Posts Tagged :

security

The Costs of Inaction: Why sticking with outdated SAP systems is risky business
By:

In business technology, the SAP systems that once drove efficiency and innovation within industries can become outdated as the demands of businesses evolve over time. Originally implemented as cutting edge solutions in their day, these systems may now only be seen as ‘fit for purpose’, or ‘getting the job done’ in the present. Choosing to maintain the status quo with a business’s SAP system means accepting limitations that could ultimately hinder growth. As industries approach extended maintenance phases, the perceived low Total Cost of Ownership (TCO) of maintaining current systems may seem appealing. However, in this context, this inaction comes with unexpected costs that are not immediately visible on financial statements, as Eilidh Semple, Senior Account Manager, Absoft, explains below...

The Hidden Costs of Maintaining Outdated SAP Systems

While the upfront cost of upgrading SAP systems can appear daunting, the consequences of not doing so are often far more significant. Businesses that delay upgrades to key elements of the system risk accumulating what is known as technical debt – time that is owed to IT systems, resulting in teams skirting the issue and finding workarounds, rather than addressing the heart of the problem. In the context of SAP systems, this takes the form of a backlog of necessary updates and maintenance to its essential systems, resulting in stifled innovation, and reduced system agility to adapt to client demands. 

Consider a scenario where a business runs on outdated software. While it may seem stable initially on the surface, it misses out on opportunities for efficiency gains and competitive advantage. Perhaps more concerningly, running on outdated software presents further cybersecurity challenges too. Recent data from the Information Commissioner’s Office (ICO) shows that more businesses are experiencing security breaches now than ever before, with almost a quarter of the over 3,000 breaches reported in 2023 (22%) occurring in finance, highlighting the scale of the problem. More recent findings from the National Audit Office (NAO)show that the inefficiency problem is also prevalent within the UK government, which invests heavily in maintaining legacy systems that deliver poor quality data and drive up service costs.

Operational Inefficiencies and Economic Impact

Beyond technical debt and cybersecurity concerns, operating with outdated SAP systems can also significantly impact efficiencies and incur higher economic costs. According to Forbes (2024), businesses that delay upgrading their software systems face escalating costs in maintenance and support. This additional spending is compounded by decreased operational efficiency, stemming from software limitations that hinder streamlined processes and overall responsiveness to key clients and projects.

Outdated systems are also prone to higher maintenance costs due to the need for specialised support in the event of system failures, which can disrupt business operations further. Moreover, the inefficiencies introduced by outdated SAP systems contribute to higher labour costs, as employees spend more time navigating workarounds and managing outdated interfaces, rather than focusing on value added tasks. These outdated systems also limit scalability and agility, both of which are essential attributes for business aiming to adapt swiftly to market changes and scale operations efficiently.

The Path Forward: Strategic System Management

Recognising the risks associated with inertia is the first step towards mitigating them. Proactive management of SAP environments ensures that businesses remain aligned with their strategic objectives and remain able to deliver projects well and on time, fostering agility, innovation, and sustainable growth. However, a significant part of this is investing in the right upgrades at the right time. It is about maximising Return on Investment (ROI) by leveraging modern technologies that streamline operations, but also enhance overall business performance.

A key way to achieve this is to adopt SAP’s cloud-first, ‘adopt not adapt’ model, which avoids extensive customisations. This approach uses Best Practice Scenarios to define processes and embraces six-monthly product enhancements, reducing implementation time and costs. Businesses can migrate to SAP S/4HANA via several options: the Software as a Service (SaaS) model offers standard products in a public cloud with automatic updates, the Private Cloud Edition (RISE) allows companies to choose their hosting service, providing control over security and upgrades, and businesses can maintain their own SAP system in the cloud, preserving customisation flexibility.

Partnering with consultants who understand the cloud-first, standardised approach can help to deliver smoother implementations. Dedicated support teams support Fit to Standard workshops and continuous improvement using the SAP Business Technology Platform, enabling custom app creation without complicating the core system.

Conclusion

While many businesses focus on the initial cost of implementing new ERP systems, maintaining outdated SAP systems can lead to significant unexpected costs over time. These include higher maintenance expenses, increased labour costs due to inefficiencies, and potential security risks impacting operations and eroding client trust. If companies were to break down these long-term expenses today, they would likely find that investing in new ERP systems is not only a necessary step towards modernisation, but also a strategic move towards long-term cost effectiveness and sustainable growth. This broader perspective often reveals that while initial costs of new ERP systems may seem high, the cumulative expenses of maintaining outdated systems can exceed these costs considerably. 

While the prospect of upgrading SAP systems may initially appear daunting, the risks associated with maintaining outdated systems far outweigh the challenges of proactive management. Businesses also need to consider the long-term benefits of system upgrades, including improved productivity and reduced operational costs. By partnering with experienced consultants, for example, it is possible to navigate system upgrades effectively, while at the same time minimising disruption, and capitalising on new business opportunities. Moreover, opting for a cloud-first, ‘adopt not adapt’ model can help to streamline the process further, bring down costs, and ensure that the system is a good fit for specific business processes. Embracing change not only safeguards businesses against falling behind their competition and security threats, but also positions them for success to take advantage of the capabilities of new system upgrades and software suites both in the present and into the future.

More AI knowledge required in consumer goods brands to avoid security blunders
By:

Artificial Intelligence (AI) refers to software-based systems that use data inputs to make decisions on their own or that help users make decisions. Generative AI refers to AI creating content in any shape or format, from writing original text to designing new structures and products. These technologies have developed rapidly over the last 18 months and generated serious hype. However, the benefits and costs of AI applications are poorly understood. Consumer goods companies need to fail – and fail fast – in their AI initiatives to gain this understanding, according to new analysis.

GlobalData argues that consumer goods companies need to understand the technical, financial, and organisational requirements of any AI application to reliably assess the level of risk that application represents. Consumer goods companies need to consider how an AI should be trained to enable it to function cost-effectively. They also need to consider which delivery model is the most suitable from a data security and infrastructure cost point of view.

Rory Gopsill, Senior Consumer Analyst at GlobalData, said: “Industry professionals remain bullish about AI’s potential to disrupt numerous industries (including consumer goods). According to GlobalData’s Q1 2024 Tech Sentiment Poll, over 58% of respondents believe AI will significantly disrupt their industry. However, consumer goods companies should remember that the technology has limitations and risks. Chatbot failures caused Air Canada and DPD financial and reputational damage, respectively, in the first quarter of 2024. DeepMind’s own CEO warned against AI overhype in April 2024.”

In reality, adopting AI can pose very real financial and security risks. Training an AI can prove very expensive, especially if the task being automated is complex and requires an advanced AI. Furthermore, if an AI application requires training data that is commercially sensitive or confidential, a company may choose to train the AI in a private cloud environment rather than a less secure public cloud. Purchasing and maintaining the necessary IT infrastructure for this would be very expensive and organizationally demanding.

Gopsill continued: “Consumer goods companies need to be aware of these (and other) risks when choosing to develop AI applications. If they are not, their AI initiatives could fail with serious consequences. For example, sensitive data could be exposed, development costs could outweigh the application’s benefits, the quality of the AI application could be diminished, or the project could simply never get finished.

“Understanding these risks will enable consumer goods companies to fail early and safely and to learn from that failure. This will equip them with the knowledge to implement AI in a way that is safe and profitable. Fostering a culture of transparency around the risks of AI will help drive industry application and protect consumer goods companies and customers from the potential pitfalls of this evolving technology.”

Photo by freestocks on Unsplash

Ensuring a merry and secure holiday season for online retailers
By:

By Gav Winter (pictured, above), CEO at RapidSpike

The upcoming holiday season – including the renowned Black Friday – holds immense significance for online retailers. As early as the end of October, the shopping frenzy begins with enticing discounts that continue throughout December and after Christmas with Boxing Day sales, making it an unparalleled retail period.

In 2022, US consumers shattered records by spending a staggering $9.2 billion on Black Friday, proving the popularity of discount events despite economic challenges. However, this surge in online shopping also makes it an attractive target for cyberattacks, with hackers seeking to exploit unsuspecting customers.

