Skip to content
Advertisements

How To Improve Supply Chains With Machine Learning: 10 Proven Ways

Bottom line: Enterprises are attaining double-digit improvements in forecast error rates, demand planning productivity, cost reductions and on-time shipments using machine learning today, revolutionizing supply chain management in the process.

Machine learning algorithms and the models they’re based on excel at finding anomalies, patterns and predictive insights in large data sets. Many supply chain challenges are time, cost and resource constraint-based, making machine learning an ideal technology to solve them. From Amazon’s Kiva robotics relying on machine learning to improve accuracy, speed and scale to DHL relying on AI and machine learning to power their Predictive Network Management system that analyzes 58 different parameters of internal data to identify the top factors influencing shipment delays, machine learning is defining the next generation of supply chain management. Gartner predicts that by 2020, 95% of Supply Chain Planning (SCP) vendors will be relying on supervised and unsupervised machine learning in their solutions. Gartner is also predicting by 2023 intelligent algorithms, and AI techniques will be an embedded or augmented component across 25% of all supply chain technology solutions.

The ten ways that machine learning is revolutionizing supply chain management include:

  • Machine learning-based algorithms are the foundation of the next generation of logistics technologies, with the most significant gains being made with advanced resource scheduling systems. Machine learning and AI-based techniques are the foundation of a broad spectrum of next-generation logistics and supply chain technologies now under development. The most significant gains are being made where machine learning can contribute to solving complex constraint, cost and delivery problems companies face today. McKinsey predicts machine learning’s most significant contributions will be in providing supply chain operators with more significant insights into how supply chain performance can be improved, anticipating anomalies in logistics costs and performance before they occur. Machine learning is also providing insights into where automation can deliver the most significant scale advantages. Source: McKinsey & Company, Automation in logistics: Big opportunity, bigger uncertainty, April 2019. By Ashutosh Dekhne, Greg Hastings, John Murnane, and Florian Neuhaus

  • The wide variation in data sets generated from the Internet of Things (IoT) sensors, telematics, intelligent transport systems, and traffic data have the potential to deliver the most value to improving supply chains by using machine learning. Applying machine learning algorithms and techniques to improve supply chains starts with data sets that have the greatest variety and variability in them. The most challenging issues supply chains face are often found in optimizing logistics, so materials needed to complete a production run arrive on time. Source: KPMG, Supply Chain Big Data Series Part 1

  • Machine learning shows the potential to reduce logistics costs by finding patterns in track-and-trace data captured using IoT-enabled sensors, contributing to $6M in annual savings. BCG recently looked at how a decentralized supply chain using track-and-trace applications could improve performance and reduce costs. They found that in a 30-node configuration when blockchain is used to share data in real-time across a supplier network, combined with better analytics insight, cost savings of $6M a year is achievable. Source: Boston Consulting Group, Pairing Blockchain with IoT to Cut Supply Chain Costs, December 18, 2018, by Zia Yusuf, Akash Bhatia, Usama Gill, Maciej Kranz, Michelle Fleury, and Anoop Nannra

  • Reducing forecast errors up to 50% is achievable using machine learning-based techniques. Lost sales due to products not being available are being reduced up to 65% through the use of machine learning-based planning and optimization techniques. Inventory reductions of 20 to 50% are also being achieved today when machine learning-based supply chain management systems are used. Source: Digital/McKinsey, Smartening up with Artificial Intelligence (AI) – What’s in it for Germany and its Industrial Sector? (PDF, 52 pp., no opt-in).

  • DHL Research is finding that machine learning enables logistics and supply chain operations to optimize capacity utilization, improve customer experience, reduce risk, and create new business models. DHL’s research team continually tracks and evaluates the impact of emerging technologies on logistics and supply chain performance. They’re also predicting that AI will enable back-office automation, predictive operations, intelligent logistics assets, and new customer experience models. Source: DHL Trend Research, Logistics Trend Radar, Version 2018/2019 (PDF, 55 pp., no opt-in)

  • Detecting and acting on inconsistent supplier quality levels and deliveries using machine learning-based applications is an area manufacturers are investing in today. Based on conversations with North American-based mid-tier manufacturers, the second most significant growth barrier they’re facing today is suppliers’ lack of consistent quality and delivery performance. The greatest growth barrier is the lack of skilled labor available. Using machine learning and advanced analytics manufacturers can discover quickly who their best and worst suppliers are, and which production centers are most accurate in catching errors. Manufacturers are using dashboards much like the one below for applying machine learning to supplier quality, delivery and consistency challenges. Source: Microsoft, Supplier Quality Analysis sample for Power BI: Take a tour, 2018

  • Reducing risk and the potential for fraud, while improving the product and process quality based on insights gained from machine learning is forcing inspection’s inflection point across supply chains today. When inspections are automated using mobile technologies and results are uploaded in real-time to a secure cloud-based platform, machine learning algorithms can deliver insights that immediately reduce risks and the potential for fraud. Inspectorio is a machine learning startup to watch in this area. They’re tackling the many problems that a lack of inspection and supply chain visibility creates, focusing on how they can solve them immediately for brands and retailers. The graphic below explains their platform. Source: Forbes, How Machine Learning Improves Manufacturing Inspections, Product Quality & Supply Chain Visibility, January 23, 2019

  • Machine learning is making rapid gains in end-to-end supply chain visibility possible, providing predictive and prescriptive insights that are helping companies react faster than before. Combining multi-enterprise commerce networks for global trade and supply chain management with AI and machine learning platforms are revolutionizing supply chain end-to-end visibility. One of the early leaders in this area is Infor’s Control Center. Control Center combines data from the Infor GT Nexus Commerce Network, acquired by the company in September 2015, with Infor’s Coleman Artificial Intelligence (AI) Infor chose to name their AI platform after the inspiring physicist and mathematician Katherine Coleman Johnson, whose trail-blazing work helped NASA land on the moon. Be sure to pick up a copy of the book and see the movie Hidden Figures if you haven’t already to appreciate her and many other brilliant women mathematicians’ many contributions to space exploration. ChainLink Research provides an overview of Control Center in their article, How Infor is Helping to Realize Human Potential, and two screens from Control Center are shown below.

