Speaking of the new role, Bernd Leukert, member of the Executive Board of SAP SE, Products & Innovation, said in the press release announcing Somaini's appointment that it "highlights the relevance of security in a digitally connected world."
Somaini echoed that sentiment, saying, “In the past, IT security had a reputation for being very costly and hampering day-to-day business operations. But I’m convinced that security and business will — and, indeed, must — go hand in hand in the future. Ultimately, security will be the deciding factor in every company’s business future.”
It appears that the appointment, and the nod to security's business relevance, comes none too soon, as the announcement of Samaini's position coincided with the release of a Ponemon Institute report, sponsored by Onapsis, which found that C-level executives tend to underestimate the risks associated with insecure SAP applications. Fifty-six percent of the more than 600 IT and InfoSec professionals surveyed by Ponemon said they "believe it is likely their company would have a data breach due to insecure SAP applications. This same group indicates their company’s SAP platform has been breached an average of two times in the past 24 months." (Hat tip to Liam Tung at CSO.au for pointing out the Ponemon Survey.)
Before joining SAP, Somaini was Chief Trust Officer at cloud storage startup Box. Prior to that he was the first CISO at troubled Web portal Yahoo! and CISO at Symantec, where, according to his LinkedIn profile, he "performed a turnaround of Information Security within the company."
A turnaround in customer perception may be just what SAP needs if the Ponemon survey has it right.
For more on Somaini's take on emerging security issues facing SAP customers, read China Marten's interview with Somaini on ASUGNews.