sb-nz logo
Story image

Securing SAP to ensure better operational security

08 Oct 2020

Article by Acclimation managing partner Cameron Sherrard.

Organisations’ intellectual property, financial information, and operational resilience are more at risk than ever, with the Australian government warning that cybercrime is a growing threat to the country. 

The widely reported nation-state cyberattacks on Australian organisations and governments, which also targeted political organisations, education, health, essential service providers and other ‘critical infrastructure’ in June 2020, have highlighted the increasing scale, frequency, and impact of such attacks. This is to say nothing of the recent New Zealand Stock Exchange attacks in August.

For organisations that rely on enterprise resource planning (ERP) software, this risk was further highlighted by reports in July of a critical vulnerability, known as CVE-2020-6287, within the SAP NetWeaver Application Server. 

Before being patched, the SAP vulnerability let cyber-attackers gain unrestricted access and control of organisational systems where they could read, modify and delete database records and files.

Deploying patches when security vulnerabilities are exposed and exploited in software is a critical step in securing an organisation’s data. However, securing information and systems is a process that needs to start long before these vulnerabilities are exposed to help limit potential risk and impacts. 

Improving cybersecurity is a business strategy that needs to be considered at every level to be effective. From investing in new technologies to harden environments, policies and procedures, regular training for all staff members on security processes, cybersecurity strategies need to be all-encompassing to deliver a healthy security posture.

In addition to strengthening security processes at an organisational level, investing in certified SAP Platform Security solutions can help to improve the security of SAP systems at a structural level but more importantly as an ongoing continuous security process improvement.

Increasing importance is being placed on the security of SAP systems due to heightened security risks, especially for Australian and New Zealand customers. Engaging the services and software from certified SAP Partners can ensure organisations receive continuous and ongoing protection of their SAP systems and data. 

Deploying secure technology that periodically scans, analyses and detects vulnerabilities at all relevant layers can help ensure that SAP systems remain secure.

There are many steps organisations can take to maintain a healthy level of security for their SAP landscapes. Implementing technologies that automate SAP security and continuously scan, analyse and highlight vulnerabilities is one proactive measure organisations can take to harden and safeguard the systems.

Engaging an experienced SAP partner that works with customers on a security plan can help to further ensure better operational security.

Story image
ThreatQuotient hits $22.5m in new financing, continues growth streak
“Since we first invested in ThreatQuotient in 2017, their team has continued to prove to the market that there is a critical need for cybersecurity solutions aimed at security operations."More
Story image
5G network security a US$9 billion dollar opportunity - report
The cloud-native nature of 5G networks will have a disruptive and positive impact on the cybersecurity industry in the next few years, with 5G network security presenting a US$9 billion enterprise market opportunity by 2025.More
Story image
Zscaler and CrowdStrike release integrations for end-to-end security
This collaboration between the two cloud-native security companies provides joint customers with adaptive, risk-based access control to private applications.More
Story image
rhipe acquires emt Distribution, with aim to expand into enterprise market
The acquisition will enable rhipe to deliver a comprehensive portfolio of end-to-end security capabilities to its partners, the company says.More
Story image
Imperva unveils new data security platform built for cloud
"The cloud has revolutionised IT, offering organisations a strategic opportunity to rapidly pursue new market initiatives and adapt their operations in the face of new business challenges."More
Story image
Need for greater understanding of data security responsibility as cloud adoption grows - report
Despite the accelerated adoption of cloud services, there was a lack of clarity and confidence regarding the protection and recovery of data stored in public clouds.More