Sap security webinar- dach

Hinweis der Redaktion

• #4: How do you handle ABAP security in SAP system today? Have not yet secured/do not have resources for security Not concerned with ABAP security right now Currently evaluating available security tools Already have a security tool in place We will wait a few moments allow everyone to answer the question
• #6: SAP enterprise applications play a mission critical role In turn, securing them should be just as critical With the estimated financial consequence of a SAP System taken offline estimated at averaging about 4.5 Million, its concerning that SAP have remained largely under the radar terms of security. And with 95% of ERP systems exposed to vulnerabilities, it is also surprising. Research conducted by Ponemon Institute focusing on the risk of SAP Cyber breaches, shows that a majority of IT and IT security professionals, about 60% feared that the impact of an attack on their SAP applications would be catastrophic.
• #7: With the security risk so threatening, it is still so underestimated - even with about 75% of respondents believing that it is likely their SAP platforms have one or more malware infections, In fact, the ERP was ranked in the top 5 SAP applications most vulnerable to attack. Enterprises on average experience about 2 SAP related breaches every 24 months. Again, let’s think of the financial repructions to that. Another interesting note loops back to security patches – in 2014 SAP released 391 security patches, of which 46% were considered “high priority” – however, we know that with fear of service disruption, many organizations are reluctant to deploy. And furthermore, we see that 70% of organizations skip security and compliance audits – This seems like denial, no? Classic, it won’t happen to me.
• #8: A recurring theme with security is the lack of visibility experienced within organizations, with only 34% saying their companies had visibility into the security of their SAP application. But visibility is just a part of the problem, what happens with detections, when only 25% of IT professionals were confident that they could immediately discover a SAP application breach   And then there is the issue of securing in the first place, which more than half of respondents felt would be difficult to achieve – How long is too long to wait to uncover a risk, and does that risk compound itself with each new development?
• #9: A Key take way from Ponemon’s research was that senior leadership values the importance of and the criticality of SAP installations to profitability. Yet, 63% say C-level executives tend to underestimate the risk associated with insecure SAP applications and only 21% of senior leadership were aware or shared the concern of an attack on their SAP application.
• #10: When SAP applications are the backbone to your business, security vulnerabilities in those applications introduce immeasurable risk to your most critical business processes and sensitive data. You need a solution that reduces the risk of security breaches and data loss by identifying and remediating security vulnerabilities. But you don’t need a solution that requires more time, money and people.
• #11: Security needs to be simplified and integrated into what you General – best practice Automate Integrate security in ongoing ERP maintenance Train developers to write secure code
• #12: Panaya CloudQuality Suite has simplified the remediation of security issues, by streamlining the automation of code security audits into the ongoing ERP maintenance activities. Organizations no longer need to take on major security projects that require extra IT time, budgets and manpower. PCQ will provide a code quality assessment that pinpoints critical vulnerabilities in ABAP® program code, identifying core security and quality issues, guidance on how to correct and integration with development processes
• #13: Panaya CloudQuality Suite has simplified the remediation of security issues, by streamlining the automation of code security audits into the ongoing ERP maintenance activities. Organizations no longer need to take on major security projects that require extra IT time, budgets and manpower. PCQ will provide a code quality assessment that pinpoints critical vulnerabilities in ABAP® program code, identifying core security and quality issues. High over view of PCQ no tech
• #14: Guy’s visuals
• #15: Guy’s visuals
• #16: But before we carry on, let me ask you another question…. Do you think your organization would favor A one time security project Ongoing security practice built into daily releases and change management
• #17: Guy’s visuals integration with development processes
• #18: How often would you like a tool to notify the developer of new security issue introduced from their own developments? I don’t want to know/have a tool in place already Daily Weekly Prior to code release
• #20: Would you like a Panaya representative to contact you to set up a free assessment? We will wait a few moments allow everyone to answer the question…