Security

The Model Context Protocol (MCP) donation to the Agentic AI Foundation, under the Linux Foundation, aims to ensure its neutral governance and collaborative development within a multi-vendor environment.

On December 9, 2025, Microsoft announced a C$7.5 billion investment to enhance AI and cloud infrastructure in Canada, building on a broader C$19 billion program, aiming to support digital sovereignty and local AI development while contributing to sustainability.

On December 9, SAP released 14 security notes, including three critical patches for vulnerabilities in SAP Solution Manager, Apache Tomcat in SAP Commerce Cloud, and SAP jConnect, urging customers to prioritize updates based on severity to protect against potential exploits.

US enterprises are increasingly adopting managed cloud security services and cloud management solutions to enhance resilience, control costs, and address the complexities of hybrid and multi-cloud environments amid rising cybersecurity threats and operational challenges.

Regulatory trends in the EU are fostering a shift towards sovereign cloud and AI infrastructure, highlighted by companies like SAP, which has invested in local partnerships with firms like Mistral AI to enhance digital autonomy and develop industry-specific applications.

IBM's OpenPages as a Service launch in the Cloud Germany data center enhances EU-centric governance, risk and compliance capabilities by ensuring data residency, improved performance and modernized software-as-a-service (SaaS) options.

As companies rapidly adopt generative and autonomous AI technologies, effective governance has become essential to mitigate risks such as accuracy, bias, and compliance, necessitating executive oversight and coordinated efforts across various departments to ensure trust and accountability in AI deployments.

On November 11, SAP released 20 security patches, including three critical ones related to vulnerabilities in SQL Anywhere Monitor, SAP NetWeaver AS Java, and SAP Solution Manager, urging customers to apply them promptly.

Germany's public administration struggles with digitalization, lagging behind EU standards, prompting the need for BSI-certified cloud solutions like the SAP platform from T-Systems to enhance cybersecurity and meet increasing demands for digital services.

With ransomware attacks occurring every 11 seconds and projected to rise to every 2 seconds by 2031, ensuring robust cybersecurity for vital ERP systems is crucial for businesses, demanding constant attention to people, processes, and technology.

Cybersecurity threats are on the rise, with notable increases in ransomware attacks in Belgium, heightened by geopolitical tensions and advanced methods employed by cybercriminals, urging organizations and individuals to enhance their security measures.

Inetum has strengthened its partnership with the City of Bruges by winning two additional lots in a consultancy framework agreement focused on systems management and cybersecurity, potentially worth €92 million over six years.

Microsoft Dynamics 365 users in Finance, Supply Chain, and Commerce must urgently address access governance before stricter licensing rules take effect on November 1, 2025, as many organizations have uncovered significant security vulnerabilities and excessive user permissions amidst new compliance pressures.

Securing ERP systems has become a business imperative due to their critical role in enterprises and increased vulnerability to cyberattacks, necessitating a shift from traditional security measures to a more integrated approach that combines IRP and cybersecurity across evolving cloud environments.

Active exploitation of a critical zero-day vulnerability (CVE-2025-31324) in the SAP Visual Composer component allows unauthenticated attackers to gain full control over SAP systems, prompting SAP to release an emergency patch and urging customers to either apply it or disable access to the vulnerable component.

SAP has issued critical Security Notes including a highly severe vulnerability in SAP NetWeaver Visual Composer that allows unauthenticated attackers to upload malicious files, prompting organizations to urgently patch or implement workarounds to protect their systems.

Thales is pioneering digital transformation in its factories by replacing traditional PCs with smartphones and tablets through the SmartMobility project, which enhances mobility and operational efficiency while maintaining cybersecurity.

Effective Segregation of Duties (SoD) and user access management in ERP systems are crucial for reducing fraud risks and ensuring compliance, necessitating automation, continuous access reviews, and a balanced approach to user privileges.

In response to rising identity-related threats, 78% of organizations are set to increase their identity and access management spending in 2025, reflecting a strategic shift towards modern security measures that emphasize complex governance and AI-driven solutions to enhance resilience in the digital landscape.

Google Cloud has acquired cybersecurity platform Wiz for $32 billion, aiming to enhance security technology and scalability across multi-cloud environments.

Dell Technologies and Microsoft are enhancing AI adoption to protect data and improve cybersecurity for multicloud environments.

Onapsis CEO Mariano Nunez talks about the importance of cybersecurity in today's ERP landscape, shared security responsibility, and why it is vital to embed security from the start.

Signify enhanced efficiency and quality control across over 100 company codes by utilizing Aico’s modules, achieving a 99.9% success rate in journal management, real-time reporting with 15-second dashboard refresh rates, a 30% reduction in obsolete tasks, an increase of 250-350 additional reconciliations per company code, and a jump to 58% automation in BSAR sign-offs.

Deloitte and Onapsis Form Strategic Alliance to Help Shared Clients Secure SAP S/4HANA Cloud®, RISE with SAP® and Cloud ERP Digital Transformations.

Cyberattacks on utility companies are increasingly targeting vulnerabilities in SAP applications, posing significant financial and operational risks, with the average cost of a data breach reaching $4.72 million. The energy sector, with its sensitive enterprise resource planning (ERP) systems like SAP, is particularly attractive to cybercriminals. Despite this, many utility companies struggle to allocate adequate resources for security, especially amid ongoing digital transformation efforts. The consequences of such attacks can be severe, leading to business disruptions, power or water outages, and the theft of customer data. To address these challenges, Onapsis, a leader in business application security, has partnered with Snohomish County Public Utility District (SNOPUD) to enhance SAP security through its Connect Up initiative, aimed at upgrading meters across homes and businesses. This collaboration leverages Onapsis' threat intelligence and automated vulnerability remediation to safeguard SNOPUD's critical systems and customer data, supporting a security-first approach as the utility modernizes its operations.

This article discusses the use of hashing for password security in SAP systems, explaining how hashes are stored, methods for cracking them using tools like JohnTheRipper and Hashcat, and emphasizes the importance of addressing weak hashes and deactivating downward compatibility to enhance data protection.

Remote Function Call (RFC) is a proprietary framework and network protocol used as a key pillar for data exchange in SAP landscapes. For network communications based upon the RFC framework, connection information needs to be configured and stored on the...