Key takeaways from "Uncovering the risk of SAPcyber breaches":
- Executives value importance to bottom line but ignore cyber risks; 63% of Exec underestimate the risks and 23% know what data resides in SAP systems
- Average cost of it being off line is $4.5B
- Responsibility for security is conflicted by 62% say SAP not company so ownership issue
- 25% say NO one is response for SAP security, only 19% say SAP security team is accountable and 18% Information Security team
- Consistently over 50% say, difficult to secure SAP app, high level of malware concern, believe one or more malware infections likely
- Less than 49% have the expertise to prevent, detect and respond to cyber attacks
- Visibility into security of SAP application is only at 34%
- 30% say remediation of incident is unknown
- 75% say detection of breach would be undetected at least for a week; in the other hand, 53% say detection would be within 1 Year
- Malware infection is rated at 33% to be Very Likely and 42% to be Likely
- 47% say increased sophistication of attack in next couple years
- New technology increases risks, mobile, IoT
- Only 43% consider the cyber security risks when moving SAP application to the cloud
- 73% say knowledge of recent threats will help identify security risks and zero-day is a significant is a significant threat
- segregation of duty improves SAP security
- Consistently over 80% say achieving security in SAP infrastructure requires zero-day detection, prioritizing threats and monitoring
- SAP app most susceptible to attack:
64% content and collaboration
56% data management
50% CRM - customer relationship management
48% technology platform
37% ERP - enterprise management
35% financial management
33% supplier relationship management
25% human capital management
And study stats: 607 final sample, 35% Technicians, 21% Managers, 17% Directors. 15% Supervisors; 18% Financial Services, 9% Manufacturing, 8% Public Sector, 8% Retail, 7% Healthcare
- Executives value importance to bottom line but ignore cyber risks; 63% of Exec underestimate the risks and 23% know what data resides in SAP systems
- Average cost of it being off line is $4.5B
- Responsibility for security is conflicted by 62% say SAP not company so ownership issue
- 25% say NO one is response for SAP security, only 19% say SAP security team is accountable and 18% Information Security team
- Consistently over 50% say, difficult to secure SAP app, high level of malware concern, believe one or more malware infections likely
- Less than 49% have the expertise to prevent, detect and respond to cyber attacks
- Visibility into security of SAP application is only at 34%
- 30% say remediation of incident is unknown
- 75% say detection of breach would be undetected at least for a week; in the other hand, 53% say detection would be within 1 Year
- Malware infection is rated at 33% to be Very Likely and 42% to be Likely
- 47% say increased sophistication of attack in next couple years
- New technology increases risks, mobile, IoT
- Only 43% consider the cyber security risks when moving SAP application to the cloud
- 73% say knowledge of recent threats will help identify security risks and zero-day is a significant is a significant threat
- segregation of duty improves SAP security
- Consistently over 80% say achieving security in SAP infrastructure requires zero-day detection, prioritizing threats and monitoring
- SAP app most susceptible to attack:
64% content and collaboration
56% data management
50% CRM - customer relationship management
48% technology platform
37% ERP - enterprise management
35% financial management
33% supplier relationship management
25% human capital management
And study stats: 607 final sample, 35% Technicians, 21% Managers, 17% Directors. 15% Supervisors; 18% Financial Services, 9% Manufacturing, 8% Public Sector, 8% Retail, 7% Healthcare
No comments:
Post a Comment