SAGESSE TECH : Monitoring SAP Systems to be NIS2 Compliant

The revised European Union Network and Information Security (NIS2) Directive compels member states to establish legal regulations to ensure that significant and critical infrastructure in their countries remains unaffected by cyber attacks.

This directive and law establish stringent obligations for ten categories of cyber risk management and the reporting of incidents. Affected companies must adopt appropriate measures and technologies and demonstrate compliance with legal requirements. Management is obligated to oversee, monitor, and be personally accountable in case of breaches.

NIS2 brings many requirements for companies and several key security objectives arise from these requirements. Some of these key security objectives can be just covered by a seamless integration of network, information systems and ERP Systems( e.g. SAP / Oracle ) of these companies into a SIEM System.

Here is a short list of NIS2 Requirements and key security objectives which are related to a successfull SIEM Integration of Information Systems.

NIS Requirement : Security Operations must be managed seamlessly and supply chain security must be guaranteed

Key Security Objectives emerging from this requirement are :

• Implement end-to-end anomaly and intrusion detection. Ensure logging of all events and derivation of automatic reactions
• Early detection of attacks, malicious, erroneous, or other activities that could affect critical services on the network
• Ensure rapid response to cyber incidents (incident response)
• Prevent unauthorized access to digital assets. Monitor all entries and login attempts

You must integrate your Information Systems and ERP Systems into a SIEM Solution( e.g. Splunk, IBM QRadar ) and monitor them 7/24 to detect attacks in real time and ensure a rapid response to cyber incidents.

SAGESSE TECH, global SAP Security / Oracle Security / ERP Security Tech Company, is providing SAP Threat Detection and Monitoring Products, SAP PenTest Framework and an SAP Audit Service which control these kinds of configurations, vulnerabilities and much more in your SAP Systems. Their products and services can help you to integrate your SAP System into your central threat detection solutions and foster your NIS2 Compliance.

Additionally, you can contact SAGESSE TECH(E-mail : [email protected] or [email protected] ), if you would like to have a Vulnerability Scanning, SAP Audit or SAP PenTest on your SAP Systems.