Economic uncertainty sends shock waves throughout businesses, with service organizations seeing its brunt. The recent drastic drop-off in Netflix subscribers is a case in point. Services CFOs say there is an urgent need to track how well their overarching planning strategies linking finance and operations perform. However, getting the data to analyze has been challenging for even the largest services businesses.
As a result, CFOs need Financial Planning & Analysis (FP&A) integrated with operational planning applications to make it easier to track plan performance across all P&Ls and financials. FinancialForce’s decision to launch a fully-featured FP&A on their ERP Cloud platform shows they read the services market clearly and listen to their customers’ CFOs on what matters most.
CFOs Want To Know The Financial Impact Of Every Planning Decision
Even during economic stability, finance teams struggle to get operations planning teams the data they need to predict the financial outcomes of decisions. Line-of-business leaders look to finance to provide accurate, detailed information on the financial implications of every planning decision. By having FP&A use the same data accounting, reporting and planning have, CFOs, COOs, and their teams get greater visibility and control over every aspect of budgeting and forecasting.
One of FP&A’s greatest shortcomings in the past was relying only on siloed financial data alone with little visibility into operational planning. Financial teams need access to all available data across finance and operations to do their jobs well and create accurate forecasts. Getting FP&A right with any ERP platform needs to start with the goal of delivering integrated business planning. Sales management and their teams also need visibility into FP&A reporting and analysis to manage revenue. FinancialForce’s decades of experience on the Salesforce platform combined with the integration expertise Salesforces’ MuleSoft acquisition brought to the company four years ago will increase the probability of their FP&A solution gaining adoption.
Services companies’ CFOs are grappling with new economic uncertainties every week. As a result, they’re most interested in getting greater visibility and control over the planning process, including version control, more automated multi-planning options, and more real-time enterprise-wide collaboration, all on a single platform. FinancialForce’s DevOps and product management teams deserve credit for identifying these challenges and including them in their FP&A application delivered in the Spring 2022 release.
FinancialForce’s long-awaited FP&A solution enables analysts to create multiple what-if scenarios using calculation rules and mass functions, create dynamic plans and stress-test assumptions, and better anticipate their return by area and investment.
The future of FP&A Is An Integrated Cloud
Service organizations are quicker to migrate to the cloud versus their product-based counterparts. That’s because procurement, order-to-cash, and supply chain management workflows tend to be less complex than product-based businesses. Services organizations also need financial management, procure-to-pay, and Professional Services Automation (PSA), all on the same platform to support operational planning with FP&A.
FinancialForce’s Multi-X functionality is expanded in the Spring 2022 release to simplify the consolidation of financial statements and meet the needs of multi-entity organizations. In the latest release, it’s possible to record taxes due from intercompany tax transactions, accelerating the intercompany process for taxation and reporting. The Spring 2022 release also streamlines the creation of multi-company sales invoices and simplifies consolidated financial statement preparation with consolidation group structure capabilities.
Multi-X enables the recording and sharing across a multi-tier or multi-entity business.
New localization features that are essential to running a global business were added, including support for Switzerland, Denmark, Finland, and Austria, as well as enhanced business operations in Germany and Australia. In addition, multi-X supports multi-company invoicing support and advanced invoice consolidations for multi-revenue billing. Calculating and recording tax on intercompany transactions and enabling cash matching process across companies are also supported.
FP&A’s future is an integrated cloud, further validated by FinancialForce’s’ launch of ERP Cloud, Professional Services Cloud, and enhancements to its Customer Success solutions. “In today’s business environment, organizations must be able to respond to disruptions quickly while continuing to innovate and deliver tangible outcomes to their customers,” said Dan Brown, Chief Product and Strategy Officer at FinancialForce. “Our Spring 2022 release gives our customers a richer toolset to help pursue their primary goal, delivering exceptional customer outcomes while improving the customer experience across the opportunity-to-renewal journey.”
New Professional Services (PS) Cloud additions in the Spring 2022 release include customer-requested improvements to skills and resource management, services estimating, and project management capabilities. FinancialForce’s customers have also requested improved resource management to scale their efforts to train and retain their workforce. As a result, the Spring 2022 Release adds intelligent automation to the staffing process by enabling auto-assignment of resource requests that meet specific criteria and an expanded capability to model ideal staffing scenarios across a project, opportunity, or region. These enhancements improve PS Cloud’s resource optimization capabilities and enable resource managers to deploy ever larger and more complex teams efficiently and cost-effectively.
Services organizations are looking for cloud-based professional services ERP systems that deliver greater forecast accuracy, faster forecasting and budgeting, and improved accountability, visibility, and control. Integrated clouds are the future of FP&A for all these factors and the need all services organizations have to improve revenue and operations performance. In addition, given the growing economic uncertainty today, CFOs also want to increase better predictability and better risk management strategies while also supporting more collaboration. All these factors combined are defining the future of FP&A in an integrated cloud, which is what FinancialForce has been doing for decades on the Salesforce platform.
AI and machine learning’s potential to drive greater visibility, control, and insight across shop floors while monitoring machines and processes in real-time continue to attract venture capital. $62 billion is now invested in 5,396 startups concentrating on the intersection of AI, machine learning, manufacturing, and Industry 4.0, according to Crunchbase.
PwC’s broader tech sector analysis shows a 30% year-over-year growth in funding rounds that reached $293.2 billion in 2021. Smart manufacturing startups are financed by seed rounds at 52%, followed by early-stage venture funding at 33%. The median last funding amount was $1.6 million, with the average being $9.93 million.
Abundant AI startup opportunities in smart manufacturing and industry 4.0
According to Gartner, “The underlying concept of Industry 4.0 is to connect embedded systems and smart production facilities to generate a digital convergence between industry, business, and internal functions and processes.” As a result, Industry 4.0 is predicted to grow from $84.59 billion in 2020 to $334.18 billion by 2028. AI and machine learning adoption in manufacturing are growing in five core fields: smart production, products and services improvements, business operations and management, supply chain, and business model decision-making. Deloitte’s survey on AI adoption in manufacturing found that 93% of companies believe AI will be a key technology to drive growth and innovation.
Machine intelligence (MI) is one of the primary catalysts driving increased venture capital investment in smart manufacturing. Startup CEOs and their customers want AI and machine learning models based on actual data, and machine intelligence is helping to make that happen. An article by McKinsey & Company provides valuable insights into market gaps for new ventures. McKinsey’s compelling data point is that those leading companies using MI achieve 3X to 4X the impact of their peers. However, 92% of leaders also have a process to track incomplete or inaccurate data – which is another market gap startups need to fill.
Based on the uplift MI creates for new smart manufacturing startup funding and the pervasive need manufacturers have to improve visibility & control across shop floors, startups have many potential opportunities. The following are five that AI and machine learning is helping to create:
AI-enabled Configure, Price, and Quote (CPQ) systems that can factor in supply chain volatility on product costs are needed. Several startups are already using AI and machine learning in CPQ workflows, and they compete with the largest enterprise software providers in the industry, including Salesforce, SAP, Microsoft, and others. However, no one has taken on the challenge of using AI to factor in how supply chain volatility changes standard and actual costs in real-time. For example, knowing the impact of pricing changes based on an allocation, how does that impact standard costs per unit on each order? Right now, an analyst needs to spend time doing that. AI and machine learning could take on that task so analysts could get to the larger, more complex, and costly supply chain problems impacting CPQ close rates and revenue.
Using AI-enabled real-time data capture techniques to identify anomalies in throughput as an indicator of machine health. The aggregated data manufacturing operations produced every day holds clues regarding each machine’s health on the shop floor. Automated data capture can identify scrap rates, yield rates and track actual costs. However, none of them can analyze the slight variations in process flow product outputs to warn of possible machine or supply chain issues. Each process manufacturing machine runs at its cadence or speed, and having an AI-based sensor system track and analyze why speeds are off could save thousands of dollars in maintenance costs and keep the line running. In addition, adding insight and intelligence to the machine’s real-time data feeds frees quality engineers to concentrate on more complex problems.
