Pathlock and SAPinsider Release The Cybersecurity Threats to SAP Systems Benchmark Report

Pathlock is pleased to announce the release of The Cybersecurity Threats to SAP Systems Benchmark Report by SAPinsider (Pathlock is a co-sponsor of the report). SAPinsider recently surveyed members of its community to understand what they see as the biggest cybersecurity threats facing their SAP environments, what challenges they face in addressing those threats, and what they are doing to keep their SAP systems secure.

Executive Summary

The cybersecurity landscape for organizations running SAP systems has shifted significantly over the past year. While securing the data in SAP systems has always been a focus for those organizations, much of that focus has been on ensuring that appropriate users have access to only the data that they should be seeing. But with ransomware attacks becoming prominent and the subject of regular news stories, SAP customers have had to consider whether their existing cybersecurity measures are sufficient to face a changing threat landscape and whether they will need to make additional changes to support future threats. (Source: Cybersecurity Threats to SAP Systems Benchmark Report)

Key Findings from the Report

The report reveals several key takeaways that SAP customers should apply to ensure their cybersecurity strategies have the foundation for success:

Re-evaluate your cybersecurity solutions and practices to determine whether they address your most critical threats today and adapt to future threats and challenges

Facing a constantly evolving threat landscape, it is critical for SAP customers to regularly re-evaluate their cybersecurity solutions and protocols to ensure they’re sufficiently prepared for future threats. This likely requires a periodic review of security control effectiveness to ensure controls continuously align with evolving business requirements and security policies.

Develop and implement a strategy for responding to and recovering from potential breaches and attacks

“Failing to plan is planning to fail” – Benjamin Franklin. Make sure you have a plan in place for responding to cybersecurity attacks and recovering systems. This requires ongoing visibility into real-time user activity and alerting mechanisms to communicate anomalies.

Protecting the data in systems is critical, so strengthen your focus on identity management

Identity management is the new front line of cybersecurity defense. Leverage technologies that ensure the right person is accessing the right data from an approved device during designed times. This requires going beyond relying (solely) on role-based control and ensuring attribute-based access (context-aware) controls are also being leveraged to provide security in dynamic access environments. Especially important for remote/hybrid workforces.

Ensure that your security and compliance policies are ready for the next wave of government regulations

According to the 2021 Thomson Reuters Regulatory Intelligence Cost of Compliance annual report, the top compliance challenge that organizations face each year has been the ever-increasing number of new regulations. And compliance was the third most important requirement for respondents of this report.

Explore technologies that go beyond basic cybersecurity and access control

As cybersecurity threats continue to evolve, SAP customers need to look beyond managing access to systems and focus on protecting the assets below those layers – your data and financial transactions.

Conduct regular audits and stay current with both system and solution patches and updates

Applying critical updates and patches in conjunction with regular audits and evaluations of user activity will provide a foundation for cybersecurity success.

Ensure future cybersecurity investments support a proactive approach to protecting your systems

As organizations increasingly use multiple ERP systems, it’s more critical than ever to ensure that internal controls are effective across a distributed environment and that proactive controls are in place to prevent risk in real time.

Download a Copy of the Report

To download a copy of the Cybersecurity Threats to SAP Systems Benchmark Report, visit https://sapinsider.org/research-report/cybersecurity-threats-to-sap-systems-benchmark-report-appsian/.