Protecting SAP Systems from Ransomware Attacks

Webinar - Thursday, June 24 at 2 PM ET

Ransomware is headline news, and recent attacks have demonstrated the devastating impact of attacks that target critical infrastructure. According to the Department of Homeland Security ransomware attacks have increased by 300% over the past year, impacting all industries and sectors. The average downtime from an attack is 21 days, but full recovery takes an average of 287 days.  
Ransomware can impact SAP systems through vulnerable operating systems. However, securing host systems alone does not safeguard SAP systems from ransomware. Attackers can exploit trust relationships between SAP applications and underlying operating systems to execute privileged OS commands that avoid detection. This can include commands that enable threat actors to transfer, install, and execute ransomware tools.  
This webinar will discuss steps you can take to secure your business-critical SAP systems from ransomware. It will provide an integrated strategy for: 
• Identifying and prioritizing critical SAP assets and infrastructure; 
• Hardening SAP systems to reduce the attack surface; 
• Activating and monitoring SAP logs to detect suspected attacks; and  
• Backing up and restoring SAP systems to minimize the downtime from successful attacks. 
The webinar will also discuss how to use SAP Solution Manager to support your anti-ransomware program, from identifying and removing vulnerabilities that could be exploited to attack your systems to detecting and alerting for suspected security breaches. 

Register Now


Ian Thomson Layer Seven Security
Read More

Ian is a seasoned IT executive and former Vice President, IT at Citibank.

Aman Dhillon Layer Seven Security
Read More

Aman is a subject matter expert on SAP security and the use of SAP Solution Manager for security monitoring.

SSO and multi-factor authentication: How you can use both together?- Webinar

On-Demand Webinar

When users are familiar with the SSO user experience, and then 2-factor/multi-factor authentication (2FA/MFA) is enforced, this can — if not implemented correctly — negatively affect their user experience and cause frustration, reducing productivity. Learn how to reduce this negative impact using the CyberSafe TrustBroker® products and watch a live demo of some typical user logon scenarios.

Key takeaways:

  • Understand SSO and 2FA/MFA for SAP applications from an end-user point of view
  • Learn about the pre-requisites for implementing 2FA/MFA for your SAP systems
  • Hear about the TrustBroker Policy Based User Authentication for Transactions feature
  • Appreciate why you need to select a product that offers both SSO and 2FA/MFA for SAP users, and how the TrustBroker® product multi-level authentication (MLA) architecture allows for the required level of flexibility
Register Now!

SAP Announces It Is Addressing Cyber Security Gaps in Multiple Cloud Solutions

Approximately 40,000 Customers Impacted

by Robert Holland, VP Research and Publishing, SAPinsider

On May 4, SAP announced that, while performing regular internal reviews of the company’s cyber security infrastructure, they discovered several of the company’s cloud products “do not meet one or several contractually agreed or statutory IT security standards.” SAP stated that the products impacted were part of previous acquisitions, specifically SAP SuccessFactors, SAP Concur, SAP Commissions (previously CallidusCloud Commissions), and SAP CPQ (previously CallidusCloud CPQ). However, SAP’s statement also indicated that SAP C4C/Sales Cloud, SAP Cloud Platform, and SAP Analytics Cloud were affected, possibly indicating a larger underlying infrastructure concern.

In the official announcement, SAP emphasized that these issues were “not identified in response to a security incident” and that they “do not believe that any customer data has been compromised as a result of these issues.” In addition, SAP expects that correction of the issues will “largely be completed” during the second quarter of 2020, and that any related costs will be covered within their current financial outlook for the 2020 fiscal year. SAP also plans on updating their security-related terms and conditions so they are consistent with other enterprise cloud organizations.

SAP’s statement indicated that they would be reaching out to any customers affected by the issues individually to inform them of the issue and support them while those issues are being addressed. Those impacted represent “approximately 9 percent of SAP’s 440,000 customers,” according to the company’s announcement. While not a huge number compared to SAP’s overall customer base, this number likely represents a significant proportion of those customers running the impacted products.

What Does This Mean for the SAPinsider Community?

While waiting to hear from SAP whether they are impacted by these cyber security gaps, SAPinsiders should use this time to reflect on their own cyber security strategy. Here are some steps that can benefit your organization:

  • See if you are impacted. SAP has stated that they will be reaching out individually to customers who are affected. If you are, ensure that the information is passed quickly to your SAP administrators who can work closely with your SAP support and customer success representatives to provide you with all the information and assistance that you need.
  • Review your enterprise security strategy. If you are using cloud-based systems, this announcement is a reminder that you must regularly check your own security plans and strategies and ensure that they are up to date and fully compliant.
  • Hear what other SAPinsiders are planning for their security strategy. SAPinsider is hosting a webinar on May 6 discussing the results of our March benchmark report on the Impact of the Cloud and SAP HANA on Enterprise Security Strategy. This is a great opportunity to hear what other SAPinsiders are planning, and what can help you be successful.
  • Attend other security-focused sessions. SAPinsider is launching a virtual event starting May 5 which includes sessions that are focused on security. This event includes interactive Q&A sessions during the week of May 11. Make sure that you don’t miss out.