  • Machine learning is proving to be foundational for thwarting privileged credential abuse which is the leading cause of security breaches across global supply chains. By taking a least privilege access approach, organizations can minimize attack surfaces, improve audit and compliance visibility, and reduce risk, complexity, and the costs of operating a modern, hybrid enterprise. CIOs are solving the paradox of privileged credential abuse in their supply chains by knowing that even if a privileged user has entered the right credentials but the request comes in with risky context, then stronger verification is needed to permit access.  Zero Trust Privilege is emerging as a proven framework for thwarting privileged credential abuse by verifying who is requesting access, the context of the request, and the risk of the access environment.  Centrify is a leader in this area, with globally-recognized suppliers including Cisco, Intel, Microsoft, and Salesforce being current customers.  Source: Forbes, High-Tech’s Greatest Challenge Will Be Securing Supply Chains In 2019, November 28, 2018.
  • Capitalizing on machine learning to predict preventative maintenance for freight and logistics machinery based on IoT data is improving asset utilization and reducing operating costs. McKinsey found that predictive maintenance enhanced by machine learning allows for better prediction and avoidance of machine failure by combining data from the advanced Internet of Things (IoT) sensors and maintenance logs as well as external sources. Asset productivity increases of up to 20% are possible and overall maintenance costs may be reduced by up to 10%. Source: Digital/McKinsey, Smartening up with Artificial Intelligence (AI) – What’s in it for Germany and its Industrial Sector? (PDF, 52 pp., no opt-in).

References

Accenture, Reinventing The Supply Chain With AI, 20 pp., PDF, no opt-in.

Bendoly, E. (2016). Fit, Bias, and Enacted Sensemaking in Data Visualization: Frameworks for Continuous Development in Operations and Supply Chain Management Analytics. Journal Of Business Logistics37(1), 6-17.

Boston Consulting Group, Pairing Blockchain with IoT to Cut Supply Chain Costs, December 18, 2018, by Zia Yusuf, Akash Bhatia, Usama Gill, Maciej Kranz, Michelle Fleury, and Anoop Nannra

Advertisements

How To Secure Mobile Devices In A Zero Trust World

  • 86% of enterprises are seeing mobile threats growing the fastest this year, outpacing other threat types.
  • 48% say they’ve sacrificed security to “get the job done” up from 32% last year.
  • 41% of those affected say the compromise is having major with lasting repercussions and 43% said that their efforts to remediate the attacks were “difficult and expensive.”

Bottom Line: The majority of enterprises, 67%, are the least confident in the security of their mobile assets than any other device or platform today according to Verizon’s Mobile Security Index 2019.

Why Mobile Devices Are the Fastest Growing Threat Surface Today     

Verizon found that 86% of enterprises see an upswing in the number, scale, and scope of mobile breach attempts in 2019. When broken out by industry, Financial Services, Professional Services, and Education are the most commonly targeted industries as the graphic below shows:

The threat surfaces every organization needs to protect is exponentially increasing today based on the combination of employee- and company-owned mobile devices. 41% of enterprises rate mobile devices as their most vulnerable threat surface this year:

Passwords and Mobile Devices Have Become A Hacker’s Paradise

“The only people who love usernames and passwords are hackers,” said Alex Simons, corporate vice president at Microsoft’s identity division in a recent Wall Street Journal article, Username and Password Hell: Why the Internet Can’t Keep You Logged In. Verizon found that mobile devices are the most vulnerable, fastest-growing threat surface there is, making it a favorite with state-sponsored and organized crime syndicates. How rapidly mobile devices are proliferating in enterprises today frequently outpace their ability to secure them, falling back on legacy Privileged Access Management (PAM) approaches that hacking syndicates know how to get around easily using compromised passwords and privileged access credentials. Here’s proof of how much of a lucrative paradise it is for hackers to target passwords and mobile devices first:

  • Hacker’s favorite way to gain access to any business is by using privileged access credentials, which are increasingly being harvested from cellphones using malware. Hacking organizations would rather walk in the front door of any organizations’ systems rather than expend the time and effort to hack in. It’s by far the most popular approach with hackers, with 74% of IT decision makers whose organizations have been breached in the past say it involved privileged access credential abuse according to a recent Centrify survey, Privileged Access Management in the Modern Threatscape. Only 48% of the organizations have a password vault, and just 21% have multi-factor authentication (MFA) implemented for privileged administrative access. The Verizon study found that malware is the most common strategy hackers use to gain access to corporate networks. MobileIron’s Global Threat Report, mid-year 2018 found that 3.5% of Android devices are harboring known malware. Of these malicious apps, over 80% had access to internal networks and were scanning nearby ports. This suggests that the malware was part of a larger attack.

Securing Mobile Devices In A Zero Trust World Needs To Happen Now

Mobile devices are an integral part of everyone’s identity today. They are also the fastest growing threat surface for every business – making identities the new security perimeter. Passwords are proving to be problematic in scaling fast enough to protect these threat surfaces, as credential abuse is skyrocketing today. They’re perennial best-sellers on the Dark Web, where buyers and sellers negotiate in bitcoin for companies’ logins and passwords – often with specific financial firms, called out by name in “credentials wanted” ads. Organizations are waking up to the value of taking a Zero Trust approach to securing their businesses, which is a great start. Passwords are still the most widely relied-on security mechanism – and continue to be the weakest link in today’s enterprise security.  That needs to change. According to the Wall Street Journal, the World Wide Web Consortium has recently ratified a standard called WebAuthN, which allows websites to authenticate users with biometric information, or physical objects like security keys, and skip passwords altogether.

