Nearly 70% of SAP users surveyed believe organizations lacked focus on IT security during previous SAP implementations.
A vast majority (68.8%) of SAP users believe their business placed inadequate focus on IT security during SAP implementations, researchers report in a new study on SAP security. More than half (53.4%) said it was "very common" to find SAP security flaws in the audit process.
Turnkey Consulting researchers polled more than 100 SAP customers, all of whom were at the managerial level or above, across the UK, Europe, Asia, and the US. Their goal was to learn the cost and effects of SAP security remediation; to do this, they asked about participants' current security position, perceived costs to fix it, and plans for security in future SAP implementations.
Respondents expect SAP audit findings for at least 80% of companies, indicating a broad belief that auditors will focus on SAP as a business-critical system. But they are not confident in their SAP environments: one-fifth of SAP customers don't have the skills and tools to effectively protect their SAP applications and environments; 64.5% said they have "some" skills and tools.
Taking a closer look at specific areas of concern, 93.2% believe it's likely an SAP audit would reveal access management problems. Most (86.4%) think it's "common" or "very common" to have audit findings related to privileged or emergency access. This may indicate a broad lack of effective controls for privileged access management, or low confidence in current controls.
Overall, it seems these concerns are driving a stronger focus on security. Nearly 75% of respondents anticipate IT security will be a higher priority in future SAP deployments; 89.6% say security specialists should be recruited to support SAP S/4 HANA transformation initiatives.
Read the full report here.
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's featured story: "What Should I Do If Someone Is Impersonating My Company in a Phishing Campaign?"
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024