A Lego rover moves as if operated by a ghost hand, trying to push pieces of candy to an exit. Suddenly, it stops and nothing happens for several minutes. Then, out of nowhere, it moves again. But this isn’t just a game – it’s part of SAP’s first Cyber Security Month celebration. In this online challenge, SAP employees tried to hack the rover to control it. Sponsored by the SAP Global Security team, the challenge was part of a variety of other hacking challenges, activities and events that raised awareness in the area of security within the company. While the company has always been deeply invested in issues related to cyber security, October 2016 marked SAP’s first time participating in Cyber Security Awareness Month.
Cyber security threats are becoming more sophisticated and more numerous. There has been a “458% increase in the number of times hackers searched Internet of Things connections for vulnerabilities,” according to a recent article in Forbes. As the rate of incidents continues to rise, companies must address cyber security risks in order to reduce potential damage to their reputations and fiscal health. Today, cyber security awareness campaigns take place in many countries worldwide, providing a good opportunity to promote best practices on how to protect an organization and individuals against cybercrime.
Justin Somaini, Chief Security Officer at SAP, and the sponsor of the Cyber Security Month, invited all SAP employees to do this: “Learn and have fun at the same time – and don’t forget: Everyone at SAP is responsible for security. Without building a human firewall, all our technical measures and processes will fail.”
On October 18, 2016, Justin kicked off National Cyber Security Month in Palo Alto with more than 190 attendees joining the discussion, in person and online. Globally recognized security experts were also on hand to answer questions. Justin, together with Geoff Belknap, Chief Security Officer at Slack, DJ Sampath, VP of Engineering at StackRox, and Andrea Kirkpatrick, Associate General Counsel Security at Facebook, discussed the importance of not only communicating security issues to our employees on a broader scale, but also transforming the conversation to create a culture of tighter security. As 74% of the world’s transactions go through SAP systems, it’s critical for security to remain a high-priority topic. It’s our collective responsibility to be proactive, not reactive, to security attacks.
Another highlight of SAP’s Cyber Security Month celebration was SAP’s Security Day in Walldorf, Germany on October 27, 2016. SAP employees watched an exciting opening session with two “hackers” from Consectra GmbH, a consulting company with a focus on information security. During this hacking session, it became clear how easily hackers can stage an attack using social media or mobile devices, and how easy it is to steal personal data and crack passwords. In addition, SAP security leaders spoke on essential topics such as SAP’s security vision, the SAP cybersecurity ecosystem and data center security. SAP employees had the chance to meet with security experts and discuss important security topics and challenges. With 600 SAP employees in attendance, SAP’s Security Day was a great success in creating awareness for existing cyber security risks and emphasizing the role every individual plays in making the Internet safer and more secure.
SAP’s Cyber Security Awareness Month celebration was an exciting journey that invited its participants to take an active role – either as a guest at one of the live events or as an online “hero” who could prove his/her security know-how by solving a series of hacking challenges. For example, the winner of the “Capture the Flag” competition was recognized on SAP’s Security Wall of Fame!
The series of events were successful in delivering one key message: Only with a human firewall and the collective power of every individual will we be able to protect an organization and create cyber resilience.
To learn more, read the in-depth letter about cyber security from SAP CEO Bill McDermott.