Mar 16-19, 2026Las Vegas, Nevada, NV
SAP CyberSecurity
Featured Insiders
Upcoming Events
SAPinsider Las Vegas 2026
Related Vendors
What Is Cybersecurity?
Cybersecurity is the practice of protecting systems and information from digital attacks. Cybersecurity measures are designed to combat threats against networked systems and applications, whether those threats originate from inside or outside of an organization.
Businesses with a comprehensive cybersecurity strategy, governed by best practices and automated using advanced analytics, artificial intelligence, and machine learning, can fight cyber threats more effectively and reduce the impact of breaches when they occur.
What Is Cybersecurity?
Cybersecurity is the practice of protecting systems and information from digital attacks. Cybersecurity measures are designed to combat threats against networked systems and applications, whether those threats originate from inside or outside of an organization.
Businesses with a comprehensive cybersecurity strategy, governed by best practices and automated using advanced analytics, artificial intelligence, and machine learning, can fight cyber threats more effectively and reduce the impact of breaches when they occur.
What Is SAP Cybersecurity?
SAP cybersecurity solutions include:
UI Data Protection Masking and UI Data Protection Logging
- Protect sensitive information in the user interface layer
- Block or log data access
- Secure and refine access
SAP Code Vulnerability Analyzer
- Identify and remedy security vulnerabilities in ABAP custom code
SAP Focused Run
- Security configuration management for SAP S/4HANA, SAP HANA, SAP NetWeaver, and Java 2 Platform, Enterprise Edition
- Patch management
SAP Enterprise Threat Detection and SAP Enterprise Threat Detection Cloud Edition
- Security information and event management solution tailored to the needs of SAP applications
- Identify and analyze threats in SAP applications
SAP Data Custodian and SAP Data Custodian Key Management Service
- Manage security keys
- Monitor and report on data access, storage, movement, processing, and location
- Create and enforce data access, location, movement, and processing policies
SAP Privacy Governance
- Identify security and privacy risks
- Deploy and manage maturity assessments with configurable templates
- Manage security and privacy control evaluations and monitor ongoing compliance
Further Resources for SAPinsiders
SAP Cybersecurity in an Age of Uncertainty. In this article, Jhansi R Bandaru, PMP-Certified IT SAP Security/Compliance Lead, explains that organizations should regularly audit SAP systems to check their security and data integrity and identify vulnerabilities before attackers do. Knowing the weaknesses and gaps in a system is the first step in empowering management to deal with those vulnerabilities proactively, concisely, and effectively.
Expert Q&A: The Importance of Integrating Cybersecurity and Enterprise Risk Management. In this video interview, Gabriele Fiata, Head of Enterprise Risk Management and Innovation at SAP, shares his thoughts on enterprises’ common mistakes when managing cybersecurity risk and the need to integrate cybersecurity into an enterprise’s risk management framework.
A Holistic Approach to Managing Cybersecurity & Protecting Your Data. According to SAP Cybersecurity Solution Advisor Anne Marie Colombo, organizations should minimize user access to data by segregating and protecting it. This article presents best practices to ensure a holistic approach to cybersecurity and data protection for your enterprise.
Vendors that can assist SAP customers with cybersecurity include: Capgemini, Fastpath, Fortinet, Layer Seven Security, Lookout, Onapsis, RSM, and Saviynt.
311 results
Securing the Intelligent Enterprise from CyberattacksMay 14, 2021 — Join Onapsis and SAP as we highlight how to address security and compliance issues so you can protect your mission-critical applications. In this session we will discuss the latest threat landscape targeting SAP applications, the importance of keeping up with patches and the need to continuously assess and monitor SAP applications to quickly detect and […]
1 minute read
Securing the Intelligent Enterprise from CyberattacksMay 14, 2021 — Join Onapsis and SAP as we highlight how to address security and compliance issues so you can protect your mission-critical applications. In this session we will discuss the latest threat landscape targeting SAP applications, the importance of keeping up with patches and the need to continuously assess and monitor SAP applications to quickly detect and respond to […]
1 minute read
Using SAP UI Logging & the SAP Security Audit Log to monitor events to mitigate Cyber Security RisksMay 11, 2021 — Protecting an organization’s data has never been more challenging. The cost of a data leak goes far beyond fines – impacting both investor and consumer confidence, causing potentially catastrophic harm to brand and reputation. Proactively addressing risk through logging user interaction, coupled with masking sensitive confidential data provides much needed tracking, auditability and safeguarding.
