Integrated Risk Management
Through the application of technology and automation, we'll help you manage your risks efficiently and effectively across the entire enterprise.
Identity and Access Management
We'll help you ensure everybody within your organisation has access to the right systems and data, for the right reasons, and at the right time.
Cyber & Application Security
Our experts will uncover security weaknesses within your security design and business-critical applications. Helping you protect your organisation from both internal and external threats.
Bedrock Managed Service
Scalable support and on-demand expertise that seamlessly integrates with your existing operations.
About us
A group of passionate individuals with a shared purpose to help the world's leading companies embrace best practices for GRC and risk management.
Turnkey's strategic partner network consists of selected organisations that complement our capabilities.
Corporate Social ResponsibilityCSR
We are committed to being agents for change through our Climate Action Plan, championing diversity in our workplaces, and more.
Get in touch
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
Webinars & eBooks
All of Turnkey's webinars, guides and other insights available in one place.
Read the latest insights from our experts on GRC and risk management, covering the latest industry topics.
Press Coverage
See all the publications where Turnkey, our experts and our successes have been noted.
Key events
See the key industry conferences on GRC, SAP security and risk management which we are attending.
Case Studies
Client satisfaction is of the utmost importance to us, and we strive to constantly deliver above expectations, going the extra mile at every opportunity.
15 April 2021

Onapsis research shows cyberattacks on critical SAP applications

Onapsis’ recently released research shows that SAP systems are not immune from the cyber threats that impact all other IT systems, but what is surprising is the speed with which the attackers are able to detect vulnerable systems and the level of expertise they’ve shown in exploiting those vulnerabilities.

It shows that the attackers may be better informed about your SAP estate than some of your own teams and, with the speed of the exploits, they may penetrate systems and hide their tracks before you’ve readied a response.

You don’t want a vulnerability to materialise into a breach which could result in data exfiltration, system downtime, malware distribution, or attempts at fraud, so consider the security of your SAP systems.

In Turnkey’s recent SAP Cybersecurity survey, 50% of respondents believed their SAP systems to be secure because they sit within internal networks. However, increasingly SAP systems are exposed to the internet and the published Onapsis report shows that it is easy for attackers to identify which of those are vulnerable.

What can and should you do?

As with any threat, the key to defending against it can be aligned to the pillars of cybersecurity management:

Identify the risk: Assess your SAP systems for their exposure to vulnerabilities, either through automated solutions, manual verification of patch levels, SAP note application, or other configured controls. Any gaps should then be remediated as a matter of priority. Ensure you know if the vulnerability has been exploited as well as if it could have been – is there any suspicious activity on your SAP estate? Is there any cause for concern when it comes to SAP application security?

Protect against the threats: Once you have identified a vulnerability, you must have a plan in place to protect those systems, especially in business-critical scenarios. This may involve patching or applying notes to protect the systems against the published exploits. Or may include more sophisticated monitoring and alerting of the exploits being utilised.

Detect intrusions or security-relevant events: Automated solutions for detecting suspicious events or Indicators Of Compromise (IOCs) can provide insight into when intruders may have access to systems, or have exploited vulnerabilities. Even without automated tooling in place, you can use your SAP system information to inform on these events. Are you configured to monitor and alert successfully? And do you use wider infrastructure telemetry to inform when SAP systems may be under attack?

Respond to a breach: Should the worst happen and an intruder gets into SAP, how are you going to respond to that breach? You must have security incident procedures in place that can isolate and deal with an attack, without impacting critical business processes. Response plans should include the ability to recover from an incident and may not always be system-based. Responding to these incidents over time should include continual patch and vulnerability management of your SAP estate.

How can we help?

My team and I at Turnkey are offering free 1-to-1, 15-minute consultations on the latest Onapsis report to any SAP customer needing further information. The consultation will give you an opportunity to ask how the findings of the report may impact your SAP landscape and what you can do to protect against the threat. Fill in your contact details on the link below and one of my team will reach out to arrange a suitable date and time.