MobileIron is also taking a unique approach to this challenge by introducing zero sign-on (ZSO), built on the company’s unified endpoint management (UEM) platform and powered by the MobileIron Access solution. “By making mobile devices your identity, we create a world free from the constant pains of password recovery and the threat of data breaches due to easily compromised credentials,” wrote Simon Biddiscombe, MobileIron’s President and Chief Executive Officer in his recent blog post, Single sign-on is still one sign-on too many. Simon’s latest post MobileIron: We’re making history by making passwords history, provides the company’s vision going forward with ZSO. Zero sign-on eliminates passwords as the primary method for user authentication, unlike single sign-on, which still requires at least one username and password. MobileIron paved the way for a zero sign-on enterprise with its Access product in 2017, which enabled zero sign-on to cloud services on managed devices.

Conclusion

Mobile devices are the most quickly proliferating threat surface there are today and an integral part of everyone’s identities as well. Thwarting the many breach attempts attempted daily over mobile devices and across all threat surfaces needs to start with a solid Zero Trust framework. MobileIron’s introduction of zero sign-on (ZSO) eliminates passwords as the method for user authentication, replacing single sign-on, which still requires at least one username and password. ZSO is exactly what enterprises need to secure the proliferating number of mobile devices they rely on to operate and grow in a Zero Trust world.

CIO’s Guide To Stopping Privileged Access Abuse – Part 2

Why CIOs Are Prioritizing Privileged Credential Abuse Now

Enterprise security approaches based on Zero Trust continue to gain more mindshare as organizations examine their strategic priorities. CIOs and senior management teams are most focused on securing infrastructure, DevOps, cloud, containers, and Big Data projects to stop the leading cause of breaches, which is privileged access abuse.

Based on insights gained from advisory sessions with CIOs and senior management teams, Forrester estimates that 80% of data breaches have a connection to compromised privileged credentials, such as passwords, tokens, keys, and certificates. In another survey completed by Centrify, 74% of IT decision makers surveyed whose organizations have been breached in the past, say it involved privileged access abuse. Furthermore, 65% of organizations are still sharing root or privileged access to systems and data at least somewhat often. Centrify’s survey, Privileged Access Management in the Modern Threatscape, is downloadable here.

The following are the key reasons why CIOs are prioritizing privileged access management now:

  • Identities are the new security perimeter for any business, making privileged access abuse the greatest challenge CIOs face in keeping their businesses secure and growing. Gartner also sees privileged credential abuse as the greatest threat to organizations today, and has made Privileged Account Management one of the Gartner Top 10 Security Projects for 2018, and again in 2019Forrester and Gartner’s findings and predictions reflect the growing complexity of threatscapes every CIO must protect their business against while still enabling new business growth. Banking, financial services, and insurance (BFSI) CIOs often remark in my conversations with them that the attack surfaces in their organizations are proliferating at a pace that quickly scales beyond any trust but verify legacy approach to managing access. They need to provide applications, IoT-enabled devices, machines, cloud services, and human access to a broader base of business units than ever before.
  • CIOs are grappling with the paradox of protecting the rapidly expanding variety of attack surfaces from breaches while still providing immediate access to applications, systems, and services that support their business’ growth. CIOs I’ve met with also told me access to secured resources needs to happen in milliseconds, especially to support the development of new banking, financial services, and insurance applications in beta testing today, scheduled to be launched this summer. Their organizations’ development teams expect more intuitive, secure, and easily accessible applications than ever before, which is driving CIOs to prioritize privileged access management now
  • Adapting and risk-scoring every access attempt in real-time is key to customer experiences on new services and applications, starting with response times. CIOs need a security strategy that can flex or adapt to risk contexts in real-time, assessing every access attempt across every threat surface and generating a risk score in milliseconds. The CIOs I’ve met with regularly see a “never trust, always verify, enforce least privilege” approach to security as the future of how they’ll protect every threat surface from privileged access abuse. Each of their development teams is on tight deadlines to get new services launch to drive revenue in Q3. Designing in Zero Trust with a strong focus on Zero Trust Privilege is saving valuable development time now and is enabling faster authentication times of the apps and services in testing today.

Strategies For Stopping Privileged Credential Abuse – Part 2  

Recently I wrote a CIO’s Guide To Stopping Privileged Access Abuse – Part 1 detailing five recommended strategies for CIOs on how to stop privileged credential abuse. The first five strategies focus on the following: discovering and inventorying all privileged accounts; vaulting all cloud platforms’ Root Accounts; auditing privileged sessions and analyzing patterns to find privileged credential sharing not found during audits; enforcing least privilege access now within your existing infrastructure as much as possible; and adopting multi-factor authentication (MFA) across all threat surfaces that can adapt and flex to the risk context of every request for resources.

The following are the second set of strategies CIOs need to prioritize to further protect their organizations from privileged access abuse:

  1. After completing an inventory of privileged accounts, create a taxonomy of them by assigning users to each class or category, personalizing privileged credential access to the role and entitlement level for each. CIOs tell me this is a major time saver in scaling their Privileged Access Management (PAM) strategies. Assigning every human, machine and sensor-based identity is the goal with the overarching objective being the creation of a Zero Trust-based enterprise security strategy. Recommended initial classes or categories include IT administrators who are also responsible for endpoint security; developers who require occasional access to production instances; service desk teams and service operations; the Project Management Office (PMO) and project IT; and external contractors and consultants.
  2. By each category in the taxonomy, automate the time, duration, scope, resources, and entitlements of privileged access for each focusing on the estimated time to complete each typical task. Defining a governance structure that provides real-time access to resources based on successful authentication is a must-have for protecting privileged access credentials. By starting with the attributes of time, duration, scope and properties, organizations have a head start on creating a separation of duties (SOD) model. Separation of duties is essential for ensuring that privileged user accounts don’t have the opportunity to carry out and conceal any illegal or unauthorized activities.
  3. Using the taxonomy of user accounts created and hardened using the separation of duties model, automate privileged access and approval workflows for enterprise systems. Instead of having administrators approve or semi-automate the evaluation of every human- and machine-based request for access, consider automating the process with a request and approval workflow. With time, duration, scope, and properties of privileged access already defined human- and machine-based requests for access to IT systems and services are streamlined, saving hundreds of hours a year and providing a real-time log for audit and data analysis later.
  4. Break-glass, emergency or firecall account passwords need to be vaulted, with no exceptions. When there’s a crisis of any kind, the seconds it takes to get a password could mean the difference between cloud instances and entire systems being inaccessible or not. That’s why administrators often only manually secure root passwords to all systems, cloud platforms and containers included. This is the equivalent of leaving the front door open to the data center with all systems unlocked. The recent Centrify survey found that just 48% of organizations interviewed have a password vault. 52% are leaving the keys to the kingdom available for hackers to walk through the front door of data centers and exfiltraticate data whenever they want.
  5. Continuous delivery and deployment platforms including Ansible, Chef, Puppet, and others need to be configured when first installed to eliminate the potential for privileged access abuse. The CIOs whose teams are creating new apps and services are using Chef and Puppet to design and create workloads, with real-time integration needed with customer, pricing, and services databases and the systems they run on. Given how highly regulated insurance is, CIOs are saying they need to have logs that show activity down to the API level in case of an audit. The more regulated and audited a company, the more trusted and untrusted domains are seen as the past, Zero Trust as the future based on CIO’s feedback.