SAP Security Audit Log is a tool designed for auditors enabling them to get details of at what occurs in the SAP System. Activating the audit log lets you keep a record of relevant auditing activities and access the information in the form of an audit analysis report for evaluation.
SAP UI Logging is a Cyber Security product which provides organizations with the means to record and analyze data for atypical access. Configured events are logged and identifiable by activity type, with real-time, configurable alerts and notifications which can be used to detect and act upon the misuse of data. The solution provides both the contextual visibility and transparency for businesses to ensure data privacy at a satisfactory level for regulatory and internal requirements.
Attend this session to:
- Understand the features of SAP Security Audit Log and SAP UI Logging
- Learn how to deploy SAP Security Audit Log and SAP UI Logging
- Explore ways to get maximum benefit from these solutions
- Get brief overview of other resourceful marketplace solutions that can assist these tools for better results, including, UI Masking, SAP Enterprise Threat Detection, and more.
1 minute read
A Holistic Approach to Managing Cybersecurity & Protecting Your DataMay 5, 2021 — The COVID-19 pandemic has ushered in a new paradigm in which legacy security tools and practices have left gaping holes in corporate data protection. To plug these gaps and counter increasing threats, organizations should employ a holistic approach to cybersecurity, privacy, and data protection. Scott Margolis, Managing Director for the Data Privacy and Protection Practice at Ernst & Young, advises companies to “take an integrated approach to considering multiple perspectives by coordinating data privacy and protection, governance, and information security.”
To minimize security risks from third-party vendors, organizations should automate access to resources and monitor digital assets through application programming interfaces (APIs). Margolis advises companies to adopt industry standards and embed controls into the design process to protect data and privacy, especially when it involves third parties. These controls include multifactor authentication, data encryption, and secure data disposal.
According to SAP Cybersecurity Solution Advisor Anne Marie Colombo, organizations should also minimize user access to data by segregating and protecting it. A data privacy program should manage data privacy impact assessments, data subject rights requests, and distribution of related privacy policies to ensure compliance with data protection regulations, Colombo explains. Ultimately, a holistic approach to cybersecurity and data protection involves proactively anticipating and thwarting threats, following cyber hygiene best practices, securing and protecting applications and data, and planning how to respond to a cyber incident.
Read this article and learn:
- How to develop and implement a holistic approach to cybersecurity and data protection;
- The importance of securing data and protecting privacy to comply with data protection regulations in your region;
- How to ensure that your organization is secure from data protection lapses at third-party vendors;
- What data security best practices will help secure your organization in a global pandemic and remote working environment.
8 minute read
A Cyber Risk Framework for the S4 JourneyMar 23, 2021 — Organizations are heading into an unknown territory where both the technology platform they secure and threats to those platforms are getting more complex. Operational, Technology, and Compliance drivers introduce complexity even as customers expect companies to protect their data better. The cyber risk for the SAP solutions is a journey and should follow a maturity model aligned to your corporate risk appetite and enterprise solutions. Unlike SAP’s other tools that can be utilized with your existing organization, Deloitte works with the clients to appropriately leverage existing enterprise solutions to empower a seamless solution.
In this session, Kevin Heckel, Managing Director at Deloitte Risk & Financial Advisory, and Tyler Lewis, Principal at Deloitte Risk & Financial Advisory, will discuss Deloitte's perspective of the cyber domains to secure data, applications, and platform, including cyber governance, application security, data privacy and protection, controls and compliance, identity and access management, infrastructure security, operational security, and monitoring and response.
