This is according to enterprise software and digital solutions provider , which also lists AI, digital skills and closer partnerships as trends that will impact the channel.

, SAP’s partnerĚý and ecosystems lead for MEA, says the main role that technology plays in business is pushing customers to involve partnersĚýĚýin strategic discussions to ensure proper guidance from the start. Effective partnerships across sectors, from government to non-profits, are essential to address industry challenges, she adds.

, MD of , concurs and notes the era of fragmented systems is ending.

She adds that unified partner ecosystems are now vital for streamlining operations, boosting collaboration and delivering value to customers while driving efficiency.

51ˇçÁ÷also identifies data and security as the top issues for organisations in 2025, with companies aware that disparate data can skew analytics and rising cyber security threats pose increasing challenges.

“Disparate data stored in different places is typically drawn up into an analytics platform, as a result, losing its contextual relevance. Actual analytics then become skewed, impacting outputs,” says Pillay.

The second biggest issue facing customers and partners is security, she continues. “Increased and more sophisticated levels of malicious intent are negatively impacting our industry at large.”

JSE-listed ICT firm says AI-driven security, zero trust models and human-centric security will be top of mind for business leaders, cyber security C-suite decision-makers, CISOs and cyber security services providers.

In addition to adopting advanced, AI-enabled threat detection systems, the company advocates a “trust no one, verify everything” architecture to protect sensitive data in hybrid work environments.

The company agrees with the notion that human error is a major cause of cyber security attacks and incidents. It underlines the need for ongoing employee training and fostering a culture of vigilance to reduce risks.

According to BCX, it understands the unique challenges African businesses face, from limited budgets to regulatory compliance and the persistent cyber security skills gap.

AI-driven operations

Taute believes AI can transform operations by enhancing decision-making through predictive insights, optimising resource allocation and uncovering growth opportunities. Partners offering AI-driven solutions will be key to meeting customer demand for automation and machine learning capabilities, Taute adds.

“By integrating AI into enablement platforms and operational workflows, partners can better anticipate customer needs, optimise resource allocation and uncover growth opportunities. Beyond operational benefits, AI also presents a significant sales opportunity for partners. As customers increasingly look for solutions incorporating AI-driven automation, predictive analytics and machine learning capabilities, tech partners can position themselves as key providers of these innovative technologies.”

The Westcon-Comstor Southern African executive adds that specialisation is becoming a key differentiator in the channel, with customers demanding tailored solutions that address industry-specific challenges.

“Partners with deep expertise in verticals such as healthcare, finance or manufacturing will stand out by delivering bespoke technology stacks and compliance-ready solutions. Distributors that support this trend by enabling multi-vendor solutions and providing specialised training will empower their partners to capture new market opportunities and thrive in niche segments. People enablement will be a serious determiner for success in 2025,” says Taute.

, GM and VP of , warns that AI moves quickly and can leave behind companies that cannot or will not adapt.

°Â´Ç´Çąôąôąđ˛âĚýĚýheld recently and said according to the Dell 2024 Innovation Catalyst study, 31% of South African respondents admit they’re struggling to keep up with the pace of disruption.Ěý“The whole industry is evolving at pace, and that creates a lot of tension within businesses. Most people understand it will have an impact.”

Balancing costs

’s highlights the challenge for companies to balance IT costs with modernisation, especially with rising expenses and AI advancements.

“Cloud repatriation, driven by cost concerns and regulatory compliance, is gaining momentum, with businesses opting for a mix of private and public cloud solutions. As businesses face increasing complexity, the cloud FinOps market is growing, with skills and resources in demand. AI adoption will require clear use cases and evidence of long-term business benefits, with prebuilt systems enabling faster implementation.

“With South African businesses under significant pressure to manage and reduce IT costs, company leaders are finding themselves in a tough spot. They need to balance these rising cost pressures with the urgent need to modernise, all while keeping a lid on operational complexity. These pressures will reach a tipping point in 2025, thanks to some unexpected cost spikes and advancements in generative AI. Because of this, many businesses are taking a hard look at their long-term IT strategies, trying to figure out how to handle the rising costs of their virtualised workloads, support both current and future needs, and streamline IT operations in an increasingly complex environment.”

Cloud repatriation is taking centre stage in 2025 as businesses reassess their public cloud strategies.

According to Ntuli, escalating costs and the need for better budget management are driving this trend. Many organisations are now opting for a strategic mix of private and public cloud solutions to balance expenses and manage resources effectively.

“As a result, FinOps is becoming essential. Projected to hit almost $40 billion by 2034, the burgeoning cloud FinOps market underscores the need for skills and resources in this area,” he says.

In his overview of issues that will continue to impact the channel, , VP, data and analytics – Middle East, Turkey and Africa and MD South Africa at IDC, lists several significant external influences, including inflation, economy and global trends.

Walker says these trends include consumer discretionary spend, COVID amortisation at enterprises, the impact of AI, import tariffs/duties and the level of technical support that will trigger more activity in the channel and will escalate the level of competition.

This article first appeared here:

The post AI, Partner Unification, Sustainability will Dominate in 2025, say SA Channel Players appeared first on 51ˇçÁ÷Africa News Center.

Working from home has become an intrinsic part of life for many due to the pandemic. This has led to an increased need for business agility, mobile working capabilities, and end-to-end security.

“The cloud hosted version of 51ˇçÁ÷Business One makes it easier for small and medium enterprises to function remotely, with built-in capabilities to handle diverse business needs,” saysĚýHeinrich de Leeuw, MD, Seidor Africa.

Productivity
Employees can use this ERP solution from anywhere and at any time, just as if they were working onsite. Data can be accessed in the cloud, and accurate, comprehensive reports created. The software instantly stores all data and makes it accessible to all the relevant stakeholders.

“With 51ˇçÁ÷Business One, you can create an interactive and intuitive dashboard that assists in sorting out the data, monitoring cash flow, and performing multiple other tasks,” adds de Leeuw.

Security
As remote working and remote connections gain greater significance, the need for secure access to remote networks is also on the rise.

“An advantage of the 51ˇçÁ÷Business One Cloud hosted version is that it allows you to scale and innovate, while maintaining a safeguarded environment,” says De Leeuw. “When you deploy the solution, you benefit from a safe and secure cloud environment built to meet the requirements of the most security-sensitive organisations.”

Reporting
51ˇçÁ÷Business One provides a series of predefined, built-in reports for each functional area of the software. Users can focus the report on specific areas of the business and customise the output.

“Whether you’re a controller, inventory manager, or CEO, you gain a clear view of the state of the business to make smart decisions,” De Leeuw says. “You can prepare and run standard reports on your business’s data with ease, using the many reporting options available.”

Mobility
Mobile working capabilities are critical in our changing world. With the mobile app for 51ˇçÁ÷Business One, you can run your business from any location, at any time. With an iPhone or Android phone, users can access the data they need to streamline sales, handle service tickets, manage customers and contacts, view reports and more.

“Cloud-based technologies have made it possible for everyone to access documents anytime and anywhere,” concludes De Leeuw. “Regardless of user location, we enable our customers to be fully productive while working remotely, so that they can keep pace with changing business needs.”

The post Seamless ERP for SMEs, Regardless of User Location appeared first on 51ˇçÁ÷Africa News Center.

It’s not that these enterprises haven’t taken steps to protect these assets; it’s just that the “traditional” way of preparing for and responding to ransomware simply won’t work anymore.

So what’s needed to protect your organization’s business-critical applications from the looming threat of ransomware? That’s exactly what 51ˇçÁ÷and Onapsis seek to address here.

When most people think about ransomware, there are two immediate, “traditional” solutions that come to mind: backups and endpoint security. Both are critical components of a solid security program, without a doubt. However, their presence could lull organizations into a false sense of security, as there still remain gaps, especially related to business-critical systems that are connected in more ways than ever before.

The challenge is that many enterprises realize too late that, in preparation for a ransomware attack, you need to close all the doors and windows of your house — not just the front door of endpoint protection. When thinking about ransomware attack vectors, it’s imperative to consider all potential entry points into the business-critical environment and how to secure them. To continue this metaphor, this also includes evaluating your neighbors and how they get into your house too.

When you think about all of these vectors, you slowly realize that this challenge goes way beyond just endpoint security and backups. It requires a more holistic look at securing your business-critical applications, including — yes — things that we would classify as “good security hygiene.”

In a recent , we demonstrated that threat actors clearly have the means, the motivation, and the expertise to identify and exploit unprotected mission-critical applications, and are, in fact, actively doing so.

As an example, a massive, publicly traded company was recently subjected to a ransomware attack on its enterprise resource planning (ERP) application data. Did they have backups? Yes: the backup was refreshed once a week. However, operations halted anyway. When this happens, even with backups in place, it could still take hours or even days to restore from a backup, and the negative impact on the business and the financial losses are high regardless. Did they have endpoint security? Yes; however, the attackers bypassed the endpoint detection and response (EDR) software by accessing the data through the application. EDR is great for identifying activities on compromised assets and allowing the containment and collection of artifacts, such as process trees, files created by malware, but the application level still poses a challenge. And these attackers used that application layer, which was not monitored by the tool itself, to compromise the business-critical assets.

Vulnerabilities such as 10KBLAZE, PayDay, and RECON allow threat actors to take full control of applications through the application layer itself. These threat actors go straight to the application, and, once in, go down to the operating system level there. When you consider CIO digital transformation initiatives or the rapid adjustment to remote work due to the COVID-19 pandemic, there is a significant magnification of risk. Onapsis has observed that new, unprotected 51ˇçÁ÷applications provisioned in IaaS environments were discovered by threat actors and attacked in less than three hours, with more than 400 successful exploitations observed as of the date of this publication.

Ultimately, what’s needed then is a new model to defend against ransomware, one that goes beyond the scope of just protecting endpoints, backing up files, and hoping for the best. claims that organizations should “[i]mplement a risk-based vulnerability management process that includes threat intelligence. Ransomware often relies on unpatched systems to allow lateral movement. This should be a continuous process. The risk associated with vulnerabilities changes as these vulnerabilities are exploited by attackers.” We couldn’t agree more.

What’s needed is a renewed commitment to some key security fundamentals:

1. Security Hardening of Business-Critical Applications
2. Timely Patch Management
3. Point-in-Time Vulnerability Assessments
4. Continuous Monitoring of Vulnerabilities and Threats to Your Business-Critical Applications
5. Securing Your Custom Code in Business-Critical Applications
6. A Commitment to Control and Governance

51ˇçÁ÷is committed to continuously innovating our software to keep your information safe — both on premise and in the cloud. We prioritize security so that you can stay focused on running your business and managing your customer relationships effectively using 51ˇçÁ÷solutions, safe in the knowledge that your data is secured. To protect clients from ransomware attacks, securing development infrastructure, such as the build and deploy chain, is of utmost importance to prevent the manipulation of shipment artifacts.

As part of our commitment to clients, 51ˇçÁ÷follows a secure software development and operations lifecycle to identify and mitigate all kinds of security weaknesses and vulnerabilities during the development of products and services. Through the use of risk identification techniques such as the 51ˇçÁ÷threat modeling method and secure development trainings, 51ˇçÁ÷enables development teams to eliminate potential entry points for ransomware and other kind of attacks. It also ensures that basic security principles, such as that of least privilege, are part of the DNA of 51ˇçÁ÷developers.

51ˇçÁ÷continues to harden our systems with automated static code analysis, vulnerability scans, and validation from a dedicated, independent 51ˇçÁ÷internal security team. SAP’s software development lifecycle serves as an example to clients on how to support a DevSecOps model covering development and operations aspects for continuous and secure delivery of software.

When deploying and running 51ˇçÁ÷applications, it is imperative that organizations focus on hardening their system to minimize the overall attack surface — for example, ensuring the proper setting of system parameters and other aspects of system configuration, including the activation of security features and functionalities. It is important that the proper configuration settings are in place to protect an organization against possible security vulnerabilities.

51ˇçÁ÷provides key features such as the 51ˇçÁ÷EarlyWatch Alert service, which monitors the essential administrative areas of 51ˇçÁ÷components to keep organizations up to date on performance and stability as well as the 51ˇçÁ÷Security Optimization service, which verifies and improves the security by identifying potential security issues related to your 51ˇçÁ÷solution and providing key recommendations.

As threat actors continue to devise new modes of attack and vulnerabilities to these attacks are identified, 51ˇçÁ÷continuously provides security updates for existing code to keep your systems secure. 51ˇçÁ÷delivers these security updates through support packages, and, on the second Tuesday of every month, as part of “Security Patch Day,” 51ˇçÁ÷publishes security notes with the latest security corrections and recommendations. As noted, implementing a security maintenance process to assess and implement recommended security updates is a proven best practice for mitigating risk.

Onapsis has focused on protecting business-critical applications since 2009. We target the application layer with our Onapsis platform and serve an essential part of our clients’ plans to protect their business-critical 51ˇçÁ÷applications from ransomware attacks.

• By providing automatic visibility into critical vulnerabilities, missing important patches and security updates, misconfigurations, and insecure interfaces, Onapsis identifies all the open doors. This is a crucial component in any ransomware prevention initiative. Once the entry points are identified, they can be closed, thereby reducing the attack surface that may lead to ransomware.
• Through continuous monitoring and real-time alerts for threat indicators, Onapsis helps monitor real-time attempts to access critical systems through any remaining open doors. Win precious time to prevent threat actors from gaining further access.
• With code analysis in real time, prior to moving into production, and in transport, Onapsis can help identify foreign code, such as malware, or new vulnerabilities before they get released to the public. Code vulnerabilities may appear to be a minor attack vector, until they’re not, such as in the case of the Solar Winds attack. In Onapsis’ experience, we generally see one critical vulnerability per 1,000 lines of code, but our clients generally have millions of lines of custom code. It’s important to close those thousands of open doors to prevent any access to business-critical systems.

