Cybersecurity: Is it Time To Change Our Mindset?

Mark Testoni

For years, the standard approach to cybersecurity has been to build bigger and bigger walls to “keep the bad guys out.” But as the threat of cybercrime has evolved over time, this approach alone is not enough. Here, we look at the growing cybersecurity challenge and key imperatives facing CIOs.

As the Internet has pervaded all aspects of business and personal life, so has the list of cyber threats that could impact your enterprise. It’s not just rival companies looking to steal ideas. Currently an attack on your network could come from a wide range of sources. Your company could find itself under siege from organized crime, terrorist groups, and even foreign governments.

State and commercial interests are merging, with the networks of private companies now seen as key targets when countries are in conflict. For this reason, many corporations are adopting the same cybersecurity strategies as our national security organizations.

The enemy within

A data breach event could potentially cost millions of dollars, leaving your corporate reputation in ruins. With so much at stake, how do you protect your organization and its intellectual property from all attacks?

This is the challenge. Technological developments have moved so fast in recent years that few networks could ever claim to be 100% impenetrable. And as fast as IT security experts establish barriers to their systems, technologically advanced hackers find ways around them.

Rapid detection, agile response

So, how can commercial companies respond to the evolving cyber threat?

What we need is an entirely new mindset when it comes to cybersecurity. We should assume that hackers can and will access our networks. To complement the evolution of perimeter defenses, we need to shift our focus to detecting and acting on attacks as quickly as possible.

If this approach is to be successful, speed is essential. It is not enough to look in the rear-view mirror to understand what happened yesterday. We need a “front windshield view” to analyze, understand, and respond to threats as they occur.

Revolutionary new approach

With traditional computing approaches, companies simply cannot react fast enough to respond effectively to cyber attacks as they take place. These companies are often only able to determine that a cyber attack has already occurred and attempt to limit the damage to their operations and customers. The prevalence of this can be seen in the number of companies issuing reports about data breaches and offering credit monitoring to their compromised customers. Companies need a way to detect attacks as they are happening, and before the attacker has an opportunity to cause damage.

Sophisticated in-memory computing solutions are enabling this revolution in the way we approach cybersecurity. In an environment where there will never be one, single cyber-product answer, we need to bring the best of all worlds together in an integrated, high-performance manner. For example, with our strategic partners SS8, ThreatConnect, and Babel Street, we are leveraging SAP HANA as a high-performance hub to integrate real-time cyber-situational awareness and threat context. This enables the enterprise to understand the threat, find it, and act on it in real time.

This high-performance computing platform can achieve speeds many thousands of times faster than traditional data architectures. This enables the processing of huge data sets in seconds rather than days and allows analysis at true cyber speed. Companies using this capability can detect and stop cyber attacks while they are underway and before their data can be compromised.

Setting priorities

From the outset, we need to understand that breaches are possible and not all targets can be protected equally. Instead we must identify the high-value targets that are most likely to be attacked and prioritize the areas where a security breach would be most damaging.

For example, finance operations and critical infrastructure are key for most organizations. In addition, personal information is a high-value commodity that cyber criminals are increasingly targeting.

Managing security risk

The Internet has given us the greatest opportunity for economic expansion since the Industrial Revolution. And when you consider the fact that e-commerce accounts for trillions of dollars each year, losses due to security breaches seem minimal.

However, cyber crime is evolving and the threat is growing.

There is no absolute solution or quick fix. The imperative for CIOs is to deploy their available resources effectively to close the aperture of risk as much as possible, and re-evaluate their strategy on an ongoing basis. They need solutions with speed to detect and stop attacks while they are underway. And they must use the latest in-memory technology innovations to stay one step ahead of the cyber criminals.

Threats to your organization can come in many forms, including Supply Chain Fraud: Theft That’s Hidden in Plain Sight.