Attend this session to:
Learn to drive business value by enabling digital transformation
-Get a high-level understanding and be able to discuss cyber risk domains impacted by the S4 journey
-Understand how to implement cyber capabilities with industry-leading practices, and increase the cost-efficiency of cyber functions without sacrificing outcomes
-Know how to detect and respond to breaches and security incidents to enable a safe and secured user experience
1 minute read
Case Study: How Orkla Made Cybersecurity an Integral Part of Its SAP S/4HANA ImplementationJan 20, 2021 — Prioritizing cybersecurity is a must for businesses investing in SAP solutions. Many organizations fall short of appropriate levels of security and direct involvement of their equivalent of a Chief Information Security Officer (CISO). How can companies migrating to SAP S/4HANA make SAP cybersecurity a priority? Where do they start, and what do they protect?
Orkla ASA, a Norwegian conglomerate operating globally, optimized its SAP S/4HANA investment by ensuring that its personnel had solid SAP cybersecurity skills, placing those team members in the center of the security organization, connected to all functional and technical teams. With that foundation in place, Orkla next included an SAP cybersecurity baseline in all plans to avoid any diversions as its SAP S/4HANA migration moved toward the testing and go-live phases.
Attend this session to learn from Orkla how your organization can:
- Ensure that your systems are protected adequately before migrating to SAP S/4HANA
- Set your baseline and get security on board at the very beginning of the project, then apply solutions for implementing your baseline
- Put your SAP Security team at the forefront of your security initiatives
1 minute read
Requirements for Securing Cloud-Based SystemsJan 14, 2021 — As organizations accelerate the move of enterprise applications and data into cloud-based and cloud-resident systems, it’s extremely important to ensure that security is in place early to avoid having to backtrack and address these issues. Whether systems are running in Software-as-a-Service, Platform-as-a-Service, or Infrastructure-as-a-Service environments, each deployment offers unique security challenges. This track will help you understand how you can best prepare for the move to the cloud, the steps that you need to take to secure your systems, as well as planning for how to protect your data and identify potential threats to your systems.
6 minute read
The Security and Compliance Landscape for SAP SystemsJan 14, 2021 — The rapid shift to remote working has made every employee their own security perimeter, something that has been already a challenge for organizations dealing with a workforce increasingly using mobile solutions. Those running SAP solutions need to enhance security to secure this more distributed work force, as well as addressing rapidly changing employee responsibilities which may have created new risks and security challenges. This track will help organizations understand how they can meet today’s security challenges, what SAP is doing to enhance security in these scenarios, and how they should be reacting to these changes
6 minute read
How to Build a Strong Security and Compliance Foundation for Your SAP LandscapeNov 6, 2020 — While most successful cyberattacks are carried out on a company’s application layer, many security departments see the SAP application layer as a “black box,” and its security as the responsibility of their Basis or SAP application colleagues or of a service provider, making the security of this layer a blind spot within many organizations. Compounding this issue are myriad other factors, such as the company size, deployment model, and varying auditor expectations. This article helps SAP decision makers (CIOs, CFOs, and CISOs) and IT operations managers overcome these challenges and secure their SAP landscapes. You will:
• Get an overview of how security frameworks can help lay the foundation for a strong security strategy.
• Walk through SAP’s portfolio of security and compliance solutions through the lens of the Cybersecurity Framework provided by the National Institute of Standards and Technology (NIST) and how to use them to create a comprehensive security strategy.
• Learn how to control security activities with a security infrastructure to meet compliance and business requirements and to provide insight that helps those at the C level make better decisions.
19 minute read
SAP Hacking – Let Google hack your SAP System 2.0Oct 21, 2020 — Attend this session to learn about critical vulnerabilities in SAP systems that are often not properly addressed, as well as, the impact a bad security design has on your SAP system landscape. Gain a firm understanding of the importance proper roles and authorizations have and what you need to consider in your security design. You will also see a live demo of how easily high-privileged users with some spare-time can alter your system and evade SAP’s security framework. Key takeaways will include:
- How to properly secure your SAP System •Understand how easy it is to bypass security due to overreaching authorizations
- A demo of how anyone with the help of the internet can hack your SAP system
- Learn how to easily change standard ABAP code by bypassing standard restrictions
- Debunking other myths about “security restrictions” in SAP systems
1 minute read