It’s time to think differently about ransomware. We’re in the middle of a perfect storm, with more unprotected 51ˇçÁ÷applications and remote workers than ever before, expert threat actors who have the expertise to attack these systems, hyperconnected business-critical systems across the cloud, and strained InfoSec teams that may have fallen behind in patching and vulnerability management. Ransomware is the final step of an attack that could utilize a myriad of attack vectors to directly access your business-critical applications.

Organizations should leverage the powerful native security capabilities of SAP, establish the right risk-based patch, code, and vulnerability management processes, and take advantage of the optimized tools and critical threat intelligence from Onapsis. If they do so, organizations can drastically reduce their risk profiles, stay a step ahead of ransomware groups, and ultimately keep their names out of the news.

Tim McKnight is CSO of SAP.
Richard Puckett is CISO of SAP.
Mariano Nunez is CEO of Onapsis.

Additional contributors this content include: Elena Kvochko, Imran Islam, Oliver Meli, Vic Chung, and Robert Lorch from SAP, as well as David D’Aprile, Maaya Alagappan, and Tess Cunard from Onapsis.

This article first appeared on the 51ˇçÁ÷News Center.

The post It’s Time to Take the Ransomware Threat to Business-Critical 51ˇçÁ÷Applications More Seriously appeared first on 51ˇçÁ÷Africa News Center.

The network security architect is the creator of the secure network, the builder of security systems that flex and evolve, and the bouncer of badly behaved users. The role is varied and demanding and fascinating for those who appreciate the need for great design and architecture and who find troubleshooting and problem-solving fun. This career is for those who are interested in the latest security architecture standards and frameworks and understand which security controls and solutions are best for which situations and applications. In short, you need to be like Clark Kent – wrapped in network performance and system capability with the ability to transform into a security superhero at a moment’s notice.

“The network security architect combines the knowledge of security hardware and software, organisational business and strategic needs, cyber security requirements and risks with the organisation’s policies, procedures and industry standards,” explains Johann Pretorius, director of the 51ˇçÁ÷Training and Development Institute.

With a deft eye on the network and a hand on the security tiller, the network security architect will plan, implement and maintain the organisation’s network technology strategy. They’ll identify its strengths and weaknesses while managing the complexities of web, WAN, mobile and VPNs while having an indepth understanding of the latest tools, security protocols, processes, and risks.

“The network security architect also has to take care of application and mobile security as well as security around the Internet of Things,” says Vishal Barapatre, CTO at In2IT Technologies. “The role has grown to prominence over the last three years due to the advent of new technologies and changes in emergent technologies, such as blockchain and microservices, and because security has become much more important to organisations.”

Companies are under pressure to follow best practice and be compliant across the network, particularly in light of POPIA, GDPR and increasingly stringent industry regulation. This role is that of the gatekeeper, the bouncer that kicks the unwanted out of the exclusive club while making sure that everyone has a great experience. The skills required for this role vary, but most will need generic infrastructure and security skills as a baseline, along with an understanding of technical protocols and their functions.

“These architects need to understand the nuances around the latest technologies and how these may impact the network and its security,” says Simeon Tassev, MD and qualified security assessor at Galix.

The network security architect will have an indepth understanding of software, access control, hardware and networking, along with experience in software development. They would also benefit from having the kind of personality that enjoys troubleshooting and critical thinking as these will stand them in good stead as they analyse incidents and manage system complexities.

“A background in ethical hacking would also be beneficial as it ensures they are capable of effectively identifying vulnerabilities and designing security measures and controls,” says Jacques Coetzee, information security officer at Luno. “Being able to stop and think like a hacker and watch the tactics that malicious actors deploy against an organisation, and then have the ability to defend against them is also a huge part of this role. This makes it both challenging and exciting.”

THE STEPS TO GREATNESS

What defines a great network security architect?

Jacques Coetzee, information security officer, Luno:ĚýSomeone who has analytical and troubleshooting skills, attention to detail, a hands-on approach (not afraid to roll up your sleeves and get stuck in), effective communication of technical and non-technical information as well as the ability to collaborate instead of working in isolation.

Johann Pretorius, director, 51ˇçÁ÷Training and Development Institute:ĚýFor network security architects, you need leadership skills in communication, to challenge complexity, be a results-driven person, accelerate in self-development, have the ability to work with teams, have negotiation skills, and be able to build trust.

