Industry news

Click here to access the video of Xchanging's latest research into stakeholder perceptions of procurement.

In this video Graham Copeland, Sales and Marketing Director at Xchanging Procurement Services, and Catherine Lawrence, Senior Category Manager, Professional Services and Marketing, discuss Xchanging's latest research into stakeholder perceptions of procurement today.

Graham and Catherine will be hosting a workshop on Thursday 18th April called THE TRUTH: The workshop will be far ranging and will provide an in-depth analysis of what Marketing Directors are looking for from their procurement departments.

During the workshop Graham and Catherine will be discussing ways in which procurement is adding value and thoughts on what specifically Marketing Directors think their procurement teams could be doing to play a more strategic role in the future.

This year will see the turning point for the public cloud, as a result of repeated security infractions and regulatory issues. Companies are beginning to realise that they need a secure and stable infrastructure, which is both fast and flexible. They need to think about systems that allow them to ramp up resources, as well as scaling them down depending on business needs.

For many service providers, 99% uptime is seen as good, however as the role of service providers becomes even more critical, that one per cent of downtime isn’t good enough anymore. This is what is starting to be seen with the public cloud. The fundamental question is, what infrastructure would you run your important business system on and how risky are you willing to be with business data?

The public cloud emerged as a quick and scalable utility that could revolutionise enterprise IT, however, due to repetitive data breaches and repeated downtime, the public cloud has been highlighted as disposable. Data breaches are fairly common stories in the media, and are usually dramatised, with millions of people’s personal data being stolen each time. The Yahoo! eHarmony and Linkedin stories are oft-quoted, but the real extent of data breaches is often greater.

The public cloud’s open and shared services approach always raised security concerns, and the fact that data can be stored anywhere in the world raises regulatory issues around data protection and ownership. For this reason, businesses simply cannot trust the public cloud’s offerings.

In the future, we will see the private cloud’s status increase. It continues to grow in popularity, especially with financial services institutions and global corporations. The private cloud is a much more secure form of data storage, which is why is has become so popular with these types of companies. With the level of flexibility now offered by private cloud providers, it is a more compelling proposition for hosting important business systems and business information.

Establishing their own personal infrastructure allows these companies to keep complete control of their data, while still achieving the flexibility benefits of running services through the ‘cloud’.

Companies are looking to invest in a service that matches their required business outcomes. They are looking to move away from traditional data centres and move towards an option whereby you can pay solely for the data and computing resources that you use. Companies want a predictable financial transaction, which can easily be paid off each month and aligns with their business outcomes.

Companies are looking to move away from outsourcing the provision of infrastructure and applications. Instead they want a supplier with SLAs relating to the availability of their business services.

The private cloud is the only solution that can securely protect a company’s information assets. The future of cloud is to deliver an end-to-end service and not just component parts. Suppliers who can supply SaaS, IaaS, PaaS, management consultancy and in-house processes will be the only ones truly able to deliver the outcomes that businesses require.

Businesses find cloud migration costly

Cloud computing: let’s work together!

Earlier this year the highly regarded procurement analyst Jason Busch heralded 2013 as ‘the year of Source to Pay (S2P) adoption in small to medium sized enterprises’. But at a time of continued economic uncertainty for many, is adding another cost line to already-strained IT budgets really a smart move? When it’s one that can deliver significant short term payback and resource reduction, the answer must surely be yes.

For many SMEs the first questions may be ‘what is Source to Pay’? Put simply, S2P systems deliver big cost savings by providing the tools to negotiate the best possible deals from suppliers, ensure employees buy compliantly from those suppliers and reduce process overheads by automating the exchange of orders and invoices.

Source-to-Pay software takes the legwork out of that entire sourcing and purchasing cycle, from the starting point of analysing spend and selecting suppliers, through to the endpoint of paying the supplier correctly. To aid understanding of this issue and solution I’ve identified five sourcing and purchasing pain points that are remedied by Source to Pay. In this post I will focus on the first of these – selecting your preferred suppliers.

