The Identity Blog

Key findings of the SAP Insider Cyber Security Threats Report

SAP Insider Cyber Security Threats report that was newly published revealed a few insightful SAP security trends. It details how the cybersecurity landscape has drastically shifted over the last year.

The key findings of the report are given below:

Critical patching and software updates

While SAP Insider surveyed their community in the first quarter of this year, 47% of the respondents stated that keeping up with the software patches and updates was challenging. Added to this, the unpatched systems are said to be the second significant threat to their systems.

Though the SAP community stays updated with the patches and updates, the report suggested implementing tools for providing information on the latest patches and software updates. This will indeed help the administrators stay informed on the zero-day vulnerabilities.

SAST solutions simplify patching

SAST is specialized in security for SAP S/4HANA, and SAP ECC systems. It supports customers in detecting manipulation, hacking attacks, anomalies, and data theft. SAST System Security Validation solution provides policy-based vulnerability scans. With the push of a button, they validate all the relevant infrastructure and software components. These include:

  • Operating system
  • SAP-Configuration
  • Transport, change management, and software development
  • Database
  • SAP applications Configuration
  • OSS-Notes and patch level
  • Safety-relevant parameters and settings

This validation enables you to visualize the SAP patches and also identify missing patches. The SAST Suite offers more than 4000 automated checks and security notes which are updated continuously. 

SAP custom code: A serious security concern

The SAP Insider Cyber Security Threats report shows that securing custom code is yet one of the top 3 challenges faced by SAP customers. Most organizations extend their SAP ERP platform with their own code aiming to fulfill specific business requirements. Even though the code could satisfy the business needs, there are possibilities for it to create security blind spots. In turn, it leaves the SAP systems vulnerable.

Even today, most of the traditional security concerns do exist. Remarkably, the threat landscape is constantly changing by shifting its priorities. Protecting the SAP data is a highly impacting strategic decision-making.  

Write a comment