Conclusion

The CIOs I regularly meet with from the banking, financial services, and insurance industries are under pressure to get new applications and services launched while protecting their business’ daily operations. With more application and services development happening in their IT teams, they’re focusing on how they can optimize the balance between security and speed. New apps, services, and the new customers they attract are creating a proliferation of new threat surfaces, making every new identity the new security perimeter.

CIO’s Guide To Stopping Privileged Access Abuse – Part I

CIOs face the paradox of having to protect their businesses while at the same time streamlining access to the information and systems their companies need to grow. The threatscape they’re facing requires an approach to security that is adaptive to the risk context of each access attempt across any threat surface, anytime. Using risk scores to differentiate between privileged users attempting to access secured systems in a riskier context than normal versus privileged credential abuse by attackers has proven to be an effective approach for thwarting credential-based breaches.

Privileged credential abuse is one of the most popular breach strategies organized crime and state-sponsored cybercrime organizations use. They’d rather walk in the front door of enterprise systems than hack in. 74% of IT decision makers surveyed whose organizations have been breached in the past say it involved privileged access credential abuse, yet just 48% have a password vault. Just 21% have multi-factor authentication (MFA) implemented for privileged administrative access. These and many other insights are from Centrify’s recent survey, Privileged Access Management in the Modern Threatscape.

How CIOs Are Solving the Paradox of Privileged Credential Abuse

The challenge to every CIO’s security strategy is to adapt to risk contexts in real-time, accurately assessing every access attempt across every threat surface, risk-scoring each in milliseconds. By taking a “never trust, always verify, enforce least privilege” approach to security, CIOs can provide an adaptive, contextually accurate Zero Trust-based approach to verifying privileged credentials. Zero Trust Privilege is emerging as a proven framework for thwarting privileged credential abuse by verifying who is requesting access, the context of the request, and the risk of the access environment.

By taking a least privilege access approach, organizations can minimize attack surfaces, improve audit and compliance visibility, and reduce risk, complexity, and the costs of operating a modern, hybrid enterprise. CIOs are solving the paradox of privileged credential abuse by knowing that even if a privileged user has entered the right credentials but the request comes in with risky context, then stronger verification is needed to permit access.

Strategies For Stopping Privileged Credential Abuse

The following are five strategies CIOs need to concentrate on to stop privileged credential abuse. Starting with an inventory of privileged accounts and progressing through finding the gaps in IT infrastructure that create opportunities for privileged credential abuse, CIOs and their teams need to take preemptive action now to avert potential breaches in the future.

In Part 1 of a CIO’s Guide to Stopping Privileged Access Abuse, below are the steps they can take to get started:

  1. Discover and inventory all privileged accounts and their credentials to define who is accountable for managing their security and use. According to a survey by Gartner, more than 65% of enterprises are allowing shared use of privileged accounts with no accountability for their use. CIOs realize that a lack of consistent governance policies creates many opportunities for privileged credential abuse. They’re also finding orphaned accounts, multiple owners for privileged credentials and the majority of system administrators having super user or root user access rights for the majority of enterprise systems.
  2. Vault your cloud platforms’ Root Accounts and federate access to AWS, Google Cloud Platform, Microsoft Azure and other public cloud consoles. Root passwords on each of the cloud platforms your business relies on are the “keys to the kingdom” and provide bad actors from inside and outside the company to exfiltrate data with ease. The recent news of how a fired employee deleted his former employer’s 23 AWS servers is a cautionary tale of what happens when a Zero Trust approach to privileged credentials isn’t adopted. Centrify’s survey found that 63% or organizations take more than a day to shut off privilege access for an employee after leaving the company. Given how AWS root user accounts have the privilege to delete all instances immediately, it’s imperative for organizations to have a password vault where AWS root account credentials are stored. Instead of local AWS IAM accounts and access keys, use centralized identities (e.g., Active Directory) and enable federated login. By doing so, you obviate the need for long-lived access keys.
  3. Audit privileged sessions and analyze patterns to find potentially privileged credential sharing or abuse not immediately obvious from audits. Audit and log authorized and unauthorized user sessions across all enterprise systems, especially focusing on root password use across all platforms. Taking this step is essential for assigning accountability for each privileged credential in use. It will also tell you if privileged credentials are being shared widely across the organization. Taking a Zero Trust approach to securing privileged credentials will quickly find areas where there could be potential lapses or gaps that invite breaches. For AWS accounts, be sure to use AWS CloudTrail and Amazon CloudWatch to monitor all API activity across all AWS instances and your AWS account.
  4. Enforce least privilege access now within your existing infrastructure as much as possible, defining a security roadmap based on the foundations of Zero Trust as your future direction. Using the inventory of all privileged accounts as the baseline, update least privilege access on each credential now and implement a process for privilege elevation that will lower the overall risk and ability for attackers to move laterally and extract data. The days of “trust but verify” are over. CIOs from insurance and financial services companies recently spoken with point out that their new business models, all of them heavily reliant on secured Internet connectivity, are making Zero Trust the cornerstone of their future services strategies. They’re all moving beyond “trust but verify” to adopt a more adaptive approach to knowing the risk context by threat surface in real-time.
  5. Adopt multi-factor authentication (MFA) across all threat surfaces that can adapt and flex to the risk context of every request for resources. The CIOs running a series of insurance and financial services firms, a few of them former MBA students of mine, say multi-factor authentication is a must-have today for preventing privileged credential abuse. Their take on it is that adding in an authentication layer that queries users with something they know (user name, password, PIN or security question) with something they have (smartphone, one-time password token or smart card), something they are (biometric identification like fingerprint) and something they’ve done (contextual pattern matching of what they normally do where) has helped thwart privileged credential abuse exponentially since they adopted it. This is low-hanging fruit: adaptive MFA has made the productivity impact of this additional validation practically moot.