So here’s the scenario - you decide to review your purchasing in a particular spend category that comprises hundreds of different products and a range of services, let’s say facilities management. This process shows that different departments are buying varied elements of this category from a number of different suppliers, creating many small ad hoc purchases at non-competitive prices. You decide to put out a tender to a vetted list of suppliers for a stripped down set of standard services. The aim is to consolidate what you buy and from whom so that you can increase buying power and negotiate a better price.

But going out to tender manually requires significant resource and is so long-winded and error prone that the process of reviewing suppliers never really gets off the ground. Writing effective tender invitations, then sorting through and evaluating varied and difficult to compare responses, slows the process and makes it harder to compare offers from suppliers. Your opportunity to reduce costs and ensure contractually secure products and services are used by the business falls at the first fence.

Source-to-Pay can largely automate this process. Tenders can be constructed within the system from pre-defined clauses dragged and dropped into place. Then suppliers actually respond within the system too, eliminating paperwork and manual checking. The system also automatically checks, compares and scores responses against chosen criteria. So significant are the productivity benefits of Source to Pay in this area that mid-sized organisations often see a reduction of around 85% in the time it takes to manage the tender process.

So Source to Pay has the potential to get your supplier and spending review off to a flying start with effective preferred supplier selection, but it doesn’t stop there. It’s an integrated cycle and in the next post we’ll look at the next two pain points it remedies – supplier contract management and maverick spend management.

On August 15, 2012, Saudi Arabia’s national oil and gas company, Aramco, suffered a debilitating cyberattack. More than 30,000 computers were rendered inoperable by the Shamoon virus. US Secretary of Defense Leon Panetta described this virus as the most destructive weapon ever used against the business sector. Network security is a growing problem in the IT industry today. The very trends that have revolutionized users’ access to data are the same ones that are leaving networks vulnerable to attacks by cybercriminals. No single security product can fully defend against all network intrusions, but a smart combination of existing products can provide a more flexible solution. Napatech’s intelligent adapter forms a key part of this response by ensuring that network monitoring and security appliances have the full capacity to monitor, detect and halt potential attacks.

Three recent trends in the IT industry have improved the efficiency and effectiveness of digital services: cloud computing, big data analysis and mobility. Cloud computing centralizes data and makes it accessible anytime, anywhere. Unfortunately, it also provides cybercriminals with fewer, and more valuable, targets. Big data analysis offers a sophisticated overview of complex information; however, such a wealth of sensitive information in a centralized location provides an irresistible target for cybercriminals. Mobility allows convenience; it permits users to access data on the network with different devices, such as mobile phones and iPads. But this severely compromises security as these devices do not have the same protections as the typical corporate laptop.

UK infrastructure faces cyber threat, says GCHQ chief

With increasing data availability, cyberattacks are becoming more common every year. The cost of these attacks to business, though declining from 2010 to 2011, is still high. According to the Ponemon Institute and Symantec Research, the average cost of a security breach in the United States was $5.5 million in 2011. Cybercriminals are becoming smarter, innovating new methods to penetrate defenses and often using several different kinds of attacks in combination. For example, a hacker can utilize a distributed denial of service (DDoS) attack as a diversion for introducing malware into a network. In the case of the attack in Saudi Arabia, cyberterrorists utilized a virus in a spear phishing attack in an attempt to disrupt international oil and gas markets. There are many types of security appliances and solutions deployed in networks, each with its own specific focus. However, these solutions are rarely coordinated, which hackers exploit using a combination of attacks.

To successfully defend against this, some kind of coordination is required between the various security solutions so a complete overview can be provided. But, even this is not enough, as detecting zero-day threats (new attacks that have never been seen before) is very difficult. It is therefore necessary to also monitor how the network is behaving to make sure that no attacks have penetrated the security solutions in place. To do this successfully requires that all these solutions are capable of monitoring and reacting in real-time.

Most networks already have monitoring appliances in place, such as a firewall, an Intrusion Detection or Prevention System (IDS/IPS) or Data Loss Prevention (DPL) application. Some products that consolidate these methods into one appliance include Universal Threat Management (UTM) and Next-Generation Firewalls. But single point solutions can only ever address a part of the problem.

Another solution to network security uses the concept of Security Information and Event Management (SIEM) which is based on the centralization of information from both network and security appliances to provide a holistic view of security. This is a real-time solution, constantly monitoring the network to detect any anomalies that might arise. That means that both the network and security appliances need to be able to provide data on a real-time basis to ensure that anomalies are detected the moment they occur. This, in turn, means that each of the appliances must be capable of keeping up with growing data loads and speeds.

One of the easiest ways of disrupting the security of the network is to overload the security and network monitoring appliances using a DDoS attack rendering the centralized SIEM system blind. This is a real threat if these appliances are not capable of operating at full throughput. By assuring that they can, you have just removed another potential attack vector.

Napatech intelligent adapters are used in both network monitoring and security appliances to guarantee full throughput under maximum load at speeds up to 40 Gbps. Napatech adapters can scale network throughput and combine different port speeds, distributing data flows on up to 32 CPU cores. The data can then be intelligently distributed to one or multiple security or network monitoring applications running on the same physical server—all of this accomplished without compromising CPU performance.

The information from network and application monitoring applications can be used to build network behavior profiles. The customer uses real-time information on network and application usage to detect anomalies as they occur. These anomalies can then be compared to data from security appliances to identify if an attack is underway. Napatech adapters allow for the proper maximization of monitoring and security applications for a multifaceted defense.

Cyberattacks on the world economy and infrastructure are becoming commonplace. The adoption of cloud computing, big data analysis and mobility have improved efficiency, but unfortunately they have also exposed critical vulnerabilities in networks. Utilizing SIEM systems on standard servers with Napatech adapters enables OEM vendors to provide solutions that can respond immediately to any detected anomalies in the network. By combining network and security information into a more holistic solution, attacks—such as the spear phishing assault on Aramco—can be deterred. By focusing on guaranteed data delivery and scalable performance, Napatech, the industry leader in adapters, enables its monitoring and security appliance vendors to build the centralized security solutions that can help protect networks in the years to come.

Time to ReThink Network Security

Over £100 million worth of contracts have been awarded to SMEs under the Small Business Research Initiative (SBRI).

The public sector program designed to increase SME participation in government projects has now seen 1,270 contracts awarded since the scheme’s establishment in 2009, passing a combined value of £100 million.

The government have moved to capitalise on the progress on the SBRI, raising a pledge to provide £40 million worth of contracts to small businesses over 2012-13, to £100 million in 2013-14 and £200 million through 2014-15.

The SBRI allows SMEs to enter the public sector procurement process with contracts awarded on the basis of innovation value.

Stephen Browning, Head of SBRI at the Technology Strategy Board, said: “presents a truly win-win scenario whereby government departments can find solutions to very real problems, whilst small businesses have an opportunity to present their ideas to organisations that may otherwise be unreachable."

SMEs forced to adapt to economic pressures

SMEs to spend $96 billion by 2015

The Financial Conduct Authority (FCA) is to investigate RBS over IT failures from June and July 2012, which resulted in the disruption of service for customers and services.

Customers with RBS, Natwest, and Ulster Bank were all impacted by IT failures stemming from a poorly implemented software upgrade, with IT issues in some cases lasting a month before being fixed.

The total cost of the failures was calculated at as much as £175 million for charges and compensation payment to customers.

The IT malfunction led to a period of system replacements and overhaul of key services in a move to safeguard key systems in order to prevent future outages. Despite improvements to IT systems, RBS suffered further technical issues in March 2012.

