Applying Defensive Strategies to Secure Systems

ERP systems, such as SAP’s ECC, face a multitude of potential threats. Within the past few years, security consulting companies such as ERPScan and Onapsis have been heralding that the once-perceived impenetrable SAP systems are susceptible to hacking attacks.  Given the financial, customer, supplier, credit card, employee and production data that reside in an ERP system, SAP … [Read more...]

The VRIO Framework

How will an organization know if it possesses sustainable competitive advantage to compete and succeed in its industry? One way to answer this question is to look at its resources and capabilities and analyze these using a structured resource-based approach called the VRIO analysis. This method is used to analyze whether an organization’s resource is valuable, rare, imitable, … [Read more...]

A Disturbance in the ERP Force

An Enterprise Resource Planning (ERP) system is a business process management software used to integrate all facets of a company’s operations. It is an enterprise application designed for large organizations and requires significant amounts of investment. A typical ERP implementation costs between $10 million and $17 million and takes about 18 to 20 months to complete. Hence, … [Read more...]

Cybersecurity Talent Shortage

McKinsey & Company published an article called, “Ten IT-enabled business trends for the decade ahead” about two years ago. It is a thoughtful read for anyone interested in foreseeing the ongoing changes in information technology, innovation, and business adoption. Some of the IT Trends that were featured include the increasing use of social technologies, the deployment of … [Read more...]

The Importance of a Security Strategy

As an information security manager, I have been involved mostly with security- or compliance-related strategic planning. One of my former employers struggled to pass its compliance audits for a couple of years mainly due to IT security and control failures. Since most of the company’s processes rely on information technology, having an effective design of information security … [Read more...]