EAS-SEC, a non-profit organization focused on enterprise application security, with the support of ERPScan, a provider of business application security products and services, has released the SAP Cybersecurity Framework (http://tinyurl.com/kj8j5m2), which is designed to combine predictive, preventive, detective and response measures.
The Framework consists of 20 categories, each describes specific protection processes (e.g. asset management, incident management, or threat intelligence). All are in line with industry recognized frameworks and approaches from NIST, SANS, ISO, CIS, but reflects the specifics of ERP systems, says Alexander Polyakov, president of EAS-SEC.
The Framework implements Gartner’s approach to adaptive security architecture in the area of ERP security. It defines four categories for SAP protection processes: predictive, preventive, detective and responsive. You can download the EAS-SEC SAP Security Framework to set up a solid ERP cybersecurity foundation within your organization.