The escalation of payment scams and the increasing sophistication of cybercriminal tactics highlight the substantial financial risks faced by retailers without robust security measures. Furthermore, the surge in website traffic during this high-demand period can strain website performance, potentially compromising the overall user experience.

Given these challenges and the vital importance of website performance and reliability, there is no better time for retailers to put preparations in place. 

Avoid online traffic jams 

In 2023, the eCommerce industry is grappling with a multitude of challenges that require innovative solutions, particularly in the face of intensified web traffic during peak shopping seasons. The ever-increasing customer demand and evolving online expectations set the stage for heightened competition. Today’s customers demand nothing less than seamless shopping experiences, characterised by lightning-fast website performance and immersive features like augmented and virtual reality, for example.

However, meeting these expectations while maintaining website reliability during the holiday shopping season is a complex task. Slow-loading and underperforming websites pose a significant risk, potentially frustrating customers to the point of cart abandonment and seeking alternatives. 

A lagging site can disrupt the flow of shoppers as they explore and add items to their carts, undermining the convenience and enjoyment of the shopping experience. Impatient buyers are more inclined to abandon their carts, leaving behind potential purchases. These abandoned carts not only translate into lost sales but also represent missed opportunities to engage with customers and foster brand loyalty.

Data from Statista underscores the critical importance of a seamless user experience in online shopping. In the second quarter of 2023, approximately 85% of mobile orders in the UK were left uncompleted, with seven out of 10 carts abandoned on computers as well. This evidences the significance of an optimised website, especially when competitive prices for similar products are available elsewhere.

To combat this challenge, online retailers must prioritise website optimisation to ensure swift and seamless experiences for their customers, especially during high-traffic periods like Black Friday. A responsive and well-optimised site not only reduces the risk of cart abandonment but also enhances customer satisfaction, encourages repeat business, and reinforces a positive brand image. 

The rising threat of cybersecurity

While the digital age has brought tremendous opportunities for online retailers, it has also increased the threat of cybersecurity breaches and data theft, particularly during high-traffic periods like Black Friday. 

One of the most insidious among these threats to the eCommerce sector is the Magecart skimming attack. This type of attack involves cybercriminals injecting malicious code into a retailer’s website, allowing them to steal customers’ payment data. With the holiday season approaching, these attacks become even more tempting for cybercriminals seeking to capitalise on the surge in online shopping.

But Magecart attacks are the tip of the iceberg. Cybersecurity threats come in various forms, including distributed denial-of-service (DDoS) attacks, ransomware and phishing attacks.

Online retailers must be prepared to defend against these threats to ensure the security of their customer’s data and the reliability of their websites.But, strategies and solutions for website owners must encompass the full spectrum of web health: performance, reliability, and security.

A multi-pronged defence and optimisation strategy

Online retailers must adopt a holistic approach to address these challenges, safeguard their customers’ trust, and optimise their websites for the upcoming holiday shopping rush. While monitoring and optimisation are essential year-round, specific tools can help during busy periods like Black Friday and Cyber Monday:

1.      Implement a layered security approach

The best approach to eCommerce security is a layered one that uses multiple tools. Online businesses must have security measures in place to both prevent and detect attacks. Cyber attackers are constantly devising new ways to disguise their techniques, so it’s crucial to analyse your site for vulnerabilities, as well as attacks in progress.

2.      Conduct stress testing

To prepare for the holiday season, carry out stress testing to understand your website’s normal performance limits. Scaling up your infrastructure is vital to handle the increase in traffic. This could involve adding more machines or using auto-scaling and load balancing for cloud-based solutions.

3.      Implement uptime monitoring

Uptime monitoring is essential to ensure your website remains accessible during busy sales periods. Use uptime monitoring tools to detect issues and ensure prompt resolution. In case of problems, leverage social media to keep customers informed and consider extending the same discounts to customers who couldn’t access them on the sales day.

4.    Utilise performance testing

Prioritise website performance by conducting load testing to understand your site’s capacity and potential bottlenecks. Ensure static content is delivered from a content delivery network (CDN) to enhance loading times. Implement load balancers to distribute server loads and consider serverless cloud technologies for scalability.

