Interview with Branden Newman after 6 months on the Board of Advisors

Video Interview

Transformational cybersecurity expert Branden Newman was appointed to the board of advisors at SecurityBridge about six months ago. This came at a time where the security industry saw an unprecedented level of attacks, and where Newman’s expertise in enterprise cybersecurity for global organizations was of enormous value to the board.

 

It’s probably a good time now, to reflect on the experiences.

Why have you joined as Cybersecurity Advisor at a company focussing to secure SAP?

His answer was

When I was leading information security at various multinational companies I continuously saw that SAP was neglected in the security stack. Besides, SAP was one of the top most critical business applications supporting the business processes that are critical to the organization’s success. And I was wondering why  this was the case – why are we neglecting something that is so important. I went out to the market myself, looking for solutions to address the SAP security needs and even tried to implement SAP into the existing SIEM with my team. In the end, I found SecurityBridge and it provided what I was looking for across the stack from incident detection, patch management to code analysis. 

You tried to integrate SAP into your SIEM. Can you outline the challenges faced?

His answer was

We were able to source specific logs into our SIEM and to establish some minor use-cases. It turned out that the security analysts couldn’t get enough information to build more detailed use-cases and correlations. The format received was not comparable with other systems where the team only needs to source one or two log sources to get the full picture. Plus, the security team just does not know enough about the specifics of SAP to build out the use-cases. Using the expertise provided from a platform like SecurityBridge turned out to be much more valuable to the monitoring and added additional capabilities like code scanning that was appreciated by the SAP development department. 

We have learned from many of our today's clients that they succeeded to onboard the SAP Security Audit Log. Do you think this is sufficient?

His answer was

In the beginning, I did not know which areas to look at to secure SAP. I started purely looking at Threat Detection and realized later that I also have to pay attention to secure configuration, code vulnerability and patch management. 

The Security Audit Log does not give you nearly enough information to action on incidents. There are at least a couple more information sources in SAP that need to be considered for effective correlation leading to effective detection coverage. SAP system contains a ton of security information hidden underneath the transaction log information. Security teams that have tried to onboard SAP into their monitoring understand the complexity to filter out the irrelevant from the relevant. 

Watch the full Interview:

Posted by

Christoph Nagy
Share on linkedin
Share on twitter
Share on email
Find recent Security Advisories for SAP©
Download the White Paper “YOUR ROAD TO SAP SECURITY” to learn about the major milestones towards increasing the cybersecurity posture of your SAP systems.

How to accelerate SAP Security?

Watch the webinar recording to learn how you can accelerate your SAP security initiatives. Special Guest, Sanofi’s SAP Security Leader speaking about their journey …

SAP Cybersecurity Beyond Authorizations

Watch the webinar on-demand at any time to learn what „holistic“ really means in the context of SAP security…
SAP Patchday
13th April 2021 was yet another Patch Day on our SAP calendar. This months' SAP Security Patch Day revealed 14 new and 5 updated Security Notes.
SAP Patchday
On 9th of March 2021, SAP Security Patch Day saw the release of 9 Security Notes. There were 4 updates to previously released Patch Day Security Notes.
Security News
100% security just doesn’t exist. Any security measures taken will not be perfect, ever, and will require continuous adjustment. Ignoring security for SAP is not an option, it’s merely applying due diligence to any company’s most valuable, and essential core business.