64% of SAP & Oracle ERP Customers have reported a Breach (in last 24 months)

By Scott Lavery • October 15, 2019

The numbers are out, and it’s more apparent than ever – your ERP system is most likely at risk. A recent study by Onapsis has revealed that two-thirds of businesses (relying on SAP and Oracle) have reported a breach in the last 2 years.

The numbers are indeed concerning and reveal one common theme – “out-of-the-box” ERP security controls (and audit mechanisms) do not provide the adequate controls and visibility necessary to protect PeopleSoft/SAP ERP data. Organizations should assume that it’s only a matter of time before a breach reaches their forefront.

So, why are ERP breaches becoming increasingly common? Where do existing, “out-of-the-box” security mechanisms lack?

Lack of Insight into User Activity

What is a traffic reporter’s best friend? A camera. Why? Because traffic is compiled of a multitude of vehicles moving in unison – until they are not! If a stall or backup is happening, traffic reporters rely on highway cameras to understand the origins of the incident – and to properly diagnose how long the delay might be for everyone else.

Keeping with the traffic theme… the level of visibility in legacy ERP systems resembles that of a tunnel (with only 2 cameras) – you watch the cars go in and you watch them come out – but what happens in the tunnel? You simply don’t know!

This level of visibility was once acceptable, but the rise in phishing tactics and the introduction of new data privacy mandates (ex. GDPR and CCPA) have put an emphasis on understanding precise data access and usage.  Only knowing when a credential logs in – and then logs out (without understanding what happens “inside the tunnel”) has become a significant liability.

Is it possible that bad actors know they are not being watched? Yes, and the numbers (presented by Onapsis) reflect this new reality.

Slow Detection of Breaches (Time is $$$!)

The longer it takes to track down a breach, the riskier (and more expensive) it gets. According to an IBM study, companies take up to 206 days to identify a breach. After detection, remediation takes 73 days (avg.)

What difference does early detection make? – $1.23 million. That’s right – the study observes that companies who could detect a data breach in less than 200 days, saved more than $1 million on the total cost of the breach. Time indeed is money!

Surprisingly though, many organizations are yet to adopt a way to detect an ERP system intrusion quickly.

Infrequent Audits

Frequent audits can help reduce the risk of a security incident and prompt immediate action (should an incident arise.) But are companies performing enough audits? In the survey conducted by Onapsis, “78% of respondents audit their ERP apps every 90 days or more.” Given the implications of a breach (unexpected downtime, compliance risk, and even diminished brand confidence), organizations must perform regular audits. 


The IDC survey raises important questions related to breaches and security. It is now apparent that ERP system breaches are on the rise, and organizations have (2) choices – either accept their breach fate, OR seek solutions to integrate modern data security strategies into their legacy ERP systems.

Contact us to learn how granular security solutions can be integrated in your existing systems! Now is the time to be proactive!

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives

Start your free demo

"Learn how you can reduce risk with rapid threat protection, audit response and access control. All from a single, comprehensive platform"

Trusted by hundreds of leading brands