Industrial Internet of Things (IIoT) and edge computing data can be used for fine-tuning finite scheduling in real-time. Finite scheduling is part of the broader manufacturing systems organizations rely on to optimize shop floor schedules, machinery, and staff scheduling. It can be either manually intensive or automated to provide operators with valuable insights. A potential smart manufacturing opportunity is a finite scheduler that relies on AI and machine learning to keep schedules on track and make trade-offs to ensure resources are used efficiently. Finite schedulers also need greater accuracy in factoring in frequent changes to delivery dates. AI and machine learning could drive greater on-time delivery performance when integrated across all the shop floors a manufacturer relies on.
Automated visual inspections and quality analysis to improve yield rates and reduce scrap. Using visual sensors to capture data in real-time and then analyze them for anomalies is in its nascent stages of deployment and growth. However, this is an area where captured data sets can provide machine learning algorithms with enough accuracy to identify potential quality problems on products before they leave the factory. Convolutional neural networks are an effective machine learning technique for identifying patterns and anomalies in images. They’re perfect for the use case of streamlining visual inspection and in-line quality checks in discrete, batch, and process manufacturing.
Coordinated robotics (Cobots) to handle assemble-to-order product assembly. The latest cobots can be programmed to stay in sync with each other and perform pick, pack, ship, and place materials in warehouses. What’s needed are advanced cobots that can handle simple product assembly at a more competitive cost as manufacturers continue to face chronic labor shortages and often run a shift with less than half the teams they need.
Talent remains an area of need
Manufacturers’ CEOs and COOs say that recruiting and retaining enough talent to run all the production shifts they need is the most persistent issue. In addition, those manufacturers located in remote regions of the world are turning to robotics to fulfill orders, which opens up opportunities for integrating AI and machine learning to enable cobots to complete assemble-to-order tasks. The unknown impact of how fast supply chain conditions change needs work from startups, too, especially in tracking actual cost performance. These are just a few opportunities for startups looking to apply AI and machine learnings’ innate strengths to solve complex supply chain, manufacturing, quality management, and compliance challenges.
LinkedIn identified four key trends in their analysis, with flexible work is becoming table stakes for recruiting and retaining employees.
These and many other insights are from LinkedIn Top Companies 2022: The 50 best workplaces to grow your career in the U.S., published today. All 50 companies are currently hiring and have over 530,000 jobs open across the U.S, with over 70,000 being remote positions. The LinkedIn analysis of the best companies to grow your career spans 35 global markets, including the U.S., Canada, Mexico, Brazil, Argentina, Colombia, Chile, Ireland, France, Switzerland, Austria, Germany, Israel, Italy, Spain, the U.K., Sweden, Belgium, Denmark, the Netherlands, Portugal, India, Japan, Singapore, Philippines, Malaysia, Indonesia, Australia, New Zealand, UAE, Egypt, Saudi Arabia, South Africa, Nigeria, and Kenya.
LinkedIn’s Top Companies 2022 spotlights the organizations investing in employee success and career development. LinkedIn’s methodology and internal analysis ranked companies based on seven pillars that display career progression: ability to advance, skills growth, company stability, external opportunity, company affinity, gender diversity, and educational background.
The 19 Best Tech Companies To Grow Your Career In 2022
The following are profiles of the top 19 tech companies hiring in the U.S. today with links to available positions accessible via LinkedIn:
Global headcount: 1,600,000 (with 1,100,000 in the U.S.) | Top U.S. locations: Seattle, San Francisco Bay Area, New York City | Most notable skills: Warehouse Operations, Data Entry, AWS Lambda| Most common job titles: Software Engineer, Fulfillment Associate, Warehouse Associate | Largest job functions: Operations, Engineering, Program and Project Management | What you should know: Even as the country’s second-largest private employer, Amazon continues to compete in recruiting and retaining top talent amid a competitive labor market. The company recently announced that it’s doubling its maximum base salary for corporate and tech workers, and it raised average wages for warehouse workers late last year, increasing pay for more than half a million of its employees. But the e-commerce giant is going beyond compensation, too: investing $1.2 billion over the next three years to expand its education and skills training initiatives. Amazon now pays 100% of college tuition for frontline employees as part of its Career Choice program and covers high school diploma programs, GEDs, and English proficiency certifications.
Global headcount: 156,000 | Top U.S. locations: San Francisco Bay Area, New York City, Seattle | Most notable skills: Video Editing and Production, Google Cloud Platform (GCP), C++| Most common job titles: Software Engineer, Program Manager, Product Manager | Largest job function: Engineering, Information Technology, Program and Project Management |What you should know: It’s been a big year for Alphabet: The company onboarded nearly 6,500 employees last quarter and saw significant growth across Google’s Cloud service and YouTube (whose revenues are now growing at a faster rate than Netflix). For those interested in flexibility, the tech giant has a robust offering. In addition to adopting a hybrid work model, the company told LinkedIn that Alphabet offers four ‘work from anywhere’ weeks per year, sabbaticals for long-term employees, and ‘no meeting’ days. But Alphabet has also worked to maintain a collaborative culture and support career growth while working remotely. Employees can take advantage of resource groups like Women@Google and its Googler-to-Googler training, which lets its workers get first-hand knowledge across different fields from other employees.
Global headcount: 250,000 | Top U.S. locations: New York City; Raleigh-Durham, N.C.; San Francisco Bay Area | Most special skills: Kubernetes, Openshift, Hybrid Cloud| Most common job titles: Software Engineer, Project Manager, Data Scientist | Largest job functions: Engineering, Information Technology, Sales |What you should know: The perennial IT giant has re-upped its benefits offerings amid the Great Reshuffle, IBM told LinkedIn. The new initiatives are increased paid time off, more promotion and pay reviews, backup dependent care, virtual tutoring, and ‘compassionate leave’ for parents who experience stillbirth or miscarriage. In addition, as the company moves forward with a hybrid working model that allows employees to decide how often they want to be onsite, IBM has also transformed its onboarding process with “a focus on empathy and engagement” to help remote new hires feel more connected.
Global full-time headcount: 202,600 | Top U.S. locations: Atlanta, Dallas, New York City | Most notable skills:Design Thinking, Customer Experience, Futurism| Most common job titles: Retail Sales Consultant, Client Solutions Executive, Customer Service Representative | Largest job functions: Sales, Information Technology, Engineering |What you should know: Just three years after the acquisition of Time Warner, AT&T is changing course. The company agreed to a deal last year that will combine WarnerMedia’s assets with Discovery’s to create a new, separate global entertainment giant. Once the spinoff is completed (likely mid-2022), the telecom company will be focused on its core business — expanding access to broadband internet. For its employees, AT&T offers several advancement opportunities. For example, it invests $2 million annually in ‘AT&T University,’ an internal training program to help its workers upskill, and has partnered with groups like Udacity and Coursera to offer advanced online courses.
Global headcount: 154,000 | Top U.S. locations: San Francisco Bay Area; Austin, Texas; New York City | Most notable skills: Apple Software and Hardware, Technical Learning, iOS| Most common job titles: Software Engineer, Technical Specialist, Mac Genius | Largest job functions: Engineering, Information Technology, Sales |What you should know: Apple is increasing benefits and pay for retail workers to attract and retain employees at its 270 retail stores across the U.S. — including doubling sick days for both full-time and part-time employees and granting more vacation days. Its retail employees are also eligible for paid parental leave and can access discounted emergency childcare. In addition, after being one of the first companies to tell its corporate employees to work remotely in March 2020, Apple is now asking that they return to the office three days a week.
Global headcount: 189,000 (with 130,000 in the U.S.) | Top U.S. locations: Philadelphia, New York City, Los Angeles | Most notable skills: Media Production, Cable Modems, Broadcast Television | Most common job titles: Software Engineer, Communications Technician, Salesperson | Largest job functions: Engineering, Sales, Information Technology |What you should know: Comcast prioritizes career growth and development among its employees through various benefits — including mentorship programs, department rotations and tuition assistance for continuing education and skills development. As a part of its commitment to wellbeing, it also pays for 78% of its employees’ health care costs. Want an in? Comcast says the #1 skill it looks for in new hires is authenticity. “We believe that by being yourself, you are empowered to do your best work,” the company told LinkedIn.
