Industry executives and experts share their predictions for 2023.  Read them in this 15th annual VMblog.com series exclusive.

SAP Cybersecurity - An Overdue Wakeup Call

By Christoph Nagy, CEO, SecurityBridge

In recent years, we have seen SAP cybersecurity concerns migrate from the IT department to the executive board. Why are these concerns shifting? Because as attacks increase, so do the regulatory penalties and loss of customer confidence.

The battle against cybercriminals is not a glamorous fight against hostile foreign states or malicious, sophisticated criminal masterminds as portrayed in Hollywood movies or TV series. The reality looks quite different. For SAP customers, a cyber incident often occurs because critical business systems were not correctly configured and thus did not offer sufficient protection against malicious activities or fraud.

The current geopolitical climate further exacerbates the likelihood that malicious activity will breach an SAP system, because many companies that use SAP applications are also part of a nation's critical infrastructure. These systems are an attractive target for those who want to cause significant damage due to political or economic interests. Given these circumstances, it's our strong assumption that these cybersecurity threats will continue to worsen in 2023.

Elevated Vigilant Cybersecurity Awareness For Employees

Because attention to cybersecurity is now elevated to the boardroom level, 2023 will see a new hyper-focus on reducing attack vectors and hardening the network but also the critical applications. The most crucial step is to initiate and promote awareness of cybersecurity issues.

We are already witnessing the pivot; attention to cybersecurity issues is not considered only an IT department issue. Understanding the threats and taking basic precautions to ensure security is already becoming a fundamental part of everyone's job. In 2023, this trend will significantly increase in every dimension.

For example, more employees will receive complex passwords or multi-factor authentication (2FA) training. The 2FA training can prevent social engineering attacks where unsuspecting employees often click on links or files in emails that look like corporate materials.

More Steady-State Security

In 2023, more effort will be put into maintaining existing cybersecurity measures. In previous years, an SAP audit or penetration test was the foundation for creating and implementing a cybersecurity action plan. Many companies found themselves confronted with the fact that mitigations were ineffective, as shown by audits. In 2023, more organizations will rely on vulnerability management for SAP to solve this dilemma with a continuous approach and a software-based audit. The automation achieved through specialized SAP vulnerability solutions will eliminate costs arising from manual operations, reduce human errors, and increase security effectiveness.

A Shortage In Cybersecurity Skills Deepens

In 2023 the high demand for cybersecurity experts will continue to rise, impeding IT projects. Therefore, due to high-cost pressure from all sides of an organization, the reliance on externally managed cybersecurity services to fill in the gaps will also rise. Specialized knowledge can be covered by experts who provide their support for a limited period during the project. This approach becomes too expensive for continuous services, e.g 24/7 monitoring.

Added Software Solutions Will Reduce Attackers' "Dwell Time"

A critical aspect of cybersecurity for SAP is reducing the time an attacker spends in your system; this requires prompt malicious activity detection and targeted response.

In 2023 we will see an increase in using SIEM/SOAR, EDR, and XDR solutions to help reduce attacker presence within SAP systems—as more organizations seek to connect their core application to these solutions. 

Summary

Cyber attackers are structuring their organizations like highly efficiently-run Fortune 500 companies. Current geopolitical tensions will continue, and cyber-attacks will be used more frequently as a strategic instrument to disrupt services or extort money. Because SAP S/4HANA and SAP NetWeaver  are attached to every facet of an organization, they provide a lucrative target for organized cybercrime. 2023 will be the wake-up call for many companies that breaching their SAP system can genuinely give a cybercriminal the “keys to the kingdom.” For this reason, there will be elevated attention to hardening and monitoring SAP systems. For organizations with no in-house expertise to accomplish this, there will be greater reliance on third-party SAP cybersecurity assistance.

##

ABOUT THE AUTHOR

Christoph Nagy has 20 years of working experience within the SAP industry. He has utilized this knowledge as a founding member and CEO at SecurityBridge - a global SAP security provider, serving many of the world's leading brands and now operating in the U.S. Through his efforts, the SecurityBridge Platform for SAP has become renowned as a strategic security solution for automated analysis of SAP security settings, and detection of cyber-attacks in real-time. Prior to SecurityBridge, Nagy applied his skills as a SAP technology consultant at Adidas and Audi.