The Goods and Services Tax has come into effect on July 1st and is pegged to be one of the most significant economic tax reforms carried out by PM Narendra Modi. While it will usher in greater transparency and create a simplified channel for tracking through data, it has also spawned the need for ERP and data analytics solutions. Other IT solutions include building capabilities such as billing software and payment gateways, thus creating plentiful opportunities across the IT spectrum. Industry experts say there is a $1 billion opportunity for IT vendors over the next two years.

According to an industry expert, GST will a) remove tax barriers in a fragmented market b) will introduce a transparent and predictable tax regime and boost local and foreign investment in India c) integrate existing multiple taxes into a single GST.

GST – A Data Analytics Powerhouse

In terms of data analytics, the GST rollout is expected to become a “data analytics powerhouse”. According to Goods and Services Tax Network, a not-for-profit organization operated by the government and private players jointly, GST will give enormous amount of data to the tax department to work with, that will eventually rule out discrepancies and help tax sleuths to go after tax evaders. Once sufficient amount of data is generated, GSTN will be able to generate analytics based on the requirements of various stakeholders. Companies in the coming time are expected to build programmes and analytical tools as per the data requirements of both central and state tax departments. The data generated could be on real-time basis, if not near real time.

According to GSTN, the body is building the “information technology backbone for the goods and services tax (GST)” and implement analytics solutions. Here are the features:

• The platform is expected to store information related to relevant transactions
• Based on the data filed by millions of taxpayers that will migrate to the system, analytics will help in identifying leakages and ensure more focused economic-policymaking.
• As per the GST system architecture, the decision-making will be based on data rather than assumptions
• The system shall feature more meta tags so that the time taken by various functions in capturing/entering the data is verified.

Nab Tax Evaders, Boost Domestic IT Biz

The data generated through the technology backbone of the Goods and Services tax regime would, over time, be able to solve issue such as tax evasion and help compliance ratings in the country, according to the GST Network chairman. Navin Kumar, chairman of the GSTN, the entity that handles the information technology backbone of the GST, said that GSTN would soon have enough data to be able to run business analytics and find meaningful ways to interpret and help make sense of the filings in tandem with other government departments. So there is great potential for that (leveraging analytics), but that will be possible only once they have data, maybe after two or three years. GSTN will start developing the applications for that next year.

Among the potential use cases for business analytics, Kumar said GSTN would look to do a rating of the taxpayers, such as a compliance ratings, look at sectoral studies and detection of tax frauds and tax evasion. There, collaboration with income tax will be very useful, to see whether the volume of business reported here (GSTN) is reported to income tax or whether that data syncs with their data. Existing analytics tools available in the market could be used, as well as some new applications that would be developed by IT / Analytics Companies.

According to research firm Gartner, Indian business intelligence software revenue is forecast to reach USD 245 million in constant currency in 2017, a 24.4 percent increase over last year.

GST a boon for small and medium IT cos. The new tax regime would prove to be a boon for the small and medium IT companies in the country. They will have lot of opportunity to provide solutions to businesses, not just become GSPs (GST Suvidha Provider). And the wider roll-out of GST has spawned many opportunities in IT, such as developing ERP packages for the 5 million SMBs that are not yet digitally-empowered. SMBs need to record the GST transactions, upload invoices and do the return filing. This spells a big opportunity for IT vendors who are quick to fill the gap with their enterprise ready solutions. According to news sources, the government expects close to nine million returns to be filed in the first month of its roll-out.

These companies could also develop the functionalities or applications that could help GSPs better. For example, the small and medium IT firms could develop an invoicing system for taxpayers, software for inventory management, and so on, which would provide a boost to the domestic business of the IT services companies.

Here’s a look at some enterprise ready solutions:

SAP HANA:

Earlier in the year, SAP announced ‘GST in a Box’, an all-inclusive solution portfolio, to help Indian organizations of all sizes and across industry verticals to become GST compliant. The solution It also enables organizations to effectively manage suppliers, customer engagement and supply chain in the new tax regime. According to Neeraj Athalye, Head, S/4HANA & GST Adoption Drive, SAP India, businesses need to go digital.  “Out of an estimated 4-5 billion invoice uploads that will happen every month, since more than 40% of transactions will pass through an SAP system, it is upon us to not only help Indian corporates swiftly get compliant with this new law, but also ensure that businesses benefit from the GST vision,” he said.

Microsoft India:

EasemyGST, a cloud-based comprehensive GST compliance platform that integrates with ERP, and Microsoft India teamed up together last month to provide a “simple and affordable platform that will ease their GST requirements, thus, saving them from the expense of separate compliance products”. EasemyGST will integrate its solution with Microsoft’s core business products including Office 365, Dynamics Navision and Axapta. The solutions will run in Microsoft Azure, from India data centres to ensure data sovereignty.

Intuit:

infact, Intuit is betting big on GST rollout, and expects revenues to double. Intuit’s QuickBooks, a cloud-based accounting software for small businesses will help SMBs to stay on top of their business in real time and get paid faster. The company’s cloud-based accounting software QuickBooks already has a slew of big companies on board that will use the ERP system.

So how does this all start ?

The GSTN Company would be on a hiring mode over the next few weeks to cater to these new requirements. They plan to double our workforce from 50 to about 100 over the next few months. In the first phase, GSTN is in the process of building and testing the software interfaces for the taxpayers and the back-end to be used by the tax departments of the Centre and states. In the second phase, the roll out will take place and the company is working to ensure at least one critical process of approval of registration on the back-end is ready from day one. This will eventually bring GST platform to become an analytics powerhouse.

