Business Wire

Independent Market Survey Reveals 64% of ERP Deployments Have Been Breached in the Last 24 Months

Share

Onapsis, the leader in business application protection, today announced the findings of a new IDC survey titled ‘ERP Security: The Reality of Business Application Protection’ sponsored by Onapsis. According to the sponsored survey of 430 IT decision makers, ERP applications are ‘critical’ to business operations. Sixty-four percent of the 191 decision makers surveyed whose organizations rely on SAP or Oracle E-Business Suite confirmed that their deployments have had an ERP-related breach in the last 24 months.

“Enterprise Resource Planning (ERP) applications such as Oracle E-Business Suite and SAP (ECC) can be foundational for businesses. A breach of such critical ERP applications can lead to unexpected downtime, increased compliance risk, diminished brand confidence and project delays,” said Frank Dickson, Program Vice President, Cybersecurity Products with IDC. “Cyber miscreants seem to be indiscriminate when it comes to ERP systems, having an appetite for all types of data, which, if in the wrong hands, could be detrimental to the business in terms of revenue and reputation.”

Among the 64 percent of enterprises that have experienced breaches of large ERP platforms in the last 24 months, reported compromised information includes sales data (50 percent), HR data (45 percent), customer personally identifiable information (41 percent), intellectual property (36 percent) and financial data (34 percent). Additional findings of the sponsored survey include:

  • 78 percent of respondents report that ERP application users are audited every 90 days or more
  • 74 percent of SAP and Oracle EBS applications are connected to the internet
  • 56 percent of C-level executives are concerned or very concerned about moving ERP applications to the cloud

“The findings of this independent survey should raise questions at the Board level about the adequacy of internal controls to prevent cyberattacks and the level of auditing taking place. The lack of these controls is one way for cyber insurance companies to deny claims,” said Larry Harrington, former Chairman of the Global Board of the Institute of Internal Auditors (IIA). “The information compromised most often according to this research is the highest regulated in today’s business ecosystem. Most concerning is the popularity of sales, financial data and PII, all of which should raise flags about the possibility of insider trading, collusion and fraud.”

Onapsis has published a blog titled ‘ERP Security & IT General Controls: Questions Every Organization Needs to Ask’ to help enterprise application, GRC and cyber-security teams assess their organizations ERP risk and compliance controls. The blog outlines best practices for cross-departmental collaboration and the types of information that will produce the most satisfactory assessment for internal and external auditors.

Methodology
To evaluate the state of securing these applications, IDC surveyed 430 IT decision makers who were knowledgeable about their organization's ERP applications and the protections provided to them.

About Onapsis™
Onapsis protects the applications that run the global economy. Only Onapsis delivers a next-generation business application platform that provides the actionable insight, change assurance, automated governance and continuous monitoring capabilities required by cross-functional teams to discover risk, optimize workflows, control change and automate reporting. Onapsis’ holistic approach empowers enterprise organizations to embrace and accelerate SAP and Oracle E-Business Suite modernization, cloud and mobility initiatives, while keeping their ERP, CRM, PLM, HCM, SCM, BI and cloud-based business-critical applications protected and compliant.

In 2019 Onapsis acquired Virtual Forge, the leading provider of solutions to automatically prevent, detect and remediate cybersecurity and compliance risks in customizations and extensions of SAP® applications. Together, Onapsis delivers the cybersecurity industry’s first and only comprehensive business-critical application cybersecurity and compliance platform.

Headquartered in Boston, MA, and with regional offices in Heidelberg, Germany and Buenos Aires, Argentina, Onapsis proudly serves more than 300 of the world’s leading brands and organizations, including many of the Global 2000. Through our unique strategic alliances with leading consulting and audit firms such as Accenture, Deloitte, IBM, Infosys, PwC and Verizon, Onapsis solutions have become the de-facto standard in helping organizations protect what matters most. For more information, connect with us on Twitter or LinkedIn, or visit us at https://www.onapsis.com.

Onapsis and Onapsis Research Labs are registered trademarks of Onapsis Inc. All other company or product names may be the registered trademarks of their respective owners.

Contact information

Emily Mong
fama PR for Onapsis
P: 617-986-5006
E: onapsis@famapr.com

About Business Wire

For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Vertex and Republic of Ireland Expand Long-Term Cystic Fibrosis Medicines Reimbursement Agreement to Include Triple Combination Therapy for All Eligible Patients Ages 12 and Over Once Licensed13.12.2019 21:55:00 EETPress release

Vertex Pharmaceuticals Incorporated (Nasdaq: VRTX) today confirmed that, following recent collaborative discussions, it has negotiated an agreement with the Health Service Executive (HSE) in the Republic of Ireland to expand the existing long-term cystic fibrosis (CF) reimbursement agreement to include the triple combination regimen (elexacaftor, tezacaftor and ivacaftor), which is under review and pending approval by the European Medicines Agency, for all eligible patients ages 12 and older in line with the potential future licensed indication. This expands the existing agreement which had already included access to current and future Vertex medicines for people in Ireland with CF of any age who: Have one of the specified mutations as included in the KALYDECO® marketing authorization (G551D, G551S, S549R, G1244E, S1251N, G1349D, S1255P, G178R or S549N) or Are homozygous for the F508del mutation or Are heterozygous for the F508del mutation and have a specified mutation (P67L, D579G, D1

