The Cybersecurity
Resilience Index for SAP
A data-driven view of cyber resilience across real-world SAP environments
The Cybersecurity Resilience Index for SAP (CRIS) provides an aggregated, anonymized view of how good organizations (new and longtime customers) are at keeping their SAP landscapes secure.
Built on real security data from SAP production environments, CRIS helps security leaders understand where SAP systems are resilient, and where systemic gaps remain.
CRIS is based on SAP customers that has already invested and prioritized securing their SAP systems
Overall Security Posture by AoR
The Cybersecurity Resilience Index for SAP analyses 8 distinct Areas of Responsibility (AoRs) within SAP Security.
How the scoring works
Each AoR is rated from 0-100%, where 100% means all security controls within that AoR has been applied.
We measure compliance against the SecurityBridge Standard Baseline with more than 550 checks, which is twice as much as the SAP Security Baseline (minimum security recommendations). The SecurityBridge baseline is considered the most comprehensive in the SAP community.
How to interpret the score (security posture of the AoR)
< 50% Risky
51-60% Acceptable
61-80% Good
> 80% Great
Our observation is that most new customers start with a 30-40% score
Emphasizing just how big an improvement SecurityBridge customers achieve within a few months.
Detailed Security Posture by Area of Responsibility
Each AoR contains a wealth of underlying use cases, SecurityBridge checks are pre-clustered by “Area of Responsibility” (AoR) to help distributing their mitigation within the SAP team.
A high score means risks are continuously detected and remediated.
The SecurityBridge Advantage
The SecurityBridge Platform supports customers with a structured, guided security approach based on a clear Roadmap that balances the risk of exploitation and the complexity of resolution for each security recommendation.
Every SecurityBridge customer benefits from anonymous benchmarking insights to understand how their SAP security posture stacks up against their peers.