Recently, I published a post on the SAP Security Gap. This post discussed the present disconnect between security professionals and business executives on the vulnerability of their SAP systems. With SAP Cyber-Security continuing to be a topic of concern making mainstream headlines, it is critical that organizations begin to think about this notion in more detail if they wish to truly secure their enterprise applications such as SAP or Oracle.
The BlackHat USA conference, held in Las Vegas, is one of the biggest technical IT security conferences in the world - making it one of the most relevant events for the IT security community during the year. In addition to attendees discussing and learning many new attacks and novel security techniques, Blackhat USA is THE place where people can get a deep understanding of security best practices via trainings and security research presentations.
Onapsis has just completed its first annual North American Roadshow Series including stops in the Bay Area, Houston, Minneapolis and in New York. With over 100 attendees from Oil & Gas, Utilities, Retail, Manufacturing, Banking, Technology, Life Sciences and the Government industries, these events were a huge success for our customers. Representatives from the top 30 F1000 companies brought a unique perspective on how they are planning to, or have already implemented an SAP cybersecurity strategy with Onapsis at the core of their programs.
It feels like déjà vu all over again!
Back in the early 2000’s, I was involved in the widely publicized, EMC Business Continuity survey – which indicated a very large disparity between IT and business executives regarding the vulnerability of their business-critical data. Fast forward to today and I’m seeing a very similar scenario play out again. But this time, it has to do with the vulnerability of an organization’s business-critical SAP systems.
Today is an important day in Onapsis history. We’re officially kicking off the first annual Onapsis Roadshow series in North America. We have seen rapid growth in customers engaging Onapsis for our expertise in SAP cyber-security solutions. With a growing amount of customers leveraging our solutions, now is the time for us to bring our customers together in order to share best practices and build out their networks to make the most out of their investment with Onapsis.
$1.3 billion lost an hour! This is what one of our global customer’s estimates is the impact to their business if their SAP systems become compromised and operations are disrupted. The cost of an SAP breach can be inconceivable. And yet, it may be one of the most under scrutinized areas in IT security from a business continuity perspective. Everyday our services team sees the real-world impact of breaches to organization’s SAP systems.
Each year companies dedicate millions of dollars for IT and security budgets to prevent cyber security breaches. However, these budgets are only effective if part of the budget is allocated to preventing new and advanced threats, closing security gaps in your business infrastructure and monitoring the systems for intrusions and malicious activities.
As we enter the New Year, there is a lot to look back on that has gotten Onapsis to where it is today. The security industry has never been more complex, and as the need for reliable business-critical application security solutions increases, Fortune 500 companies are looking for a reliable solution they can trust to protect their processes and data running on SAP. In 2014, Onapsis established itself as the defacto solution to solve the most pressing SAP security and compliance challenges.
As cyber-threats become more advanced, organizations face a constant dilemma: how to best implement a comprehensive security strategy that covers all areas of the business including critical infrastructure and applications. We hear from many security professionals that their SAP applications and systems are “covered” because they have a firewall and SAP systems sit inside the perimeter. After all, anything inside the firewall is safe from attacks right? Wrong. Security professionals that are true thought leaders have long abandoned this notion.
There is a lot of discussion in risk management circles on how risks within the value chain can often be ignored. Paul Proctor, Vice President of Research at Gartner, recently presented a webcast titled “Digital Business and the CIO’s Relationship with Risk." He indicates: