Drawing on thousands of SAP production environments, CRIS introduces the first peer benchmark revealing how organizations perform across SAP security controls
SecurityBridge, a leading provider of cybersecurity solutions for SAP, today announced the release of the Cybersecurity Resilience Index for SAP (CRIS), an industry benchmarking report that analyzes how organizations running SAP are securing their environments. The report is a timely response to global security incidents involving SAP environments that provides organizations with key actionable insights into strengths and gaps in their SAP security posture.
SecurityBridge collects anonymized customer benchmarking data through an industry-only benchmarking feature that enables customers to compare themselves to peer organizations. SecurityBridge aggregated customer insights to develop benchmarks across eight distinct areas of responsibility (AoRs). The insights are grounded in real-world data from the world's largest community of SAP security customers.
Each AoR receives a detailed rating from 0 to 100%, where 100% reflects that all security controls have been applied. SecurityBridge runs the most comprehensive baseline in the industry, with more than 550 different checks, more than double the number included in the standard SAP Security Baseline.
Key findings:
- Most new customers start with a score between 30 and 40% and see significant improvements within a few months of working with SecurityBridge
- Authorizations (68%) reflect possible attack pathways across privilege types and persistent excessive access issues
- Data Protection (65%) creates GDPR and other regulatory exposures and risks with lax controls and monitoring enforcement
- Operating System (100%) signals mature, enforced and audited system-hardening and host-level controls
- Development (77%) signals robust, secure coding practices, limiting attack surfaces in custom SAP code and driving long-term risk
- Application Controls (40%) score lowest, which reflects noteworthy gaps in business-level security and payments risk
"SAP is maturing, and that comes with a perception that the systems are secure by default or that securing them is too cumbersome," said Holger Hügel, Chief Technology Officer at SecurityBridge. "That thinking is shifting, and our data-driven CRIS report provides insightful context for security leaders. We are bringing SAP and cybersecurity closer together through the report to provide a transparent look at the state of the industry. That's our core goal with the CRIS, to drive conversation about getting started with SAP security and better protecting critical business processes and sensitive data."
The CRIS report highlights SecurityBridge's growing momentum in SAP cybersecurity and benchmarking. As adoption of the company's platform grows at a global scale, it continues to build the industry's most comprehensive dataset on SAP security risk trends.
SecurityBridge will continue to lead the SAP security analysis conversation by updating the CRIS report every six months. For more information or to access the full CRIS report, visit: https://securitybridge.com/cybersecurity-resilience-index-for-sap/.
About SecurityBridge
SecurityBridge is the leading provider of a comprehensive, SAP-native cybersecurity platform. Trusted by organizations worldwide to safeguard their most critical business systems. Our platform seamlessly integrates real-time threat monitoring, vulnerability management, and compliance capabilities directly into the SAP environment, empowering organizations to protect their data's integrity, confidentiality, and availability with minimal manual effort. With a proven track record, including a stellar customer success rating and over 8,000 SAP systems secured globally. SecurityBridge stands out for its ability to accurately provide a 360° view of the SAP security posture, ease of use, rapid implementation, and transparent licensing. We are committed to innovation, transparency, and customer-centricity, ensuring businesses can confidently navigate the evolving landscape of SAP security threats.
View source version on businesswire.com: https://www.businesswire.com/news/home/20260317307785/en/
Contacts:
PR Contact:
Ryan Quintana
prforsecuritybridge@bospar.com
