Security

Enterprise Resource Planning (ERP) significantly bolsters IT security by providing a centralized and integrated approach to safeguarding critical information. ERP systems incorporate robust security features, such as user access controls, encryption, and authentication protocols, ensuring the confidentiality and integrity of sensitive data. Through continuous monitoring and audit trails, ERP enhances visibility into system activities, aiding in the early detection of potential security threats. ERP’s role extends to compliance management, assisting organizations in adhering to regulatory requirements and industry standards. By consolidating data across various business processes, ERP strengthens security measures, minimizing vulnerabilities and offering a comprehensive defense against cyber threats. This integrated approach to IT security fortifies organizations, promoting resilience and protecting against evolving cyber risks.

When AI Finds Bugs Faster, ERP Patch Governance Has to Catch Up
The White House launched the Gold Eagle initiative, an AI-driven cybersecurity clearinghouse aimed at enhancing coordination among government, private sectors, and open-source partners to expedite the identification and remediation of software vulnerabilities amid increasing pressure from advanced AI systems.
Security Patch Day
July Patch Day Gave an AI Wake-Up Call from Microsoft, ServiceNow, and SAP
July's record-breaking patch cycle from Microsoft, ServiceNow, and SAP highlights a new reality for enterprise security teams. AI is accelerating vulnerability discovery, shrinking remediation windows, and expanding the attack surface across ERP systems, cloud platforms, identity infrastructure, and business-critical workflows.
IT professionals working at computer monitors in an office, representative of enterprise system security monitoring.
SAP’s July Patch Day Turns ERP Security into a Coordination Test
SAP's July 2026 Patch Day is not a single-vulnerability story. With four critical and six high-priority entries spanning NetWeaver, Approuter, Commerce Cloud, Integration Suite, SAProuter, UI5, and obsolete transport tooling, the real test for ERP teams is whether they can assign, execute, and verify different remediation actions across hybrid landscapes.
AI Agents Need a Gateway, and Citrix Is Putting NetScaler in the Middle
Citrix has enhanced its NetScaler AI Gateway with Model Context Protocol (MCP) Gateway functionalities to streamline governance for large language model and agentic AI traffic, introducing centralized authentication and model-routing features to address emerging enterprise needs for secure and monitored access to backend systems.
DLA ERP Modernization
DLA’s ERP Modernization Race Shows How Audit Pressure Is Rewriting Federal Cloud Deals
DLA is years ahead of schedule on a major ERP modernization initiative aimed at reducing technical debt, improving auditability, and moving away from heavily customized systems. The effort highlights how cloud services, managed support, and process standardization are becoming foundational to federal ERP transformation.
US Air Force
Air Force Looks to Standardize ERP Services on Cloud One OCI
The US Air Force is seeking partners through a request for information to develop and sustain Enterprise Resource Planning Common Services on Oracle Cloud Infrastructure, aiming to enhance shared cloud services and integration for defense ERP environments.
Anthropic Claude ban lift AI access
Anthropic’s Ban Lift and Claude Science Launch Test the New Rules of AI Access
The Trump administration has lifted restrictions on Anthropic's Claude Fable 5 and Mythos 5 models, ending a weekslong export ban tied to cybersecurity concerns—though Mythos 5 remains restricted to approved US organizations. At the same time, Anthropic launched Claude Science, a domain-specific AI research workbench targeting life sciences and pharmaceutical users, signaling a broader shift toward specialized, governed enterprise AI access.
ServiceNow and Accenture
ServiceNow and Accenture Are Going After Cyber Risk’s Legacy Platform Problem
ServiceNow and Accenture have launched a joint AI-powered offering to help enterprises migrate from legacy cybersecurity and risk platforms to integrated managed services on the ServiceNow AI Platform, combining agentic AI with risk management, GRC, third-party risk, and OT security monitoring.
NTT DATA and Pathlock Bring Always-On Cyber Defense to SAP Workflows
NTT DATA Business Solutions and Pathlock have joined forces to deliver always-on SAP cybersecurity — combining a managed SOC with AI-native application controls to protect finance, procurement, and supply chain workflows against unauthorized access, fraud, and misconfiguration at global scale.
