Thank You!

Thank you for contacting Layer Seven Security. We will respond to your request in 1-2 business days.

Here are some recently published articles speaking to securing your SAP systems.

Featured in SAPinsider: How to Build Security using SAP Solution Manager

Posted on
Data breaches occur all too often and organizations are frequently left blindsided. As a result, cybersecurity has become a board-level issue across all industries. According to a recent survey of global business leaders, cyber risk is regarded as one of the most significant threats faced by corporations today, and is consistently rated higher than legislation, …
Read Article Featured in SAPinsider: How to Build Security using SAP Solution Manager

FBI Director James Comey Speaks out on the Threat of Cybercrime

Posted on
During a candid discussion with host Scott Pelley of 60 Minutes at FBI headquarters in Washington DC, James Comey speaks out about the threat of cybercrime confronted by American citizens and corporations. Comey declares that cybercrime perpetrated by nation states, criminal syndicates and terrorist organizations has reached epidemic proportions and is directly costing the US …
Read Article FBI Director James Comey Speaks out on the Threat of Cybercrime

A Five Step Guide to Securing SAP Systems from Cyber Attack Without Breaking the Bank

Posted on
With SAP solutions deployed by 85 percent of Forbes 500 companies, they are a prized target for cyber attackers. Watch our Webinar playback to discover how to secure your SAP systems against targeted cyber attacks that could lead to denial of service, financial fraud or intellectual property theft. The Webinar is hosted by John Corvin, …
Read Article A Five Step Guide to Securing SAP Systems from Cyber Attack Without Breaking the Bank

Three More Reasons for using Solution Manager to Secure SAP Systems from Cyber Attack

Posted on
Our recent article outlining the advantages of using SAP-delivered components versus third party software resonated strongly with customers seeking an effective and cost-efficient solution to address cyber threats impacting their SAP systems. The article examined the five key benefits of a Solution Manager-based strategy that included lower costs through the avoidance of licensing and maintenance …
Read Article Three More Reasons for using Solution Manager to Secure SAP Systems from Cyber Attack

Five Reasons You Do Not Require Third Party Security Solutions for SAP Systems

Posted on
You’ve read the data sheet. You’ve listened to the sales spin. You’ve even seen the demo. But before you fire off the PO, ask yourself one question: Is there an alternative? In recent years, there have emerged a wide number of third party security tools for SAP systems. Such tools perform vulnerability checks for SAP …
Read Article Five Reasons You Do Not Require Third Party Security Solutions for SAP Systems

M-Trends, Verizon DBIR & Symantec ISTR: Detecting and responding to cyber attacks has never been more important

Posted on
The release of three of the most important annual threat intelligence reports earlier this month confirmed that 2013 was an explosive year for cybersecurity. All three reports point to rising incidences of cyber attack, increasing sophistication of attack vectors and a growing diversity of threat actors and targets. The first of the reports is entitled …
Read Article M-Trends, Verizon DBIR & Symantec ISTR: Detecting and responding to cyber attacks has never been more important

Trustwave Survey Reveals that IT Professionals are Feeling the Pressure of Board Level Scrutiny over Cyber Security

Posted on
The rise in the rate and sophistication of cyber attacks has predictably fuelled the pressure on security resources. However, the precise complexion and source of the pressure was largely unknown until the recent release of the Trustwave Security Pressures study. The study examines the threats most concerning to security professionals and the preferred responses. The …
Read Article Trustwave Survey Reveals that IT Professionals are Feeling the Pressure of Board Level Scrutiny over Cyber Security

A First Look at the U.S Data Security and Breach Notification Act

Posted on
On January 30, members of the U.S Senate and House of Representatives introduced a new bill intended to enforce federal standards for securing personal information and notifying consumers in the event of a data breach. Sponsored by leaders of the Senate Commerce, Science and Transportation Committee, the Security and Breach Notification Act of 2014 would …
Read Article A First Look at the U.S Data Security and Breach Notification Act

Measuring the Risks of Cyber Attack

Posted on
Most studies that examine the impact of cyber attack tend to focus on a combination of direct and indirect costs. Directs costs include forensic investigations, financial penalties, legal fees, hardware and software upgrades, etc. The approach is typified by the annual Cost of Data Breach Study performed by the Ponemon Institute, now in its eighth …
Read Article Measuring the Risks of Cyber Attack

Three Parallels between the POS Breach at Target Corp. and Vulnerabilities in ERP systems

