Christmas, 2021 - many security teams had to work during the weekend to mitigate a critical vulnerability discovered right before the holidays
What is ransomware?
Ransomware attacks to business applications are raising dramatically, they have gotten incredibly easy to execute (see Ransomware as a service), and payment methods are now much more friendly to criminals.
Businesses are growing increasingly reliant on digital infrastructure and more willing to pay ransoms, thereby increasing the incentive to break in.
The question is not anymore whether hackers will break into the company business applications, the question is when.
In this blog I would like to show you examples of what can be done in SAP to reduce the vulnerability status of your business applications and mitigate the risk of ransom.
What can be done to stop ransomware?
The first step to dealing with any kind of cybercrime is to be proactive rather than reactive.
Securing enterprise technology requires assessing the entire landscape through various security lenses. This makes security a joint effort between multiple teams, therefore, very challenging to achieve in an efficient way.
There will be always vulnerabilities within the security configuration and processes, it's unavoidable, this is because technology platforms are under constant changes in order to adapt to the ever evolving business demand.
One thing security teams can do is to fix critical vulnerabilities before attackers exploits them.
SAP Enterprise Threat Detection - System Monitoring
With SAP Enterprise Threat Detection you can visualize the current vulnerability status of your systems.
By providing real-time monitoring of users' suspicious actions, SAP ETD can provide an end to end view on whether critical system vulnerabilities are being or about to be exploited, so that security teams can:
- Immediately stop suspicious and dangerous activities
- Fix critical vulnerabilities within the system configurations
- Prioritize the implementation of critical security patches
SAP ETD - System Monitoring Overview
SAP ETD - System Monitoring Overview - Drill-Down, Top 20 Critical Alerts
SAP ETD - System Monitoring Overview - Drill-Down, Top 20 missing security notes
And with SAP Analytics Cloud provide higher level reporting on the status of your landscape combining data coming from any other sources.
SAP Cybersecurity Dashboard - Overall Security Status by System
Is there anything else to do?
Yes.
Security is a continuous and coordinated team effort between all its domains (see CISSP domains).
Periodic risk-assessments on all domains should be conducted, and the results should be used to prioritize mitigation plans.
So even though an extra effort should be taken towards securing the applications where the critical business processes run and sensitive data is stored (the so called crown jewels), it is equally important to ensure the effort is balanced and consistent with all the other security domains.
Learn More
Visit the SAP Security topic page for more information
https://community.sap.com/topics/security