Holistic Cybersecurity for SAP
The most dangerous cybersecurity threats are the ones that you don‘t see coming, the ones that no matter how well prepared you are, you couldn’t possibly have anticipated. In 2020, many companies were under constant attack, and ironically the CISO of one of our customers stated: “A day without being attacked, would mean an anomaly to us “.
In our opinion, four words summarize cybersecurity in 2020: COVID-19, ransomware, GDPR and SolarWinds. Cybercrime has reached a level where the big news publishers (such as Reuters and Bloomberg) find something substantial to publish almost every day.
During recent years, cybersecurity teams have built an onion-like, multi-layered cyber defense architecture to protect their organizations. However, many enterprises still miss out on one essential, and arguably most important component, which is cybersecurity for SAP.
Regulations such as the European General Data Protection Regulations (GDPR) have caused C-Suite security and compliance officers to rethink their security strategies. Nowadays, the focus is very much placed on the critical data. The customer master data, Intellectual Property, customer credit card information and employee’s private data, commercial information – in essence, the core data needed to run a company. Leakage that might reveal any of this data to competitors or the public puts a company’s reputation at risk and poses risks of very steep fines. This makes it obvious as to why in-house SAP systems are often at the forefront of security considerations.
SAP – the Problem Child
It’s very evident that SAP systems can‘t be protected from cyberattacks by authorization concepts alone, insight and transparency is also needed.
We have talked to many of our customers to learn about their need to have:
- transparent monitoring of security-critical actions conducted in SAP,
- control of the SAP interface data traffic,
- identify security flaws within customer code,
- detect configuration vulnerabilities,
- receive information on available patches for vulnerabilities within the SAP standard products.
Understanding our client’s requirements has led NTT DATA Business Solutions to validate solutions available on the market. In 2019 our team identified SecurityBridge as a holistic security platform provider for SAP-based enterprise applications and custom code.
Our partner SecurityBridge offers its platform as a one-license-one-platform approach to tackle all relevant aspects of SAP systems. We have chosen SecurityBridge over other solution providers because of their radically different approach. The fundamental differences in their approach are:
- SecurityBridge installs within the SAP NetWeaver ABAP system and does not require any additional hardware. This leads to an increase in protection without increasing the attack surface.
- SecurityBridge provides a 360° insight:
- Interpretation of benefit of security log data.
- SecurityBridge provides deep security scanning for customer code vulnerabilities, violations against system hardening standards and real-time threats without the extraction of sensitive data.
- SecurityBridge enhances the strategic investment in SAP by providing advanced cybersecurity actionable intelligence.
- SecurityBridge delivers a SIEM integration that filters security-relevant event information from the business transaction logs.
The solution is continuously undergoing agile development adding new features and enhancing existing. A collection of the current set of SecurityBridge capabilities can be found in the following Fact Sheet
Preparing for the next generation of security, we provide innovative services based on SAP standards combined with best-of-breed solutions. While many organizations do not have the manpower and/or expertise to continuously protect their digital crown-jewelry against internal and external attacks, we can deliver the solution.
Within our Governance Risk and Compliance portfolio, there are offerings for any scale. We offer SecurityBridge Proof-of-Value in your own SAP system and implementation and getting-started services of SecurityBridge. Further, we plan to offer Security as a Service (SECaaS) in 2021 for SAP customers – a concept in which the SecurityBridge Platform recognizes and pinpoints a security threat, and our security professionals resolve the incident for SAP customers before any harm is done