Posted on
The decision of the Office of the Comptroller at the U.S Department of Treasury to recognize cyber threats as one of the gravest risks faced by organisations today appears to be vindicated by the disclosure of an unprecedented data breach at Target Corporation shortly after the release of the Comptroller’s report. Specifics of the breach …
Read Article Three Parallels between the POS Breach at Target Corp. and Vulnerabilities in ERP systems

New malware variant suggests cybercriminals are targeting SAP systems

Posted on
Security researchers at last week’s RSA Europe Conference in Amsterdam revealed the discovery of a new variant of a widespread Trojan program that has been modified to search for SAP systems. This form of reconnaissance is regarded by security experts as the preliminary phase of a planned attack against SAP systems orchestrated by cybercriminals. The …
Read Article New malware variant suggests cybercriminals are targeting SAP systems

Layered Defenses in Oracle 12c: The New Benchmark for Database Security

Posted on
Oracle databases support more than two thirds of SAP deployments in mid to large size enterprises. Oracle’s domination of the SAP database market is due to a widely regarded performance edge in areas such as compression, availability and scalability. Oracle databases are also optimized for SAP technology as a result of a long-standing partnership between …
Read Article Layered Defenses in Oracle 12c: The New Benchmark for Database Security

Organisations are not effectively addressing IT security and compliance risks according to accounting professionals

Posted on
The results of the 2013 Top Technology Initiatives Survey revealed that securing IT environments against cyber attack and managing IT risks and compliance are rated as two of the three greatest challenges in technology by accounting professionals in North America. The survey was performed jointly by the AICPA and CPA, the largest accounting organisations in …
Read Article Organisations are not effectively addressing IT security and compliance risks according to accounting professionals

Introducing the ABAP Test Cockpit: A New Level of ABAP Quality Assurance

Posted on
The ABAP Test Cockpit (ATC) is SAP’s new framework for Quality Assurance. It performs static and unit tests for custom ABAP programs and introduces Quality-Gates (Q-Gates) for transport requests. ATC was unveiled at last year’s SAP TechEd. The entire session including a live demo can be viewed below. Following a successful pilot, it was released …
Read Article Introducing the ABAP Test Cockpit: A New Level of ABAP Quality Assurance

A Dangerous Flaw in the SAP User Information System (SUIM)

Posted on
Customers that have yet to implement Security Note 1844202 released by SAP on June 10 should do so immediately. The Note deals with a vulnerability that could be exploited to bypass monitoring controls designed to detect users with privileged access, including the SAP_ALL profile. This profile can be used to provide users with almost all …
Read Article A Dangerous Flaw in the SAP User Information System (SUIM)

Lloyds 2013 Risk Index: Cyber Risk Rated as the Third Most Significant Risk by Board Executives

Posted on
The recent wave of sophisticated and targeted data breaches has led global business leaders to recognize cyber risk as one of the most significant threats faced by corporations today. According to the Lloyds 2013 Risk Index released this week, “Cyber security now sits squarely towards the top of the agenda for boards around the world”. …
Read Article Lloyds 2013 Risk Index: Cyber Risk Rated as the Third Most Significant Risk by Board Executives

Exploring the SAP DIAG Protocol

Posted on
One of the most memorable events at last year’s BruCON in Belgium was Martin Gallo’s expose of the SAP DIAG protocol. The session can be viewed in its entirety below. DIAG (Dynamic Information and Action Gateway) is a proprietary protocol supporting client-server communication and links the presentation (SAP GUI) and application (NetWeaver) layer in SAP …
Read Article Exploring the SAP DIAG Protocol

Securing Your SAP Systems: How to Counter Every Current and Emerging Threat

Posted on
One of the highlights of the Sapphire conference earlier this month was the insightful session on SAP security delivered by Gordon Muehl, Senior Vice President of Product Security at SAP. A recording of the session can be viewed below. The session highlighted the threat presented to Internet-enabled SAP systems by external agents and stressed the …
Read Article Securing Your SAP Systems: How to Counter Every Current and Emerging Threat

Verizon Data Breach Investigations Report (DBIR) 2013: ‘This isn’t a threat you can afford to ignore’

Posted on
The breadth and depth of the 2013 Verizon Data Breach Investigations Report (DBIR) is unprecedented. Released this Monday, the reports brings together the investigations performed by nineteen law enforcement agencies, research institutions and private security firms that combat data breaches including the European Cybercrime Centre (EC3), U.S Secret Service and the Department of Homeland Security. …
Read Article Verizon Data Breach Investigations Report (DBIR) 2013: ‘This isn’t a threat you can afford to ignore’