Event Recording

Jochen Fischer: SAP Applications Under Attack! How to Enforce the Three Lines of Defense

Speaker
Jochen Fischer
CEO
NO MONKEY
Jochen Fischer
Jochen Fischer is CEO and Co-Founder of NO MONKEY as an independent Authority for Security & Compliance in SAP. Throughout his career at SAP and the specialized security companies Virtual Forge & Onapsis, Jochen has been dealing with the major challenges around this complex topic with...
View profile
Playlist
Balancing SAP Security
Event Recording
Britta Simms: Next Generation Cyber Resilient S/4HANA Transformations
Apr 14, 2021

Companies are under attack. More and more attacks result in costly and/or high-profile security breaches.

The world is currently experiencing a wave of digital transformation, that brings with it not only new levels of complexities such as these, but also offers opportunities for organizations to strengthen their cyber resiliency. Accenture, together with strategic partner Onapsis, have developed an integrated approach to deliver security by design to our clients, at any phase of their digital SAP transformation journeys. This Accenture methodology has embedded security concepts as an integral part of the overarching solution – therefore enabling clients to better understand their respective security implications and opportunities in order to effectively “transform”.

In this keynote, Accenture leader Britta Simms, responsible for SAP Platform Security in Europe, will present this joint approach to achieving integrated security by design, as part of the S/4 transformation lifecycle.

Event Recording
Marco Hammel: How to Avoid Costly SAP Security Pitfalls. Why to Make Security Start With People and Not With Tools
Apr 14, 2021
Event Recording
Hernan Huwyler: Security and Governance Done Right
Apr 14, 2021
Event Recording
Martin Kuppinger: Beyond SAP Security & SAP GRC: Reflecting the Changing Business Workloads
Apr 14, 2021

Defining strategies on governance, risk management, compliance, security, and identity beyond the SAP silo

Business applications are under change. While some remain on-premises and in traditional architectures, others have shifted to the cloud – and several of these being provided by specialist vendors such as Workday or Salesforce. The established vendors such as SAP also are changing their platforms, applications, and delivery models, while also acquiring SaaS vendors such as SuccessFactors and Ariba. The days of homogeneous, vendor-focused, one-stop-shopping business applications are past. Most organizations are dealing with a heterogeneous landscape of business applications, regarding both vendors and deployment models. While this raises the more fundamental questions whether IT organizations that still have a SAP unit are still reflecting today’s reality, or should undergo fundamental change, there is an ever more pressing need for delivering governance, risk management, compliance, security, and identity for all types of business applications and beyond to other parts of the IT services such as ESM/ITSM (Enterprise/IT Service Management) and newly born digital services.

Martin Kuppinger will look at this evolution and discuss what to change and how to balance depth of capabilities for certain environments with the need for a broad support of heterogeneous (business) applications

Event Recording
Mastering Today’s SAP Threat Landscape - Joint Interview with Accenture & Onapsis
Apr 14, 2021

In order to effectively protect organizations, the constantly changing threat landscape needs to be understood. Threats could initiate from inside or outside of the organization, targeting the infrastructure, applications or users to obtain business critical data. Our panel discussion will focus on the most recent SAP threats, what’s different with the move to S/4, and valuable lessons learned on the importance of an integrated approach. We will talk with Dr. Rene Driessel – SAP Security Lead DACH at Accenture and Frederik Weidemann – Chief Technical Evangelist at Onapsis, to dive deep into today’s SAP security landscape.

Event Recording
Interview with Hernan Huwyler
Apr 14, 2021
Event Recording
Insights of a CISO: Interview with Markus Weißensel
Apr 14, 2021
Event Recording
Alex Gambill: The Tricky Business of Protecting Your Assets in SAP: A Holistic Perspective
Apr 14, 2021

With 77 percent of the world’s transaction revenue touching SAP ERP systems, these crown jewels have long been the prime target for cybercrime and internal threats due to Separation of Duties (SOD) risks, weak access controls and lack of identity management and governance. Today, a holistic approach to security in SAP—and other business systems—is not a nice-to-have but a must-have. This session will give attendees a deep understanding of the current threat landscape and a 3600 perspective on what is needed for not only integrated security but also audit and compliance in the complex SAP environment.

Event Recording
Arndt Lingscheid: How to Build a Strong Security and Compliance Foundation for Your SAP Landscape
Apr 14, 2021

Cyber-attacks can have severe consequences when it comes to SAP S/4HANA applications.

These attacks increasingly focus on the company’s application layer and use privileged user accounts. Unfortunately, many security departments see the SAP application layer as a “black box,” and they view the security of SAP applications as the responsibility of their Basis or SAP application colleagues, leaving these applications at risk. Securing an SAP S/4HANA business application environment involves more than roles and authorizations.

The loss of sensitive data can lead to severe penalties, damages reputation, and endanger the overall business of businesses within minutes.

This session helps SAP decision makers (CIOs, CFOs, and CISOs) and IT operations managers successfully meet these challenges and secure their SAP landscapes.

  • The session first looks at how security frameworks can help lay the foundation for a strong security strategy.
  • It then walks through SAP’s portfolio of security and compliance solutions through the lens of the Cybersecurity Framework provided by the National Institute of Standards and Technology (NIST) — a framework that is widely used for establishing standard security guidelines and best practices within organizations — to provide SAP customers with a toolkit for creating a comprehensive security strategy that meets their unique and varied needs.
  • Lastly, it explains how to control the activities with a security infrastructure to meet compliance and business requirements and to provide insight that helps those at the C level make better decisions.
Event Recording
Panel: SAP Security in Context of a Corporate IT
Apr 14, 2021