Skip to content

Branden Newman interview: 6 months on the Board of Advisors

Video Interview

Transformational cybersecurity expert Branden Newman was appointed to the board of advisors at SecurityBridge about six months ago. This came at a time where the security industry saw an unprecedented level of attacks, and where Newman’s expertise in enterprise cybersecurity for global organizations was of enormous value to the board.

 

It’s probably a good time now, to reflect on the experiences.

Why have you joined as Cybersecurity Advisor at a company focussing to secure SAP?

His answer was

When I was leading information security at various multinational companies I continuously saw that SAP was neglected in the security stack. Besides, SAP was one of the top most critical business applications supporting the business processes that are critical to the organization’s success. And I was wondering why  this was the case – why are we neglecting something that is so important. I went out to the market myself, looking for solutions to address the SAP security needs and even tried to implement SAP into the existing SIEM with my team. In the end, I found SecurityBridge and it provided what I was looking for across the stack from incident detection, patch management to code analysis. 

You tried to integrate SAP into your SIEM. Can you outline the challenges faced?

His answer was

We were able to source specific logs into our SIEM and to establish some minor use-cases. It turned out that the security analysts couldn’t get enough information to build more detailed use-cases and correlations. The format received was not comparable with other systems where the team only needs to source one or two log sources to get the full picture. Plus, the security team just does not know enough about the specifics of SAP to build out the use-cases. Using the expertise provided from a platform like SecurityBridge turned out to be much more valuable to the monitoring and added additional capabilities like code scanning that was appreciated by the SAP development department. 

We have learned from many of our today's clients that they succeeded to onboard the SAP Security Audit Log. Do you think this is sufficient?

His answer was

In the beginning, I did not know which areas to look at to secure SAP. I started purely looking at Threat Detection and realized later that I also have to pay attention to secure configuration, code vulnerability and patch management. 

The Security Audit Log does not give you nearly enough information to action on incidents. There are at least a couple more information sources in SAP that need to be considered for effective correlation leading to effective detection coverage. SAP system contains a ton of security information hidden underneath the transaction log information. Security teams that have tried to onboard SAP into their monitoring understand the complexity to filter out the irrelevant from the relevant. 

Watch the full Interview:

Posted by

Christoph Nagy
Find recent Security Advisories for SAP©
Download the White Paper “Which cybersecurity framework is the best fit for SAP application security?” to learn more about the available frameworks, the challenges when adopting a framework, and more.

Hybride SAP und Non-SAP-Landschaften brauchen Security

SAP-Integration von Cloud- und Non-SAP-Anwendungen steht weit oben auf der Agenda vieler IT-Organisationen— dies bereitet den Security-Verantwortlichen zusätzliches Kopfzerbrechen. Warum? Weil die Komplexität weiter zunimmt, die IT-Landschaften durch neue Interfaces noch undurchsichtiger werden und die Risiken überproportional steigen.

Meet us at SAPinsider Las Vegas 2023

March 20-23: SecurityBridge will be attending SAPInsider 2023 in Las Vegas. Come meet us and learn more about SAP Security.
SAP Cyber risk
SAP Cybersecurity- Security News
Businesses must be more cautious to protect themselves from cyber threats as digitalization and the use of SAP systems increase. SAP S/4HANA is critical for many enterprises as it provides the foundation for business operations. As digitalization and Industry 4.0 continue to increase, SAP S/4HANA lays the foundation for many modern business scenarios. SAP systems are important for many industries and their security is a major concern, making them vulnerable to cyber attackers. This article will discuss cyber risks and how you can assess your individual and organizational SAP systems' risks. What are cyber risks?
Common SAP Patches
SAP Cybersecurity- SAP Patch Management- SAP Security Patch Day- Security News
Installing SAP patches is crucial for maintaining a robust and secure enterprise resource planning (ERP) system. SAP, one of the leading ERP systems in the world, is constantly evolving to meet the changing needs of businesses. As a result, SAP releases various patches to address issues and enhance the functionality of its software. However, installing SAP patches can present challenges for IT teams, such as ensuring minimal disruption to business operations, managing risks, and testing the non-implemented patches. This article will discuss the three most common types of SAP patches- kernel patches, snote patches, and support packs - and the best practices for installing them.
SAP interfaces
SAP Cybersecurity- SAP Interface- Security News
In this blog article, we will explore the importance of SAP interface security and discuss the various measures businesses can take to protect their systems and data. We will also examine some common threats to SAP interfaces and how to mitigate them. To safeguard your business, you need to understand the importance of SAP interface security and take steps to make your interfaces secure. 
SAP security Patch day
10th January 2023 SAP response team sends some Happy New Year greeting to the SAP Security Teams, by releasing 10 SAP Security Notes.