Over 62% of respondents, up from 54% in 2022, reported that their business-critical applications had experienced unanticipated downtime due to a cybersecurity event at least monthly, according to Splunk’s State of Security 2023 study.

“With a collaborative approach in everything from software development and infrastructure monitoring to business continuity planning, resilience has been strongest in the organisations we’ve worked with. This strategy brings everyone to the table, including IT and business leaders as well as security leaders, so they can all concentrate on safeguarding the organization,” Ryan Kovar, Senior Security Strategist at Splunk and Leader of SURGe, made this statement.

Additionally, compared to 23% of organisations worldwide, roughly 42% of Indian organisations report being overrun by data breach attacks.

Only 24% of Indian businesses are prepared to fend against cybersecurity attacks, as per the study.

Compared to 28% of organisations worldwide, nearly 48% of Indian organisations claim their security stack is too complex.

According to the survey, 59% of organisations in India and 45% of respondents from the rest of the Asia-Pacific area reportedly had their security cyber walls penetrated in the past two years.

The report further stated that while enterprises face major cybersecurity obstacles, many organisations are taking steps to address these challenges.

Over the next two years, 95% of respondents expect their security budgets to rise, with 56% stating that company budgets are already increasing “substantially.”

Almost 81% of organisations claim to be combining specific components of their IT and security operations.

Around 95% of the respondents also stated that they are putting more emphasis on third-party risk assessments.

The post 52% of businesses experienced data breaches in past two years appeared first on International Finance.

PJ Di Giammarino, CEO of JWG, a company which helps financial services firms gain control of regulatory change using technology, said: “Senior executives at large financial institutions are under substantial pressure to meet rapidly evolving regulatory requirements with project-based, manual approaches which create serious data headaches for compliance. Digital regulation offers an exciting alternative. In the future, firms will be able to update rulebooks just like using a smartphone today and the refreshed software will mitigate new risks.”

In the second half of 2018, JWG found more than 2,150 documents in the regulatory pipeline, which were mainly from Europe (33%) and North America (33%). The financial institutions are expected to integrate their data in a strategic manner to remain compliant. “Data lies at the heart of any organisation’s future strategy and is vital in how financial organisations respond to current and future regulatory challenges,” Giles Nelson, CTO of MarkLogic, said. “It is also fundamental to utilising new and innovative technologies such as AI, machine learning, natural language processing and distributed ledgers. To meet these requirements, there is little choice but for firms to take a strategic and digital approach across functions and avoid the building of new application and data silos to tactically cope with the latest deadline or new technology.”

The post Ad hoc requests from regulators to force financial firms to implement right data strategies appeared first on International Finance.

The main reason however, is by far, the fact that well-constructed data insights are able to open new markets, attract new customers, and bring new opportunities to every business.

How can ‘Data’ be tangibly applied to the ‘top and bottom’ line of a company?
This is not for the faint-hearted! It is a complex journey and requires a cohesive end-to-end strategy on how data is embedded and consumed by an organisation. A key responsibility of a Chief Data Officer is to make the organisation aware of the value of data at a corporate level and the value of the data dealt with by an individual. Virtually every C-level officer will agree that data needs to be treated as an asset.

My suggestion is that it is vital to apply a detailed understanding of the drivers of key business processes along with the use of a specialised application of Time or Activity Based Management, and finally, a structured sourcing, preparation, and processing of the data.

As mentioned, this is not a mini project and requires a huge amount of cross-functional department collaboration. By being able to show a movement in the unit cost through poor data quality, the impacts can be extended into core areas such as Pricing, Cost-to-Serve Customer, Cost Management, Transfer Pricing etc.

I therefore strongly believe that it is possible to tangibly value our data! The real question should be “If the C-level thinks data is an asset, why aren’t we all putting a tangible value to data?”

How can Companies ensure core Data Responsibilities are included in key roles?
In order to answer this, we need to first look at what the challenges are. One of the issues encountered, is that the data subject is broad in its scope. Secondly, Business Owners have not historically accepted responsibility for their own data and IT have not done a good job in explaining the data subject to the Business Owners. Another issue involves the ever-changing technology creating a shortage of experienced and skilled data practitioners which goes hand in hand with the lack of education for the data subject. Another challenge involves the new segregation of duties for matters relating to data.

Each of the above points needs to be therefore addressed if we are to ensure the Data Responsibilities are properly embedded in the organisation.

Firstly, a formal Data training programme is required at each job function. What’s more, organisations need to formally agree on the roles required in the business and IT. Thereafter, one must define which activities will become automated and which roles need to be reskilled. Consequently, necessary training must be provided for the reskilled workforce. Finally, according to the newly defined data processes, service levels and workflow approvals must be agreed upon.

As the frequency of innovation and improved technology increases, the subject of Data Management is becoming broader, almost by the day. This poses the challenge of how to train the organisation and maintain up-to-date content with which to educate the organisation.

Once the technology change is managed, the underlying process changes are relatively easier to manage. The next challenge is to regularly train and retrain the workforce. It is essential to recognise that the next generation workforce requires a different set of skills. This requires a structured and ongoing internal Data training programme along with a management commitment to reskill the workforce. At the risk of stating the obvious, formally defined roles and responsibilities are essential. These have an essential part to play in a successful ‘social media style’ collaboration environment which will guide both management and workforce through to success.

There isn’t a silver bullet, however, I don’t think anyone would disagree that once teams are aware and properly trained about the impacts ‘Data’ has, they will see the benefits and naturally absorb responsibility.

In a world of constant change, does budget have its place?
This question needs to be asked very carefully and in a specific use case or context. If a person is held accountable for spend according to a set frequency and at specific points in time, then yes, we do need budgets for that.

In my personal view, I feel that nearly everything must change in the areas of budgeting, planning, and forecasting. With the introduction of Machine Learning, Predictive Analytics, advanced Visualisation and RPA, we can increase the frequency of our reviews, forecasts and budgets. With the new technology, the accuracy of the predictions allows for much faster remedial actions. The more advanced companies are already capable of forecasted P&Ls with a very high degree of accuracy. The ability to adjust budgets should not be far behind that.

What would you like to achieve by attending the 7th Business Performance Management Conference?
I have four objectives and reasons to attend the 7th BPM conference. Firstly, I want to get feedback on a personally developed Data Governance framework and understand how companies are implementing the above either in part, in full, beyond, or not at all. Moreover, I would like to see where Performance Management specialists find white spots or consistent obstacles in terms of ‘Data’ hindering the ability to do their jobs as well as to find companies or individuals with whom I can share and develop best practices. Finally, I look forward to meeting delegates and the organising team at marcus evans.

About Anwar:

Anwar is a recognised authority on the subject of Data Governance, Master Data Management and Information Management. For the last decade, he has spoken at numerous global events covering forums for Analytics, Finance, HR, IT, Legal, Mobile, Shared Services etc. Anwar’s keynotes, panels and Masterclasses are a balanced blend of cross‐functional, business and IT perspectives presented in a logical flow. Anwar has developed his own unique Data Governance methodology and deep‐dives into the critical areas that companies often struggle with and prescribes ‘Data’ as the new business imperative. His approach has been adopted by many multi‐national companies, software companies and consulting firms in the USA, Australia, Asia and Europe. With 29 years of experience at TNT, Anwar has a proven track record in Functional management, global project delivery, controlling core business processes, managing large teams, implementing applications and technology presented in the form of tangible top and bottom line benefits from the outset. For the past 6 years, Anwar has dedicated much of his personal time to lecturing at University level with a personal objective of bringing ‘Data’ into mainstream education.

The 7th Business Performance Management will take place from 23^rd to 25^th May, 2018 at Berlin, Germany

The post How can Companies Ensure Core Data Responsibilities are Included in Key Roles? appeared first on International Finance.

To achieve this vital and constantly updating objective, organisations of every size, scale and industry are expanding their ERM (Enterprise Risk Management) capabilities. By preparing themselves to leverage new opportunities and avoid or at least mitigate the impact of potential threats, such organisations will gain the kind of resilience and flexibility necessary to survive and thrive in today’s rapidly evolving risk landscape.

Why is ERM such an important part of business today?
Business has always involved taking balanced risk decisions, but the number and pace of change of risks facing global businesses today is great than it ever has been. Technology-driven risks are a great example of this. Therefore, a rigorous and holistic approach to managing enterprise risks is essential.

With the advent of technology in major businesses, what are the biggest challenges of effective implementation of risk management?
The challenge for enterprise risk practitioners is to be able to identify, track and quantify the various risks and to assess them for remediation or acceptance. Technology-driven risks (such as cyber security) exacerbate this problem, as their identification of risks within systems requires significant specialist expertise. Nevertheless, technology can also be an enabler for the risk practitioners, as GRC systems have been developed as tools.

How can blockchain address the risks of data management?
Blockchain presents us with an opportunity to both manage a particular set of risks of fraud and abuse of business documentation recording transactions, as well as to use blockchain to provide trust and reliability in risk definition and treatment registers managed in a large, distributed government or business environment.

Can you explain the need for stronger security architecture today in business?
Cyber risks have multiplied over the past few years and the number and skills of external “threat actors” with motivation and malicious intent to do damage to business have grown similarly. This was well illustrated by the Wannacry and NotPetya incidents of summer 2017. Therefore, it is essential for any significant business to take a joined-up approach to security, fitting together the wide variety of tools, processes and educated staff in coherent architecture. Only this way do we stand a chance of mitigating cyber risks on a broad front.

How can a CRO enhance their role in an organisation?
The CRO’s role is to be the leader of a conversation with all peers across the business about all sorts of business risks and provide a common “language” for that conversation, so that the risks can be (semi) quantified in a consistent way and balanced risk decisions made collectively by business leadership. Therefore, the best tactic for a CRO is to be engaging, advisory, helpful and, above all, respected for their knowledge and ability to explain risks in applicable business terms.

About John Meakin:

Ranked as one of the top 100 CISOs globally, John is a specialist in information security with more than twenty years’ experience. He has previously been responsible for leading systems security in Standard Chartered Bank, Reuters, the Royal Bank of Scotland and Dresdner Bank. More recently he was Chief Info Security Officer at BP Plc for three years and led Deutsche Bank’s development of a new security strategy and innovative security solutions to meet the latest threats. Since April 2014 he has been Chief Security Officer for the leading international luxury goods company like Burberry and Richemont, supporting the varying needs of such renowned brands as Cartier, Montblanc and Chloe.

John Meakin will be speaking at the ERM Middle East Conference, organised by IQPC, from September 25-27, 2018 in Dubai, visit ermmiddleeast.iqpc.ae for more information.

Special 10% discount for International Finance subscribers to attend this event, quote ‘29502.001_IFP’ to enquiry@iqpc.ae to register.

The post Enhancing enterprise risk management capabilities in business appeared first on International Finance.

The main reason however, is by far, the fact that well-constructed data insights are able to open new markets, attract new customers, and bring new opportunities to every business.

How can ‘Data’ be tangibly applied to the ‘top and bottom’ line of a company?
This is not for the faint-hearted! It is a complex journey and requires a cohesive end-to-end strategy on how data is embedded and consumed by an organisation. A key responsibility of a Chief Data Officer is to make the organisation aware of the value of data at a corporate level and the value of the data dealt with by an individual. Virtually every C-level officer will agree that data needs to be treated as an asset.

My suggestion is that it is vital to apply a detailed understanding of the drivers of key business processes along with the use of a specialised application of Time or Activity Based Management, and finally, a structured sourcing, preparation, and processing of the data.

As mentioned, this is not a mini project and requires a huge amount of cross-functional department collaboration. By being able to show a movement in the unit cost through poor data quality, the impacts can be extended into core areas such as Pricing, Cost-to-Serve Customer, Cost Management, Transfer Pricing etc.

I therefore strongly believe that it is possible to tangibly value our data! The real question should be “If the C-level thinks data is an asset, why aren’t we all putting a tangible value to data?”

