This year, on April 1, SAP celebrates its 50th anniversary, which means no less than 50 years of SAP Security, because SAP has been processing the most sensitive business data of companies for a long time.
Christoph Aschauer, Director of LogPoint for SAP
The most important component for IT security in SAP systems, in turn, is extensive monitoring and thus an analysis of all processes in a cybersecurity platform based on SIEM. In many companies, ERP software is a symbol of digital transformation, because even more data from many departments come together here in order to make better business decisions. For several years, cyber attacks on SAP systems have been increasing, as a rule, it is about stealing data. It is important to know that it is both external and internal attackers who are after this information. However, vulnerabilities are not only in the software, but often in the so-called software supply chain, i.e. third-party systems that interact with SAP systems via interfaces. But the interfaces are also a gateway for cybercriminals.
SAP is a security blindspot
The problem with this situation is that SAP is a security blind spot for many companies. Too many SAP departments are not working effectively enough with the IT security department. If there are no monitoring systems such as a SIEM, then the security experts do not know whether there are vulnerabilities in the SAP and connected IT systems. Moreover, then you will not be able to realize what is happening there. Companies implement expensive SAP solutions, but often do not invest in cybersecurity. SAP security is also isolated from IT security monitoring. In addition, SAP systems are often unpatched for years because important business processes must not stand still.
It follows that the 50th anniversary of SAP should also be a wake-up call for all companies to invest more in the IT security of SAP systems. Probably the most important starting point is the monitoring, i.e. the merging and real-time analysis of all data into a central cybersecurity platform with SIEM, behavior-based analysis and SOAR capabilities, so that advanced analysis and the automation of the incident response is also possible for SAP.