5.     Synthetic monitoring

This can play a crucial role by providing a comprehensive view of the user experience. It ensures that website owners can meticulously track the entire customer journey, starting from the home page and extending to product pages, item selection, cart management, and the checkout process. By regularly conducting synthetic checks, website owners can rest assured that these vital processes are functioning correctly and consistently over time. This proactive approach not only helps identify and address issues before they impact real users but also contributes to maintaining a seamless and reliable online experience, ultimately leading to higher customer satisfaction and improved website performance.

Mitigating the effects of holiday season traffic

Black Friday and the holiday season present both opportunities and challenges for online retailers. While the potential for increased sales is enticing, the risk of cyberattacks and website performance issues looms large. Protecting and optimising your online retailer website is not just about safeguarding your business for a single day; it’s about building trust with your customers for the long term.

A comprehensive approach that combines cybersecurity measures, performance optimisation, and synthetic monitoring is essential. By implementing these strategies and staying vigilant, online retailers can ensure their websites remain operational, customer-friendly, and secure throughout the demanding holiday season. Remember, preparation today will safeguard your reputation and revenue for many years to come.

Banking investment in IT set to soar, driven by security
By:

Global IT spending by banking and investment services is forecast to hit $652.1 billion in 2023, representing an increase of 8.1% from 2022, with spending on software experiencing the largest growth at 13.5%.

“Current economic headwinds have changed the context for technology investments in banking and investment services this year,” said Debbie Buckland, Director Analyst at Gartner. “Rather than cutting IT budgets, organizations are spending more on the types of technologies that generate significantly higher business outcomes. Spending on software, for example, is shifting away from building it in-house, in favour of buying solutions that generate value from investments more rapidly.”

According to the Gartner 2023 CIO and Technology Executive Survey, banking and investment services CIOs will spend the largest amount of new or additional funding in 2023 on cybersecuritydata and analytics, integration technologies and cloud.

More than half plan to increase investments in cloud, while reducing IT spending in their own data centers. This is reflected by slower growth in data center systems spending from 13.2% in 2022 to 5.7% in 2023.

Banks are disengaging from tangible assets and capital expenditure (capex) in favor of adopting services and operating expenditure (opex), to meet evolving customer and market expectations.

Table 1. Worldwide Banking and Investment Services IT Spending Forecast (Millions of U.S. Dollars)

 2022 Spending2022
Growth (%)		2023 Spending2023
Growth (%)
Data Center Systems34,46713.236,4335.7
Devices37,961-9.937,149-2.1
Internal Services52,933-2.255,1564.2
IT Services246,6985.2269,7359.3
Software153,26811.2174,01413.5
Telecom Services77,736-2.979,5992.4
Total603,0634.1652,0868.1
Source: Gartner (June 2023)

“To deal with the current economic climate, banking and investment services CIOs are now prioritizing more conservative objectives that support resilient and sustainable growth, such as a better customer experience (CX) and more efficient operations,” said Pete Redshaw, VP Analyst at Gartner. “This is a change from previous years when outright growth – new territories, new customers, new lines of business – was the primary objective of banking CEOs.”

Driven by the increased use of consulting services and infrastructure as a service (IaaS), IT services will be the largest spending category, forecast to reach almost $270 billion in 2023. This is an increase of 9.3% over 2022, reflecting the increasingly important role IT service providers play in helping banking and investment services organizations navigate emerging opportunities and challenges.

“Economic uncertainty is leading organizations to break down long-term contracts into multiple shorter projects,” said Buckland. “They’re also reluctant to sign new contracts, commit to long-term initiatives or take on new technology partners, which is driving an increase in the use of IT consulting services.”

With the global talent shortage impacting banking and investment services organizations, spending on internal services will increase by 4.2% in 2023 to support the increased costs of hiring and retaining talent.

“Even after the recent widespread redundancies at many of the technology giants, banks are no longer seen automatically by top talent as the most desirable, rewarding or stimulating destinations,” said Redshaw. “More innovative solutions are needed, such as dropping the requirement for university education and adding benefits such as lifetime retraining, hybrid teams, agile methods and fintech partnerships.”