Following this guidance should help the SAPinsider Community make appropriate decisions around their cloud and enterprise security plans.

Robert Holland, Vice President of Research & Publishing, SAPinsider, can be reached at

Protect Your SAP Data from Bad Accidents and Bad Actors- Webinar

When systems that house sensitive data and serve as the operational backbone for organizations get disrupted, it can cause detrimental and costly problems for your organization. These days, companies must deal with a plethora of bad actors looking to disrupt and disable operations for profit or malice. In addition to traditional data protection, it is necessary to develop cybersecurity strategies to thwart intruders before they can cause mischief.

Join this webinar to hear experts from Pure Storage and Cisco Systems discuss both aspects of securing your assets. You will learn:

• Tips for implementing simple, always-on Data Protection for backup and recovery scenarios, including disaster recovery across a hybrid cloud landscape
• How to address the sinister threat posed by bad actors and how Cisco’s cybersecurity suite can help protect customers
• How data protection and cybersecurity work hand-in-hand in a joint SAP infrastructure platform, FlashStack, to provide the maximum protection possible for your mission-critical SAP landscape

Register Now!

5 Things SAPinsiders Are Saying About Their Enterprise Security Strategy

SAP’s transition to an enterprise cloud company has changed the way SAP customers consider and implement their enterprise security strategy. The inclusion of SAP HANA-based systems adds further complexity to these considerations, particularly when these systems are running in hybrid or cloud-based environments. Organizations now need to find a way forward that doesn’t rely on existing physical and network security, and instead expands the security perimeter to include not only local systems, but also those that are running in cloud-based environments.

After speaking with many SAPinsiders, Robert Holland, Vice President of Research and Publishing at SAPinsider, summed up the results by saying that a successful security strategy must be “comprehensive, integrated, and part of the corporate culture.” A survey conducted earlier this year by SAPinsider asked members of our community several questions about their current enterprise security strategy. Holland will discuss these sentiments along with SAPinsider’s research on the topic during our live webinar, Impact of the Cloud and SAP HANA on Enterprise Security Strategy, occurring on Wednesday, May 6 at 2:00pm, US Eastern Time.

For now, here are five things SAPinsiders are saying:

  1. The biggest challenge is a lack of resources or expertise. “Many organizations simply do not have the resources to have a dedicated team focused on security of SAP solutions. Given the number of solutions many customers are running, and the fact that they may be running both locally and in hybrid or fully-cloud environments, it is often difficult to keep up just with the SAP Notes and patches that are recommended by either SAP or user group organizations,” Holland says.
  2. Any successful enterprise security strategy needs to be holistic. “With deployment models now including the cloud, a successful strategy needs to encompass physical security, system security, application security, and data security. It also needs to be integrated into day-to-day business activities and practices so that everyone within an organization understands why it is important,” Holland says.
  3. Integrating your security strategy with your business processes is essential. Holland says, “Nearly half the survey respondents indicated that they faced the challenge of security disrupting operations. If you want your security strategy to be effective it needs to be integrated with your business processes so it is seamless and non-disruptive to end users—or they will not use it.”
  4. Education is key. Holland notes that 46% of respondents indicated that they were seeing improved security awareness because of training and education programs that they were conducting. “End-users have to understand the security strategy if you want them to use it effectively.”
  5. Plan for a security strategy that includes the cloud. “In our past research, over 90% of SAPinsiders had at least looked at cloud-based solutions, and in this study 56% said that they were running at least one cloud-native solution. While everyone may not be running a cloud solution yet, there is a high likelihood that they will be doing so in the future and should plan for that accordingly,” Holland says.

During the live webinar, Holland will go into more detail about SAPinsider’s research into customers’ Enterprise Security Strategies. Attendees will have the opportunity to ask questions in real-time and gain a better understanding of:

  • What is driving Enterprise Security Strategy
  • What actions organizations are taking to those drivers
  • Key requirements and technologies
  • Recommendations to help your organization implement a successful security strategy

Business Continuity Track at SAPinsider Virtual Event Features Strategies and Quick Wins from SAP and Partners

By Brianna Shipley, Senior Editor, SAPinsider

Most businesses are prepared to handle certain types of inevitable—almost guaranteed—disruption, such as extreme weather conditions, technical failures, unplanned absences, security breaches, or incidents in supply chain. An event such as a widespread illness that requires a majority of the world’s workforce to work from home with entire industries put on hold, however, is not something that was in most companies’ forecasting capabilities.

The economic disruption caused by COVID-19 has impacted organizations at all levels of their operations, creating a unique environment that makes business continuity uncertain and challenging. To address this world-wide experience SAPinsider will host a special track with SAP and partners  at our 2020 virtual event to help businesses leverage SAP technology and best practices to not only maintain business continuity, but also thrive during this time.

“Sessions in this track, Business Continuity in Times of Economic Disruption, reflect the reality of where SAP customers are now; many are wondering what adjustments to make to their business to adapt and a big part of that lives within how they run their core processes in SAP,” Rizal Ahmed, Chief Content Officer at SAPinsider, says. Sessions in this track will address how companies can optimize the technology they already have to gain quick wins during these times of remote work and economic distress.

