Cybersecurity and Digital Business

Amid all the talk of empathy and running live, there was another, subtler theme that occasionally popped up in Bill McDermott’s keynote speech for SAPPHIRE 2016: cybersecurity.

While it was far from a main focus of the presentation, cybersecurity reared its head on more than one occasion. McDermott stated early on in the speech that “cybersecurity will be a driving force going forward . . . not just in protecting your house with a strategic defense initiative around the suite, but also in the cloud network.” Later, he assured the audience that SAP is “never done focusing on security,” and that it will continue to make investments in the strength of its security solutions. Underneath the speech’s main focus on positive innovations in the SAP space, McDermott implicitly acknowledged the grimmer realities of the risks facing every organization in the digital age.

Of course, any discussion of the modern IT landscape would be remiss to ignore the dangers inherent in that landscape. Indeed, cybersecurity has become an increasingly pressing concern for organizations over the past few years. In 2014 alone, five out of six large enterprises were targeted by cybercriminals. The financial toll has grown to over $400 billion annually, and it hasn’t yet shown any signs of decreasing.

So it makes sense that McDermott would claim cybersecurity as a driving force and promise further investments. In the latest issue of SAPinsider, we looked at how SAP is making good on its promises. The company recently hired Justin Somaini, a new chief security officer with a long and varied resume, to oversee the company’s governance and security portfolio. And across the business, SAP has implemented a “3 Lines of Defense” model for holistic security and risk management. SAP has even put its money where its mouth is by running its own solutions to keep itself secure.

With its heightened focus on the all-important goal of digital business, SAP is going to have to continue to make these security investments. As legitimate enterprises become digitalized, so too do criminal ones – often at a faster pace than their law-abiding targets. After all, cybercriminals don’t need to wait for board approval or integrate new solutions with complex legacy systems. That frees up a lot of time gvhjfor spending all day figuring out how to get around your security systems. And when businesses invest in the more exciting new technologies of the digital age – such as cloud, mobile, and the Internet of Things – they are at risk of creating networks so interconnected that hackers can easily jump from one area of the network to another. The sheer volume of data that enterprises use for real-time analytics is a goldmine to hackers, promising a big payday for them – and big losses for you – if they can get at it.

To learn more about SAP’s GRC and security portfolio, see the Features section of the April issue of SAPinsider.