’s chief data officer to develop the Manutan data strategy. This, the CIO says, will be underpinned by a Microsoft Azure cloud instance.

Coquio is now able to look ahead and develop a data strategy with the chief data officer. This comes on the heels of a significant period of investment and modernization after the cyberattack, which was the catalyst for wholesale change at Manutan headquarters in Gonesse, about 10 miles from the center of Paris. 

In the attack, cybercriminals profited from the obsolescence of the application estate and spread throughout its European business, leaving 10 days of major damage in its wake, says Coquio. It was reported that the application estate contained 2016 versions of Microsoft Windows and Red Hat Linux. Full-scale recovery took five months.

Before the cyberattack, most subsidiaries had their own servers and technology estate. To ensure Manutan recovered from the attack, Coquio scoped out a recovery plan, dubbed the Horizon program, which incorporated an immediate response to get business back to operational health and considered future requirements.

Today, the Horizon program provides a modernized network, access technologies and a new datacenter estate. Core compute needs in the new infrastructure are centrally operated, a digital factory methodology was introduced to ensure each subsidiary can personalize technology for its operational or customer needs.

In the modernization of the infrastructure, Coquio selected the Nutanix on-premises hybrid cloud infrastructure, as well as two new datacenters with Equinix.

“We have large warehouses where we need servers for quick interfacing," Coquio said of the on-premises hybrid cloud that replaced legacy VMware. “We were in a hurry to mitigate risk so there was no RFP. If you’ve been attacked, you’re more likely to be attacked again.”