Security

NATO has partnered with Google Cloud to enhance its digital modernization through a multimillion-dollar commitment to an air-gapped sovereign cloud environment, improving data governance and enabling AI-driven workloads while maintaining strict security and operational control.

Regulatory trends in the EU are fostering a shift towards sovereign cloud and AI infrastructure, highlighted by companies like SAP, which has invested in local partnerships with firms like Mistral AI to enhance digital autonomy and develop industry-specific applications.

IBM's OpenPages as a Service launch in the Cloud Germany data center enhances EU-centric governance, risk and compliance capabilities by ensuring data residency, improved performance and modernized software-as-a-service (SaaS) options.

As companies rapidly adopt generative and autonomous AI technologies, effective governance has become essential to mitigate risks such as accuracy, bias, and compliance, necessitating executive oversight and coordinated efforts across various departments to ensure trust and accountability in AI deployments.

Germany's public administration struggles with digitalization, lagging behind EU standards, prompting the need for BSI-certified cloud solutions like the SAP platform from T-Systems to enhance cybersecurity and meet increasing demands for digital services.

With ransomware attacks occurring every 11 seconds and projected to rise to every 2 seconds by 2031, ensuring robust cybersecurity for vital ERP systems is crucial for businesses, demanding constant attention to people, processes, and technology.

How enterprise leaders are protecting business applications against soaring cyber threats and why you can't afford to wait.

Cybersecurity threats are on the rise, with notable increases in ransomware attacks in Belgium, heightened by geopolitical tensions and advanced methods employed by cybercriminals, urging organizations and individuals to enhance their security measures.

Inetum has strengthened its partnership with the City of Bruges by winning two additional lots in a consultancy framework agreement focused on systems management and cybersecurity, potentially worth €92 million over six years.

Microsoft Dynamics 365 users in Finance, Supply Chain, and Commerce must urgently address access governance before stricter licensing rules take effect on November 1, 2025, as many organizations have uncovered significant security vulnerabilities and excessive user permissions amidst new compliance pressures.

Securing ERP systems has become a business imperative due to their critical role in enterprises and increased vulnerability to cyberattacks, necessitating a shift from traditional security measures to a more integrated approach that combines IRP and cybersecurity across evolving cloud environments.

Active exploitation of a critical zero-day vulnerability (CVE-2025-31324) in the SAP Visual Composer component allows unauthenticated attackers to gain full control over SAP systems, prompting SAP to release an emergency patch and urging customers to either apply it or disable access to the vulnerable component.

SAP has issued critical Security Notes including a highly severe vulnerability in SAP NetWeaver Visual Composer that allows unauthenticated attackers to upload malicious files, prompting organizations to urgently patch or implement workarounds to protect their systems.

Effective Segregation of Duties (SoD) and user access management in ERP systems are crucial for reducing fraud risks and ensuring compliance, necessitating automation, continuous access reviews, and a balanced approach to user privileges.

In response to rising identity-related threats, 78% of organizations are set to increase their identity and access management spending in 2025, reflecting a strategic shift towards modern security measures that emphasize complex governance and AI-driven solutions to enhance resilience in the digital landscape.

Google Cloud has acquired cybersecurity platform Wiz for $32 billion, aiming to enhance security technology and scalability across multi-cloud environments.

Dell Technologies and Microsoft are enhancing AI adoption to protect data and improve cybersecurity for multicloud environments.

Onapsis CEO Mariano Nunez talks about the importance of cybersecurity in today's ERP landscape, shared security responsibility, and why it is vital to embed security from the start.

Signify enhanced efficiency and quality control across over 100 company codes by utilizing Aico’s modules, achieving a 99.9% success rate in journal management, real-time reporting with 15-second dashboard refresh rates, a 30% reduction in obsolete tasks, an increase of 250-350 additional reconciliations per company code, and a jump to 58% automation in BSAR sign-offs.

Deloitte and Onapsis Form Strategic Alliance to Help Shared Clients Secure SAP S/4HANA Cloud®, RISE with SAP® and Cloud ERP Digital Transformations.

Cyberattacks on utility companies are increasingly targeting vulnerabilities in SAP applications, posing significant financial and operational risks, with the average cost of a data breach reaching $4.72 million. The energy sector, with its sensitive enterprise resource planning (ERP) systems like SAP, is particularly attractive to cybercriminals. Despite this, many utility companies struggle to allocate adequate resources for security, especially amid ongoing digital transformation efforts. The consequences of such attacks can be severe, leading to business disruptions, power or water outages, and the theft of customer data. To address these challenges, Onapsis, a leader in business application security, has partnered with Snohomish County Public Utility District (SNOPUD) to enhance SAP security through its Connect Up initiative, aimed at upgrading meters across homes and businesses. This collaboration leverages Onapsis' threat intelligence and automated vulnerability remediation to safeguard SNOPUD's critical systems and customer data, supporting a security-first approach as the utility modernizes its operations.

This article discusses the use of hashing for password security in SAP systems, explaining how hashes are stored, methods for cracking them using tools like JohnTheRipper and Hashcat, and emphasizes the importance of addressing weak hashes and deactivating downward compatibility to enhance data protection.

Remote Function Call (RFC) is a proprietary framework and network protocol used as a key pillar for data exchange in SAP landscapes. For network communications based upon the RFC framework, connection information needs to be configured and stored on the...

Onapsis Research Labs detailed a security breach where an SAP system was compromised, transformed into a command and control bot through a vulnerability, and used to launch a distributed denial of service attack via Cloudflare.

THE IMPORTANCE OF SAP SECURITY Simple steps to educate yourself, your team, your executive management, and the board of directors. SAP S/4HANA & DIGITAL TRANSFORMATION Best practices to securely navigate your SAP S/AHANA journey. AUTOMATION, EFFICIENCY & AGILITY FOR APPLICATION...

Onapsis and Flashpoint released a report detailing how cybercriminals are increasingly discussing and targeting SAP applications.

RISE with SAP is a comprehensive suite of cloud-based applications, platforms, tools, and services that help businesses of all sizes accelerate their digital transformation. However, any migration to the cloud comes with security challenges. Using third-party security technology can enhance and expand your ability to protect your data and systems while transitioning into a RISE with SAP environment. In this webinar, learn how enhanced visibility, automated security scanning, and incident response can augment your team’s ability to inspect what they expect from RISE with SAP, increase business value, and promote risk abatement.