CreditLens™ Solution Receives SOC 2 Attestation Report13.12.2019 18:17:00 EETPress release

Moody’s Analytics announced today that the CreditLens software-as-a-service (SaaS) solution has received an attestation report from the American Institute of Certified Public Accountants (AICPA) System and Organization Controls (SOC 2). The SOC 2 report details the security and availability of customer data in the CreditLens SaaS solution, and denotes its adherence to the AICPA’s security and availability controls standards. Built on the latest cloud-based technology, the CreditLens platform helps businesses digitally transform their commercial credit processes to make faster and better-informed decisions. It facilitates process automation and helps clients improve their efficiency, reduce errors, and streamline workflows. A SOC 2 report ensures that a company’s information security measures are in line with the unique parameters of today’s cloud requirements. The report addresses a service organization's controls that relate to operations and compliance, as outlined by the AICPA's Tru

CHMP Grants Positive Opinion for Expanded Use of Darzalex®▼ (daratumumab) in Combination with Bortezomib, Thalidomide and Dexamethasone (VTd) for Patients with Newly Diagnosed Multiple Myeloma Who Are Transplant Eligible13.12.2019 14:47:00 EETPress release

The Janssen Pharmaceutical Companies of Johnson & Johnson announced today that the Committee for Medicinal Products for Human Use (CHMP) of the European Medicines Agency (EMA) has recommended broadening the existing marketing authorisation for Darzalex®▼ (daratumumab) to include the use of daratumumab in combination with bortezomib, thalidomide and dexamethasone (VTd) for the treatment of adult patients with newly diagnosed patients with multiple myeloma who are eligible for autologous stem cell transplant (ASCT). The Positive Opinion is supported by data from Part 1 of the Phase 3 CASSIOPEIA (MMY3006) study, published in The Lancet 3 in June 2019, and presented at the 2019 American Society of Clinical Oncology (ASCO) Meeting. Additional information about this study can be found at www.ClinicalTrials.gov (NCT02541383). “Today’s Opinion takes us a step closer to offering the first daratumumab combination regimen to transplant eligible patients, redefining treatment for those people newl

Janssen Receives Positive CHMP Opinion for Expanded Use of Erleada® (apalutamide) for Patients with Metastatic Hormone-Sensitive Prostate Cancer13.12.2019 14:40:00 EETPress release

The Janssen Pharmaceutical Companies of Johnson & Johnson today announced that the Committee for Medicinal Products for Human Use (CHMP) of the European Medicines Agency (EMA) has issued a Positive Opinion recommending approval for expanding the use of Erleada® (apalutamide) to include the treatment of adult men with metastatic hormone-sensitive prostate cancer (mHSPC) in combination with androgen deprivation therapy (ADT).2 The CHMP’s Positive Opinion will now be reviewed by the European Commission (EC), which has the authority to grant approval for the new use of apalutamide. The Positive Opinion is based on data from the Phase 3 TITAN study, which assessed the addition of apalutamide to ADT – the current standard of care in mHSPC – in a broad range of patients with mHSPC, regardless of disease volume, prior treatment with docetaxel or staging at initial diagnosis. The dual primary endpoints of the study were overall survival (OS) and radiographic progression-free survival (rPFS). Ap

German Player Karl Rupprec Wins 2019 Boyaa Poker Tournament Europe13.12.2019 12:24:00 EETPress release

On December 8, the sixth edition of the BPT (Boyaa Poker Tournament) came to an end. King's Resort in the Czech Republic celebrated this BPT Europe that enjoyed 600 cumulative participants from 20 countries. In the end, Karl Rupprec, from Germany, won the Main Event Championship. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20191213005109/en/ (Photo: Business Wire) Highlights of the BPT Europe 2019 final The BPT Europe 2019 Main Event began on December 8 at 2:00 p.m., Czech Republic time. After 9 hours of Texas Poker, players Ondrej Drozd from the Czech Republic and Karl Rupprec from Germany reached the last heads-up. In the end, Karl Rupprec, who started with half of his opponent's chips, reversed the situation with his two nines, winning the championship. Heads-up Highlights: Karl Rupprec pair 9 and Ondrej Drozd 2, 5. The flop was 2, Q, 9, so Karl Rupprec got three of a kind, and Ondrej Drozd got pair 2. Rupprec pretended

Seoul Semiconductor’s SunLike Series Natural Spectrum LEDs Adopted by Italian Designed Architectural Lighting Brand for Motorized Luminaire with Smart Wireless Controls13.12.2019 12:00:00 EETPress release

Seoul Semiconductor Co., Ltd. (KOSDAQ 046890), a leading global innovator of LED technology, announced that it has achieved smart lighting design with SunLike Series natural spectrum LEDs in cooperation with Casambi Technologies Oy (“Casambi”), a leading developer of wireless lighting control systems based on Bluetooth Low Energy (BLE), and it has been adopted for the Italian designed architectural lighting brand formalighting Ltd. (“formalighting”), a global manufacturer of Italian designed architectural lighting systems and solutions for a new product line which offers motorized luminaire with smart wireless controls. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20191213005009/en/ SunLike implemented in motion lamps (Photo: Business Wire) The SunLike COB LED packages have been adopted by formalighting for the new fixtures, Moto-Zero 40 Compasso and Moto-Zero 66 Zoom, in track mounted motorized spotlight range. In this sect

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom