SAP CIO interview: SAP’s digital transformation in SE Asia

With more than 13 years of experience at SAP, Manik Narayan Saha has been responsible for executing global strategic transformation initiatives in the software multinational and has actively worked towards operational efficiency.

Since March 2013 Saha has been CIO of SAP in its Asia Pacific (APAC) and Japan division, a role not exempt of challenges but where he has received continuous praise for his innovation and initiative.

In an exclusive interview with CIO Asia, Saha spoke to us about his experience as CIO of the software corporation, how IT organisations can deal with data breaches and about the technology implementation challenges in Southeast Asia.

How is SAP delivering digital transformation?

Every modern organisation strives for achieving digital transformation and find the best business model that can deliver effective results.

For Saha, digital transformation can be delivered in two ways: digitalising enterprise processes and digitalising the workplace.

“Apart from the traditional businesses, we now have a portfolio where a significant amount of revenue comes from SAP’s Cloud business”, he said. “With this change, we’ve had to take a fundamental relook at how we operate across the company and oriented our digital transformation around it.”

By digitalising enterprise processes, SAP has redefined key end-to-end processes such as quote-to-cash in the organisation and has also looked at how modern technology can be used to support new business models.

Digitalising the workplace entails looking at how the organisation can use the best class productivity and collaboration applications with attractive user interfaces so employees can interact with updated processes.

“The transformation itself is an ongoing process, and that’s one of the reasons we took a viewpoint of a strategic direction – as opposed to a cast in stone ‘strategy’”, explained Saha. “A significant part of the transformation meant that many roles within the company needed a rethink – as a result of which the people change management was arguably the most challenging – as well as the most rewarding when we look back at the achievements.”

New waves of technology such as machine intelligence will have an impact and continue to demand and ongoing transformation.

“We have set ourselves a goal to become an “Intelligent Enterprise” using SAP’s own technology – where AI, Machine Learning, Robotic Process Automation can augment the workforce to fulfil its functions”, Saha told us.

SAP’s collaboration with startups

Support of the startup culture is an important mission for SAP, according to Saha.

One of the ways the multinational organisation works with startups is through the SAP Startup Studio in India.

Launched in June 2016, the studio includes a 100 seat incubator aimed at nurturing early-stage startups within the domain of the internet of things (IoT), big data, the cloud and verticals in retail and healthcare.

“Startups are incubated for a period of one year, coupled with a strongly knit mentorship programme that extends beyond their first year”, the CIO explained. “In April 2017, [we introduced] a new batch of 16 start-ups working on technologies such as Artificial Intelligence (AI), cloud, machine learning and IoT across various businesses.”

Another platform that SAP uses to engage with startups is SAPi.O, an open innovation model that enables innovators inside and outside of SAP to build products, find customers and change industries.

In March, SAPi.O announced a US$35m investment on early-stage enterprise startups.

Saha takes special pride in his project work with university students who go to SAP to intern in the IT department. He thinks that their young knowledge help “providing reverse mentoring” to existing employees and helping them broaden their perspectives.

“The key reason for that is that as employees mature in their existing roles, our experiences tend to stagnate and our mental frameworks become more rigid – closing the windows of opportunity especially with new technology”, explained Saha.

With this intern programme two years in the running, the CIO sees the positive impact that this initiative has had on his entire team in Singapore.

Can CIOs prevent data breaches?

This summer has brought along some disheartening news for cybersecurity.

In June, Singapore suffered the largest data breach in its history after 1.5m patients of SingHealth’s clinics saw their records stolen by hackers.

And just last week British Airways, UK’s flag carrier, announced that customers’ financial records relating to 380,000 card transactions had been the subject of a “sophisticated, malicious criminal attack”.

Saha highlighted the importance of security strategies for CIOs in order to prevent cybercrime causing mayhem within businesses which make use of IT systems.

“In today’s day and age, there is a lot of cybercrime challenges that an IT organisation needs to deal with on an ongoing basis”, he said. “While there are no “fail-proof” strategies out there, IT organisations need to work with strong technology partners, with public and private partnerships, as well as in communities to have the best chance of fighting cybercrime.”

In a recent feature, we stressed the importance of creating a dynamic security culture when CIOs are thinking of implementing security strategies in their organisations.

Saha agrees that fomenting awareness among peers and employees is essential at the time of preventing malicious attacks.

“One of the key strategies we advocate at SAP is educating our employees on the key aspects of cybersecurity and enable all employees with critical knowledge so that they can be the first line of defence when they detect any suspicious activity”, he explained. “This helps us to stay vigilant and alert and look out for suspicious activity.”

However, he is not so sure about the benefits of implementing data privacy legislation similar to the European Union’s (EU) recently introduced General Data Protection Regulation (GDPR) in the Southeast Asia region.

“The regulations in the EU around the GDPR serve a different purpose, around personal data protection and ownership. A key point here is that cyber-terrorists don’t follow any rules, therefore regulations will not have any effect here.”