Global headcount: 71,900 | Top U.S. locations: San Francisco Bay Area, Seattle, New York City | Most notable skills: PHP, Program Management, Social Media Marketing| Most common job titles: Software Engineer, Technical Recruiter, Data Scientist | Largest job functions: Engineering, Information Technology, Human Resources
Global headcount: 133,000 | Top U.S. locations: Austin, Texas; Boston; San Francisco Bay Area | Most notable skills: Software as a Service (SaaS), Kubernetes, Salesforce| Most common job titles: Account Executive, Software Engineer, Inside Sales Representative | Largest job functions: Sales, Information Technology, Engineering
Global headcount: 674,000 | Top U.S. locations: Washington D.C., New York City, Chicago | Most notable skills: Amazon Web Services (AWS), Management Consulting, Software Development Life Cycle (SDLC)| Most common job titles: Managing Director, Management Consultant, Business Integration Manager | Largest job functions: Information Technology, Business Development, Engineering
Global headcount: 119,400 (with 105,800 in the U.S.) | Top U.S. locations: New York City, Dallas, Washington D.C. | Most notable skills: Quotas, Wireless Technologies, Solution Selling| Most common job titles: Solutions Specialist, Customer Service Representative, Business Account Manager | Largest job functions: Sales, Engineering, Information Technology
Global headcount: 121,000 (with 55,700 in the U.S.) | Top U.S. locations: Portland, Ore.; Phoenix; San Francisco Bay Area | Most notable skills: JMP, System on a Chip (SoC), Statistical Process Control (SPC) | Most common job titles: Software Engineer, Process Engineer, System-on-Chip Design Engineer | Largest job functions: Engineering, Operations, Information Technology
Global headcount: 133,000 (46,600 in the U.S.) | Top U.S. locations: San Francisco Bay Area, Boston, Denver | Most notable skills: Oracle Cloud, NetSuite, OCI | Most common job titles: Software Engineer, Business Development Consultant, Application Sales Manager | Largest job functions: Engineering, Sales, Information Technology
Global headcount: 74,300 (41,000 in the U.S.) | Top U.S. locations: San Francisco Bay Area, Seattle, New York City | Most notable skills: Salesforce.com Administration, Salesforce Sales Cloud, Slack | Most common job titles: Account Executive, Software Engineer, Solutions Engineer | Largest job functions: Sales, Engineering, Information Technology
Global headcount: 81,800 (38,800 in the U.S.) | Top U.S. locations: San Francisco Bay Area; Raleigh-Durham, N.C.; Dallas | Most notable skills: Software as a Service (SaaS), Kubernetes, Network Engineering | Most common job titles: Software Engineer, Account Manager, Program Manager | Largest job functions: Engineering, Information Technology, Sales
Siemens is the parent company of Mendix and others.
Global headcount: 303,000 (with 40,000 in the U.S.) | Top U.S. locations: New York City, Philadelphia, Atlanta | Most notable skills: Building Automation, HVAC Controls, Electrical Troubleshooting | Most common job titles: Project Manager, Software Engineer, Senior Sales Executive | Largest job functions: Engineering, Sales, Operations
Global headcount: 10,400 (with 4,400 in the U.S.) | Top U.S. locations: San Francisco Bay Area, Boston, Washington D.C. | Most notable skills: Junos, Kubernetes, Border Gateway Protocol (BGP)| Most common job titles: Software Engineer, System Engineer, Technical Support Engineer | Largest job functions: Engineering, Sales, Information Technology
Viasat is the parent company of RigNet and others.
Global headcount: 5,800 | Top U.S. locations: San Diego, Denver, Atlanta | Most notable skills: RF Test, Amazon Web Services (AWS), Satellite Communications (SATCOM)| Most common job titles: Software Engineer, Program Manager, System Engineer | Largest job functions: Engineering, Information Technology, Operations
Global headcount: 5,000 (with 3,000 in the U.S.) | Top U.S. locations: Boston, Detroit, Los Angeles | Most notable skills: MATLAB, Simulink, Deep Learning| Most common job titles: Software Engineer, Application Support Engineer, Principal Software Engineer | Largest job function: Engineering, Information Technology, Sales
Flexible work is becoming table stakes for recruiting and retaining employees. With job seekers and employees in the driver’s seat and able to ask for the work-life balance they need, flexible work has become required to attract and retain top talent. Most companies on this year’s list offer some form of work-from-anywhere flexibility, with more than 70,000 remote jobs open now across the top 50 companies. Many companies also allow employees to set their schedules and work custom “on” hours through asynchronous work. Some, like Amazon (#1), Raytheon Technologies (#21), and General Motors (#44), are encouraging work-life balance with company-wide days off, while others offer unlimited paid vacation and sabbaticals. In addition, many companies are testing out new flexible offerings – employees at Cisco (#30) have adopted a four-day workweek through the company’s Interim Reduced Workweek program, IBM (#6) has set mandatory “off” hours, Cognizant (#33) offers the option to work a compressed week through its WorkFlex program, Realogy (#40) has a no meetings policy on “Focus Fridays,” Publicis Groupe (#41) allows employees the freedom to work from anywhere they like for up to six weeks per year and PwC (#32) allows employees to step away from work for up to six months while paid through its new Leave of Absence program.
Top companies offer stability in an unstable world. While many companies across the U.S. have faced challenges and disruptions over the last year, the Top Companies offer stability and upskilling opportunities that employees can count on – from tuition assistance and PTO for professional development to mentorship programs and job shadowing. Many organizations instituted new programs to retain employees. For example, Deloitte (#11) introduced a new Talent Experience Office focused on employee sentiments and preferences to help inform company choices, EY (#22) offers a Pathway to Purpose virtual program to help employees discover and live their personal purpose and vision, and Kimley-Horn (#31) offers job rotations, so employees learn from different roles and departments. Amazon (#1) is investing $1.2 billion to expand its education and skills training initiatives, Walmart (#5) gives field-based associates access to a no-cost college degree through its Live Better U program, and Verizon (#18) offers an apprenticeship program for those facing employment loss due to automation in technology to prepare them for the jobs of the future. PwC (#32) invested $3 billion in a “New World. New Skills” commitment to equip employees with digital training and awarded a “thank you” bonus of one-week extra pay. Bank of America (#8) provided an additional $1 billion in compensation stock awards to employees globally, and Northrop Grumman (#38) enhanced their annual bonus plan in addition to their ongoing stay interviews.
Mental health care is going mainstream across hiring and talent management. To keep employees healthy and happy at work, almost all of this year’s honorees now provide services that address mental health and well-being. Companies like Intel (#23), Salesforce (#28), and Juniper Networks (#46) provide dedicated mental health days, with many – including FedEx (#47) and Blackstone (#43) – offering company-paid mental health benefits. In addition, EY (#22) has expanded its no-cost counseling and mental health coaching sessions to 25 per year for employees and family. Deloitte (#11) provides a $1,000 well-being subsidy in addition to individualized psychological health resources. Unitedhealth Group (#13) provides complimentary access to wellness apps offering coaching, talk therapy, and more.
Authenticity, compassion, and curiosity are must-have skills. Most of the Top Companies do not require college degrees and instead look for soft skills that can translate across departments and roles. For example, the #1 skill Comcast (#10) seeks in new hires is authenticity, HCA Healthcare (#37) wants new hires to possess compassion, and Dell Technologies (#14) looks for people who thrive in an environment with a diversity of people and ideas. Accenture (#17), Oracle (#27), and Lockheed Martin (#29) value candidates with curiosity and eagerness to learn and grow. Alphabet (#2) looks for problem-solving skills and a growth mindset.
