DHS US-CERT and Reuters bring SAP cybersecurity into the spotlight

Today, based on research performed by our Research Labs, both the U.S. government and business press are discussing the critical topic of SAP business application cybersecurity, bringing it to top of the agenda for CISOs and CIOs worldwide.

The U.S. Department of Homeland Security (DHS) US-CERT released the first-ever alert on cybersecurity risks affecting SAP business applications. This alert forewarns cybersecurity professionals about the significance and implications of a 5+ year-old SAP vulnerability (patched by SAP in 2010) that was leveraged to exploit the SAP systems of several large-scale global enterprises.

Additionally, Reuters, one of the world’s leading news agencies, released an article digging deeper into the story. In this article, Reuters provides great insights for business executives on the prevailing responsibility gap, false sense of security and lack of governance on protecting SAP business-critical applications from cyber-attacks. Furthermore, the renowned journalist Eric Auchard, interviewed an SAP customer who experienced these attacks first-hand and shared their perspectives on dealing with a risk that directly affected the “crown jewels” of their organization.

As the leading provider of SAP cybersecurity solutions, and as an SAP partner, we have released a threat report that analyzes the observed attack vector, the potential business impact to an organization if it is exploited, as well as the mitigation steps to ensure your organization is not at risk.

At Onapsis, we believe the status-quo is not sustainable, as we know for a fact that this is just the tip of the iceberg. It is imperative for organizations to effectively protect the applications that manage their most critical business processes and information.

You can access the threat report and related resources here. We will also be hosting a webcast May 18th, to further discuss this topic, you can register for that here.

Additionally, we will be at SAP SAPPHIRE next week, booth #1474. Be sure to stop by and discuss this topic with us.

Leave a comment

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.