SAP applications are so broad, so adaptable and so tightly integrated with critical financial and management functions that it's often hard to know where to even start the effort to harden one against attack. In an age of horrendous data breaches, there is no other choice; SAP applications are the sensitive targets. Slapdash, unsystematic approaches won't do, so it makes sense to use outlines such as the CIS Critical Security Controls for guidance. The recently released Version 6 of the Critical Controls is particularly helpful in securing soft targets, especially at the application layer.
In this webcast, you will hear how the 20 CIS Critical Controls were harnessed to harden one specific SAP use case. Speakers will review changes in the new versions of the controls and offer advice on how to adapt existing Critical Controls-driven procedures and technology to meet the new guidelines in specific technology areas, including continuous monitoring, certificate management, data and device life-cycle management, intrusion detection, defenses against phishing attacks, malware and other threats.
This focus of the use case is on the needs of CISOs in the government sphere, but the same process can benefit security professionals at any organizations with an SAP implementation that needs hardening.
View the associated whitepaper here.