Conclusion

Every CIO I know is now expected to be a business strategist first, and a technologist second. At the top of many of their list of priorities is securing the business so it can achieve uninterrupted growth. The CIOs I regularly speak with running insurance and financial services companies often speak of how security is as much a part of their new business strategies as the financial products their product design teams are developing. The bottom line is that the more adaptive and able to assess the context of risks for each privilege access attempt a company’s access management posture can become, the more responsive they can be to employees and customers alike, fueling future growth.

The State Of Cloud Business Intelligence, 2019

  • An all-time high 48% of organizations say cloud BI is either “critical” or “very important” to their operations in 2019.
  • Marketing & Sales place the greatest importance on cloud BI in 2019.
  • Small organizations of 100 employees or less are the most enthusiastic, perennial adopters and supporters of cloud BI.
  • The most preferred cloud BI providers are Amazon Web Services and Microsoft Azure.

These and other insights are from Dresner Advisory Services’ 2019 Cloud Computing and Business Intelligence Market Study. The 8th annual report focuses on end-user deployment trends and attitudes toward cloud computing and business intelligence (BI), defined as the technologies, tools, and solutions that rely on one or more cloud deployment models. What makes the study noteworthy is the depth of focus around the perceived benefits and barriers for cloud BI, the importance of cloud BI, and current and planned usage.

“We began tracking and analyzing the cloud BI market dynamic in 2012 when adoption was nascent. Since that time, deployments of public cloud BI applications are increasing, with organizations citing substantial benefits versus traditional on-premises implementations,” said Howard Dresner, founder, and chief research officer at Dresner Advisory Services. Please see page 10 of the study for specifics on the methodology.

Key insights gained from the report include the following:

  • An all-time high 48% of organizations say cloud BI is either “critical” or “very important” to their operations in 2019. Organizations have more confidence in cloud BI than ever before, according to the study’s results. 2019 is seeing a sharp upturn in cloud BI’s importance, driven by the trust and credibility organizations have for accessing, analyzing and storing sensitive company data on cloud platforms running BI applications.

  • Marketing & Sales place the greatest importance on cloud BI in 2019. Business Intelligence Competency Centers (BICC) and IT departments have an above-average interest in cloud BI as well, with their combined critical and very important scores being over 50%. Dresner’s research team found that Operations had the greatest duality of scores, with critical and not important being reported at comparable levels for this functional area. Dresner’s analysis indicates Operations departments often rely on cloud BI to benchmark and improve existing processes while re-engineering legacy process areas.

  • Small organizations of 100 employees or less are the most enthusiastic, perennial adopters and supporters of cloud BI. As has been the case in previous years’ studies, small organizations are leading all others in adopting cloud BI systems and platforms.  Perceived importance declines only slightly in mid-sized organizations (101-1,000 employees) and some large organizations (1,001-5,000 employees), where minimum scores of important offset declines in critical.

  • The retail/wholesale industry considers cloud BI the most important, followed by technology and advertising industries. Organizations competing in the retail/wholesale industry see the greatest value in adopting cloud BI to gain insights into improving their customer experiences and streamlining supply chains. Technology and advertising industries are industries that also see cloud BI as very important to their operations. Just over 30% of respondents in the education industry see cloud BI as very important.

  • R&D departments are the most prolific users of cloud BI systems today, followed by Marketing & Sales. The study highlights that R&D leading all other departments in existing cloud BI use reflects broader potential use cases being evaluated in 2019. Marketing & Sales is the next most prolific department using cloud BI systems.

  • Finance leads all others in their adoption of private cloud BI platforms, rivaling IT in their lack of adoption for public clouds. R&D departments are the next most likely to be relying on private clouds currently. Marketing and Sales are the most likely to take a balanced approach to private and public cloud adoption, equally adopting private and public cloud BI.

  • Advanced visualization, support for ad-hoc queries, personalized dashboards, and data integration/data quality tools/ETL tools are the four most popular cloud BI requirements in 2019. Dresner’s research team found the lowest-ranked cloud BI feature priorities in 2019 are social media analysis, complex event processing, big data, text analytics, and natural language analytics. This years’ analysis of most and least popular cloud BI requirements closely mirror traditional BI feature requirements.

  • Marketing and Sales have the greatest interest in several of the most-required features including personalized dashboards, data discovery, data catalog, collaborative support, and natural language analytics. Marketing & Sales also have the highest level of interest in the ability to write to transactional applications. R&D leads interest in ad-hoc query, big data, text analytics, and social media analytics.

  • The Retail/Wholesale industry leads interest in several features including ad-hoc query, dashboards, data integration, data discovery, production reporting, search interface, data catalog, and ability to write to transactional systems. Technology organizations give the highest score to advanced visualization and end-user self-service. Healthcare respondents prioritize data mining, end-user data blending, and location analytics, the latter likely for asset tracking purposes. In-memory support scores highest with Financial Services respondent organizations.

