Layer Seven Security Achieves CyberSecure Canada Certification
Layer Seven Security has successfully achieved certification under the CyberSecure Canada program, validating its strong cybersecurity posture and the application of recognized baseline security controls. This certification provides customers, especially those who rely on SAP systems, with independent assurance that Layer Seven Security operates within a structured and nationally recognized cybersecurity framework. This certification reinforces […]
Digital Operational Resilience Act (DORA) Compliance for SAP Solutions
The Digital Operational Resilience Act (DORA) is an EU regulation that requires financial institutions to ensure their Information and Communications Technology (ICT) systems can withstand, respond to, and recover from disruptions. For organizations using SAP for critical functions, this means SAP solutions must be governed, monitored, and tested to meet DORA’s stringent standards for operational […]
What Are the Key Security Risks in RISE with SAP? Findings from the 2025 Benchmark Report
The SAPinsider RISE with SAP 2025 benchmark report reveals a critical security gap: widespread customer non-compliance with the shared responsibility model. The most significant failure is not implementing SAP’s mandatory security hardening requirements, leaving cloud ERP systems vulnerable and exposing organizations to significant operational, legal, and and reputational risk. The report, based on a survey of 122 […]
What’s New in the Cybersecurity Extension for SAP Version 2.0?
Version 2.0 of the Cybersecurity Extension for SAP is now available, introducing major enhancements to protect business-critical SAP solutions. Key updates include support for SAP NetWeaver AS Java, powerful anomaly detection capabilities, over 400 new threat detection patterns, and updated compliance checks for the latest SAP security benchmarks. Executive Summary Layer Seven Security’s release of the Cybersecurity […]
What’s New in the Cybersecurity Extension for SAP, Version 5.3
Version 5.3 of the Cybersecurity Extension for SAP (CES) is now available, delivering major enhancements for SAP vulnerability management and threat detection. This release introduces comprehensive monitoring for the SAP Cloud Connector, updates to key compliance frameworks including SAP RISE, and emergency patches for zero-day vulnerabilities like CVE-2025-31324. The latest release of the Cybersecurity Extension for SAP […]
What Are the Proposed Changes to the HIPAA Security Rule?
The U.S. Department of Health and Human Services (HHS) has proposed significant updates to the HIPAA Security Rule to address modern cyber threats. The changes mandate specific security practices, including regular vulnerability assessments and penetration tests, strict patch management deadlines, and the universal application of controls that were previously considered “addressable.” Executive Summary The Health […]
New Whitepaper: NIS2 Compliance for SAP Solutions
The Network and Information Security (NIS2) Directive takes effect on October 17 and imposes significant requirements on organizations for cybersecurity and incident reporting. NIS2 mandates strict standards for cybersecurity and incident reporting for organizations that are based in the European Union or provide services within the EU. It is targeted at essential and important organizations […]
Cybersecurity Extension for SAP version 5.1
S/4HANA Access Risk Analysis, SAP RISE Compliance, SAP ETD Benchmarking and More The new release of the Cybersecurity Extension for SAP is scheduled for general availability in May and includes several important enhancements. Version 5.1 includes coverage for critical access and segregation of duties in SAP S/4HANA. It performs more than 700 checks for access […]
New SEC Rules For Cybersecurity Incident and Risk Management Disclosures
The Securities and Exchange Commission (SEC) issued a final rule on July 26, 2023 that will require public companies to disclose material cybersecurity incidents on Form 8-K within four business days of discovery. In addition, the SEC will now require public companies to disclose on an annual basis in Form 10-K their process for assessing, […]
Securing the Journey to SAP S/4HANA
Earlier this month, Layer Seven Security released the new whitepaper Securing the Journey to SAP S/4HANA: A Security Framework for S/4HANA Migrations. The whitepaper provides a comprehensive guide to S/4HANA security to support the transition from SAP ERP to S/4HANA. Mainstream maintenance for ERP will end in December 2027. Therefore, organizations must migrate to S/4HANA […]