Data breaches are a worldwide epidemic. Consider those that are most affected: two-thirds of Americans (198 million); half of Filipinos (55 million) and half of South Africans (30 million).
This reflects a sorry state of security in information technology (IT). As an industry, we have failed to adequately secure people’s data. The supply chain, which accumulates everything from customer and supplier data to financial figures, can be a particularly tempting target.
Everyone is affected, and no-one is immune. Recent hacks have included:
Corporates / large business (Accenture, TalkTalk, Verizon)
Small and midsized enterprises (Forever 21, Panama and the Paradise Papers)
Non-profits (the Red Cross Blood Bank)
Political parties (RNC)
Governments (South Africa, Philippines)
F5 Networks recently unveiled a security report, a study, titled ‘The Evolving Role of CISOs.’ The study, done in collaboration with the Ponemon Institute, collected information based on interviews with senior-level professionals (CISOs and CISO-equivalent roles) from 184 companies in seven countries.
A key takeaway – there is a shift toward security as a business priority. Fifty seven (57) percent of the respondents say that their organizations have experienced big developments that are driving change in their attitudes about security programs. Next, 49 percent believe that their organization considers security to be a business priority. Cybersecurity exploits and material data breaches are contributing most significantly to the changing attitudes about IT security programs.
Some of the other takeaways include:
* CISOs believe in the importance of an executive-level security leader.
* Enforce policies that protect the organization from insider negligence.
* Assess the risks created by the Internet of Things (IoT).
* Hold third parties to a higher standard of security.
* Invest in technologies that enable the move from protecting the perimeter, to the protecting of the endpoints, applications and data over the next 24 months.
Parag Khurana, MD, F5 Networks, India and SAARC, said: “There is a changed security landscape. The cloud is rapidly transforming. Also, the enterprises are consuming applications very differently. Everything is now getting encrypted.”
According to the study, 72 percent of the attacks are on applications. There is 28 percent attacks on the user identities, and 44 percent attacks on the application itself. Even then, less seems to be happening to support this sector.
Till now, most of the security is network-centric. It is causing a shift in IT security. Today, the focus is on security from the applications point of view. F5 Networks promises to secure the access to your applications. F5 Networks is seeing more conversation on multi-cloud security.
According to the CISO report:
* With the number of cyber attacks on the rise, the role of the CISO will become even more critical.
* Current IT security strategy spanning a company is still very rare.
* Recognition of security as a business priority is still reactive.
* An IT security strategy is still very rare.
— 58 percent believe that IT security is a standalone function.
— 45 percent believe that security function does not have clearly defined lines of responsibility.
— 22 percent believe that security is integrated with other business teams in their organizations.
In India, 57 percent of the respondents say that there is a change in attitude due to the big developments. Next, 31 percent say that there will be more dependency on application security in the future, and 30 percent feel that there will be more dependency on end-point security in the future. Another 23 percent feel that there will be less dependency on network security in the future.
Things to do for CISOs
There are three things for CISOs to look at in future:
* On moving on to the cloud, what happens to the current security?
* How can multi-cloud environments work?
* How can they best protect the organizations from attack vectors that have now increased?
Enterprises definitely need to establish enterprise-class data centers, and have own control, and further extend that to hybrid models. Banking and financial services are the first movers to implement security. Next, the pharmaceutical companies are adopting security to protect their IP.
SAP announced the creation of a digital ecosystem with the SAP Leonardo portfolio, exclusively for India. SAP Leonardo is a digital innovation system for rapid, scalable transformation. It includes analytics, blockchain, machine learning, IoT, Big Data, data intelligence and SAP cloud platform using design thinking services. Bill McDermott, CEO, SAP, says, “SAP Leonardo will unlock the full potential of the intelligent enterprise.”
Deb Deep Sengupta, President and MD, SAP India Subcontinent, said, there are four traits that set the top 100 global companies from the rest, and have a digital mindset. These traits are:
* The companies are focused on true transformation.
* The companies invest in bimodal architecture.
* The companies transform customers facing function first.
* The companies are talent driven.
The mantra for achieving digitization is by intelligently connecting people, things and businesses to drive the outcome. Sengupta cited examples of Jio, Tata Group and Trenitalia, Italy. He added: “IoT sensors report issues in real-time for Trenitalia. The maintenance costs are down 8-10 percent using this process. SAP is also driving the IoT revolution. We plan to invest Euro 2 billion in IoT till 2020.”
Sengupta outlined the the architecture for doing digital today, from S/4 HANA to SAP Leonardo, on to SAP IoT Connect 365, and on to the Intelligent Edge.
SAP Leonardo delivers new capabilities
Neeraj Athalye, Head – S/4HANA I GST Adoption I Leonardo, SAP Indian Subcontinent, said: “Leonardo is a digital innovation system. The innovation needs to result in tangible benefits. A company also needs to integrate.”
SAP Leonardo delivers new capabilities in machine learning, IoT, Big Data, and analytics. It is open, extendable and ready to be woven into every facet of your business. SAP Leonardo also allows for rapid implementation and seamless scaling the existing SAP platform and application portfolio.
There are all the ingredients to make an innovative business process. Customers solve all common problems. All of the components have been added to the accelerator. An accelerator can be used to redirect maintenance needs, optimizing inventory levels, and ensure consistent temperatures with pre-set tolerances.
