Industries
Industries Overview
Healthcare & Life Science
Manufacturing
Media & Entertainment
Public
Retail & Consumer Goods
Utilities
Consulting & Innovation
Consulting
Business Transformation
Technology Consulting
Process Consulting
Innovation
Generative AI
Sovereign AI
Metaverse
Consulting
Business Transformation
Business Transformation Consulting
Solutions & Products
Solutions
Sovereign IT
Application Development
Banks & Insurances
Business Process Management
Counterfeit Protection
Customer Experience
Data & Automation
Digital Workplace
Digital Commerce
Finance
SCM & Logistics
Products
Arvato Systems Alive
Order Management with aroma®
Digital Workplace with NAVOO®
Digitize logistics processes with platbricks®
Vulnerability Management with Varedy
Sustainability Management with green.screen
Further Products
Technologies
Amazon Web Services
Google Cloud
Microsoft
SAP
Further Partners
Solutions
Business Process Management
Process Modeling & Process Documentation
Process Mining
Process Automation
Governance, Risk & Compliance
Solutions
Counterfeit Protection
Serialization in the Consumer Goods Industry
Serialization in the Pharma Industry
Solutions
Customer Experience
API Management
App Development
Arvato Systems Alive
Customer Experience Consulting
Hyperpersonalization
Customer Loyalty
Content Management
Customer Relationship Management
Product Information Management
UX and UI Design
Solutions
Data & Automation
Data Fabric
Data Governance
Data Mesh - Efficient, Decentralized Data Architecture
Data Strategy
Generative AI
Hyperautomation
DocuStream
Artificial Intelligence
Robotic Process Automation
Self-Service Business Intelligence
Solutions
Digital Workplace
Digital Meeting Management
Digital Workplace with NAVOO®
Guest User Manager
Microsoft 365
Microsoft 365 Backup Service
Microsoft 365 Data Protection
Microsoft Power Platform
Workplace Security
Solutions
SCM & Logistics
Warehouse Management
Transport Management
Production Planning
Digitize logistics processes with platbricks®
Artificial Intelligence in Logistics
Logistics 4.0
SCM & Logistics
Digitize logistics processes with platbricks®
Production Supply
Container Management
Warehouse Management System
Mobile Solutions
Analytics
Chatbots
Gamification
Healthcare Suite
Technologies
Amazon Web Services
Amazon Connect Contact Center
AWS Container Acceleration
AWS Cloud Migration
SAP on AWS
Technologies
Google Cloud
API Management with Apigee
Modern Data Warehouse Management with BigQuery
SAP on Google Cloud
Google Cloud Landing Zone
Technologies
Microsoft
Microsoft Azure
SAP on Azure
Microsoft 365
Microsoft Power Platform
Technologies
SAP
RISE with SAP
SAP Analytics Cloud
SAP Application Management Service
SAP Business Technology Platform
SAP BW/4HANA
SAP Customer Experience
SAP Datasphere
SAP IS-U
SAP & AI
SAP License Management
SAP S/4HANA
SAP S/4HANA Cloud, Public Edition
Infrastructure & Operations
Cloud & Data Center Services
Cloud Transformation
IT Outsourcing & Infrastructure Services
Multi & Hybrid Cloud
Virtual Desktop Infrastructure
Workload Automation
Security Services
Cyber Care & CDC
Disaster Recovery
Vulnerability Management with Varedy
SAP Security
Managed Services
Cloud Foundation
Managed Workloads
Application Management
Cloud & Data Center Services
Cloud Transformation
Application Modernization on Cloud
Datacenter on Cloud
Data Management on Cloud
Enterprise Application Integration
Managed Cloud IT with Avvia
Cloud & Data Center Services
IT Outsourcing & Infrastructure Services
SAP Hosting
Cloud & Data Center Services
Multi & Hybrid Cloud
Amazon Web Services
Google Cloud
Microsoft Azure
Virtual Private Cloud
About us & News
About Arvato Systems
Awards
Corporate Responsibility
Management
Memberships & Certifications
Newsletter
Partnerships
References
Locations
Press
Events
Contact
AdobeStock_779572837-klein

Efficiently Detect and Respond to Cyberattacks in Critical SAP Systems

Protect yourself with these tools

...
ArvatoSystes_MA_Timo-Schlüter
Written by
Protecting Your SAP Platform: Detecting and Defending Against Threats
01.10.2024
Cloud
Security
SAP

This blog deals with the question of how the elements of the NIST framework threat detection, response, and recovery can be used effectively in an SAP environment and what added value Arvato Systems offers its customers in the effective application of the NIST framework.