Predictions don’t protect businesses, professional guidance does. Intending to provide every business, especially startups, with insights they can use to protect themselves in 2022, I’ve interviewed several cybersecurity CEOs. Their recommendations on what every business can do to improve their cybersecurity and avert a potential breach, ransomware attempt, or worse are provided below:
BOS Framework Founder and CEO Sashank Purighalla
Before BOS, Sashank founded and served as the CEO of 5Y Solutions, Inc., a DevOps company that provides SaaS and enterprise-class technology solutions based in the cloud, AR, VR, IoT, Media Streaming, and Big Data spaces. 5Y has offices in the US, Australia, and India. Much of Sashank’s 20+ years of experience has involved developing enterprise-class technology solutions, strong strategic and long-range planning, setting business and technology strategies in B2B and B2C environments, and leading and motivating diverse teams to build high-impact SaaS and PaaS products. Sashank has a bachelor’s degree in Mechanical Engineering and a master’s degree in Computer Science.
Advice from Sashank Purighalla Founder and CEO at BOS Framework
“The biggest problem that enterprises are dealing with is with fractured technology architectures. The playbook for how technology systems are designed and maintained has fundamentally changed over the past 5 years with the advent of DevOps as a new disciple geared toward bringing efficiency to the PDLC process. To help meet this growing demand, there has been nearly a 570% increase in the number of known niche tools. Here’s the strange dichotomy: In the same timeframe, there has been an over 630% increase in the number of cyber breaches and over 600% increase in technology management and maintenance costs.
The fact is that you cannot patch disparate systems with non-standardized implementations using niche tools and expect to achieve security. Breach resilience and systemic integration can only result from sound systemic architectures that are based on best practices.
Enterprises must shift their focus from thinking of the next tool for efficiency or patching gaps to consistent architectures for effective holistic outcomes. This is an ecosystem problem and can only be addressed at an organizational architecture level”.
Founder Shield Co-Founder & CEO Benji Markoff
Benji Markoff is the Co-Founder & CEO of Founder Shield. He has an obsession with culture and the science behind it. He wants his legacy to be the success and positivity that everyone who works at Founder Shield brings to the world, whether at Founder Shield or in any their future endeavors. He hopes that Founder Shield provides a platform for unlimited success and happiness for all that work there.
Advice from Benji Markoff, Co-Founder & CEO of Founder Shield
“It’s old news that cybercriminals have beefed up their attacks, with ransomware and phishing topping every bad actor’s to-do list, it seems. The pandemic spotlighted weak links in cybersecurity systems nationwide, and hackers didn’t waste one minute to attack — back door, front door, didn’t matter. Hybrid work schedules and burnt-out IT specialists make the waters even murkier. Naturally, cyber liability insurance is a hot commodity currently, and the insurance industry plays a significant role in helping companies stay protected. Unfortunately, the attacks keep coming. Flip the script, though, and all these negative headlines can serve as lessons learned. For starters, let’s remember that cross-functionality value also translates to cybersecurity training. The more employers raise awareness and implement in-depth training, the lower they’ll fall on a hacker’s checklist. Keep cybersecurity top-of-mind throughout your entire company. Also, don’t be shy about relying more heavily on your managed service provider (MSP). These companies are ever-broadening their scope of services. If eyes and ears are what you need, start negotiating new MSP contracts.”
Hexnode Founder and CEO Apu Pavithran
Apu Pavithran is the founder and CEO of Hexnode. Recognized in the IT management community as a consultant, speaker, and thought leader, Apu has been a strong advocate for IT governance and Information security management. In addition, he’s passionate about entrepreneurship and spends significant time working with startups and empowering young entrepreneurs.
Advice from Apu Pavithran, founder and CEO of Hexnode
“Enterprise customers in 2022 are looking for a seamless digital experience that they can adopt immediately. Unfortunately, while catering to this need businesses tend to overlook the cybersecurity risks involved in making this possible.
In practice, cybersecurity decisions mostly take the backseat when associated with budgetary needs and business priorities, however, what comes with that is a successful ransomware attack that can completely turn the equation upside down. So, while adopting a flexible working environment in a constantly changing IT landscape, I would strongly recommend having a device security policy and a UEM in place. This helps keep your sensitive information safe by making sure employee devices are always compliant.
A patch management solution that comes along with the UEM solution will monitor your devices to make sure that there are no security vulnerabilities. The solution will also make sure that your device is running on the latest OS update and protected from threat actors.
Endpoint security solutions like UEM’s will help secure businesses to an extent, But having the right tools can’t always ensure that your businesses are 100% secure. The biggest threat is always the human element in cyber security. So make sure that in your flexible work environment your employees are cyber aware with regular cyber awareness classes that cover updated cybersecurity best practices.”
Ivanti CEO Jeff Abbott
As CEO of Ivanti, Jeff Abbott oversees all aspects of the company’s growth strategy and direction. Before becoming CEO of Ivanti in October 2021, Jeff served as Ivanti’s President since January 2020. Jeff has over 25 years of experience working for enterprise software and services companies, including Accenture, Oracle, and Infor. Jeff holds degrees from the University of Tennessee and Georgia State University. He sits on the National Alumni Board at the University of Tennessee and has previously held board positions with the Georgia Leukemia and Lymphoma Society and the Posse Foundation.
Advice from Ivanti CEO Jeff Abbott:
The rapid shift to remote work has accelerated growth in new digital systems and workflows, leading to expanded enterprise attack surfaces. At the same time, threat actors have matured their tactics and targeted enterprise security gaps. For example, attackers have increasingly waged phishing attacks at mobile devices, which remote workers are using more than ever before, via text and SMS messages, instant messages, social media, and other modes of communication, beyond just corporate email. Ransomware has also continued to evolve, with attackers increasingly leveraging known vulnerabilities that have remote code execution and privilege escalation capabilities. Ransomware is a business, and threat actors are incentivized to find companies that are more likely to pay.
Organizations are struggling to proactively combat these growing cyber threats. A new study by Ivanti revealed that 71% of IT and security professionals found patching to be overly complex and time-consuming. 57% of respondents stated that the global transition towards a decentralized workspace has made patch management more complex to deal with. And 53% said that organizing and prioritizing vulnerabilities takes up most of their time. This is alarming because the longer vulnerabilities remain unpatched, the more exposed a business is at risk of an attack or ransomware.
To effectively mitigate risk, companies should implement a Zero Trust security strategy. At its simplest, Zero Trust provides organizations continuous evaluation of their employee devices, endpoints, assets, and networks that business relies on. As part of an overall Zero Trust strategy, companies should invest in automated controls that proactively perform cyber hygiene tasks and reduce security risk across infrastructure and applications. This includes leveraging a combination of risk-based vulnerability prioritization and automated patch intelligence to identify and prioritize vulnerability weaknesses and then accelerate remediation. A proactive, end-to-end risk-based assessment strategy can drive business value and further reduce the mean time to detect, discover, remediate, and respond to cyber threats.
Orchestral Founder and EVP Dale Smith As Orchestral’s Head of Revenue Technology & Operations, Dale leads the digital infrastructure team responsible for integrating customer-facing operations across marketing, sales, and customer success to deliver extraordinary customer experiences that accelerate revenue performance. Dale has over 30+ years of experience in the tech industry, including several roles that include engineering, marketing, business development, and product management. His current startup, Orchestral.ai, provides AI-enabled IT workflow automation & orchestration technologies that facilitate digital transformation for some of the world’s largest enterprises.
Advice from Orchestral Founder and EVP Dale Smith
“Although there is an increasing amount of attention given to automation within the cybersecurity sector, there are still many gaps between the countless tools and SOAR/SIEM platforms found in a typical enterprise’s cybersecurity infrastructure.
