The global and independent platform for the SAP community.

Number of corporate cyberattacks increases dramatically

Protect SAP infrastructure and respond in real time with intelligent tools and managed GRC services.
Bodo Kahl, AKQUINET
October 14, 2019
Number of corporate cyberattacks increases dramatically
avatar
This text has been automatically translated from German to English.

The situation is coming to a head: In a test in April of this year, Deutsche Telekom recorded up to 46 million hacker attacks on German companies in just one day. On average, there were around 30 million attacks per day - that is a dramatic increase compared to 2017, when around four million attacks were still counted. Partly due to the increasing digitalization of society and companies, the opportunities for hackers to tap into corporate data and use it for subsequent blackmail are more diverse today than ever before. And they are causing considerable damage: Tens of billions of euros are lost to the German economy every year due to data theft, espionage and sabotage, according to industry association BITKOM. According to the report, 70 percent of German companies were demonstrably affected by cyberattacks in 2018. Due to the increasing speed and complexity of digital processes in companies, IT managers are required not only to comprehensively protect their SAP infrastructures, but also to respond to critical situations in real time. But even that is not so easy, because managers are currently encountering another challenge: Due to the shortage of skilled workers, it is particularly difficult to optimally staff internal teams in Germany. In addition, employees are tied up by the increasing demands of day-to-day business - in addition to the usual tasks, these include more stringent checks by supervisory authorities such as the BSI or new laws such as the DSGVO, which also play a major role. As a result, companies are often unable to implement all the measures required to protect the particularly important SAP systems.

Bodo Kahl

Fast and sustainable solution through intelligent tools and experienced experts

In order to adapt quickly and, above all, holistically to these diverse challenges, it is advisable to enlist external help. The use of intelligent tools can quickly relieve the burden on specialist departments: With SAST SUITE, for example, our experts provide comprehensive and, above all, rapid protection of SAP systems. Using individual solutions and in-depth SAP expertise, the goal is to "Get clean" and "Stay clean".

1. get clean: identify vulnerabilities and harden system

The first step is an in-depth inventory by means of a Security & Compliance Audit. Using SAST SUITE - our software for Governance, Risk & Compliance, which takes into account all company-relevant dependencies - the experts usually know about all security vulnerabilities within one to two weeks. This is not surprising, because the simulated attack reveals potential entry points very well. These points are then hardened, i.e. the vulnerabilities in the IT system are remedied. A particular focus here is on databases, networks and operating systems, because hackers like to bypass SAP systems.

2. stay clean: intelligent protection in real time - with overview

Once the systems are secure, the challenge, especially for large companies and corporations, is to quickly get a grip on their extremely complex system worlds. For efficient IT security, it is essential to gain a comprehensive overview in the shortest possible time - this is what a management dashboard provides. According to the DSAG Security & Vulnerability Management working group, a proper dashboard is the key prerequisite for developing and implementing imperative better security concepts - but it is in use at only 11 percent of companies. Our management dashboard provides a transparent visualization of all critical system activities including an analysis and presentation of the historical development at the push of a button. The SAST Security Radar (SSR) is a further addition to relieve the IT team and provide holistic protection for SAP systems: it performs vulnerability scans of all technology levels and displays the overall security status of SAP with other IT systems in real time.

Bringing support on board: With Managed GRC Services

After that, the challenge is to continue to meet the increasing demands of IT security: As the IDG study "Managed Security 2018" shows, the managed services solution is a proven measure here. More than half (58 percent) of the companies surveyed in the study already work with an IT security service provider. Unlike outsourcing, with managed GRC services the company retains sovereignty and control of the task. In this case, we as a service provider take on the role of advisor and point out options for action. Depending on the assignment, our team provides permanent support to internal colleagues in hardening the IT infrastructure, eliminating vulnerabilities, or helps to set up a new in-house security department. We successfully implemented the latter at Linde AG, the DAX-listed global technology group with 58,000 employees. The Linde team spent three quarters of a year being trained by us and was able to build up comprehensive know-how in the special area of SAP Security & Compliance. On this basis, it is now able to react immediately if a critical event occurs. Klaus Brenk, Head of Monitoring, QA & Governance at Linde AG, is satisfied after the end of the project: "The experience of AKQUINET's security experts was an invaluable support for us in redesigning our risk management. Especially in the analysis and evaluation of our security events, our team benefits from the cooperation in the long term."

Attention: Think SAP security directly during S/4HANA migration!

According to the IT online magazine, more than a quarter (27 percent) of SAP customers are not thinking about security aspects during the S/4HANA migration. In our view, this is more than negligent, because it is imperative that this changeover be used to plan for the security of SAP systems right from the start. Securing the systems later only leads to higher costs and greater internal effort. But here, too, the devil is in the details: S/4HANA systems represent a technologically new platform, so other aspects play a role in securing the new S/4HANA systems well.

All in all, SAP systems are too important to rely solely on standard protection. With Managed Services, corporate IT decision-makers can effectively raise their SAP security to a suitable level in a short period of time and thus meet the increasing challenges in the IT environment, the shortage of skilled workers and growing security risks.

avatar
Bodo Kahl, AKQUINET

Bodo Kahl is Managing Director SAST SOLUTIONS of AKQUINET, works with his team for about 200 customers in the SAP Security & Compliance environment.


Write a comment

Working on the SAP basis is crucial for successful S/4 conversion. 

This gives the Competence Center strategic importance for existing SAP customers. Regardless of the S/4 Hana operating model, topics such as Automation, Monitoring, Security, Application Lifecycle Management and Data Management the basis for S/4 operations.

For the second time, E3 magazine is organizing a summit for the SAP community in Salzburg to provide comprehensive information on all aspects of S/4 Hana groundwork.

Venue

FourSide Hotel Salzburg,
Trademark Collection by Wyndham
Am Messezentrum 2, 5020 Salzburg, Austria
+43-66-24355460

Event date

Wednesday, June 10, and
Thursday, June 11, 2026

Early Bird Ticket

Regular ticket

EUR 390 excl. VAT
available until 1.10.2025
EUR 590 excl. VAT

Venue

Hotel Hilton Heidelberg
Kurfürstenanlage 1
D-69115 Heidelberg

Event date

Wednesday, April 22 and
Thursday, April 23, 2026

Tickets

Regular ticket
EUR 590 excl. VAT
Subscribers to the E3 magazine
reduced with promocode STAbo26
EUR 390 excl. VAT
Students*
reduced with promocode STStud26.
Please send proof of studies by e-mail to office@b4bmedia.net.
EUR 290 excl. VAT
*The first 10 tickets are free of charge for students. Try your luck! 🍀
The event is organized by the E3 magazine of the publishing house B4Bmedia.net AG. The presentations will be accompanied by an exhibition of selected SAP partners. The ticket price includes attendance at all presentations of the Steampunk and BTP Summit 2026, a visit to the exhibition area, participation in the evening event and catering during the official program. The lecture program and the list of exhibitors and sponsors (SAP partners) will be published on this website in due course.