SAP IoT Connect 365
SAP IoT Connect 365 is a managed, cloud-based service that simplifies IoT connectivity for enterprises, government and people. The solution makes it easy for enterprises to connect their IoT devices and gateways over cellular networks, through a web GUI or a web service API. A part of the Leonardo technical services, this solution was first launched at SAPPHIRE, and represents tremendous opportunity for mobile operators.
Through SAP IoT Connect 365, SAP provides full connectivity management ranging from provisioning and activating SIM cards to defining usage thresholds for devices or groups of devices to streamline their data consumption. By using a neutral SIM card, enterprises will be able to forego lock-ins to a single mobile operator and benefit from the use of the radio network of operators that will be capable of giving the best price/performance for their needs.
What sets this solution apart is the simple business model, ease of integration, better management of connection costs and a mobile data service that leverages technologies to their best possible use. The solution has a number of customers in trial and one of the first ones to use it is a global automotive customer that is utilizing the SAP IoT Connect 365 to connect their test fleets.
SAP IoT Connect 365, delivers choice and flexibility to enterprises, laying the foundation for a well-connected, cost-efficient, and secure environment.
Athalye added: “We make the enterprises connect their devices over the cellular network. Data must be encrypted and secure. We follow all of the global norms of data security. Data does not understand boundaries and should be governed. SAP has stringent norms for data center approvals.
“Our core is also GST compliant. Customers are filing their GST returns as per the Indian norms. On-premise ERP, digital compliance and GSTN are integrated. In fact, every SAP customer is GST compliant.”
Standard Chartered Bank is developing the power of the interconnected strategy. StanChart is also redefining banking with connected thinking. Digital is combining with technology to trigger different touch points. Standard Chartered Bank also opened its new Global Business Services (GBC) center in Bangalore, early this month.
Kwan Chee Sun, Head, Standard Chartered Global Services, India, said that the fourth industrial revolution — the digital age — blurs the lines between digital, biological, etc. The bulk of the increase will happen in the technology space. He referred to Smile To Pay, a service offered by KFC and AliPay started in China.
Dr. Michael Gorriz, Group CIO, said that Standard Chartered had been discussing the future of banking for ages. How will StanChart look like 10 years down the road?
He said: “Five years ago, smartphones became pervasive and changed the face of banking. Banking is about basic services — store, lend and borrow money. We are now experiencing a world of digitised money. Technology has broken down the barriers. In future, digital will be dominant in bank-customer relations. Data and analytics will help banks to serve customers better in the future. We are now investing US$ 3 billion in improving our global footprint.
“We partner with fintech companies and incorporate them into our atmosphere. We have also built up an accelerator lab. Currently, we have a challenge with legacy systems. In the future, we would like an adaptive landscape. Investment in APIs is critical.”
Trends in banking
Designed for SMEs, Standard Chartered’s Straight2Bank (S2B) is a fully-integrated Internet banking platform that allows you to perform all your transaction and information.
Talking about technology trends in banking, he said: “The Straight2Bank app has an interface for commercial and corporate customers. Digital payments are engrained into the interface. There will be data-driven business models. Big Data can help us gaining insights into the real needs of customers. Next, fraud detection is important for us. Also, blockchain is helpful in bringing transparency into banking.”
Gorriz noted that StanChart currently operates in 68 countries. The learnings among the different markets are exchanged quickly. StanChart supports over 9 million customers today in retail banking.
James Dolphin, CIO, Retail, Private Banking and Wealth Management, said that banks create and convey trust, adding: “Cavalier people generally write the best software. We are now competing for software engineering talent.” He added that banks had been mistrustful to open source for a very long time. That scenario was changing.
Dolphin noted that the current scenario of software development resembled the waterfall vs. agile development of software. Digital product owners tell the team what needs to be done. The team of engineers have two weeks to change their minds, if needed. “We are now looking at areas where the engineers and software developers can run speed, or, be on a run-on condition. Our engineers should have the ability to create something very quickly.”
In a presentation made via video, Tom Siebel, CEO, C3 IoT, said that IoT is about the sensoring of value chains. Smart, connected products are today transforming companies. The C3 IoT platform allows the company to collect and analyze data.
Focus on data
Shameek Kundu, chief data officer, Standard Chartered Bank, during a chat, said: “Data will be very important. We are working on expanding the credit transaction data. We are also working toward building a safer infrastructure for the bank. In Singapore, we have combined geospatial infrastructure with real-time offers. This exercise is building on the data asset.”
Regarding the smaller traders, he said: “We can bring small manufacturers into our stream. Having access to good data will help us in expanding credit. Technology can play a big role in all of this. Our strengths are the advantage of investing in technology and improving on our footprint.”
As for blockchain, he noted: “Blockchain is a way to build trust. We have invested in Ripple, and worked with AIG. Our priority remains to upgrading on services and technology to serve customers.” Standard Chartered Bank made a strategic investment in Ripple, a leading distributed ledger company, last September. The investment will accelerate the Bank’s digitisation agenda in distributed ledger technology as it explores new ways of adding value to its clients and the industry.
He continued: “We actually went open source in banking. As the customers’ needs evolve, there will be a need to invest in technology. We recognize that we have to work at the customers’ requirements and then, meeting them. Technology companies are also building specific solutions to support for our services.”