Companies are reporting a growing number of cyber-attacks and there is increased interest in cyber criminals to break in SAP software. As you are aware SAP host a wide range of IP that is mission critical for business to run (Financials, Procurement, HR, Sales, Product designs, Customers, Vendors etc.) The impact of an attack on SAP applications would be catastrophic. The annual study, conducted by Ponemon Institute and sponsored by IBM Security, reveals that the average cost of a data breach is currently $3.62 million globally, this cost is not inclusive of (non-quantifiable damage) brand image that is tarnished and Investor trust lost.
Assessing SAP systems for Cybersecurity risks is on top of the CIO’s agenda, the challenge is it requires specialized knowledge and experience. Many traditional network security testing tools and techniques provide little or no coverage for SAP systems, and the common weaknesses allow attackers to exploit business-critical data.SAP Product security team every year releases hundreds of notes relating to configuration weaknesses in default implementations and identified security vulnerabilities, and for business to understand where their system stands in terms of security exposure an in-depth security assessment is a must!
My next blog we will talk about the common security pitfalls and steps for remediation