Interview with Branden Newman after 6 months on the Board of Advisors

Video Interview

Transformational cybersecurity expert Branden Newman was appointed to the board of advisors at SecurityBridge about six months ago. This came at a time where the security industry saw an unprecedented level of attacks, and where Newman’s expertise in enterprise cybersecurity for global organizations was of enormous value to the board.

 

It’s probably a good time now, to reflect on the experiences.

Why have you joined as Cybersecurity Advisor at a company focussing to secure SAP?

His answer was

When I was leading information security at various multinational companies I continuously saw that SAP was neglected in the security stack. Besides, SAP was one of the top most critical business applications supporting the business processes that are critical to the organization’s success. And I was wondering why  this was the case – why are we neglecting something that is so important. I went out to the market myself, looking for solutions to address the SAP security needs and even tried to implement SAP into the existing SIEM with my team. In the end, I found SecurityBridge and it provided what I was looking for across the stack from incident detection, patch management to code analysis. 

You tried to integrate SAP into your SIEM. Can you outline the challenges faced?

His answer was

We were able to source specific logs into our SIEM and to establish some minor use-cases. It turned out that the security analysts couldn’t get enough information to build more detailed use-cases and correlations. The format received was not comparable with other systems where the team only needs to source one or two log sources to get the full picture. Plus, the security team just does not know enough about the specifics of SAP to build out the use-cases. Using the expertise provided from a platform like SecurityBridge turned out to be much more valuable to the monitoring and added additional capabilities like code scanning that was appreciated by the SAP development department. 

We have learned from many of our today's clients that they succeeded to onboard the SAP Security Audit Log. Do you think this is sufficient?

His answer was

In the beginning, I did not know which areas to look at to secure SAP. I started purely looking at Threat Detection and realized later that I also have to pay attention to secure configuration, code vulnerability and patch management. 

The Security Audit Log does not give you nearly enough information to action on incidents. There are at least a couple more information sources in SAP that need to be considered for effective correlation leading to effective detection coverage. SAP system contains a ton of security information hidden underneath the transaction log information. Security teams that have tried to onboard SAP into their monitoring understand the complexity to filter out the irrelevant from the relevant. 

Watch the full Interview:

Posted by

Christoph Nagy
Share on linkedin
Share on twitter
Share on email
Find recent Security Advisories for SAP©
Download the White Paper “YOUR ROAD TO SAP SECURITY” to learn about the major milestones towards increasing the cybersecurity posture of your SAP systems.

SAP Cyber Security – how does it work?

Join experts from 1st Basis Consulting and SecurityBridge to explore how businesses can get a 360-degree view of their SAP Security posture, and ensure their SAP operations are properly secured.

Watch Your SAP go phishing – SAP Live Hack

Join our webinar, to learn how to identify and prevent an SAP cyber-attack. You will sit in the first row to watch cybersecurity expert Holger Stumm demonstrate a live Phishing Attack targeting SAP.
SAP Patchday
SAP customers need to pay attention to the release of the SAP security updates, which have been published on 10th May 2022. This months SAP Security Patch Day contains 13(+2) patches that should be carefully reviewed.
marketing campaign manager
Marketing is your passion? SAP is a familiar term to you? Are you fascinated by cybersecurity? Then join our team as Junior Marketing Campaign Manager and become an SAP Security Hero.
Wouldn’t it be great to have an additional and independent layer for SAP data security which prevents the unauthorized use and distribution of the captured data? The key success factor for this is, to always work with encrypted data.