Moving to the cloud, digital transformation and prioritising zero trust security at Oktane19Large organisations are adopting the cloud at an increasing rate. But what are the practicalities of moving to the cloud, how will this help with their digital transformation efforts and how will it help prioritise security. These pillars were explored on the second day of Oktane19
Why are organisations, especially the larger ones, focusing on cloud growth?
SaaS has had a 1200% increase in spend over ten years. But, this is still a fraction of IT spend. What does this say? It’s very early in the shift to software
Moving to the cloud helps traditional organisations reduce IT friction, improve M&A agility, reduce costs, attract a digital native workforce and plan for the future.
“Large organisations want to do the same things that small companies do,” said Kerrest. To do this, they need to adopt the cloud, and they recognise this.
According to Okta’s Digital Enterprise Report cloud adoption is, unsurprisingly, on the rise: 67% of organisations expect the number of cloud-based apps to increase.
But, they are just getting started. The report of 1,000 technology leaders also found that 69% of large organisations are less than halfway into their ‘cloud end state’.
In reality, “there is no end state,” explained Kerrest. It’s a constant movement or journey.
Trust at Oktane19: the new frontier in technology
Moving to the cloud
To illustrate why the larger, more traditional industries and businesses are moving to the cloud, Kerrest introduced Spencer Mott — SVP and global CISO at McKesson — and Ashish Sanghrajka — SVP, CIO at Hitachi.
McKesson delivers one-third of pharmcetuicals in North America. It is a huge organisation, which achieved $208.4 billion in revenue for 2018.
Why do they want to move to the cloud? “Healthcare is changing rapidly,” explained Mott. “We need to move to the cloud because of changing consumer expectations. The expectation of an omni-channel experience.”
McKesson touches many parts of the healthcare ecosystem, which generates a huge amount of data. The cloud helps “connect that data,” said Mott. And, this will “provide better outcomes for patients.”
Hitachi’s desire to move to the cloud stemmed from its desire to overcome the challenges of history.
The multinational is made up of 80 companies and is over 100 years old. As a result, there’s a lot of legacy and “we are trying to move from a product to a solutions and services company,” said Sanghrajka.
“We want to drive operational efficiency, reduce costs, improve revenue growth and change our business model,” he continued.
“We’re using cloud as a technology to standardise and consolidate structure — to integrate cloud application with identity infrastructure, in a secure manner.”
Achieving this cloud environment depends, in part, on talent. Specifically, millennial talent.
In order to retain and recruit the millennial workforce, Mott said that “we need to define a meaningful mission, which is relevant and combine that with a nice work environment that is well payed.”
And both agreed that the millennial workforce needs to have access to modern, cloud native tools that enable them to do their job. They need to feel they are “bringing success to the enterprise,” said Sanghrajka.
IBM’s Michelle Peluso: what should we expect from technology?
Digital transformation is a term that’s overused, but what it comes down to is that “every company has to become a technology company,” said Kerrest. It’s easier when you’re a small company, but larger companies can’t ignore this trend.
Why? Because “software is eating the world — it’s the great equaliser,” continued Kerrest. Becoming a technology company leads to a more efficient way of doing things, including customer experience.
Who are the large enterprises customers? Increasingly there are digital natives, and as a result, organisations have to become a digital business. And again, they know this.
According to Okta’s enterprise report, half of formal organisations have a strategy to digitise their business.
“We have a lot of legacy to protect and a spectrum of customers who have different demands,” said Ramiya Iyer, GVP, IT Digital, Data and Pharmacy at Albertsons — one of the largest food and drug retailers in the United States, following the 2015 merger with Safeway, Inc.
“We can meet this demand through innovation by digital transformation,” she said.
During the major M&A, it was important to create a “digital backbone” that integrated all the different businesses that are under the Albertsons umbrella.
This was necessary in creating a “cohesion of end user identity into a seamless experience,” continued Iyer.
“The cloud-base helps,” he said. “Because we require a level of independence and above business capability during tech M&A. Lots of aspects have to integrate without the weight of legacy.”
For a company that was founded in 1781, digital innovation, R&D and research-driven have almost become a commodity to Takeda.
Why prioritise security?
Well, the cost of a data breach — both financially and in terms of brand reputation — is growing. In 2018, researchers at the Ponemon Institute found that the mean time to identify a data breach incident was 197 days, and the mean time to contain was 69 days.
CEO and co-founder of Okta, Todd McKinnon said that this means that security should be part of an organisation’s mission statement. If they don’t they will “pay a price in their business results and their brand.”
Boards are now worried about business risk and brand reputation. It is an issue with consumers.”
Trust and security based on network perimeter and firewalls are no longer viable. Once these defences are breached, hackers have access to everything.
This has led to a new paradigm in security: zero trust.
“The amount of respondents who knew about zero trust surprised me,” said McKinnon.
At its core, zero trust recognises that modern businesses should no longer have a “trusted” internal network and an “untrusted” external network.
Zero trust is described by Cloudfare as ‘a security model based on the principle of maintaining strict access controls and not trusting anyone by default, even those already inside the network perimeter’
So, why is zero trust coming to the fore? The cloud has enabled new ways of working: mobile working, business collaboration and forced consumer tech into the enterprise.
With these new ways of working, companies need to move beyond traditional security parameters.
According to Okta’s report this is exactly what they’re doing. It found that more than half (60%) of the world’s largest companies are pursuing zero trust.
Never trust always verify
The research also notes that some of the control of zero trust hinges on multi-factor authentication — which too few companies are adopting.
“We see app development move towards zero trust from an application segmentation perspective.”
Tim Berners-Lee on the World Wide Web: “it seemed like a good idea at the time”