KuppingerCole Analysts' View on Connected Enterprise



The Brave New World of Digital Business

Joerg Resch

On a trip to New York last week, I had the great opportunity to visit the Henri Matisse exhibition in the Museum of Modern Art (MoMA), which shows his Cut-Outs and is the most extensive and a very impressive exhibition of this period of Matisse´s work. If you happen to be in New York before February – don´t miss it. While walking through the exhibition hall, I saw a young man wearing a Google Glass, moving relatively fast through the exhibits. It looked like he didn´t notice the people around him and seemed to follow a different, invisible path. At some time, I felt a bit sorry for him, because he left away some of those exhibits, which I found to be the most impressive ones.

Digital Business is where digital and analog worlds merge or blur, a digital layer put on top of our analog world in any facet you could think of. Billions of people, businesses and devices communicate, interact, negotiate with each other, and create a trillion moments of opportunities. Digital Business is the design of business models for those moments, and also their exploration. Maybe, the person with the Google Glass had been guided to a part of the exhibition, which was less crowded at that very moment, or he hurried up because the nearby Starbucks Café offered deal tailored to his preferences.

The problem with such digital business designs which come along with technologies like the Internet of Things (IoT), with a new generation of cognitive machines (“Siri”), with wearables (Smart Watch, Glass…), robotics and 3D printing, is that they are operational by nature. IT professionals, who nowadays are more back-office and infrastructure oriented, need to understand the impact of digital business if they want to keep pace with providing technology and risk mitigation.

In less than 5 years from now, all business and technology leaders will need digital business skills. And in the meantime, you should consider hiring a “Chief Digital Officer” or create something like a “Digital Innovation Office”, where the average age of employees might be significantly lower than in other departments. Also, CIOs and CISOs need to find out whether their current technology partners are still the right ones, or if they need get closer to the sources of Digital Business Innovation.

After all – getting back to the guy I saw in the MoMA – even in Digital Business you need to have an attractive story to tell if you want to succeed. Although I don´t think that the Google Glass could add any additional value to the experience I personally had at the Matisse exhibition - in many other situations during my stay in New York, such a personal, privacy enhanced digital assistant would have been just great.



Getting a Grip on Operational Technology

Alexei Balaganski

Let’s begin with a couple of fundamental definitions:

Information Technology (IT) can be defined as a set of infrastructures, devices and software for processing information. A traditional IT system is in charge of storing, transmitting and transforming data, but it does not interface directly with the physical world.

Operational Technology (OT) is a set of hardware devices, sensors and software that support management and monitoring of physical equipment and processes within an enterprise, such as manufacturing plants or power distribution grids. OT deals with such components as various sensors, meters and valves, as well as industrial control systems (ICS) that supervise and monitor them.

The terms ICS and SCADA, by the way, are nowadays often used interchangeably; however, this isn’t strictly true, since Supervisory Control and Data Acquisition (SCADA) is just a subset of industrial control systems, other types being embedded systems, distributed control systems, etc. Traditionally, the term SCADA has been used for large-scale distributed control systems, such as a power grid or a gas pipeline.

Historically, IT and OT have evolved quite independently, driven by completely different business demands, requirements and regulations. In a sense, Operation Technology predates the era of computers – the first manufacturing control systems weren’t even electronic! Early ICS were monolithic physically isolated systems without network connectivity. Later generations were usually based on proprietary communication protocols and device-specific real-time operating systems. Driven above all by demand of process continuity, they were usually designed without security in mind.

Current ICS, however, have gradually evolved towards large-scale systems based on open standards and protocols, such as IP, as well as using standard PCs running Windows as control workstations. They are becoming increasingly interconnected with office networks and the Internet. Yet, modern industrial networks are often still plagued with the same blatant disregard for security. The underlying reason for that has little to do with technology; on the contrary, it’s a consequence of a deep cultural divide between OT and IT. Operations departments usually consist of industry specialists with engineering background, while IT departments are staffed by people without knowledge of manufacturing processes. OT is usually managed by a business unit, with different requirements, strategies and responsibilities from IT. Instead of collaborating, they are often forced to compete for budgets and fight over issues that the other party simply sees as insignificant.

The times are changing, however. As we are approaching the new “connected” age, the technological divide between industrial and enterprise networks is disappearing. Smart devices or “things” are everywhere now, and embedded intelligence finds widespread use in industrial networks as well. A modern agile business constantly demands for new ways of communication with partners, customers and other external entities. All this creates new exciting opportunities. And new risks.

Opening OT to the world means that industrial networks are exposed to the same old security problems like malware attacks and lack of strong authentication. However, the challenges for information security professionals go far beyond that. There are challenges that traditional IT security isn’t yet capable of addressing. This includes technical issues like securing proprietary programmable logic controllers (PLC), business requirements like ensuring manufacturing process continuity, and completely new challenges like enabling massive-scale identity services for the Internet of Everything.

The convergence of IT and OT is therefore inevitable, even though the challenges the organizations are going to face on the way to it look daunting. And it is the responsibility of IT specialists do lead and steer this process.

“If not us, then who? If not now, then when?”



Do We Need a Chief Digital Officer?

Martin Kuppinger

The digitalization of businesses has created an imperative for change that cannot be resisted. IT has to support fundamental organizational change. IT must become a business enabler, rather than obstructing change.

However, enabling new forms of digital business requires that IT take a fundamentally different role. In fact, IT is not about technology anymore, it must focus on understanding and fostering the digital business. It must enable the shift to new business models and support this shift by ensuring agility in the underlying technology, whether on premise or in the cloud.

Never since the industrial revolution have we seen such a fundamental change in business. This is more than just “industry 4.0”, a term quite popular in Germany to describe the change that affects manufacturing by connecting plants, things, and customers. This revolution affects any type of business; whether this is the automotive industry and connected vehicles, the utilities and smart metering together with decentralized power generation based on solar or wind power; or whether it is a fundamental change in the publishing and printing industry. This is all about the digitalization of businesses.

The new ABC is simple: Agile Businesses – Connected to their customers, partners and associates.

It has to master this change, but can IT do this? It sees itself as supplier of technology rather than a business enabler, and this explains why things do not work or are insecure. For example, businesses started adopting the cloud so quickly in order to gain agility.

In today’s world of the Agile Business Connected the biggest challenge and matter of survival for organizations is bridging the gap between business and IT. IT is the essential enabler of digitalization, for this new business model. However, as long as the focus is on traditional IT, the gap will remain. There needs to be a new role at the C-level of organizations – the person that drives this digitalization. This person should envisage and understand the new business models and together with their team make them work. This must be the person that bridges the gap between business and IT and therefore enables digitalization.

This could be the CIO or could be a new role in the organization, with the CIO being responsible for the “technology” piece within IT. But one thing is clear to me: organizations need someone who drives the digitalization of business with a strong understanding of both business and technology.

Related KuppingerCole Research

Related KuppingerCole Podcasts

Upcoming KuppingerCole Webinars

KC EXTEND - Business Agility and Information Security for your Extended Enterprise


Making the EXTENDed Enterprise work in practice

  • You need external users, business partners and customers to be securely integrated into your Identity and Access Management architecture
  • You need internal users to have access to systems of external partners
  • You want to know what kind of external directory service and what forms of Identity Management as a Service (IdMaaS) are needed
  • You are uncertain whether new standards such as OAuth 2.0 and OpenID.connect are important for you

Read more