Simeon Tassev, MD and qualified security assessor, Galix:ĚýThe network security architect brings value in that they enforce security and access controls. This role is also important because applications-focused employees will focus on what the application can do for the business, and networking will focus on the connectivity of the organisation, but this role enables and brings all of these roles together.ĚýĚý

MAN THE DEFENCES!

Like most roles in the technology realm, that of network security architect can be approached from multiple directions. Here are some of the training courses, degrees and certifications that are recommended by experts in the field.

• Certified Network Defender certification, Torque IT

• Ethical hacker training – SANS Institute

• Certified information systems auditor – Infosec Institute boot camp

• Certified information systems security professional – IT Academy certification

• Cyber security – University of Pretoria training course that includes the NIST framework and ISO 27000

• Digital network architecture implementation essentials – CTU Training

• Computer science degree – UNISA, Pearson Institute, Wits, Varsity College and University of Pretoria have this degree on offer.

• 51ˇçÁ÷security certification – 51ˇçÁ÷Training and Development Institute

This article first appeared in .

The post The Network Security Architect appeared first on 51ˇçÁ÷Africa News Center.

The COVID-19 crisis has meant companies have quickly planned for remote working and delays in the delivery of products or services, all while keeping customers informed and effectively managing funds as the situation changes.

It’s challenging, but not impossible. The team atĚýĚýunpacks some of the key areas that businesses can focus on, now and beyond, to successfully navigate COVID-19.

Accurate cash flow forecasting:

Accurate cash flow forecasting based on real-time data has become a key survival tool. “One of the key concerns for the SMEs we are working with is cash flow. We’ve seen how essential it’s been for business owners to be able to quickly pull accurate real-time information about their stock holdings and financials so they can make informed decisions swiftly,” says Heinrich de Leeuw, Managing Director of Seidor South Africa. Knowing what the cash flow realities are now and what they are likely to be in the future helps businesses anticipate problems and adapt accordingly.

Remote working and support:

Businesses offering essential services are the only ones allowed to have teams operating on-site during lockdown. But this doesn’t mean non-essential businesses need to halt all operations. Explains de Leeuw: “If managed properly, with the appropriate systems in place, it is possible to work remotely in many cases. 51ˇçÁ÷Business One offers multiple tools for driving effective remote working.” These include: Live chat (standard functionality) and Web-client availability (browser-driven).The system also enables teams and managers to manage alerts and approvals, keep an eye on KPIs, and see the business at a glance and in real-time without being on-site. Boyum, the CRM e-mail integration add-on offered byĚý, supports remote working realities, making communication seamless.

Pedro Lopes, Group Managing Director ofĚý, adds: “Cloud-based communications like VOIP and cloud PABX also come in very handy when teams are all off-site and working at different locations.”

Terrence Chowles, Project Director atĚý, agrees: “Cloud systems are highly effective for remote working. In fact, efficient cloud systems should be used for mission-critical workloads – even when not remote working. They are not dependent on location, so they are not affected by other South African realities like load-shedding.”Chowles goes on to add that Office 365 is also incredibly efficient as a remote working tool. “It allows you an online presence and the ability to collaborate with teams. Plus, you can maintain a security profile on devices in multiple locations.”

Security

It’s important that during a remote working period, businesses know that their data is safe.With multiple people accessing systems from various locations and devices, it becomes essential to have tools in place that enable total security peace of mind. Darryl Maroun, Managing Director at Seidor Networks, explains what those look like. “It’s important that employees can connect securely to a company’s IP and that there is data leak prevention (DLP) in place. Tools like two-factor authentication, VPNs (virtual private networks) and mobile device management (MDM) are highly effective and strongly recommended.”

Adapting with customers in mind

The key to surviving times like this is adaptability, within a stable and efficient framework, all while not losing sight of your customers and their needs. A great example of how working with a solid system like 51ˇçÁ÷Business One can comfortably navigate businesses through choppy waters is how some businesses were able to alert customers about marked down items and move stock before lockdown, which helped improve cashflow. This was especially useful in cases where the stock had a limited lifespan. Successful adaptability also means a suitable continuity of infrastructure and line of business. It may be business ‘unusual’, but in order for businesses to survive, there does need to be an element of ‘business as usual’.

Looking beyond the current crisis, this unusual situation is providing an opportunity for businesses to seriously consider their way of working and to plan properly to ensure they are set up to do business better when the crisis is over. The planning starts with access to real-time data and robust systems.

The post It’s Business Unusual for SMEs Looking to Navigate COVID-19 Crisis Now and Beyond appeared first on 51ˇçÁ÷Africa News Center.