In an announced the FCA said: “The FCA will reach its conclusions in due course and will decide whether or not enforcement action should follow that investigation.”

Hardware failure found to be responsible for NatWest outage

RBS plans to implement £80 million IT revamp

Outsourcing firms and the industry as a whole are at risk from missing out on the potential value of outsourcing according to new research.

The research from HfS Research and sponsored by Accenture revealed that users and suppliers need to focus on developing talent and skills, otherwise contracts will merely deliver basic cost reductions, aside from other benefits from the outsourcing process.

The research found that only one third of enterprise outsourcing customers viewed their current governance team as being capable of driving innovation within a contract, with only a half of outsourcing providers providing an established training program to develop relationship management or analytical skills.

Mike Salvino, group chief executive, Business Process Outsourcing, Accenture, said: “If outsourcing is to deliver on its full potential, buyers as well as providers need to invest in developing the skills and talent to capture the greater levels of value available from fourth and fifth generation BPO solutions.”

Mr Salvino added: “The bottom line is that outsourcing business or IT functions is never ’done’ and with proper investments in talent, the outsourcing governance team has continual opportunities to improve productivity, efficiency and access to critical data”.

Accenture see sales growth from increased outsourcing demand

Accenture led consortium wins national border control system contract

Development group Mott MacDonald has awarded a five year global communications deal to Tata Communications, in a deal which is valued at around £13 million.

Tata Communications will deliver telecommunication services to the development group as part of the contract, as part of a communications consolidation strategy being enacted by Mott MacDonald. The delivery of new communications services comes as multiple systems used by thousands of Mott MacDonald employees throughout the globe are brought together under one system.

The consolidation process will allow services to be migrated to ac loud based infrastructure in order to facilitate collaboration, even between groups that are separated internationally.

“With over 168 offices around the world and projects in 140 countries this contract will provide us with the ease of access needed to keep us at the top of our industry", said Darren Russell, Mott MacDonald’s global IT director.

Southern Water signs with TCS for systems transformation project

New delivery centre constructed by TCS in Liverpool to comply with regulation

Rail operators who fail to meet targets and consistently underperform should be removed from rail franchises through the implementation of new legislation.

Sir Richard Branson calls for rail franchises to kick out failing operators with Rail operators who fail to meet targets and consistently underperform should be removed from rail franchises through the implementation of new legislation.

Sir Richard Branson urged for the creation of new franchise at the launch of Virgin Atlantic domestic flights, while describing how Virgin Rail would be able to deliver far better value services for taxpayers from the East Coast rail franchise than the current state operators.

“We can absolutely do an awful lot better than the current management team on the east coast. The east coast has stagnated", he said.

Sir Richard Branson also commented on the failed West Coast procurement process, saying that: “"We have to be sure that the rules of engagement are different from last time."

The appeal by Virgin which led to the collapse of the West Coast procurement franchise revolved around the ability of the chosen operator to deliver on their promises. The addition of the ability to remove failing operators would lessen the impact of such an event should it occur.

Government places East Coast rail line up for bid

Virgin Rail receives west coast rail line extension

Chinese IT giant Huawei are looking to make strong gains over the coming years, capitalising on strong profits and results from 2012 published on Monday.

Posting revenues of over £23 billion , with a net profit increase of 32 percent from the previous year.

The company saw strong results in both its network division and its enterprise division.

The posting of strong results comes despite the difficulties the company has faced in its U.S. sectors, with the criticism of China’s suspected links to cyber-attacks having impacted Chinese business intrests in western countries.

Huawei succeeded in expanding in both Europe and the U.S. despite the associated controversies.

The company is looking to develop growth with expectations of achieving a compound growth rate of 10 percent within the next five years.

Guo Ping, acting CEO of Huawei said: "In 2012, Huawei met business performance expectations through improved operational efficiency".

US trade group send letter to congress criticising Chinese IT supplier ban