  • Marketing & Sales rely on a broader base of third party data connectors to get greater value from their cloud BI systems than their peers. The greater the scale, scope and depth of third-party connectors and integrations, the more valuable marketing and sales data becomes. Relying on connectors for greater insights into sales productivity & performance, social media, online marketing, online data storage, and simple productivity improvements are common in Marketing & Sales. Finance requiring integration to Salesforce reflects the CRM applications’ success transcending customer relationships into advanced accounting and financial reporting.

  • Subscription models are now the most preferred licensing strategy for cloud BI and have progressed over the last several years due to lower risk, lower entry costs, and lower carrying costs. Dresner’s research team found that subscription license and free trial (including trial and buy, which may also lead to subscription) are the two most preferred licensing strategies by cloud BI customers in 2019. Dresner Advisory Services predicts new engagements will be earned using subscription models, which is now seen as, at a minimum, important to approximately 90% of the base of respondents.

  • 60% of organizations adopting cloud BI rank Amazon Web Services first, and 85% rank AWS first or second. 43% choose Microsoft Azure first and 69% pick Azure first or second. Google Cloud closely trails Azure as the first choice among users but trails more widely after that. IBM Bluemix is the first choice of 12% of organizations responding in 2019.

Public Cloud Soaring To $331B By 2022 According To Gartner

Gartner is predicting the worldwide public cloud services market will grow from $182.4B in 2018 to $214.3B in 2019, a 17.5% jump in just a year. Photo credit: Getty

  • Gartner predicts the worldwide public cloud service market will grow from $182.4B in 2018 to $331.2B in 2022, attaining a compound annual growth rate (CAGR) of 12.6%.
  • Spending on Infrastructure-as-a-Service (IaaS) is predicted to increase from $30.5B in 2018 to $38.9B in 2019, growing 27.5% in a year.
  • Platform-as-a-Service (PaaS) spending is predicted to grow from $15.6B in 2018 to $19B in 2019, growing 21.8% in a year.
  • Business Intelligence, Supply Chain Management, Project and Portfolio Management and Enterprise Resource Planning (ERP) will see the fastest growth in end-user spending on SaaS applications through 2022.

Gartner’s annual forecast of worldwide public cloud service revenue was published last week, and it includes many interesting insights into how the research firm sees the current and future landscape of public cloud computing. Gartner is predicting the worldwide public cloud services market will grow from $182.4B in 2018 to $214.3B in 2019, a 17.5% jump in just a year. By the end of 2019, more than 30% of technology providers’ new software investments will shift from cloud-first to cloud-only, further reducing license-based software spending and increasing subscription-based cloud revenue.

The following graphic compares worldwide public cloud service revenue by segment from 2018 to 2022. Please click on the graphic to expand for easier reading.

Comparing Compound Annual Growth Rates (CAGRs) of worldwide public cloud service revenue segments from 2018 to 2022 reflects IaaS’ anticipated rapid growth. Please click on the graphic to expand for easier reading.

Gartner provided the following data table this week as part of their announcement:

  • Business Intelligence, Supply Chain Management, Project and Portfolio Management and Enterprise Resource Planning (ERP) will see the fastest growth in end-user spending on SaaS applications through 2022.  Gartner is predicting end-user spending on Business Intelligence SaaS applications will grow by 23.3% between 2017 and 2022.  Spending on SaaS-based Supply Chain Management applications will grow by 21.2% between 2017 and 2022. Project and Portfolio Management SaaS-based applications will grow by 20.9% between 2017 and 2022. End-user spending on SaaS ERP systems will grow by 19.2% between 2017 and 2022.

Sources: Gartner Forecasts Worldwide Public Cloud Revenue to Grow 17.5 Percent in 2019 and Forecast: Public Cloud Services, Worldwide, 2016-2022, 4Q18 Update (Gartner client access)

5 Things Every Executive Needs To Know About Identity And Access Management

  • For new digital business models to succeed, customers’ privacy preferences need to be secure, and that begins by treating every identity as a new security perimeter.
  • Organizations need to recognize that perimeter-based security, which focuses on securing endpoints, firewalls, and networks, provides no protection against identity and credential-based threats. Until they start implementing identity-centric security measures, account compromise attacks will continue to provide a perfect camouflage for data breaches.
  • 74% of data breaches start with privileged credential abuse that could have been averted if the organizations had adopted a Privileged Access Management (PAM) strategy, according to a recent Centrify survey.
  • Just 48% of organizations have a password vault, and only 21% have multi-factor authentication (MFA) implemented for privileged administrative access.

New digital business models are redefining organizations’ growth trajectories and enabling startups to thrive, all driven by customer trust. Gaining and strengthening customer trust starts with a security strategy that can scale quickly to secure every identity and threat surface a new business model creates. Centrify’s recent survey, Privileged Access Management in the Modern Threatscape, found 74% of data breaches begin with privileged credential abuse. The survey also found that the most important areas of IT infrastructure that new digital business models rely on to succeed — including Big Data repositories, cloud platform access, containers, and DevOps — are among the most vulnerable. The most urgent challenges executives are facing include protecting their business, securing customer data, and finding new ways to add value to their business’ operations.

Why Executives Need to Know About Identity and Access Management Now  

Executives have a strong sense of urgency to improve Identity and Access Management (IAM) today to assure the right individuals access the right resources at the right times and for the right reasons. IAM components like Access Management, Single Sign-On, Customer Identity and Access Management (CIAM), Advanced Authentication, Identity Governance and Administration (IGA), IoT-Driven IAM, and Privileged Access Management address the need to ensure appropriate access to resources across an organization’s entire attack surface and to meet compliance requirements. Considering that privileged access abuse is the leading cause of today’s breaches, they’re especially prioritizing Privileged Account Management as part of their broader cybersecurity strategies to secure the “keys to their kingdom.” Gartner supports this view by placing a high priority on Privileged Account Management, including it in its Gartner Top 10 Security Projects for 2018, and again in 2019.

