We are asked one question time and again: "How do I make my ERP systems sufficiently secure to resist cyber attacks?". After all, with the NIS-2 directive on the horizon, there may be an unpleasant lesson to be learned in how often the most basic IT security homework has not been done.

The increasing professionalism and frequency of cyber attacks is no longer a surprising trend, and the majority of companies still see an urgent need for action. However, in our experience, companies often do not know how and where to start to address the challenges of increasingly complex IT landscapes – such as SAP, S/4HANA, Oracle or other ERP systems.

While NIS-2 finally provides clear guidelines for many companies, which first need to be implemented, they are already ...