Page 20 - Risk Management Bulletin April-June 2022
P. 20
RMAI BULLETIN APRIL - JUNE 2022
SEVEN STEPS TO
HELP PROTECT
YOUR ERP SYSTEM
AGAINST CYBER
ATTACKS
W hat would happen if your enterprise vulnerable their ERP systems are to such attacks. This
resource planning (ERP) system were
could become a significant problem as evidence
attacked? For many companies, the
consequences would be devastating. ERP mounts of increasing threats targeting ERP systems.
systems not only contain the crown jewels of the Supply-chain attacks rose by 42 percent in the United
business—customer data, stock levels, order entries, States in the first quarter of 2021, impacting up to
production plans, and contract data—they also seven million people.1 And security threats against
manage such essential financial processes as order to industrial control systems (ICS) and operational
cash (OTC), and operational processes such as technology (OT) more than tripled in 2020.2 Hackers
production planning and steering and cash collection are becoming more systemic and discerning in their
and payments. An ERP system is literally the operating attacks, shifting from distributed denial-of-service
system for the company, without which the company (DDoS) attacks and encryption of databases toward
simply could not function. disruption of productive systems, and the threat
landscape will likely shift further. The German
While cyberattacks continue to be top of mind for government published an annual report recently
executives, many may not fully appreciate how highlighting how the cyberthreat is shifting
pronouncedly from the theft of data to the disruption
Authors of systems.3 The US Department of Homeland Security
has issued multiple warnings against cyberattacks
Katya Defossez targeting ERP systems.
Partner in McKinsey’s Houston office
Wolf Richter With these signs of increased threat levels, ERP
Partner in the Berlin office. businesses have invested in hardening and protecting
18
