×
CIO Applications Weekly Brief
Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from CIO Applications
Layer Seven Security: Securing SAP Systems from Cyber Attack
77 percent of the world’s transaction revenue touches an SAP system. SAP customers include 92 percent of the Forbes Global 2000 companies and 98 percent of the 100 most valued brands. SAP serves over 437,000 customers in more than 180 countries and is the world’s leading cloud business software company.
The prevalence of SAP systems and the fact that such systems store and process customer, employee, financial, and other sensitive information creates an alluring target for cyber attackers. In fact, SAP systems are often referred as the crown jewels of corporate IT networks. According to a recent report, the estimated cost of downtimes in ERP applications is $50,000 or more per hour at almost two thirds of organizations. Therefore, the impact of a security breach in SAP systems that interrupts the availability of business-critical applications can be significant formost customers.
The report also revealed that 64 percent of ERP deployments have experienced security breaches in the past 24 months. The majority included the breach of sensitive data including sales data in 50 percent of cases, as well as HR data (45 percent), customer data (41 percent), financial data (34 percent) and intellectual property (36 percent). Furthermore, 62 percent of ERP systems have critical vulnerabilities, 74 percent of ERP applications are accessible from the Internet, and 56 percent of executives are concerned or very concerned about moving ERP applications to the cloud.
Layer Seven Security is an SAP partner that is singularly focused on protecting SAP systems from cyber threats. Since 2010, the organization has provided services and solutions to prevent, detect and respond to advanced threats targeted at SAP platforms. The company is headquartered in Toronto, Canada and a global leader in SAP cybersecurity.
Vulnerability Management, Threat Detection and Incident Response for SAP
The company’s flagship solution is the Cybersecurity Extension for SAP Solution Manager. The software is an add-on for SAP Solution Manager, a management server installed in most SAP landscapes. Solution Manager is the second most widely deployed SAP product with over 100,000 installations worldwide. The Cybersecurity Extension performs automated vulnerability management, threat detection and incident response for SAP systems using the diagnostics and monitoring infrastructure in Solution Manager. This innovative approach enables Layer Seven Security to dramatically reduce the cost, deployment time and maintenance efforts associated with SAP cybersecurity tools.
SAP systems are in the cross-hair of cyber attackers
The extension provides significant advantages to SAP customers compared to alternative solutions. Aside from lower costs, rapid deployment and ease of maintenance, the extension does not require any additional hardware, agents, connections, or users, since it leverages the preexisting infrastructure in Solution Manager. It also benefits from SAP support and maintenance, and a seal of approval from SAP: the use of SAP Solution Manager for security monitoring is recommended by SAP.
The Cybersecurity Extension for SAP Solution Manager performs automated, scheduled scans to detect over 1000 vulnerabilities in SAP systems. This includes ABAP, HANA and Java platforms and cloud and on-premise SAP installations. The results of the scans and the recommendations provided by the extension enable organizations to harden their SAP systems against potential threats by removing known weaknesses.
The extension also detects threats in near-time through automated monitoring of SAP event logs. It triggers alerts and email/ SMS notifications for suspected security breaches using a library of more than 300 Indicators of Compromise (IOCs) for SAP systems. Customers can investigate alerts with incident response procedures bundled in the extension. This enables organizations to reduce metrics such as the Mean Time to Detect (MTTD) and the Mean Time to Response (MTTR) for SAP security breaches.
The extension integrates with SAP Code Vulnerability Analyzer for the detection of vulnerabilities in custom SAP programs. It also integrates with Security Information and Event Management (SIEM) systems for centralized security monitoring. The extension filters, structures and enriches SAP event data to support a single point of integration between SAP landscapes and SIEM systems.
Raising the Bar for SAP Cybersecurity
Layer Seven Security has experienced significant year-on-growth, doubling in size and revenue between 2016 and 2018. The growth trajectory is expected to continue in 2020 and beyond. The company is investing significantly in product development. Future enhancements are expected to include vulnerability monitoring for operating systems supported by SAP. This will enable customers to perform automated vulnerability scanning across the SAP technology stack including host, database and application components. Layer Seven Security is also leveraging machine learning capabilities in the SAP HANA platform for the detection of anomalies in user and system behavior.
![NETSOL Technologies [NASDAQ:NTWK]: How Netsol Technologies Helps Companies Transform Their Asset Financing And Leasing Operations](https://www.cioapplications.com/uploaded_images/scoisj450.jpg "NETSOL Technologies [NASDAQ:NTWK]: How Netsol Technologies Helps Companies Transform Their Asset Financing And Leasing Operations")
Follow Layer Seven Security on :