The global and independent platform for the SAP community.

Protect digital capital

The data center is in a period of upheaval. Digital transformation projects are bringing about a shift from on-premises legacy infrastructures to agile hybrid cloud environments.
Richard Werner, Trend Micro
July 11, 2019
It Security
avatar
This text has been automatically translated from German to English.

The prospect of greater IT efficiency, streamlined processes, business agility and cost savings has now convinced many boards to invest heavily. The digital transformation market is expected to reach $462 billion globally by 2024, as companies look to AI, IoT, Big Data and more to drive innovation and growth.

The data center is at the heart of these initiatives. However, unless you are a company that is "born in the cloud," chances are you are running a mix of physical, virtual, and cloud-based operations on-premises and in third-party data centers. You may even be running new architectures such as container environments that aim to further improve agility and reduce overall costs.

However, operating heterogeneous environments can also lead to dangerous silos and blind spots. IT managers must realize that familiar processes based on physical security tools cannot simply be migrated to cloud environments.

The risks are exacerbated by the often complex digital supply chains in which third parties may need access to your servers. Nevertheless, only 58 percent of companies in Germany so far have a central concept for information security that includes all systems and devices.

IT security solutions, technologies and services can only achieve their full effect within comprehensive concepts. As a result, modern data centers offer a larger attack surface than ever before.

Organizations need to defend against threats, keep operations running, and protect corporate reputation while ensuring compliance. Fileless attacks are a common tactic, using legitimate components such as PowerShell, scripts and macros, and unconventional file extensions to bypass traditional filters.

They represent part of the increasingly frequent targeted attacks on modern data centers. Code reuse in application development is also a persistent security risk that many organizations are not yet even aware of. Thus, this practice remains a popular way for developers to manage the ever-changing demands of digital enterprises.

More than 59,000 companies across Europe have already reported data breaches to regulators since the introduction of the General Data Protection Regulation. However, the threat to data centers goes beyond the theft of customer data or intellectual property. Ransomware remains a major risk that can disrupt or severely impact operations.

What to do? Integrate cyber threats into your risk analysis! Also differentiate between "high-risk areas" and those for which there is a lower risk. Also, decide which techniques are necessary for each type of environment.

Current best tools include intrusion prevention (IPS), application control, firewalls, whitelisting, behavioral analysis, custom sandboxing and machine learning. Also add multi-factor authentication (MFA), VPNs, and encryption for data at rest.

In this regard, most enterprises want a data center security partner that can provide protection across physical, virtual and hybrid cloud environments.

Ultimately, it's important to view security as a proactive, not reactive, endeavor. That's why you should consider using tools that can perform threat hunting and analyze data flows in data centers in more detail.

In this way, suspicious activities can be detected as early as possible. Response plans for specific incidents should be thoroughly tested and constantly adjusted. Above all, good cybersecurity is a continuous process, not a destination point.

avatar
Richard Werner, Trend Micro

Richard Werner is a business consultant at Trend Micro.


Write a comment

Working on the SAP basis is crucial for successful S/4 conversion. 

This gives the Competence Center strategic importance for existing SAP customers. Regardless of the S/4 Hana operating model, topics such as Automation, Monitoring, Security, Application Lifecycle Management and Data Management the basis for S/4 operations.

For the second time, E3 magazine is organizing a summit for the SAP community in Salzburg to provide comprehensive information on all aspects of S/4 Hana groundwork.

Venue

More information will follow shortly.

Event date

Wednesday, May 21, and
Thursday, May 22, 2025

Early Bird Ticket

Available until Friday, January 24, 2025
EUR 390 excl. VAT

Regular ticket

EUR 590 excl. VAT

Venue

Hotel Hilton Heidelberg
Kurfürstenanlage 1
D-69115 Heidelberg

Event date

Wednesday, March 5, and
Thursday, March 6, 2025

Tickets

Regular ticket
EUR 590 excl. VAT
Early Bird Ticket

Available until December 20, 2024

EUR 390 excl. VAT
The event is organized by the E3 magazine of the publishing house B4Bmedia.net AG. The presentations will be accompanied by an exhibition of selected SAP partners. The ticket price includes attendance at all presentations of the Steampunk and BTP Summit 2025, a visit to the exhibition area, participation in the evening event and catering during the official program. The lecture program and the list of exhibitors and sponsors (SAP partners) will be published on this website in due course.