The worldwide cyber attack that began last Friday and goes by the name of “WannaCry” has highlighted the need for governments and businesses to strengthen their security infrastructure, in addition to calling attention to the need to mandate security updates and educate lawmakers about the intricacies of cyber security.

During the WannaCry attacks, hospitals had to turn away patients, and their ability to provide care was altered significantly. Even though the threat is widely acknowledged to be real by the information security community and anyone not living under a rock, and the stakes are higher than ever, most organizations and almost all healthcare providers are still using old-school cybersecurity technologies and retain their reactive security postures.

The WannaCry ransomware attack moved too quickly for security teams to respond, but a few organizations were able to spot the early indicators of the ransomware and contain it before the infection spread across their networks. While it wreaked havoc across the globe, there was nothing subtle about it. All of the signs of highly abnormal behavior on the networks were there, but the pace of the attack was far beyond the capacity of human teams contain it. The latest generation of AI technology enabled those few organizations to defend their networks at the first sign of threat.

Meanwhile, threats of similar – or perhaps worse – attacks have continued to surface. This was not the big one. This was a precursor of a far worse attack that will inevitably strike — and it is likely, unfortunately, that [the next] attack will not have a kill switch. This is an urgent call for action for all of us to get the fundamentals finally in place to enable us to withstand robustly this type of a crisis situation when the next one hits.

 Modern malware is now almost exclusively polymorphic and designed in such a way as to spread immediately upon intrusion into a network, infecting every sub-net and system it encounters in near real-time speed. Effective defense systems have to be able to respond to these threats in real time and take on an active reconnaissance posture to seek out these attacks during the infiltration phase. We now have defense systems that have applied artificial intelligence and advanced machine learning techniques and are able to detect and eradicate these new forms of malware before they become fully capable of executing a breach, but their adoption has not matched the early expectations.

As of today, the vast majority of businesses and institutions have not adopted nor installed these systems and they remain at high risk. The risk is exacerbated further by targets that are increasingly involved with life or death outcomes like hospitals and medical centers. All of the new forms of ransomware and extortionware will increasingly be aimed at high-leverage opportunities like insulin pumps, defibrillators, drug delivery systems and operating room robotics.

Network behavioral analytics that leverage artificial intelligence can stop malware like WannaCry and all of its strains before it can form into a breach. And new strains are coming. In fact, by the time this is published, it would not surprise me to see a similar attack in the headlines.

Aanlytics is Turning the Table on Security Threats

The more comprehensive, sensitive and greater volume of end user and customer data you store, the more tempting you are to someone wanting to do harm. That said, the same data attracting the threat can be used to thwart an attack. Analytics includes all events, activities, actions, and occurrences associated with a threat or attack:

• User: authentication and access location, access date and time, user profiles, privileges, roles, travel and business itineraries, activity behaviors, normal working hours, typical data accessed, application usage
• Device: type, software revision, security certificates, protocols
• Network: locations, destinations, date and time, new and non-standard ports, code installation, log data, activity and bandwidth
• Customer: customer database, credit/debit card numbers, purchase histories, authentication, addresses, personal data
• Content: documents, files, email, application availability, intellectual property

The more log data you amass, the greater the opportunity to detect, diagnose and protect an organization from cyber-attacks by identifying anomalies within the data and correlating them to other events falling outside of expected behaviors, indicating a potential security breach. The challenge lies in analyzing large amounts of data to uncover unexpected patterns in a timely manner. That’s where analytics comes into play.

Leveraging Data Science & Analytics to Catch a Thief

Using data science, organizations can exercise real-time monitoring of network and user behaviors, identifying suspicious activity as it occurs. Organizations can model various network, user, application and service profiles to create intelligence-driven security measures capable of quickly identifying anomalies and correlating events indicating a threat or attack:

• Traffic anomalies to, from or between data warehouses
• Suspicious activity in high value or sensitive resources of your data network
• Suspicious user behaviors such as varied access times, levels, location, information queries and destinations
• Newly installed software or different protocols used to access sensitive information
• Identify ports used to aggregate traffic for external offload of data
• Unauthorized or dated devices accessing a network
• Suspicious customer transactions

Analytics can be highly effective in identifying an attack not quite underway or recommending an action to counter an attack, thus minimizing or eliminating losses. Analytics makes use of large sets of data with timely analysis of disparate events to thwart both the smallest and largest scale attacks.

The Analytics Solution to Security Monitoring

If security monitoring is a data storage problem, then it requires a analytics solution capable of analyzing large amounts of data in real time. The natural place to look for that solution is within Apache Hadoop, and the ecosystem of dependent technologies. But although Hadoop does a good job performing analytics on large amounts of data, it was developed to provide batch analysis, not real-time streaming analytics required to detect security threats.

In contrast, the solution for real-time streaming analytics is Apache Storm, a free and open source real-time computation system. Storm functions similar to Hadoop, but was developed for real-time analytics. Storm is fast and scalable, supporting not only real-time analytics but machine learning as well, necessary to reduce the number of false positives found in security monitoring. Storm is commonly found in cloud solutions supporting antivirus programs, where large amounts of data is analyzed to identify threats, supporting quick data processing and anomaly detection.

The key is real-time analysis. Big data contains the activities and events signaling a potential threat, but it takes real-time analytics to make it an effective security tool, and the statistical analysis of data science tools to prevent security breaches.

When do you need to start? – Yesterday

Yesterday would have been a good time for companies and institutions to arm themselves against this pandemic. Tomorrow will be too late.