A Practical Guide to Cybersecurity Governance for SAP


Book Description

There is a lot of misunderstanding about how to apply cybersecurity principles to SAP software. Management expects that the SAP security team is prepared to implement a full cybersecurity project to integrate SAP software into a new or existing company cybersecurity program. It’s not that simple. This book provides a practical entry point to cybersecurity governance that is easy for an SAP team to understand and use. It breaks the complex subject of SAP cybersecurity governance down into simplified language, accelerating your efforts by drawing direct correlation to the work already done for financial audit compliance. Build a practical framework for creating a cyber risk ruleset in SAP GRC 12.0, including SOX, CMMC, and NIST controls. Learn how to plan a project to implement a cyber framework for your SAP landscape. Explore controls and how to create control statements, plan of action and milestone (POA&M) statements for remediating deficiencies, and how to document con- trols that are not applicable. The best controls in the world will not lead to a successful audit without the evidence to back them up. Learn about evidence management best practices, including evidence requirements, how reviews should be conducted, who should sign off on review evidence, and how this evidence should be retained. - Introduction to cybersecurity framework compliance for SAP software - SAP-centric deep dive into controls - How to create a cyber risk ruleset in SAP GRC - Implementing a cyber framework for your SAP landscape




A Practical Guide to Cybersecurity in SAP


Book Description

SAP environments are internally integrated with, and through, cloud and hybrid cloud solutions. This interconnection, both within and external to the firewall, creates a level of vulnerability that, if exploited, could compromise a company’s intellectual property, employee and supplier information, and trade secrets. This book breaks down the application of cybersecurity, as it applies to SAP, into actionable items that can be communicated and implemented into existing security frameworks. You will understand why cybersecurity applies to SAP, how it integrates with cybersecurity Initiatives within an organization, and how to implement a security framework within SAP. This expertly written guide provides a targeted cybersecurity education for SAP managers, architects, and security practitioners. The author explores the technical aspects of implementing cybersecurity policies and procedures using existing tools and available SAP modules. Readers will gain a solid understanding of what a cybersecurity program does, what security frameworks are used for, how to assess and understand risk, and how to apply mitigating controls. By using practical examples, tips, and screenshots, this book covers: - Cyber risk in the SAP landscape - How to harden security - Cybersecurity risk management programs in SA - Risk mitigation for threats




Practical Guide to SAP Entitlement Management with SAP S/4HANA


Book Description

SAP Entitlement Management with SAP S/4HANA streamlines and automates entitlement management processes and operations, from initial modelling and full lifecycle management to reporting. This practical guide introduces SAP Entitlement to aspiring consultants and to users who are supporting new implementations., and covers functionality and integration points, and where this solution fits in the quote-to-cash process. Explore entitlement models and how to set up entitlement rules. Learn how to integrate entitlement management with other SAP solutions, including SAP Sales and Distribution (SD), SAP Subscription Order Management (SAP S/4SOM), and SAP Subscription Billing. Walk through business use case examples for split and merge entitlement sce- narios, as well as a bundled entitlement scenario. Be guided, step-by-step, on how to configure SAP Entitlement Management, as well as deployment options. Gain an understanding of how background jobs, business events, monitoring, and migration functionality work. Take a closer look at advanced features such as merging and splitting. Learn how to create and change entitlements, and also how to split and merge entitlements. By using practical examples, tips, and screenshots, the authors bring readers quickly up to speed on SAP Entitlement Management. - SAP S/4HANA Entitlement Management models and functionality - Configuration and deployment options - Creating and changing entitlements - Splitting and merging entitlements




Access Risk Management in SAP


Book Description

Do you need expert guidance on how to plan, implement, and run access analyses? This book takes a practical approach to customer-specific SAP rulesets for compliance managers, GRC teams, identity and access management teams, as well as administrators running these systems. Identify types of risk and the tools available. Take a look at use cases and tools for risk analysis and explore how to optimize processes, quality of authorization roles and concepts, transparency of access rights to data, and functions for data and process owners. Explore key considerations for evaluating a tool for hosting a using a risk catalog. Take a look at limitations of risk catalogs and learn more about a methodology for customizing standard access to the risk catalog. Find out why the authors recommend starting with a small access risk catalog before move onto more complex landscapes. Take away best practices for bringing end users up to speed. - Considerations for hosting and using a risk catalog - Limitations of risk catalogs - methodology for customizing standard access - Risk handing process