Working Remotely and Securely

A large part of the challenge for many SAP customers is getting used to working from home. “Many teams that used to be able to gather on the floor, in board rooms, or in their data center can’t do that anymore. But the overall business still needs to be supported. Certain questions come into play here, such as how do we collaborate and how do we do it in a secure, compliant way?” Ahmed says.

A session on how to use automation to gain efficiencies in your security processes and improve the effectiveness of security controls will help businesses answer these questions. Titled “Effectively Managing SAP Security Risks in the Modern World,” presenters from Protiviti and SAP will review how businesses can take advantage of SAP Access Control to get users access quicker while increasing compliance. How to assess tools such as Enterprise Threat Detection to protect against cyber risks will also be addresses, as well as how to automate using continuous monitoring tools like Access Violation Management and Process Control to test 100% of transactions and only review exceptions.

Finance and the Virtual Close

A common challenge in finance even before the pandemic struck was successfully and efficiently completing the month-end close. The business continuity track will highlight two businesses that were able to complete a successful virtual close with a fully remote accounting team with the help of SAP and partners.

Hubbell, a long-time customer of SAP and BlackLine, set out to further automate their financial close processes with SAP S/4HANA up and running as its ERP. When forced to quickly transition to a fully virtual close, Hubbell used BlackLine solutions to adapt. During this case study session, “How Hubbell Modernized Accounting and Transitioned to Closing Virtually,” attendees will learn how balance sheet substantiation laid the foundation for Hubbell’s use of BlackLine solutions, allowing the company to document and facilitate key SOX controls and to remain proactive in their approach to intercompany processes.

BlackLine also assisted Brighthouse Financial in being able to close with a fully remote workforce. This case study session, “Getting Better Every Day: Brighthouse Financial’s Continuous Improvement Journey with BlackLine,” explains how Brighthouse gained momentum for future automation and transformation by identifying BlackLine’s SAP Account Substantiation and Automation solution to complement their SAP S/4HANA ERP and address multiple financial close processes previously performed in multiple vendor systems.

Another highly affected area in finance is lease management. During our session, “Conserve Cash and Improve EBITDA through Active Lease Management,” presenters from Bramasol will discuss the impacts of today’s crisis on the balance sheet and income statement and how active lease management can save businesses money on impairments and evergreens.

Risk Management

Due to advancements in technology, including intelligence capabilities such as AI and machine learning, remote automation and security, and the cloud, businesses are able to streamline processes regardless of where in the world they are working from, allowing many employees to stay at home until a safe way to re-open the economy arrives. “If this happened ten or even five years ago, we’d be in a much different world. You might have people risking their health and well-being to go into the office to support the business,” Ahmed says.

Although many employees have found a way to mitigate the risk of catching or spreading the virus by working from home, the risks faced by the business itself still exist. An introductory session, “Top Finance and Risk Priorities for Business Continuity During Economic Disruption,” will share which projects in the finance and risk spaces are being prioritized by SAP and their customers.

In addition to understanding and aligning priorities, focusing on managing cash and cash risk during challenging economic times such as we face today is essential. During our session “Managing Cash and Risk in Times of Economic Disruption” presenters from SAP and Bramasol will come together to discuss the four types of risk and hone in on financial risk specifically to help attendees understand how to mitigate and manage financial risk.

Ahmed says that businesses need to understand how to use their current tools to deal with the new risks that exist, including compliance concerns. Presenters from Protiviti and SAP will discuss how attendees can utilize SAP Risk Management and SAP Process Control to enable and automate key Enterprise Risk Management (ERM) activities during our session, “Leveraging SAP Risk Management and Process Control to Streamline Enterprise Risk Management in a Virtual Environment.” This session will help businesses understand how to automate compliance management and optimize control testing with SAP Process Control and how to leverage continuous monitoring of controls, assess potential risk impacts, and track the effectiveness of risk responses using reports and analytics.

Forecasting for a “New Normal”

Planning ahead for situations that require your supply chain and workforce to be flexible will be required now more than ever, says Ahmed. Fortunately, businesses today have the technology to enable them to do so. While companies can’t necessarily plan based on last year’s results due to today’s dynamic climate, accurate, flexible, iterative, and timely planning is critical. Our session presented by Protiviti, “Planning for the Unplanned: See how SAP Analytics Cloud Planning Can Enable Predictive Forecasting in a Volatile Market,” will provide real-time forecasting and planning techniques to help businesses adapt to an unpredictable future.

Talking points will include how to leverage Scenario Management to anticipate and plan for hundreds of potential conditions, how embedded collaboration capabilities enable quick decisions in a virtual office environment, and how predictive analytics will replace “tribal knowledge” and “past performance” to drive forecasting accuracy.

Ahmed says, “No matter what, the more you use intelligence and automation that’s going to be valuable inside and outside of a crisis because it’s making your business processes more efficient and better.”

Register to attend sessions in SAPinsider’s business continuity track.