Detecting Cyber Threats Is a Growing Challenge

The number of cyberattacks continues to rise. In the first half of 2022, around 236.1 million ransomware attacks were reported, and the average cost of a data protection breach rose worldwide from 3.5 million US dollars in 2014 to 4.35 million US dollars in 2022.

 

Despite the cyber security measures in place, the opportunities for hackers remain high. Companies need to monitor and secure thousands of components across their entire system, while a hacker only needs to find a single vulnerability to penetrate successfully.

 

Malware can be designed to remain undetected in the system for long periods. According to the IBM Cost of a Data Breach Report 2022, the average time required to detect and contain a data breach in 2022 was 277 days. Arvato Systems' own research indicates that a hacker can remain undetected in the network for around 69 days. We advise our customers to implement sophisticated detection functions that reduce this time to a minimum and, in the best case, to zero.

 

Early detection can minimize the operational, financial, and reputational damage that a security breach can cause.

Early Detection and Response Requires Layered Intelligence

The days when threats could be detected and combated by a single layer of anti-virus software and firewall rules are long gone.Today, detection is based on minute-by-minute information about activities and detailed monitoring of activities in the infrastructure, applications, and data components.

The Security Operations Center (SOC) Is Becoming a Basic Requirement

Hiring a specialized SOC is practically a prerequisite for medium to large companies. This usually means an external SOC with specialized expertise, up-to-the-minute access to industry-wide threat data, and a sophisticated toolset. This is required to detect an attack that may only manifest itself through minor behavioral changes across multiple layers and components.

 

Most SOCs lack specific SAP security know-how. This makes it all the more important for SAP users to choose a SOC that can integrate the necessary security tools into a company's IT infrastructure and connect the sensors of the security solutions with the relevant SAP systems systems.

 

Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) tools meet the requirement to combine and analyze security information and events across multiple components in real time to enable a rapid response.

 

Until August 2022, connecting SAP with existing security solutions was challenging. Now, the Microsoft Sentinel solution for SAP applications, jointly developed by SAP and Microsoft, closes this gap. It is installed on a Docker container and works in the corresponding network segment of the SAP environment, regardless of whether the SAP system is on-premise or in the AzureGoogle, or AWS cloud.

Complex Detection and Response Require Orchestration

Rapid identification and analysis of suspicious activity across multiple components requires automated orchestration.

 

Security Orchestration Automation and Responses (SOAR) is available within Microsoft Sentinel, a tool that collects and correlates security-relevant data across systems to automate the response to an incident as far as possible. It does this by communicating with another sensor via an API, thus minimizing the required log volume. This enables companies to react more quickly to cyber-attacks.

Recovery Requires Careful Planning

Cybersecurity strategies and planning must assume that security breaches will occur, so a fully developed and tested data and systems recovery process is essential.

 

This planning must take into account that hackers can exploit any fully automated process. For example, ransomware attacks can target automated backup processes to hinder data recovery.

 

Operational criticality is an important factor for SAP systems. Shutting down the SAP platform for an extended period of time to contain an attack or perform recovery processes is probably not a viable option from a business perspective.

How Arvato Systems creates added value

Comprehensive IT expertise, a high level of technical understanding, in-depth industry knowledge and active partnership - that's Arvato Systems.

 

When it comes to securing business-critical SAP implementations, Arvato Systems can rely on strategic partnerships with key providers — Microsoft, Google Cloud, and AWS — as well as the proven SAP expertise of an SAP Gold Partner.

You can also find more information on this in our SAP Security Whitepaper

You May Also Be Interested In

Protecting business-critical SAP functions in a complex cyber landscape

This blog outlines a best-practice approach to SAP cybersecurity. Find out how Arvato Systems can help you secure your SAP implementation in an increasingly complex and risky cyber world.

Learn more
Whitepaper SAP Security

Maximum SAP security is vital for the survival of production companies and KRITIS. Download the "SAP Security" whitepaper now and take adequate measures!

Download now
SAP Security: Managed SAP Connector for Microsoft Sentinel

Enhance your SAP security with the world's first and only detection solution Microsoft Sentinel Threat Monitoring for SAP (previously: SAP Connector for Microsoft Sentinel).

Learn more
SAP Solutions

We set up a centralized platform for the comprehensive digitalization of your business.

Learn more

Written by

ArvatoSystes_MA_Timo-Schlüter
Timo Schlüter
Expert for Cyber Security
Subscribe to our newsletters
ImprintPrivacy PolicyGeneral Purchase ConditionsYour Career at Arvato SystemsContactChange Cookie-Settings
© 2024 Arvato Systems