A Practical Introduction to Supply Chain


Book Description

In many businesses, supply chain people are trapped in reactive roles where they source, contract, purchase, receive, warehouse, and ship as a service. However, in some businesses suppliers contribute to improvement programs, technology, funding, marketing, logistics, and engineering expertise. Breaking into a proactive supply chain role takes broad thinking, a talent for persuasion, and the courage to go after it. This book supplies proven methods to help you do so. A Practical Introduction to Supply Chain describes how to run an efficient supply chain that exceeds expectations in terms of cost, quality, and supplier delivery. It explains the need to integrate systems, the flow of information, and the way in which people work together between commercial purchasing, materials management, and distribution parts of the supply chain. Sharing powerful insights from the perspective of a supply chain manager, the book details practical techniques drawn from the author’s decades of experience. It presents methods that apply directly to supply chains involving a physical product, manufactured internally or outsourced, as well as physical operations such as oilfield services. This book demonstrates how to make a supply chain organization work in practice—contributing more to business success than traditional purchasing and logistics organizations can. In addition to writing about practical supply chain issues and approaches, the author also describes proven methods he used while working with client teams on assignments. He also details some of the ways his teams used to manage the people part of the change.




Cybersecurity for Business


Book Description

Balance the benefits of digital transformation with the associated risks with this guide to effectively managing cybersecurity as a strategic business issue. Important and cost-effective innovations can substantially increase cyber risk and the loss of intellectual property, corporate reputation and consumer confidence. Over the past several years, organizations around the world have increasingly come to appreciate the need to address cybersecurity issues from a business perspective, not just from a technical or risk angle. Cybersecurity for Business builds on a set of principles developed with international leaders from technology, government and the boardroom to lay out a clear roadmap of how to meet goals without creating undue cyber risk. This essential guide outlines the true nature of modern cyber risk, and how it can be assessed and managed using modern analytical tools to put cybersecurity in business terms. It then describes the roles and responsibilities each part of the organization has in implementing an effective enterprise-wide cyber risk management program, covering critical issues such as incident response, supply chain management and creating a culture of security. Bringing together a range of experts and senior leaders, this edited collection enables leaders and students to understand how to manage digital transformation and cybersecurity from a business perspective.




AWS Security


Book Description

Running your systems in the cloud doesn’t automatically make them secure. Learn the tools and new management approaches you need to create secure apps and infrastructure on AWS. In AWS Security you’ll learn how to: Securely grant access to AWS resources to coworkers and customers Develop policies for ensuring proper access controls Lock-down network controls using VPCs Record audit logs and use them to identify attacks Track and assess the security of an AWS account Counter common attacks and vulnerabilities Written by security engineer Dylan Shields, AWS Security provides comprehensive coverage on the key tools and concepts you can use to defend AWS-based systems. You’ll learn how to honestly assess your existing security protocols, protect against the most common attacks on cloud applications, and apply best practices to configuring identity and access management and virtual private clouds. About the technology AWS provides a suite of strong security services, but it’s up to you to configure them correctly for your applications and data. Cloud platforms require you to learn new techniques for identity management, authentication, monitoring, and other key security practices. This book gives you everything you’ll need to defend your AWS-based applications from the most common threats facing your business. About the book AWS Security is the guide to AWS security services you’ll want on hand when you’re facing any cloud security problem. Because it’s organized around the most important security tasks, you’ll quickly find best practices for data protection, auditing, incident response, and more. As you go, you’ll explore several insecure applications, deconstruct the exploits used to attack them, and learn how to react with confidence. What's inside Develop policies for proper access control Securely assign access to AWS resources Lock-down network controls using VPCs Record audit logs and use them to identify attacks Track and assess the security of an AWS account About the reader For software and security engineers building and securing AWS applications. About the author Dylan Shields is a software engineer working on Quantum Computing at Amazon. Dylan was one of the first engineers on the AWS Security Hub team. Table of Contents 1 Introduction to AWS security 2 Identity and access management 3 Managing accounts 4 Policies and procedures for secure access 5 Securing the network: The virtual private cloud 6 Network access protection beyond the VPC 7 Protecting data in the cloud 8 Logging and audit trails 9 Continuous monitoring 10 Incident response and remediation 11 Securing a real-world application




Cloud Migration Handbook Vol. 1: A Practical Guide to Successful Cloud Adoption and Migration


Book Description

This book covers a practical approach for adopting and migrating on premises systems and applications to the Public Cloud. Based on a clear migration master plan, it helps companies and enterprises to be prepared for Cloud computing, what and how to successfully migrate or deploy systems on Cloud, preparing your IT organization with a sound Cloud Governance model, Security in the Cloud and how to reach the benefits of Cloud computing by automation and optimizing your cost and workloads.