To be sure, cybersecurity automation is a welcome and necessary focus for innovation in threat intelligence and response. But, as organization’s adopt cybersecurity automation, they are likely to discover that significant human intervention is still required to bridge the “silos of automation” that naturally develop around highly specialized security tools and platforms. It is at this point when the focus should shift to “cybersecurity orchestration”. Cybersecurity orchestration intelligently integrates all of the different and disparate tools, platforms and siloed automations so that information is shared across the entire cybersecurity infrastructure. In this context, cybersecurity automation and cybersecurity orchestration are complimentary stages of focus for developing security infrastructure capable of coordinating a truly “autonomous” threat response.”
Prometeo Co-Founder and CEO Rodrigo Tumaián
Rodrigo Tumaián is co-founder of Prometeo, a startup in the fintech area. He is also a co-founder of Truss, a company that provides information security services in the financial sector. His extensive experience working with national and international companies has enabled him to learn to adapt to any type of environment and help customers across a broad spectrum of business models, industries and revenue levels.
Advice from Prometeo Co-Founder and CEO Rodrigo Tumaián
“When we talk about Cybersecurity month to encourage awareness around the topic, we should keep in mind that it is something we must take action on every day. The repercussions that are caused when we find ourselves in the middle of a problem or a serious cybersecurity issue, profoundly impact our digital ecosystem. Constantly promote cybersecurity awareness – that’s what we’re focused on internally and with every customer – and we’re product of what we’re accomplishing with them and seeing them and we are very proud of what we have accomplished.”
Rapid.Space Founder and CEO Jean Paul Smets
Jean Paul is an entrepreneur, with 20 year experience and success in enterprise open source software for B2B markets. As Founder and CEO At Rapid.Space, he leads product and business development . Before Rapid.Space, Jean Paul founded Nexedi S.A the largest FLOSS publisher in the EU (4 M€ income). He founded VIFIB which invented edge computing in 2009 and contributed its technology to Rapid.Space. He holds a PhD in computer science, graduated from ENS Ulm and joined “corps des mines”.
Advice from Jean Paul Smets, Founder and CEO at Rapid.Space
“If you use a cloud service, make sure your cloud provider does not have access to your passwords or credentials (most have access and password leaks happen in average every year, as we all experienced). If you use containers, make sure you understand that they do not provide strong isolation (containers from other users on the same host may be able to access your sensitive data through security escalation, such as the one which happened to Azure in 9/2021)”
ThycoticCentrify CEO Art Gilliland
Art Gilliland is CEO at Centrify and brings proven success in the global enterprise software industry-leading large organizations in product development, enterprise infrastructure, cybersecurity, go-to-market strategy, and SaaS operations. He most recently was SVP/GM of the Symantec Enterprise Division of Broadcom, reporting to the CEO, where he led the integration and business operations post-acquisition. Before Symantec, Art held executive positions at Skyport Systems, HP, Symantec, and IMlogic.
Advice from ThycoticCentrify CEO Art Gilliland:
“As organizations execute on their digital transformations to adopt cloud and SaaS infrastructure it will become more essential to adopt tighter control over who has access to what. Investments in tighter controls over privileged access by using multi-factor authentication, centralizing identities, and enforcing least privilege can go a long way to securing modern infrastructure. This investment can not only make the user experience more seamless for those who need and should have access, but can also simultaneously harden defenses to reduce risk of becoming the next hack or ransomware victim.” — Art Gilliland, CEO, ThycoticCentrify
Bottom Line: Professional services (PS) organizations need to close the gaps in their CPQ selling strategies to win more deals, capture more revenue and protect margins from ongoing price pressure.
Why Services CPQ Is Too Slow Today
When PS organizations compete in sales cycles, the first competitor to have a complete quote with accurate pricing, schedules, and an engagement plan will often win. However, getting a complete quote out fast is a major challenge for most PS organizations today. Many PS organizations manually create their quotes by taking into account a broad base of factors that include the following: talent profiles of employees and the market value of their skills; utilization rates; direct and indirect engagement costs; typical gross margins by type of engagement; and, competitive pricing. The average PS organization takes six weeks to deliver a quote or proposal. John Ragsdale’s excellent recent article Automating Services Quote-to-Cash: Emergence of CPQ for Services provides useful insights into what needs to change for PS quoting and selling to increase its velocity.
Getting Services CPQ Right Is Hard
Gaps that drain revenue and margin grow wider when PS organizations attempt to use product-centric CPQ platforms to sell services. Too often, PS organizations attempt to wedge their quoting, pricing, and revenue management into a product-based CPQ system – and get mediocre results at best. Earlier in my career, I led a product management team that defined, created, and launched a quoting system for professional services inside a large IT organization. The most valuable lessons learned from that experience include the following:
PS bundles only work if they have simple, solid direct cost structures. Adding a synthetic SKU that represents a PS bundle only works for the most simple, automated PS engagements. Think of those PS engagements with long-standing direct cost structures that are simple, clear and easy to implement. Attempting to group PS bundles can easily lead to quoting mistakes that drain margin when a product-centric CPQ system is used for PS.
The greater the differences in PS revenue management, the more the need for a new CPQ platform. Many PS organizations are making a mistake by attempting to make product-centric CPQ platforms work for their unique costing, pricing, and selling needs. My team and I learned that the more a PS revenue model is unique and one-of-a-kind, the more it requires a unique CPQ platform.
Getting product-based CPQ rules and constraint logic right is hard in PS. Our teams’ biggest challenge in recycling IT’s CPQ app for PS was how difficult it was to get the rules-based engine to work for the wide variety of variables in a common service engagement. Rules created for transaction velocity needed to be reworked for greater variety. PS engagements didn’t follow a common logic structure like a product, making the constraint logic code only somewhat usable.
Only launch after CRM and Revenue Management integration is complete. Our team was handed a project that had languished in IT for nearly a year because PS selling teams wouldn’t use it. The problem was that the quoting module ran batch updates to a series of databases to get customer records and fetch the latest price tables off of a mainframe. In addition, CPQ wasn’t connected in real-time to CRM or Revenue Management.
Closing Long-Standing Services CPQ Gaps
The more a Services CPQ app can close the gaps between CRM, PSA, Revenue Management, and CPQ apps and their workflows, the more effective it will be stopping margin and revenue leakage. Having APIs that share data in real-time between CRM, PSA, and Revenue Management within each quote creation session has the potential to save thousands of hours a year. FinancialForce’s recently announced Services CPQ shows how a platform-based integration strategy works. The following graphic shows how revenue potential increases as a Services CPQ’s systems become more integrated.
FinancialForce’s approach to taking on the challenge of providing an enterprise-grade Services CPQ is noteworthy for several reasons, including the following:
Real-time visibility and control of Services CPQ Effectiveness. Having Services CPQ, PSA and Revenue Management on the same Salesforce platform provides the visibility and control PS sales managers need to track quoting effectiveness by program, geography, customer segment, and rep. The more real-time the data integration across these systems the greater the potential for revenue growth in existing accounts and winning new ones.
Changing professional services quotes in real-time without impacting sales cycles is possible. Due to the integrated design of Services CPQ, one change made anywhere on a quote will replicate through the entire system and change all related factors immediately.
Getting in control of professional services engagement dates and utilization rates by associates helps reduce time-to-market and assures better time-to-customer performance. Keeping track of the myriad of factors that influence a services quote using a manually-based process is too slow for how quickly engagements are decided. Instead, having a single, unified data model that can track effectiveness and provide updates on how they impact engagement project plans is needed to excel at selling with Services CPQ. Adopting an agile CPQ strategy that relies on an integration thread to unify all systems is the secret to scaling and selling more with an agile approach to services CPQ.
Pricing needs to be one of the core strengths in an integrated Services CPQ platform. Realizing how a customers’ requested changes to a professional services engagement will impact costs and margins gives PS teams with an integrated system a formidable pricing advantage. FinancialForce’s approach to solving the Services CPQ challenge shows the potential to take on this challenge and provide its PS customers with the insights they need to upsell engagements – and not lose margin doing it.
A must-have for any Services CPQ platform is support for channel partner collaboration and team quoting. For any Services CPQ to scale up and deliver its full potential value, there needs to be support for customizing partner selling experiences while providing for team selling and quoting. FinancialForce solves this by relying on the Salesforce platform. By closing the gaps between the systems Services CPQ relies on, the channel selling teams and partners gain greater flexibility in defining customized products.