Mark Testoni

About Mark Testoni

Mark Testoni is president and chief executive of SAP NS2. He is one of the nation’s leading experts in the application of information technology to solve problems in government and industry, especially in the U.S. national security space. With more than 15 years of IT industry experience, 20 years in the U.S. Air Force, and 30 years of public sector management experience, Testoni is a sought-after business strategist and thought leader, with a proven record of rebuilding under-performing organizations and converting visionary ideas into reality. record of rebuilding under-performing organizations and converting visionary ideas into reality.


CIO , cybersecurity

The Ascendance Of Cloud In The Enterprise

Trent Weier

Cloud computing has long been common in the consumer space with companies like Apple driving rapid cloud user adoption around the globe. More recently it’s become a serious consideration in the enterprise; a Cloud Sherpas survey reported that 82% of C-level executives say a cloud strategy is essential to delivering business success. While some still see it as yet another marketing gimmick, for most, it is a powerful set of technologies that can deliver business advantage and genuine cost savings. In fact, where once small and midsized organizations were unable to compete due to the high cost of self-managed IT infrastructure, cloud holds enormous potential.

Why consider the cloud?

In working daily with business leaders in organizations both small and large, I see their underlying pressure to remove cost, and I’m often asked “help me do more for less.” Cloud is a very attractive proposition given the current economic environment. It offers the promise of accelerating time to value, driving higher adoption rates for new technologies, and even connecting value chains in real-time. Other immediate gains include significant operational cost savings, enhanced business agility and scalability, and the ability to move capital expenditure “capex” to operational expenditure “opex” in order to give a more stable and more predictable view of ongoing costs.

A more fundamental strategic advantage of moving to cloud is enabling an organization to focus on its core competencies by outsourcing IT and application services that can be better and more cost-effectively delivered by a specialist cloud provider. This reallocation of funds and business focus is a key factor in ensuring the appropriate “share of wallet” is attributed to business innovation and market-making activities. Additionally, removing these challenges faced by the internal IT function can strengthen the relationship between IT and the business, as IT now becomes the interface between the technology and the business delivering on its promises.

What cloud computing services are available?

With more and more services, collaboration, and applications moving to the cloud, organizations will need to evaluate exactly which delivery model will help them continue to innovate faster.

  • Software as a Service (SaaS) is a subscription-based software license delivery model in which the software is hosted on a remote server.
  • Platform as a Service (PaaS) provides an entire computing platform for customers to develop, run, and manage applications in the cloud.
  • Infrastructure as a Service (IaaS) hosts hardware, software, servers, storage, and other infrastructure components on behalf of its users without spending significant capital expense. This is possible through IaaS like SAP Hana Enterprise Cloud and Amazon Web Services.

Advantages of cloud over on-premises

The value to enterprise of cloud computing continues to evolve, with the reasons for moving to cloud just three years ago very different from those we see in 2016. The worldwide cloud computing market grew 28%, to $110B in revenue, in 2015. Synergy Research Group found that public IaaS/PaaS services attained the highest growth rate – 51% – followed by private & hybrid cloud infrastructure services, which grew at 45%.

A driving force behind this growth is an increasing perception by enterprise that the current cost of traditional enterprise software is disproportionate to the value it creates. Cloud analytics delivers 1.7 times the ROI than on-premises applications, reports Nucleus Research. This has in turn forced a higher degree of financial interrogation on perpetual on-premises software licenses, in light of emerging “pay as you go” cloud computing licensing models. According to Aberdeen Group research, cloud ERP delivers three times the profitability improvement of on-premise applications.

Corporate leadership wants to extract value directly from IT. Time, for many businesses, has created an environment of overly complex enterprise architectures that are costly and difficult to manage. With the value of solutions no longer determined by the available functionality, but by user experience and the way users interact with the solutions, simplicity is the key, In fact, Aberdeen Group said 59% of executives acknowledged a “lower TCO” as the main reason for moving applications to the cloud.

Making the move to cloud

As we have seen, the case for cloud is strong but there are a number of fundamental questions you need to consider in your journey:

  • What cloud adoption strategies should you consider?
  • How will you create a compelling cloud vision?
  • Which functions will you move to the cloud?
  • What use cases will drive the most impact?
  • How should you measure business value?
  • What skills and organizational structures are required to drive cloud innovation?
  • What does your roadmap look like?

Even if you’re not asking these questions of your business, your competitors are. Miss this opportunity, and it could mean your business. That’s a fact.

Learn more about SAP & the Cloud


Trent Weier

About Trent Weier

Trent brings 15 years of technology strategy, execution and digital value creation experience to SAP and its many customers. As a member of the industry value engineering team, Trent is focused on the chemicals, energy and natural resources sectors, showcasing to customers the business value of challenging traditional business models while creating disruption through industry leading innovation.

Big Data’s Three Big Trends Of 2016

Andy Hirst

Last year at Sibos, I talked in depth about some of the key learnings from Big Data projects. At the time, the industry was still getting to grips with the era of data and what that meant for the business of banks. A year on, we are still in a state of transformation, as industry-wide Big Data implications continue to unfold around us. I’d like to use this blog to talk to you about three of the most pervasive trends.

1. The rise of Hadoop and unstructured data

With the rise of low-cost shareware databases such as Hadoop, unstructured data has now well and truly entered the knowledge mix. This has dramatically reduced the cost for banks to store unstructured and machine data alongside their transaction data. The opportunity now is for banks to see how much more insight they can tangibly gain as a result. For example, sentiment analysis can alert you to critical factors to better understand customer needs, risk exposure, and patterns. And because both the volume and variety of available data has increased, while the cost of storing it has decreased, banks can assign an information lifecycle to the way different data is stored. ‘Hot data’ for example – that’s new, relevant, and actionable – may be kept in near-line storage, ‘Warm data’ may be archived, and ‘Cold data’ that’s less relevant or timely may be put into a data swamp.

I recently saw a presentation by one of the major banks that likened its Hadoop data lake to a flea market. The analogy was that there are some absolute gems in there, but you need the in-memory SQL tools to find and extract them. A 360-degree customer view used to comprise whatever information a bank held on customers in its internal systems. Today, it’s a much more rounded view of the customer that could include their last 10 tweets, their blog, or voice comments on their last call center conversations. This needs to be combined with machine learning analysis of transaction data to create a complete view of a customer’s requirements.  I think we will look back on 2016 as the year low-cost shareware came into its own.

2. Data gets a new boss

Another prevalent trend this year is the rise of the chief data officer (CDO) in banks. It’s a testament to how seriously banks are treating data to ensure all requirements around security, privacy, regulations, and other areas, even including international payments, are met and adhered to. Some banks now have multiple CDOs, appointing one for each area of the business. This is a good thing for all concerned, particularly as CDOs will most often bring a cohesive data strategy to a largely fractured data landscape. They can look at what data is clean, how it can be connected to relevant parts of the bank, and how it can be best exploited to drive value for customers and the bank itself.

This new C-level position can make a huge different to the business. At SAP, for example, we have our own CDO, whose data management strategy delivered $75 million in cost savings and fulfills an active leadership role on the board.

3. Open APIs open the door to new revenue streams

No conversation on data trends would be complete without mentioning APIs. Many industry watchers (and banks themselves) predict a more open approach to banking as more and more financial service providers open up their APIs. This opens the door for banks to innovate quicker, swap data with other institutions, and partner with fintechs on new solutions.

For example, a large Spanish bank recently gave fintechs access to its anonymized credit card data – something it was not actively monetizing but rather passively storing. The fintechs came up with 30 different business cases, such as visualizations to show spend patterns in different outlets over time and applications showing restaurants where demographic profiles on single people (age, gender, income) go out to eat on a Saturday night. Others included apps based on specific social lifestyles – all built within two weeks. The bank had considered this data to be completely valueless. Instead, it proved that data can shift from being a stored overhead to a profit generator.

In just 12 months, we’ve seen some major implications around data storage, management, and innovative ways of monetizing it. I’d urge you to consider capitalizing on at least one of these trends if you’re not already doing so.

Click here to find out more about what SAP will be showcasing at Sibos, in Geneva, September 26-29.


Andy Hirst

About Andy Hirst

Andy Hirst is vice president of Banking Solutions, SAP Banking Industry Business Unit, at SAP. He is responsible for driving the success of the SAP go-to-market strategy capital markets. Previously, Andy was responsible for solution marketing for banking analytics solutions. Andy is an expert in Big Data and analytics use cases in financial services and has been involved in many digital banking initiatives for SAP banking customers.

Robots: Job Destroyers or Human Partners? [INFOGRAPHIC]

Christopher Koch

Robots: Job Destroyers or Human Partners? [INFOGRAPHIC]

To learn more about how humans and robots will co-evolve, read the in-depth report Bring Your Robot to Work.

Download the PDF (91KB)


Christopher Koch

About Christopher Koch

Christopher Koch is the Editorial Director of the SAP Center for Business Insight. He is an experienced publishing professional, researcher, editor, and writer in business, technology, and B2B marketing. Share your thoughts with Chris on Twitter @Ckochster.


What Is The Key To Rapid Innovation In Healthcare?

Paul Clark

Healthcare technology has already made incredible advancements, but digital transformation of the healthcare industry is still considered in its infancy. According to the SAP eBook, Connected Care: The Digital Pulse of Global Healthcare, the possibilities and opportunities that lie ahead for the Internet of Healthcare Things (IoHT) are astounding.

Many health organizations recognize the importance of going digital and have already deployed programs involving IoT, cloud, Big Data, analytics, and mobile technologies. However, over the last decade, investments in many e-health programs have delivered only modest returns, so the progress of healthcare technology has been slow out of the gate.

What’s slowing the pace of healthcare innovation?

In the past, attempts at rapid innovation in healthcare have been bogged down by a slew of stakeholders, legacy systems, and regulations that are inherent to the industry. This presents some Big Data challenges with connected healthcare, such as gathering data from disparate silos of medical information. Secrecy is also an ongoing challenge, as healthcare providers, researchers, pharmaceutical companies, and academic institutions tend to protect personal and proprietary data. These issues have caused enormous complexity and have delayed or deterred attempts to build fully integrated digital healthcare systems.

So what is the key to rapid innovation?

According to the Connected Care eBook, healthcare organizations can overcome these challenges by using new technologies and collaborating with other players in the healthcare industry, as well as partners outside of the industry, to get the most benefit out of digital technology.

To move forward with digital transformation in healthcare, there is a need for digital architectures and platforms where a number of different technologies can work together from both a technical and a business perspective.

The secret to healthcare innovation: connected health platforms

New platforms are emerging that foster collaboration between different technologies and healthcare organizations to solve complex medical system challenges. These platforms can support a broad ecosystem of partners, including developers, researchers, and healthcare organizations. Healthcare networks that are connected through this type of technology will be able to accelerate the development and delivery of innovative, patient-centered solutions.

Platforms and other digital advancements present exciting new business opportunities for numerous healthcare stakeholders striving to meet the increasing expectations of tech-savvy patients.

The digital evolution of the healthcare industry may still be in its infancy, but it is growing up fast as new advancements in technology quickly develop. Are you ready for the next phase of digital transformation in the global healthcare industry?

For an in-depth look at how technology is changing the face of healthcare, download the SAP eBook Connected Care: The Digital Pulse of Global Healthcare.

See how the digital era is affecting the business environment in the SAP eBook The Digital Economy: Reinventing the Business World.

Discover the driving forces behind digital transformation in the SAP eBook Digital Disruption: How Digital Technology is Transforming Our World.


Paul Clark

About Paul Clark

Paul Clark is the Senior Director of Technology Partner Marketing at SAP. He is responsible for developing and executing partner marketing strategies, activities, and programs in joint go-to-market plans with global technology partners. The goal is to increase opportunities, pipeline, and revenue through demand generation via SAP's global and local partner ecosystems.