ABAP Development for SAP HANA


Book Description

See how SAP HANA has changed ABAP Whether you're studying for certification or just want to see what's new, you can learn to design simple and advanced SAP HANA applications with ABAP by using this comprehensive guide. Learn to enable code pushdown, use new Open SQL enhancements and CDS views, and integrate native SAP HANA objects. Use detailed programming examples to develop database procedures and optimize your applications. You'll be programming for SAP HANA in no time Basic Principles Explore essential SAP HANA principles like in-memory technology and architecture, the SAP Web IDE, and AS ABAP database programming. Advanced Techniques Learn to use tools like InfoProviders, EasyQuery Interface, and the Application Function Modeler for SAP HANA. Discover how to integrate geographical data from SAP HANA in ABAP programs. Optimizing Existing Applications Get step-by-step instructions to help you optimize existing ABAP applications, and learn how to speed up applications with SAP HANA. Highlights: Code pushdown SAP Web IDE Eclipse CDS views SQLScript Native SAP HANA object integration Open SQL enhancements Geo-information Text searches Error analysis




Blockchain for Business


Book Description

The Pragmatic Guide to Driving Value and Disrupting Markets with Blockchain "Blockchain’s potential to transform businesses has generated a tremendous amount of excitement across industries. However, it can be difficult for decision makers to develop a practical approach to blockchain for their specific business requirements. By identifying and clearly describing the value of blockchain for enterprises, as well as the processes required to harness blockchain to achieve business objectives, Blockchain for Business presents a startlingly concise yet comprehensive roadmap for business leaders. This book is an excellent resource for anyone looking to leverage blockchain to transform their business." —Dr. Won-Pyo Hong, President & CEO of Samsung SDS “Much has been written about blockchain in the past few years: what it is and what it is not (at various levels of detail), as well as the technology’s long-term strategic value for companies, industries, and economies. However, what we’ve been missing is a practical, operational, ‘how to’ set of steps for creating, implementing, and operating a blockchain-based solution. This book aims to fill that gap. It’s an invaluable tool for anyone ready to take the plunge and start taking advantage of this remarkable technology.” —Irving Wladawsky-Berger, research affiliate, MIT; columnist, WSJ CIO Journal; VP Emeritus, IBM "I will never be able to adequately express how useful this book will be to my class. In addition the great chapters on cybersecurity, I loved the Integration Models, especially 'Coexistence with Systems of Record.' Legacy integration with Blockchain is a critical barrier, and you nailed it!" —Thomas Doty, JD, LLM - Adjunct Professor, University of New Hampshire Law Blockchain enables enterprises to reinvent processes and business models and to pursue radically disruptive applications. Blockchain for Business is a concise, accessible, and pragmatic guide to both the technology and the opportunities it creates. Authored by three experts from IBM’s Enterprise Blockchain practice, it introduces industry-specific and cross-industry use cases, and reviews best-practice approaches to planning and delivering blockchain projects. With a relentless focus on real-world business outcomes, the authors reveal what blockchain can do, what it can’t do yet, and where it’s headed. Understand five elements that make blockchain so disruptive: transparency, immutability, security, consensus, and smart contracts Explore key use cases: cross-border payments, food and drug safety, provenance, trade finance, clinical trials, land registries, and more See how trusted blockchain networks are facilitating entirely new business models Compare blockchain types: permissioned, permissionless, private, public, federated, and hybrid Anticipate key technical, business, regulatory, and governance challenges Build blockchain financial models, investment rubrics, and risk frameworks Organize and manage teams to transform blockchain plans into reality Whether you’re a senior decision maker, technical professional, customer, or investor, Blockchain for Business will help you cut through the hype and objectively assess blockchain’s potential in your business. Register your product for convenient access to downloads, updates, and/or corrections as they become available.