Services CPQ needs to scale out on a platform to achieve its full potential by providing the analytical insights to track engagement lifecycles and customer lifetime value by engagement. FinancialForce has proven they can do this in their Spring 2021 release. Taking on the most challenging aspects of a Services CPQ architecture starts by providing insights and guidance on how best to optimize the mix of associates and their utilization and billing rates, locations of each engagement, margin threshold levels, and the expected duration of each engagement. Additionally, the world’s leading professional services organizations could use an automated Services CPQ solution as many of them don’t rely on enough data, letting revenue leakage happen without knowing it.
Worldwide end-user spending on public cloud services is forecast to grow 23.1% in 2021 to total $332.3 billion, up from $270 billion in 2020.
Garter predicts worldwide end-user spending on public cloud services will jump from $242.6B in 2019 to $692.1B in 2025, attaining a 16.1% Compound Annual Growth Rate (CAGR).
Spending on SaaS cloud services is predicted to reach $122.6B this year, growing to $145.3B next year, attaining 19.3% growth between 2021 and 2022.
These and many other insights are from Gartner Forecasts Worldwide Public Cloud End-User Spending to Grow 23% in 2021. The pandemic created the immediate need for virtual workforces and cloud resources to support them at scale, accelerating public cloud adoption in 2020 with momentum continuing this year. Containerization, virtualization, and edge computing have quickly become more mainstream and are driving additional cloud spending. Gartner notes that CIOs face continued pressures to scale infrastructure that supports moving complex workloads to the cloud and the demands of a hybrid workforce.
Key insights from Gartner’s latest forecast of public cloud end-user spending include the following:
36% of all public cloud services revenue is from SaaS applications and services this year, projected to reach $122.6B with CRM being the dominant application category. Customer Experience and Relationship Management (CRM) is the largest SaaS segment, growing from $44.7B in 2019 to $99.7B in 2025, attaining a 12.14% CAGR. SaaS-based Enterprise Resource Planning (ERP) systems are the second most popular type of SaaS application, generating $15.7B in revenue in 2019. Gartner predicts SaaS-based ERP sales will reach $35.8B in 2025, attaining a CAGR of 12.42%.
Desktop as a Service (DaaS) is predicted to grow 67% in 2021, followed by Infrastructure-as-a-Service (IaaS) with a 38.5% jump in revenue. Platform-as-a-Service (PaaS) is the third-fastest growing area of public cloud services, projected to see a 28.3% jump in revenue this year. SaaS, the largest segment of public cloud spending at 36.9% this year, is forecast to grow 19.3% this year. The following graphic compares the growth rates of public cloud services between 2020 and 2021.
In 2021, SaaS end-user spending will grow by $19.8B, creating a $122.6B market this year. IaaS end-user spending will increase by $22.7B, the largest revenue gain by a cloud service in 2021. PaaS will follow, with end-user spending increasing $13.1B this year. CIOs and the IT teams they lead are investing in public cloud infrastructure to better scale operations and support virtual teams. CIOs from financial services and manufacturing firms I’ve recently spoken with are accelerating cloud spending for three reasons. First, create a more virtual organization that can scale; second, extend the legacy systems’ data value by integrating their databases with new SaaS apps; and third, an urgent need to improve cloud cybersecurity.
CIOs and the organizations they serve are prioritizing cloud infrastructure investment to better support virtual workforces, supply chains, partners, and service partners. The CIOs I’ve spoken with also focus on getting the most value out of legacy systems by integrating them with cloud infrastructure and apps. As a result, cloud infrastructure investment starting with IaaS is projected to see end-user spending increase from $82B this year to $223B in 2025, growing 38.5% this year alone. End-user spending on Database Management Systems is projected to lead all categories of PaaS through 2025, increasing from $31.2B this year to $84.8B in 2025. The following graphic compares cloud services forecasts and growth rates:
Sage Intacct, Oracle ERP Cloud, and Microsoft Dynamics 365 ERP are the three highest-rated ERP systems by their users.
86% of Unit4 ERP users say their CRM system is the best of all vendors in the study. The survey-wide satisfaction rating for CRM is 73%, accentuating Unit4 ERP’s leadership in this area.
85% of Ramco ERP Suite users say their ERP systems’ analytics and reporting is the best of all 22 vendors evaluated.
These and many other insights are from SoftwareReview’s latest customer rankings published recently in their Enterprise Data Quadrant Report, Enterprise Resource Planning, April 2021. The report is based entirely on attitudinal data captured from verified owners of each ERP system reviewed. 1,179 customer reviews were completed, evaluating 22 vendors. SoftwareReviews is a division of the world-class IT research and consulting firm Info-Tech Research Group. Their business model is based on providing research to enterprise buyers on subscription, alleviating the need to be dependent on vendor revenue, which helps them stay impartial in their many customer satisfaction studies. Key insights from the study include the following:
Sage Intacct, Oracle ERP Cloud, Microsoft Dynamics 365 ERP, Acumatica Cloud ERP, Unit4 ERP and FinancialForce ERP are most popular with their users. SoftwareReview found that these six ERP systems have the highest Net Emotional Footprint scores across all ERP vendors included in the study. The Net Emotional Footprint measures high-level user sentiment. It aggregates emotional response ratings across 25 questions, creating an indicator of overall user feeling toward the vendor and product. The following quadrant charts the results of the survey:
80% of Acumatica Cloud ERP users say their system helps create more business value, leading all vendors on this attribute. How effective an ERP system is at adapting to support new business and revenue models while providing greater cost visibility is the essence of how they deliver business value. The category average for this attribute is 75%. Of the 22 vendors profiled, 12 have scores at the average level or above, indicating many ERP vendors are focusing on these areas to improve the business case of adopting their systems.
86% of Sage Intacct ERP users say their system excels at ease of implementation, leading all vendors in the comparison by a wide margin. Implementing a new ERP system can be a costly and time-consuming process as it involves extensive training, change management, and integration. Ease of Implementation received a category score of 75% across the 22 vendors, indicating ERP vendors are doubling down investments to improve this area. Just 11 of the 22 ERP vendors scored above the category average.
76% of enterprises increased their use of endpoint devices since the beginning of the COVID-19 pandemic, supporting their remote, work-from-home (WFH) and hybrid workforces globally.
66% of enterprises believe securing their networks and infrastructure requires a more focused, proactive approach to endpoint resilience that doesn’t leave endpoint security to chance.
Cybersecurity leader’s top challenges today are maintaining compliance, enforcing security standards, and understanding the health of security controls on each endpoint.
Just 38% of IT leaders can track the ROI of their cybersecurity investments, accentuating the need for more resilient, persistent endpoints that provide greater visibility and control.
These and many other fascinating insights are from Forrester Consulting’s latest study on endpoint security, Take Proactive Approach To Endpoint Security, completed in collaboration with Absolute Software. The study is noteworthy for its impartial, accurate view of the current state of endpoint security and the challenges IT teams face in creating greater endpoint resilience. The study’s methodology is based on 157 interviews with IT and security professionals located in the U.S. and Canada who are decision-makers in endpoint protection, with interviews completed in November and December 2020.
Key insights from the study include the following:
Security leaders are reprioritizing endpoint automation efforts with a strong focus on sensitive or at-risk data. In 2021 automation efforts will focus on sensitive or at-risk data (60%), geolocation (52%), security control health (48%), web-based application usage (36%), patch management (35%), and hardware inventory (32%). Each of these technologies is integral to supporting remote workers. There’s also a significant shift from how automation strategies were prioritized before the pandemic, as the graphic from the study below illustrates:
Maintaining compliance, enforcing security standards, understanding security controls’ health, and measuring security investments are the top challenges to managing endpoint security today. The majority of enterprises, 59%, cannot maintain or prove compliance of endpoints at any given time. Lack of compliance drags down the efficiency of endpoint security efforts, making an entire network more vulnerable. Just over half of enterprises can’t enforce security standards across endpoints or don’t know today’s health. The most surprising finding of the study: 62% of enterprises cannot measure the ROI of their security investments – with half (31%) – strongly disagreeing with how measurable security ROI spend is.
