Protecting the Digital Enterprise: Executive Q&A with SAP’s Justin Somaini
From SAP Insider
For most organizations, the need to secure digital data is nothing new. In fact, the majority of enterprises have already invested a great deal in security. But this investment can lead to a false sense of security. As businesses across the board go through digital transformations, cybercrime is transforming as well. Threats are now more powerful than before, and the expanding networks of customers, devices, and partners that digital enterprises manage offer a variety of opportunities for hackers. In this Q&A, Justin Somaini, Chief Security Officer at SAP, explores how the digital transformation introduces new security challenges and gives advice on using SAP solutions to meet those challenges.
Q: What does digital transformation mean for the future of enterprise security?
A: Digital transformation is moving businesses from just managing their technology to letting technology drive the business. This allows the enterprise to become a smart, agile, dynamic, fast, and competitive business that can better serve its customers by harnessing increased visibility into consumers, providers, and third-party vendors.
A digital security transformation is no different; it merely takes place in the security world. Historically, security has been very much technology-driven, swimming upstream to be business-oriented. Within this framework, it’s been difficult to completely interject the operational and revenue models of the business with security concerns.
As we look ahead, what was difficult for the business in the past is now a huge opportunity, not just to secure the delivery of the business, but to secure the funnel — the pre-sales mode — of how we go to market, from marketing, to customers, to vendors. Security is no longer limited to being a tactical, reactive response that secures a business output; rather, it is about how to truly integrate security into the business.
Q: How does a digital economy change the threat landscape?
A: Security demand has exploded dramatically in response to rising threats and the integration of new digital technologies. Organizations need a stronger hold on their content and transactions to give them the visibility and control they need not only to govern themselves, but to combat threats.
In the past seven or eight years, we’ve seen a shift in the threat landscape from nuisance-oriented activities, such as spam and malware, to an organized crime approach that exploits vulnerabilities and attacks to generate significant revenue. This places significant pressure on security organizations to view security not merely as a technical solution, but as a platform to tackle business security problems. A much deeper integration of security into the enterprise is needed to withstand attacks and reflect the new technologies that permeate every facet of a digital existence.
Click here to read the full interview.