Average ERP Attack Costs Organizations $5 Million: ReportAverage ERP Attack Costs Organizations $5 Million: Report
Cyberattacks aimed at Enterprise Resource Planning (ERP) systems are expected to increase, according to 89 percent of cybersecurity professionals, yet one-third do not plan to take any security initiatives this year.
June 5, 2017
By Pino Vallejo
Brought to you by The WHIR
Cyberattacks aimed at Enterprise Resource Planning (ERP) systems are expected to increase, according to 89 percent of cybersecurity professionals, yet one-third do not plan to take any security initiatives this year, in a study released this week by Crowd Research Partners and ERPScan.
The ERP Cybersecurity Survey 2017 shows that fraud is the costliest risk of ERP attacks, with a third of organizations reporting fraud damages of over $10 million. Damage from an average SAP security breach is estimated at $5 million.
Despite these costs, the survey shows a lack of awareness of about ERP security. One-third of those involved in ERP security are not aware of any SAP security incidents, and only 4 percent are aware of the USIS data breach (PDF), which started with a SAP vulnerability and ended with the company’s bankruptcy. One-third also report they have not taken any ERP security initiative this year, and will not do so.
“The result of the survey are not surprising. Most enterprises are still unprepared for any attacks, including ones against ERP systems. ERP systems store and manage essential business information and processes. Taking into account the recent ransomware attacks and its costs to organizations, we can imagine how huge the impact could be if hackers target SAP. CISOs should include this area in their list of top priorities if haven’t done it yet,” Alexander Polyakov, CTO at ERPScan said in a statement.
Protecting customer data is the primary concern for cybersecurity professionals (72 percent), followed by employee data (66 percent) and emails (54 percent). The most common approach to SAP security is pentesting or third-party security assessment, which according to the survey are utilized by 33 percent of organizations.
You May Also Like
November's Top 20 Stories: Broadcom-VMware, AI in UCaaS, Google Cloud Shake-UpDec 04, 2023
Digital Transformation 2.0? IT Teams Look Ahead to 2024Dec 05, 2023
Insight-SADA Deal Makes Tony Safoian Richest Man in the ChannelDec 04, 2023
AWS re:Invent Partner, Vendor News: Cisco, Salesforce, MoreDec 01, 2023