Enterprises see four key areas where endpoint management could improve today. Forrester asked enterprise IT and security leaders which capabilities need to be added to endpoint management systems to make them more effective. The executives first focused on securing sensitive and at-risk data, a sure sign enterprises are moving to a more data-centric cybersecurity model in the future. That’s good news as cyber attackers want to penetrate software supply chains and take control of systems managing data assets. Managing devices remotely at scale is second, which is also a frequent challenge IT and security teams encounter when attempting to patch endpoints. Having an unbreakable digital tether to devices is solving the scale issue while also providing greater endpoint resiliency, visibility, and control.
The pandemic forced every business to become more innovative in supporting work-from-home and hybrid work environments, improving endpoint security an immediate priority. What’s needed is an unbreakable digital tether to all devices, capable of delivering complete visibility and control, enabling real-time insights into the state of those devices, and allowing them to repair security controls and productivity tools autonomously. Of the many solutions available for securing endpoints today, the ones that take a firmware-embedded approach to secure endpoints are proving the most reliable. The more integrated an endpoint is to firmware, the more likely self-healing agents will be reliable while also providing complete visibility across every device on or off the network. Absolute’s firmware-embedded approach is noteworthy in its track record of securing endpoints during the pandemic.
Bottom Line: Today’s largely-distributed enterprises need to make sure they are putting endpoint security first in 2021– which includes closely managing every stage of the device lifecycle, from deployment to decommission, and ensuring all sensitive data remains protected.
There’s a looming paradox facing nearly every organization today of how they’ll secure thousands of remote endpoints without having physical access to devices, and without disrupting worker productivity. Whether there’s the need to retire hardware as part of down-sizing or cost-cutting measures, or the need to equip virtual teams with newer equipment more suitable for long term work-from-home scenarios, this is one of the most pressing issues facing CISOs and CIOs today.
Wanting to learn more about how their customers are tackling their endpoint security challenges and how their companies are helping to solve it, I sat down (virtually) with Absolute Software’s President and CEO Christy Wyatt and Matthew Zielinski, President of North America Intelligent Devices Group at Lenovo. The following is my interview with both of them:
Louis Columbus:Christy and Matt, thanks so much for your time today. To get started, I would like each of you to share what you’re hearing from your customers regarding their plans to refresh laptops and other endpoint devices in 2021.
Christy Wyatt: We’re seeing a strong desire from organizations to ensure that every individual is digitally enabled, and has access to a screen. In some cases, that means refreshing the hardware they already have in the field, and in other cases, that means buying or adding devices. From the endpoint security standpoint, there’s been a shift in focus around which tools matter the most. When laptops were primarily being used on campus, there was a certain set of solutions to monitor those devices and ensure they remained secure. Now that 90% of devices are out of the building, an entirely different set of capabilities is required – and delivering those has been our focus.
Matt Zielinski: We are seeing historic levels of demand from consumers, as many are transitioning from having maybe one or two devices per household to at least one device per person. We’re also seeing the same levels of demand on both the education and enterprise side. The new dynamic of work-from-anywhere, learn-from-anywhere, collaborate-from-anywhere underscores that the device hardware and software need to be current in order to support both the productivity and security needs of hugely distributed workforces. That’s our highest priority.
Louis: Where are CISOs in their understanding, evaluation, and adoption of endpoint security technologies?
Christy: The journey has been different for the education market than for the enterprise market. Most enterprise organizations were already on the digital path, with some percentage of their population already working remotely. And because of this, they typically have a more complex security stack to manage; our data shows that the total number of unique applications and versions installed on enterprise devices is nearly 1.5 million. What they’ve seen is a trifecta of vulnerabilities: employees taking data home with them, accessing it on unsecured connections, and not being aware of how their devices are protected beyond the WiFi connection and the network traffic.
In the education space, the challenges – and the amount of complexity – are completely different; they’re managing just a small fraction of that total number of apps and versions. That said, as the pandemic unfolded, education was hit harder because they were not yet at a point where every individual was digitally connected. There was a lot of reliance on being on campus, or being in a classroom. So, schools had to tackle digital and mobile transformation at the same time – and to their credit, they made multiple years of progress in a matter of weeks or months. This rapid rate of change will have a profound effect on how schools approach technology deployments going forward.
Matt: Whether in enterprise or education, our customers are looking to protect three things: their assets, their data, and their users’ productivity. It’s a daunting mission. But, the simplest way to accomplish it is to recognize the main control point has changed. It’s no longer the server sitting behind the firewall of your company’s or school’s IT environment. The vulnerability of the endpoint is that the network is now in the user’s hands; the edge is now the primary attack surface. I think CISOs realize this, and they are asking the right questions… I just don’t know if everyone understands the magnitude or the scale of the challenge. Because the problem is so critical, though, people are taking the time to make the right decisions and identify all the various components needed to be successful.
Louis: It seems like completing a laptop refresh during the conditions of a pandemic could be especially challenging, given how entire IT teams are remote. What do you anticipate will be the most challenging aspects of completing a hardware refresh this year (2021)?
Matt: The PC has always been a critical device for productivity. But now, without access to that technology, you are completely paralyzed; you can’t collaborate, you can’t engage, you can’t connect. Lenovo has always been focused on pushing intelligent transformation as far as possible to get the best devices into the hands of our customers. Beyond designing and building the device, we have the ability to distribute asset tags and to provide a 24/7 help desk for our customers whether you’re a consumer, a school, or a large institution. We can also decommission those devices at the end, so we’re able to support the entire journey or lifecycle.
The question has really become, how do you deliver secure devices to the masses? And, we’re fully equipped to do that. For example, every Lenovo X1 Carbon laptop comes out of the box with Lenovo Security Assurance, which is actually powered by Absolute; it is in our hardware. Our customers can open a Lenovo PC, and know that it is completely secure, right out of the box. Every one of our laptops is fortified with Absolute’s Persistence technology and self-healing capabilities that live in the BIOS. It’s that unbreakable, secure connection that makes it possible for us to serve our customers throughout the entire lifecycle of device ownership.
Louis:Why are the legacy approaches to decommissioning assets falling short / failing today? How would you redesign IT asset-decommissioning approaches to make them more automated, less dependent on centralized IT teams?
Christy: There have been a few very visible cases over the past year of highly regulated organizations, experiencing vulnerabilities because of how they decommissioned – or did not properly decommission – their assets. But, I don’t want anyone to believe that that this is a problem that is unique to regulated industries, like financial services. The move to the cloud has given many organizations a false sense of security, and it seems that the more data running in the cloud, the more pronounced this false sense of security becomes. It’s a mistaken assumption to think that when hardware goes missing, the security problem is solved by shutting down password access and that all the data is protected because it is stored in the cloud. That’s just not true. When devices aren’t calling in anymore, it’s a major vulnerability – and the longer the device sits without being properly wiped or decommissioned, the greater the opportunity for bad actors to take advantage of those assets.
The other piece that should be top of mind is that once a device is decommissioned, it’s often sold. We want to ensure that nothing on that device gets passed on to the next owner, especially if it’s going to a service or leasing program. So, we’ve concentrated on making asset decommissioning as precise as possible and something that can be done at scale, anytime and anywhere.
Matt: Historically, reclaiming and decommissioning devices has required physical interaction. The pandemic has limited face-to-face encounters, so , we’re leveraging many different software solutions to give our customers the ability to wipe the device clean if they aren’t able to get the asset back in their possession, so that at least they know it is secure. Since we’re all now distributed, we’re looking at several different solutions that will help with decommissioning, several of which are promising and scale well given today’s constraints. Our goal is to provide our enterprise customers with decommissioning flexibility, from ten units to several thousand.
