Just some few weeks after the SONY hack, the spike in the usage of words like Hack, Anonymous, Enterprise Threats, Vulnerabilities, Cyber-attack, and Exposures etc. increased to its highest peak over the last three years on social media as well as print media. Clearly, the shortfall of one corporation was enough reason for other companies to begin to talk about some of the previously ignored topics in their enterprise as regards how formidable their security strategy is/was. In my 6 years of corporate IT experience, never have I witnessed a time that security experts, business men and academicians alike went into a deep debate on what SONY should have done, what they did not do, or what could have been done to prevent this hack.
Alas! One question that persistently hovered my mind for a long time as a result of the many conversations was: When does your IT Infrastructure become a liability (business crusher) as opposed to it being an Asset (business enabler). The answer would not be far from us but before I attempt to suggest an answer, I need us to be aware that, from a security point of view, we now live in a world with a new classification of enterprise: those that have already been hacked and those who have not yet noticed it. Hence, it begs the question: Are there no safe havens for companies from an enterprise security perspective? The optimistic answer should be: there are safe havens. However, in the real sense, I would simply just argue that safe havens are only ideal. We must recognize that today’s businesses exist in an ecosystem characterized by in an interconnected nature of applications, people and technologies, hence to say you operate your business within safe havens might just mean that you are part of the business that hasn’t realized it’s been already hacked.
This prognosticates that businesses running mission critical applications must not only begin to put in place effective frameworks to manage / prevent exposure from both an external and very importantly, internal threats. But, they must begin to consider putting in place threat detection system.
Knowing fully well that the average age of an unnoticed cyber-attack is roughly 200 days, organizations must put forward a detection strategy that helps them secure their enterprise in an event of successful attack. Clearly, 200 days is more than enough time for attackers to penetrate an organization, steal valuable data, exit, cover their tracks and sadly leave the attacked company with no other choice than to take responsibility for settling the claims.
With Solutions like ERPScan or SAP Enterprise Threat Detection, Incident Response can be performed effectively by combining the high performance power of SAP Event Stream Processor with the real-time capabilities of SAP HANA. This would assist Business and/or IT security staff in companies to mine various security alerts, network data, volumes of log files, and other parameters and easily map out cross-correlations, which will help them detect the security incidents.
So… even if you cannot prevent an attack, it is very important that you have the tools to easily detect it when it is still fresh and ultimately, put a stop to the hack before it leaves your organization with no other option than to make a colossal loss (reputation and/or financial).
DeltaGRiC is well positioned with Skills as well as technology and tools to assist your organization to set up ERPScan and SAP ETD solution