How can companies ensure core data responsibilities are included in key roles?
In order to answer this, we need to first look at what the challenges are. One of the issues encountered, is that the data subject is broad in its scope. Secondly, Business Owners have not historically accepted responsibility for their own data and IT have not done a good job in explaining the data subject to the Business Owners. Another issue involves the ever-changing technology creating a shortage of experienced and skilled data practitioners which goes hand in hand with the lack of education for the data subject. Another challenge involves the new segregation of duties for matters relating to data.

Each of the above points needs to be therefore addressed if we are to ensure the Data Responsibilities are properly embedded in the organisation.

Firstly, a formal Data training programme is required at each job function. What’s more, organisations need to formally agree on the roles required in the business and IT. Thereafter, one must define which activities will become automated and which roles need to be reskilled. Consequently, necessary training must be provided for the reskilled workforce. Finally, according to the newly defined data processes, service levels and workflow approvals must be agreed upon.

As the frequency of innovation and improved technology increases, the subject of Data Management is becoming broader, almost by the day. This poses the challenge of how to train the organisation and maintain up-to-date content with which to educate the organisation.

Once the technology change is managed, the underlying process changes are relatively easier to manage. The next challenge is to regularly train and retrain the workforce. It is essential to recognise that the next generation workforce requires a different set of skills. This requires a structured and ongoing internal Data training programme along with a management commitment to reskill the workforce. At the risk of stating the obvious, formally defined roles and responsibilities are essential. These have an essential part to play in a successful ‘social media style’ collaboration environment which will guide both management and workforce through to success.

There isn’t a silver bullet, however, I don’t think anyone would disagree that once teams are aware and properly trained about the impacts ‘Data’ has, they will see the benefits and naturally absorb responsibility.

In a world of constant change, does budget have its place?
This question needs to be asked very carefully and in a specific use case or context. If a person is held accountable for spend according to a set frequency and at specific points in time, then yes, we do need budgets for that.

In my personal view, I feel that nearly everything must change in the areas of budgeting, planning, and forecasting. With the introduction of Machine Learning, Predictive Analytics, advanced Visualisation and RPA, we can increase the frequency of our reviews, forecasts and budgets. With the new technology, the accuracy of the predictions allows for much faster remedial actions. The more advanced companies are already capable of forecasted P&Ls with a very high degree of accuracy. The ability to adjust budgets should not be far behind that.

What would you like to achieve by attending the 7th Business Performance Management Conference?
I have four objectives and reasons to attend the 7th BPM conference. Firstly, I want to get feedback on a personally developed Data Governance framework and understand how companies are implementing the above either in part, in full, beyond, or not at all. Moreover, I would like to see where Performance Management specialists find white spots or consistent obstacles in terms of ‘Data’ hindering the ability to do their jobs as well as to find companies or individuals with whom I can share and develop best practices. Finally, I look forward to meeting delegates and the organising team at marcus evans.

About Anwar Mirza:
Anwar Mirza is a recognised authority on the subject of Data Governance, Master Data Management and Information Management. For the last decade, he has spoken at numerous global events covering forums for Analytics, Finance, HR, IT, Legal, Mobile, Shared Services etc. Anwar’s keynotes, panels and Masterclasses are a balanced blend of cross‐functional, business and IT perspectives presented in a logical flow. Anwar has developed his own unique Data Governance methodology and deep‐dives into the critical areas that companies often struggle with and prescribes ‘Data’ as the new business imperative. His approach has been adopted by many multi‐national companies, software companies and consulting firms in the USA, Australia, Asia and Europe. With 29 years of experience at TNT, Anwar has a proven track record in Functional management, global project delivery, controlling core business processes, managing large teams, implementing applications and technology presented in the form of tangible top and bottom line benefits from the outset. For the past 6 years, Anwar has dedicated much of his personal time to lecturing at University level with a personal objective of bringing ‘Data’ into mainstream education.

You can read this interview in the May issue of International Finance. The 7th Business Performance Management will be held from 23-25 May, 2018 at Berlin, Germany. Click here for details. 

The post Ensuring core data responsibilities are included in key company roles appeared first on International Finance.