Louis:Paradoxically, having everyone remote has made the business case for improving endpoint security more compelling too. What do you hear from enterprises about accelerating digital transformation initiatives that include the latest-generation endpoint devices?
Christy: The same acceleration that I spoke about on the education side, we absolutely see on the enterprise side as well, and with rapid transformation comes increased complexity. There has been a lot of conversation about moving to Zero Trust, moving more services to the cloud and putting more controls on the endpoint – and not having these sort of layers in between. Our data tells us that the average enterprise device today has 96 unique applications, and at least 10 of them are security applications. That is a massive amount of complexity to manage. So, we don’t believe that adding more controls to the endpoint is the answer; we believe that what’s most important is knowing the security controls you have are actually working. And we need to help devices and applications become more intelligent, self-aware, and capable of fixing themselves. This concept of resiliency is the cornerstone of effective endpoint security, and a critical part of the shift to a more modern security architecture.
Matt: I think there are two major forcing functions: connection and security. Because we are all now remote, there’s a huge desire to feel connected to one another even though we aren’t sitting in the same room together. We’re modifying our products in real-time with the goal of removing shared pain points and optimizing for the new reality in which we’re all living and working. Things like microphone noise suppression and multiple far field microphones, so that if the dog barks or kids run into a room, the system will mute before you’ve even pressed the mute button. We’re improving camera technology from a processing standpoint to make things look better. Ultimately, our goal is to provide an immersive and connected experience.
Security, however, transcends specific features that deliver customer experiences – security is the experience. The features that make hardware more secure are those that lie beneath the operating system, in the firmware. That is why we have such a deep network of partners, including Absolute. Because you need to have a full ecosystem, and a program that takes advantage of all the best capabilities, in order to deliver the best security solution possible.
Louis:How is Absolute helping enterprise customers ensure greater endpoint security and resiliency in 2021 and beyond?
Christy: We spend a lot of time sitting with customers to understand their needs and how and where we can extend our endpoint security solutions to fit. We believe in taking a layered approach – which is the framework for defense in-depth, and an effective endpoint security strategy. The foundational piece, which we are able to deliver, is a permanent digital tether to every device; this is the lifeline. Not having an undeletable connection to every endpoint means you have a very large security gap, which must be closed fast. A layered, persistence-driven approach ensures our customers know their security controls are actually working and delivering business value. It enables our customers to pinpoint where a vulnerability is and take quick action to mitigate it.
Lenovo’s unique, high value-add approach to integrated security has both helped drive innovation at Absolute, while also providing Lenovo customers the strongest endpoint security possible. Their multilayer approach to their endpoint strategy capitalizes on Absolute’s many BIOS-level strengths to help their customers secure every endpoint they have. As our companies work together, we are both benefitting from a collaboration that seeks to strengthen and enrich all layers of endpoint security. Best of all, our shared customers are the benefactors of this collaboration and the results we are driving at the forefront of endpoint security.
Louis:How has the heightened focus on enterprise cybersecurity in general, and endpoint security specifically, influenced Lenovo’s product strategy in 2021 and beyond?
Matt: We have always been focused on our unique cybersecurity strengths from the device side and making sure we have all of the control points in manufacturing to ensure we build a secure platform. So, we’ve had to be open-minded about endpoint security, and diligent in envisioning how potential vulnerabilities and attack strategies can be thwarted before they impact our customers. Because of this mindset, we’re fortunate to have a very active partner community. We’re always scouring the earth for the next hot cybersecurity technology and potential partner with unique capabilities and the ability to scale with our model. This is a key reason we’ve standardized on Absolute for endpoint security, as it can accommodate a wide breadth of deployment scenarios. It’s a constant and very iterative process with a team of very smart people constantly looking at how we can excel at cybersecurity. It is this strategy that is driving us to fortify our Lenovo Security Assurance architecture over the long-term, while also seeking new ways of providing insights from existing and potentially new security applications.
Louis:What advice are you giving CISOs to strengthen endpoint security in 2021 and beyond?
Christy: One of our advisors is the former Global Head of Information Security at Citi Group, and former CISO of JP Morgan and Deutsche Bank. He talks a lot about his shared experiences of enabling business operations, while defending organizations from ever-evolving threats, and the question that more IT and security leaders need to be asking – which is, “Is it working?” Included in his expert opinion is that cybersecurity needs to be integral to business strategy – and endpoint security is essential for creating a broader secure ecosystem that can adapt as a company’s needs change.
I believe there needs to be more boardroom-level conversations around how compliance frameworks can be best used to achieve a balance between cybersecurity and business operations. A big part of that is identifying resiliency as a critical KPI for measuring the strength of endpoint controls.
30% of US and UK remote workers say their organizations don’t require them to use a secure access tool, including VPN, to log into corporate databases and systems, according to Ivanti’s 2021 Secure Consumer Cyber Report.
Plus, 25% of remote workers in the US and UK aren’t required to have specific security software running on their devices to access certain applications while working remotely.
And one in four US remote workers use their work email and passwords to log in to consumer websites and apps.
Cybersecurity gaps have continued to widen during the pandemic. A noteworthy survey by Ivanti illustrates exactly how remote workers are putting organizations at risk and where enterprise security is falling short, making those cybersecurity gaps challenging for CISOs to close. Ivanti’s 2021 Secure Consumer Cyber Report outlines the challenges that cybersecurity and IT teams have faced when securing remote workers in what’s being described as the “Everywhere Workplace.” Based on interviews with more than 2,000 US and UK respondents working from home in November 2020, the survey shows that authentication and endpoint security needs to improve across all devices that employees use.
IT Organizations Need Help Closing Their Cybersecurity Gaps
Of the many lessons learned from 2020, among the most valuable are how virtual workforces need self-diagnosing and self-remediating endpoints, while IT organizations need improved unified endpoint management (UEM) as part of a zero-trust strategy. Bad actors continue to target remote workers’ privileged access credentials to gain access and exfiltrate customer, financial and proprietary data, including intellectual property. Ivanti’s survey provides insights into where cybersecurity gaps need attention first:
The most challenging threat surface to protect is a person’s identity because it’s exposed across so many threat surfaces, including personal and work devices, consumer websites, and IoT devices in homes. The pandemic is proving identities are the new security perimeter. A person’s cell phone, personal tablet, and laptop is a real-time digital definition of a person’s identity. Nearly half (49%) of US remote workers use personal devices for their jobs, often without two-factor authentication enabled. The graphic below shows how organizations can close this cybersecurity gap by adopting UEM as part of their go-forward initiatives in 2021 and beyond:
Lack of consistent security software and password standards is a big contributor to US and UK organizations’ cybersecurity gaps today. One in four remote workers can access enterprise resources without any security software in place. An even more surprising finding is that 30% of remote workers in the US and UK can access corporate data without a secure access tool or VPN connection. If a remote worker’s identity is compromised, there’s a one in three chance that their organization will be breached, enabling cyberattackers to move laterally through the company’s systems:
Protecting remote workers’ identities & devices at scale requires Zero Trust. Automating as many tasks as possible while providing a continuous and seamless user experience is the surest way to close cybersecurity gaps. Getting rid of passwords and automating two-factor authentication using Zero Sign-On (ZSO), a core part of the Ivanti platform, is proving essential today. Zero Sign-On relies on proven biometrics, including Apple’s Face ID, as a secondary authentication factor to gain access to work email, unified communications and collaboration tools, and corporate-shared databases and resources. CISOs and their teams also need to consider how mobile threat defense can better secure personal devices against phishing, device, network, and malicious app threats. Late last year, MobileIron (now part of Ivanti) received its second mention in two years in the Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q3 2020. The Forrester Wave graphic is shown below:
In conclusion, enterprise cybersecurity gaps are widening due to a combination of risky consumer behavior and a lack of consistent security for mobile workforces. And these gaps will only increase as employees increasingly work from anywhere, using their personal devices to connect to corporate resources. To secure and enable the future of work, organizations need to start implementing and maturing an end-to-end zero trust security model today by leveraging new technologies and protecting their current security technology investments.