The Basics of Cybersecurity
Christoph Nagy, CEO and co-founder of Security-Bridge, says: "It's all about balance. It makes no sense to be able to detect attacks, but to neglect patching and code vulnerability management". Christoph Nagy is convinced that the recipe for success, for truly effective SAP security, lies in continuously increasing the maturity level of all of the SAP system’s security domains. This is the only way to counter the ever-increasing risk of attack.
The security specialist SecurityBridge has grown steadily over the past few years through acquisitions and new subsidiaries, doubling its license sales and number of employees in 2023 and expanding its global reach. Last year, SecurityBridge protected more than 5,000 SAP systems and was rewarded by its customers with a satisfaction rating of 4.9 out of 5 points for support services.
Ongoing collaboration with leading SAP service providers, including renowned companies such as Capgemini, PwC, Accenture, Deloitte, and IBM, enable SecurityBridge— based in Ingolstadt, Germany—to combine effective management, strict compliance, and state-of-the-art technology. This also enables them to optimize both their investment in SAP security and the overall performance of their solutions. The company has long since outgrown its headquarters in Upper Bavaria, Germany, and is experiencing above-average growth in revenue and headcount, particularly at its U.S. office in New York.
Worldwide research lab
A milestone in the past year was the acquisition of Dutch software vendor Protect4S. This strategic move enabled SecurityBridge to offer an even more comprehensive cybersecurity platform. Joris Van De Vis, co-founder of Protect4S, is now Director of Security Research at SecurityBridge and leads the Research Lab, which is one of the top three sources worldwide for discovering and reporting vulnerabilities in SAP software, according to SAP itself. To date, the lab has discovered and reported more than 100 zero-day vulnerabilities, helping to secure the SAP ecosystem, SAP products, and SAP customer platforms. This achievement has significantly improved overall SAP security and strengthened SecurityBridge's role as an industry leader in SAP vulnerability detection and mitigation.
In addition to reporting vulnerabilities, the lab is involved in analyzing SAP security advisories released each Patch Tuesday. The findings help to proactively protect SAP customers by seamlessly integrating patches and vulnerability detection signatures into the Security Bridge platform.
A strong network of strategic partnerships is the foundation of the company's success. There are now around 25 partners across Europe using the security platform in their customer projects, including PwC Germany, NTT Data, Aglea, PASáPAS, Agentil Group, and TechEdge Spain. Together with Fortinet, the world's leading provider of automated cyber security solutions based in Sunnyvale, California, SecurityBridge offers an integrated solution to combat vulnerabilities right down to the infrastructure of SAP landscapes.
Last fall, the company entered into a new partnership with TakeASP, an SAP managed service provider based in Würzburg, Germany. The goal was to focus even more strongly on the customer segment of small and medium-sized companies using SAP. Onno Coenen, VP Global Alliances at SecurityBridge: "These companies need not only advanced security software, but also a specialized service provider.
TakeASP has a strong regional focus and serves customers in the traditional mid-market. When it comes to SAP security, they need a solution that allows them to start slow and then grow. "SecurityBridge is the best tool for this," said Raphael Förster, Account Manager at Take-ASP. "Ideally, you start with SecurityBridge's complete platform solution right away, but if customers want to start with vulnerability management, for example, that is also possible."
In order to jointly create a secure future for SAP customers, SecurityBridge has also entered into a partnership with the system house SVA System Vertrieb Alexander GmbH. "SAP systems are much more targeted by criminals today than they were just a few years ago," says Tobias Kübler, Head of Business Line SAP at SVA, explaining the decision to protect his customers' SAP systems with the third-party specialist's solution. "When it comes to technical security, relying on SAP's on-board tools and performing spot checks is no longer enough," he explains. As a result, companies are becoming more aware of SAP security and the need for appropriate security solutions is growing. According to Kübler, automated and therefore regular checks and monitoring help to reduce response times.
Christoph Nagy: "In addition to phishing and social engineering, ransomware has been one of the main topics for some time now in a broad wave of attacks that affect all companies. There is even ransomware written specifically for SAP. Increasingly, we see ransomware eating its way into the SAP stack. In the past, it was only a problem on the client [a browser-based access point], but now it is increasingly a problem on the server operating systems. And once it arrives there, SAP is affected.”
The tactics of attack are becoming more insidious as ransomware attackers not only encrypt data, but also steal it. They then threaten to share it with interested parties or distribute it on a large scale. A glance at the daily press reveals numerous cases involving prominent companies. In light of this, it is understandable that awareness of the need to make systems more secure is growing. Security platforms such as SecurityBridge help to detect anomalies at the SAP application level. Examples of such anomalies include frequent logon failures, high access frequency, and data leakage. This is where a security platform provides visibility.
AI influences threat intelligence
Artificial intelligence in the form of generative language models has the potential to impact SAP Threat Intelligence—the way security officers organize and analyze evidence-based information about cyberattacks. SecurityBridge uses statistical learning embedded in an expert system to highlight behavioral anomalies in the system. AI will play an important role in the cybersecurity industry, both for attackers and defenders. Consequently, the SecurityBridge engineering team is piloting anomaly detection via APIs to AI frameworks.
AI in the context of security was also a focus of a hackathon at the Technology Days conference in February 2024, hosted by the DSAG (German-speaking SAP user group). "What the participating teams developed gave us important insights into how complex carrying out such an attack can be and also, contrarily, how easy and cheap it can be to carry out," says Dr. Markus Schumacher, member of the advisory board at SecurityBridge and co-initiator of the hackathon. "From the point of view of the victims, this shows that even more needs to be done to protect against these increasingly simple attacks. We are working on this at full speed."
According to Christoph Nagy, companies using the SAP Business Technology Platform face additional IT security challenges, especially since governance, fixed structures, and best practices are still not very visible in this environment. It is often unclear who is responsible for what, what is in production, and what the technical requirements are.
SAP security experts need not worry about a lack of work. For the SecurityBridge CEO, it all comes down to teamwork. The SAP organization is a silo, as it often operates separately from the IT security organization. Even within the SAP community, there are silos: basis here, development there. These areas need to coordinate much better in terms of an overarching security operation. Only then will it be possible to defend against increasingly professional cyber criminals.