Security News > 2022 > August > Why SAP systems need to be brought into the cybersecurity fold
A recent part-owned SAP report revealed that for every 1,500 cyberattacks on SAP systems recorded between mid-2020 and March 2021, 300 were successful, with threat actors leveraging faults in unsecured applications to commit financial fraud, deploy ransomware and disrupt business operations.
Any vulnerability in SAP is highly concerning owing to its impact potential - should SAP systems be attacked, the consequences can be catastrophic, cascading across multiple risk areas.
In a recent Twitter poll targeted at cybersecurity and IT professionals in both the US and UK, it was found that 40% of organizations don't include business-critical systems such as SAP in their cybersecurity monitoring, while a further 27% were unsure if it was included in their cybersecurity monitoring at all.
The logs created by each SAP application in capturing security-relevant events are presented in differing formats with a distinct lack of standardization, making it incredibly difficult for security teams and SIEM systems to make any sense of SAP log data.
To be successful, businesses need to work towards building an integrated security operations platform that monitors all IT infrastructure and provides complete visibility into SAP systems to massively reduce current security risks and provide logs to aid any audit processes.
Such solutions can standardize the complex data in SAP system(s) to ensure readability in the SIEM, enabling real-time analysis of internal SAP activity while also allowing firms to correlate SAP data with other events in the IT network.