Onapsis and Deloitte team up to improve the compliance and cybersecurity of SAP

Highlights:

• The joint solution provides vulnerability management via Deloitte’s SAP VM offering, including cyber assessment, strategic planning, design, configuration, and integration services.
• Deloitte’s Secure Software Development and DevSecOps offering, in conjunction with the Onapsis Assess and Onapsis Control platforms, ensures secure software development.

Onapsis Inc., a startup specializing in cybersecurity and compliance solutions, has recently unveiled a new strategic partnership with Deloitte. This collaboration aims to assist mutual clients in transforming and safeguarding their SAP digital transformation initiatives.

Onapsis and Deloitte partnership combines Deloitte’s expertise in SAP cyber risk management with Onapsis’ specialized platform dedicated to securing enterprise resource planning systems. Through this partnership, both firms will provide clients with comprehensive services and solutions, aiding them in mitigating cybersecurity threats and protecting their digital assets. The approach encompasses a wide range of SAP security approaches.

The joint solution provides vulnerability management using Deloitte’s VM service for SAP, encompassing cyber assessment, strategic planning, design, configuration, and integration services aligned with industry standards and SAP’s recommended guidelines. Additionally, this offering enables mutual clients to utilize the Onapsis Assess platform, establishing a secure-by-design framework for their SAP implementations.

In implementing this approach, the companies emphasize the creation of a secure SAP environment from the start. This not only lowers the expenses related to addressing vulnerabilities after implementation but also serves to close the gap between cybersecurity and ERP teams.

In addition to the Onapsis Assess and Onapsis Control platforms, secure software development is integrated into each phase of a client’s SAP development processes via the Secure Software Development and DevSecOps offering of Deloitte, which conducts quality, compliance, and security reviews. By means of an automated code scan during development, a transport examination during release, and continuous code monitoring in production, the integration enables clients to establish a robust agile framework that facilitates ongoing enhancements throughout the entirety of the development process.

In the realm of cybersecurity, Deloitte’s Threat Detection and Monitoring offering utilizes the Onapsis Defend platform. This integration merges Deloitte’s SAP-specific collection of security use cases with research from Onapsis Research Labs. This collaboration equips clients and security teams with the necessary visibility and context to respond promptly to threats targeting ERP applications.

Clients also have the option to integrate with their current security operations center technologies, such as security information and event management. This flexibility allows the inclusion of enterprise resource planning incidents, root cause analysis, and mitigation guidance within broader security management and incident response processes.

Risk and financial advisory Managing Director in cyber and strategic risk at Deloitte, Sachin Singh, said, “While most organizations continue to pioneer their digital transformations, Deloitte offers our clients ways to transform securely and in compliance with each organization’s specific regulatory and organizational needs. Offering Onapsis capabilities fully embedded within our SAP methodology is another demonstration of Deloitte’s continued investment in the growing cybersecurity ecosystem.”