During a recent conversation with insurance and financial services executives, I learned why Privileged Access Management is such an urgent, high priority today. Privileged access abuse is the leading attack vector, where they see the majority of breach attempts to access the company’s most sensitive systems and data. It’s also where they can improve customer data security while also making employees more productive by giving them access systems and platforms faster. All of them know instances of hackers and state-sponsored hacking groups offering bitcoin payments in exchange for administrative-level logins and passwords to their financial systems.

Several of the executives I spoke with are also evaluating Zero Trust as the foundation for their cybersecurity strategy. As their new digital business models grow, all of them are focused on discarding the outdated, “trust, but verify” mindset and replacing it with Zero Trust, which mandates a “never trust, always verify” approach. They’re also using a least privilege access approach to minimize each attack surface and improve audit and compliance visibility while reducing risk, complexity, and costs.

The following are the five things every executive needs to know about Identity and Access Management to address a reality that every company and consumer must recognize exists today: attackers no longer “hack” in, they log in.

  1. Designing in the ability to manage access rights and all digital identities of privileged users require Privileged Access Management (PAM) and Identity Governance and Administration (IGA) systems be integrated as part of an IAM strategy. For digital business initiatives’ security strategies to scale, they need to support access requests, entitlement management, and user credential attestation for governance purposes. With identities being the new security perimeter, provisioning least privileged access to suppliers, distributors, and service organizations is also a must-have to scale any new business model. Natively, IGA is dealing only with end users – not privileged users. Therefore integration with PAM systems is required to bring in privileged user data and gain a holistic view of access entitlements.
  2. IAM is a proven approach to securing valuable Intellectual Property (IP), patents, and attaining regulatory compliance, including GDPR. The fascinating digital businesses emerging today also function as patent and IP foundries. A byproduct of their operations is an entirely new business, product and process ideas. Executives spoken with are prioritizing how they secure intellectual property and patents using an Identity and Access Management strategy.
  3. Knowing with confidence the identity of every user is what makes every aspect of an IAM strategy work. Having Multi-Factor Authentication (MFA) enabled for every access session, and threat surface is one of the main processes that make an IAM strategy succeed. It’s a best practice to reinforce Zero Trust principles through multi-factor authentication enforcement on each computer that cannot be circumvented (or bypassed) by malware.
  4. Designing in transaction verification now for future e-commerce digital business models is worth it. Think of your IAM initiative as a platform to create ongoing customer trust with. As all digital business initiatives rely on multi-channel selling, designing in transaction verification as part of an IAM strategy is essential. Organizations are combining verification and MFA to thwart breaches and the abuse of credential access abuse.
  5. In defining any IAM strategy focus on how Privileged Access Management (PAM) needs to be tailored to your specific business needs. PAM is the foundational element that turns the investments made in security into business value. It’s a catalyst for ensuring customer trust turns into revenue. Many organizations equate PAM with a password vault. But in a modern threatscape where humans, machines, applications, and services dynamically require access to a broadening range of attack surfaces such as cloud, IoT, Big Data, and containers, that outdated legacy approach won’t effectively secure the leading attack vector: privileged access abuse. Vendors such as Centrify and others are looking beyond the vault and offering Zero Trust solutions for PAM that address these modern access requestors and attack surfaces.

Conclusion

Insurance and financial services executives realize, and even predict, that there’s going to be an increase in the number and intensity of efforts to break into their systems using compromised credentials. Prioritizing Privileged Access Management as part of the IAM toolkit is proving to be an effective cybersecurity strategy for protecting their businesses and customers’ data while also making a valuable contribution to its growth. The bottom line is that Identity and Access Management is the cornerstone of any effective Zero Trust-based strategy, and taking an aggressive, pre-emptive approach to Privileged Access Management is the new normal for organizations’ cybersecurity strategies.

The Most Innovative Companies of 2019 According to BCG

Google Press

Alphabet/Google is now the most innovative company in the world according to BCG, unseating Apple’s 13-year dominance of their annual rankings.

  • Alphabet/Google is now the most innovative company in the world according to BCG, unseating Apple’s 13-year dominance of their annual rankings.
  • Strong AI innovators are over three times more likely to have deep expertise in Big Data Analytics.
  • The ten most innovative companies in the world extensively use AI and platforms today to grow faster than competitors and markets.
  • T-MobileDow DuPontValeStryker, and Rio Tonto join the list of the top 50 most innovative companies for the first time this year.
  • Fastest movers include Adidas, who jumped from 35th to 10thSAP who increased from 42nd to 28th and Phillips who improved from 49th to 29th.

These and many other insights are from the Boston Consulting Group’s 13th annual report defining the world’s most innovative companies in 2019. The Most Innovative Companies 2019: The Rise of AI, Platforms, and Ecosystems is a fascinating glimpse into the rising importance of Artificial Intelligence (AI) and of platforms that support innovation. What makes this survey noteworthy is how it captures how AI’s use is rapidly expanding and how enterprises are relying on platforms to scale their efforts in this area. BCG is providing an Interactive Guide that compares the 50 most innovative companies in the world, sortable by industry, company and year. There’s also interactive analysis of Steady Innovators or those companies who’ve appeared on the list every year since 2005. There are breakouts of New Entrants, Returnees, and Movers for easier analysis. The report is available for download here (28 pp., PDF, free). Forbes also has an annual list of the world’s most innovative companies you can find here. The methodology Forbes uses is explained in the post, How We Rank The Most Innovative Companies 2018. Key insights from BCGs’ most innovative companies of 2019 include the following:

  • What differentiates the world’s most innovative companies are their creation and use of AI and platforms with Alphabet/GoogleAmazonApple, and Microsoft leading all others. Each of them is actively creating and providing AI-based applications, platforms and ecosystems that enable enterprises to improve customer experiences, creating entirely new revenue streams, business models and competitive advantages. Alphabet/Google has defined its direction as an “AI first” company, intentionally creating a culture of AI-driven innovation. The following is BCG’s list of the most innovative companies of 2019:

