According to a recent report from SAPinsider, almost two-thirds of organizations are placing cybersecurity projects on hold or scaling back planned investments in cybersecurity due to the current economic climate. As organizations experience budgetary and resource constraints against a background of rising cyber attacks, cybersec industry leader Layer Seven Security shares six ways organizations can manage cyber threats without increasing cybersecurity budgets or resources.
1. Eliminate Duplicate Security Solutions
SAP Application Lifecycle Management (ALM) platforms such as SAP Solution Manager, SAP Focused Run, and SAP Cloud ALM are widely-used for monitoring and diagnostics scenarios in SAP landscapes.
Organizations can extend the capabilities of ALM platforms using add-ons such as the Cybersecurity Extension for SAP from Layer Seven Security for areas such as threat detection and custom code security. This is less costly and involves less maintenance than third party solutions that require separate servers, infrastructure and connections.
2. Minimize Manual Steps in SAP Security Patching
Regularly patching SAP systems is the most important action organizations can take to secure business-critical SAP applications from cyber threats. System Recommendations (SysRec) in SAP Solution Manager can be used to automate the discovery and full lifecycle management of SAP security notes. The Cybersecurity for SAP automatically identifies and removes false positives in System Recommendations.
3. Automate SAP Compliance Audits
SAP solutions are subject to regular audits by internal and external auditors and other groups to confirm compliance with certain requirements like secure configuration and system changes. Automating audits can lead to improvements in the quality and timeliness of compliance monitoring and lower the manual effort involved in gathering evidence, analyzing results and reporting findings.
4. Tune Security Alerts
Security solutions can trigger alerts and notifications for suspected security incidents that are often false positives. Solutions can also overwhelm users with a large volume of alerts that cannot be realistically investigated —known as alert flooding.
Both can be minimized by tuning alerts for specific systems and landscapes. This enables security solutions to learn the unique event and user patterns for each system and exclude the patterns from alerting.
5. Automate Incident Response
Automating incident response for security alerts can improve the efficiency of security operations and response times. It also supports compliance with standard operating procedures for incident management since there is less risk of human error.
6. Integrate SAP Logs with SIEM Solutions
Security Information and Event Management (SIEM) solutions enable Security Operations Centers (SOC) to ingest and monitor logs from various endpoints in networks. They provide a centralized platform for monitoring multiple assets within an enterprise.
Find out more about the inherent challenges with integrating SAP logs with SIEM solutions in the whitepaper SIEM Integration for SAP from Layer Seven Security.