IBM Brings OpenAI Cyber Models into Enterprise AppSec Workflows
IBM has launched a new application security service using OpenAI's capabilities to help enterprises quickly identify software vulnerabilities, as part of its broader initiative to integrate frontier AI into cyber defense while ensuring controlled access and governance.
SAP NS2 defense
SAP NS2’s FedRAMP+ IL5 Authorization Opens a New Cloud ERP Path for Defense Programs
The recent FedRAMP+ IL5 authorization by SAP NS2 enables US Department of War organizations to deploy SAP S/4HANA Cloud and SAP BTP in a secure cloud environment, simplifying compliance for defense ERP modernization and addressing the complexities of operating within stringent regulatory frameworks.
Orbital Data Center Investment
AI Investment Test? SpaceX IPO Turns Orbital Data Centers into a Wall Street Bet
SpaceX's recent IPO has transformed the concept of orbital data centers into a viable public market opportunity, aiming to harness their potential for AI infrastructure while facing scrutiny over the economic feasibility and technical challenges of such an innovative approach.
The SAP Migration Decision in 2026: Three Companies, Three Answers, One Urgent Security Context
In 2026, three distinct approaches to SAP migration are highlighted by Lwart Environmental Solutions, which opts to extend its current system for operational stability; Victrola, which successfully executes a greenfield migration to SAP Cloud ERP with significant reporting efficiencies; and Reveal USA, which emphasizes proving value before transformation by guaranteeing an 8x return on investment, reflecting a market grappling with simultaneous technical, operational, and security challenges.
Why Oracle Cloud ERP License Costs Can Creep Up After Go-Live
SafePaaS emphasizes that Oracle Cloud ERP customers must monitor license governance as part of access control to avoid unexpected costs from role sprawl and excessive privileges post-implementation.
Microsoft Gives AI Agents a Governed Path into Dynamics 365 ERP
Microsoft is enhancing its Dynamics 365 ERP strategy by introducing governed access for AI agents within Finance and Operations, allowing controlled interaction with ERP data and business logic while ensuring security, thereby facilitating a transition from integration to automation.
LEAP Consulting Group Links ERP Modernization with Audit-Ready GRC Demand
LEAP Consulting Group reports growing demand for its Enterprise ERP and GRC services as regulated industries seek a unified partner for modernizing finance systems while ensuring compliance and audit readiness.
AI access restrictions
US Order to Halt Access to Anthropic Models Turns AI Access into Enterprise Risk
Anthropic was ordered by the US government to suspend access to its Claude Fable 5 and Mythos 5 AI models for foreign nationals due to national security concerns, marking a significant escalation in government control over AI access.
Enterprise IT monitoring environment with multiple screens displaying system data, representing SAP security patching and authorization risk management.
SAP June Security Patch Day Puts ERP Trust Controls Under Pressure
SAP's June 2026 Security Patch Day highlighted significant ERP security risks, delivering 15 new Security Notes with a focus on foundational trust layers like SAML authentication and RFC communication, emphasizing the need for organizations to prioritize the remediation of vulnerabilities that affect authentication, access control, and supply chain risks in their SAP environments.
Build Your Business on a Foundation of Trust Acumatica’s Multi-Layered Security Strategy
Security is not just an IT function. Its impact stretches across leadership, finance, and everyday operations. When cracks appear in your defenses, the consequences echo through the business.
Anthropic Project Glasswing expansion
Anthropic Expands Project Glasswing into Critical Infrastructure
Anthropic has expanded Project Glasswing to 150 additional organizations across more than 15 countries, bringing its AI-powered cyberdefense program into power, water, healthcare, communications, and other critical infrastructure sectors.
Smartphone displaying a security lock, illustrating Microsoft SMS sign-in changes and ERP identity readiness.
Microsoft Is Killing SMS Sign-in Codes. ERP Teams Should Pay Attention
Microsoft’s move away from SMS sign-in codes is limited to personal accounts, but ERP teams should still pay attention. Developer subscriptions, sandbox tenants, contractor accounts, shared credentials, and break-glass workflows can sit outside formal Entra ID governance, creating hidden exposure as authentication models shift.
ServiceNow Knowledge 2026
ServiceNow Repositioned Around AI Security and Governance at Knowledge 2026
ServiceNow positions itself as a governance and action layer for enterprise AI, launching Autonomous Security and Risk, enhancing the AI Control Tower for comprehensive governance, and making its Action Fabric available to external agents, amidst a backdrop of growing financial momentum and challenges in broad adoption.
Cybersecurity
Sage-IDC Research Reveals SMB Cybersecurity Gaps in the AI Era
A Sage-IDC study reveals that while small and medium-sized businesses (SMBs) are significantly increasing their cybersecurity investments, a disconnect exists between spending intentions and actual implementation, exposing many to cyber threats due to a lack of governance and preparedness, particularly in the face of accelerating AI adoption.
Software developers working at laptops, representing SAP Security Patch Day May 2026 risks across developer tooling and software supply chains.
SAP Security Patch Day May 2026 Shows Risk Beyond Core Applications
SAP’s May 2026 Security Patch Day shows why SAP teams need to look beyond severity scores. Critical vulnerabilities affected S/4HANA and Commerce Cloud, while Mini Shai-Hulud brought developer tooling, credentials, and supply-chain exposure into the SAP security conversation.
Sign at the National Institute of Standards and Technology (NIST) campus, highlighting the agency behind CVE and NVD vulnerability standards.
What NIST’s CVE Shift Means for ERP Security Teams
NIST is changing how CVEs are enriched in the National Vulnerability Database, reducing the consistency of risk signals used to prioritize vulnerabilities. For ERP security teams, the shift increases reliance on vendor guidance and system-specific context to assess exposure.
Stanford University campus buildings under blue sky representing Stanford AI Index 2026 research on enterprise AI readiness.
AI Is Expanding, but ERP Systems May Not Be Ready—Stanford AI Index 2026
AI adoption is expanding across enterprises, but ERP systems may not be ready. The Stanford AI Index 2026 highlights gaps in governance, trust, infrastructure, and talent that affect how AI supports business decisions.
U.S. Department of the Treasury building in Washington, D.C., before regulators met to discuss AI cyber risk in financial systems.
Claude Mythos Preview Shows How AI Collapses the Distance Between Discovery and Exploitation in Financial Systems
Claude Mythos Preview is prompting regulators and banks to reassess cyber risk as AI accelerates vulnerability discovery and exploitation across interconnected financial systems.
Enterprise IT monitoring environment with multiple screens displaying system data, representing SAP security patching and authorization risk management.
SAP Security Patch Day April 2026: Critical Vulnerabilities, CVSS 9.9 SQL Injection, and Authorization Risks
SAP Security Patch Day April 2026 introduces a critical SQL injection vulnerability and high-severity authorization flaws across SAP BPC, BW, ERP, and S/4HANA. This analysis explains how these vulnerabilities affect enterprise risk and where exposure concentrates across SAP environments.
Internal Revenue Service building exterior illustrating IRS impersonation scams and tax season fraud risks in 2026.
Tax Season Scams 2026: How IRS Phishing, Fake Tax Messages, and AI Fraud Threaten Businesses
Tax season scams in 2026 are expanding beyond individual taxpayers into broader business risk. IRS impersonation, fake tax messages, QR codes, and AI-enabled fraud are targeting tax professionals, payroll teams, and organizations handling sensitive financial and employee data.
Modern office building representing SAP GRC for SAP HANA architecture and enterprise risk management systems
SAP GRC for SAP HANA Update Signals Real-Time Processing Shift and 2027 Transition Timeline
The SAP GRC update for SAP HANA focuses on execution, introducing Fiori-based workflows, real-time processing, and tighter S/4HANA alignment. The shift also signals a broader transition as GRC 12.0 approaches its 2027 maintenance deadline.