  • Enterprises who rate themselves strongest at innovation and better than average at AI base their self-evaluations on successfully changing customer experiences. BCG found that the most advanced enterprises using AI today are succeeding at changing customer experiences, creating new business models and measuring AI’s contribution to streamlining internal processes. 19.2% of all enterprises interviewed perceive themselves as being better than average at AI and strong innovators. The following graphic compares how enterprises rate themselves at AI versus their strength at innovation:

  • Strong AI innovators are over three times more likely to have deep expertise in Big Data Analytics. Enterprises who perceive themselves as strong AI innovators based on their success using AI to improve customer experiences, create new business models and streamline operations are two times as likely to be faster at adopting new technologies. They’re also 65% more likely to be actively targeting technology platforms to scale their AI initiatives and strategies further. The following graphic compares strong and weak innovators’ relative levels of adoption across 15 different innovation and product development categories:

  • Big Data Analytics, the speed of adopting tech, digital design, and technology platforms are the four areas enterprises who consider themselves strong innovators have the widest perceived advantage over weak innovators. When enterprises were asked which of the following 15 areas of innovation and product development will be the most impactful over the next 3 to 5 years, Big Data Analytics was far and away the most valued by strong versus weak innovators. Digital Design and Speed of Adopting Tech are two additional areas of innovation and product development that most differentiate the most and least innovative companies.

 

The Best Cloud Computing Companies And CEOs To Work For In 2019 Based On Glassdoor

  • SysdigFivetranNuxeoCloudianMendixStreamSetsZscalerZohoSAPOutSystemsKony, and Netskope are the most likely to be recommended by their employees to friends looking for a cloud computing company to work for in 2019.
  • Cloud platform and development companies dominate the highest rated cloud businesses when indexed by the percent of employees who would recommend their company to a friend.
  • Taken together, the 12 CEOs leading the top-rated cloud computing companies are approved by 98% of employees as of March 3, 2019, on Glassdoor. CEOs in this group include Thomas Hogan of Kony, Paulo Rosado of OutSystems, Bill McDermott of SAP, and Sridhar Vembu of Zoho.

These and many other insights are from an analysis completed today comparing Computer Reseller News’ 100 Coolest Cloud Computing Vendors of 2019 by their respective Glassdoor scores. The Computer Reseller News annual list of the 100 coolest cloud computing vendors is an impartial, 3rd party benchmark of the fastest-growing and most likely to hire cloud businesses expanding today.  By far the most common request from Forbes readers is which cloud computing companies are the best to work for. The goal of this analysis is to provide readers with insights into which cloud computing companies best fit their skills and at the same time have a strong reputation based on feedback from existing employees.

Indexing the most interesting and fastest growing cloud computing companies by their Glassdoor scores and reputations is a great way to begin defining a long-term career growth strategy. One factor not quantified is how well of a fit an applicant is to company culture. Take every opportunity for in-person interviews, read Glassdoor ratings often and observe as much as possible about daily life in companies of interest to see if they are a good fit for your skills and strengths.

Using the 2019 CRN list as a baseline to compare the Glassdoor scores of the (%) of employees who would recommend this company to a friend and (%) of employees who approve of the CEO, the table below is provided. You can find the original dataset here. There are 15 companies on the CRN list that don’t have that many or any entries on Glassdoor, and they are excluded from the rankings shown below. You can find their mention in the original dataset. If the image below is not visible in your browser, you can view the rankings here.

The highest rated CEOs on Glassdoor as of March 3, 2019, include the following. Please click on the graphic and dataset to expand for easier reading.

The original dataset is shown below:

Machine Learning Engineer Is The Best Job In The U.S. According To Indeed

  • Machine Learning Engineer job openings grew 344% between 2015 to 2018, and have an average base salary of $146,085.
  • At $158,303, Computer Vision Engineers earn among the highest salaries in tech
  • The average base salary of the 25 best jobs in the U.S. according to Indeed is $104,825, and the median base salary is $99,007.
  • Agile Coach is the highest paying job with an average base salary of $161,377.
  • 9 of the top 25 jobs in the U.S. this year are in tech fields according to Indeed.
  • Five jobs are heavily dependent on applicants’ Artificial Intelligence (AI) skills and expertise.

These and many other insights are from this Indeed’s The Best Jobs in the U.S.: 2019 study released this week. Indeed defined the best jobs as those experiencing the fastest growth measured by the increase in job postings between 2015 and 2018, in conjunction with those offering the highest pay using a baseline salary of $75,000. Indeed’s best jobs of 2019’s data set is available here in Microsoft Excel.

Key insights from Indeed’s ranking of the best jobs of 2019 include the following:

  • At $158,303, Computer Vision Engineers earn among the highest salaries in tech according to Indeed, followed Machine Learning Engineers with a base salary of $146,085. The average base pay of the nine tech-related jobs that made Indeed’s list is $122,761, above the median salary of $99,007 for the entire group of the top 25 jobs. Indeed’s top 25 jobs for 2019 are illustrated below in descending salary order with the median salary providing a benchmark across the group. Please click on the graphic to expand for easier reading.

  • Three of the top 10 fastest growing jobs as measured by percentage growth in the number of job postings are in tech. From 2015 to 2018, job postings for Machine Learning Engineers grew 344%, followed by Full-stack developers (206%) and Salesforce developers (129%). In aggregate, all nine technology-related job postings increased by 146% between 2015 and 2018. The graphic below illustrates the percentage of growth in the number of postings between 2015 and 2018. Please click on the graphic to expand for easier reading.

  • Comparing average base salary to percentage growth in job postings underscores the exceptionally high demand for Machine Learning Engineers in 2019. Technical professionals with machine learning expertise today are in an excellent position to bargain for the average base salary of at least $146,085 or more. Full-stack developers and Salesforce developers are in such high demand, technical professionals with skills on these areas combined with experience can command a higher salary than the average base salary. The following graphic compares the average base salary to percentage growth in job postings for the years 2015 – 2018. Please click on the graphic to expand for easier reading.

%d bloggers like this: