On January 10, 2023, SAP, a multinational software company, announced its partnership with a platform often referred to as the ‘Wikipedia of cyber’ to enhance its threat intelligence capabilities. This move is aimed at helping the company make sense of the vast amounts of threat data it encounters daily.
We recognized the need for a more comprehensive approach to understanding cyber threats, and this platform has been instrumental in helping us achieve that goal, said Thomas Merkel, Head of Cyber Security at SAP in Walldorf, Germany.
The platform, which is used by numerous organizations worldwide, serves as a collaborative database where cyber security professionals can share and access information on various threats, including malware, phishing attacks, and vulnerabilities. As of February 2023, the database contains over 1.5 million entries, with thousands of new additions every week.
- Malware analysis: The platform provides in-depth analysis of malware, helping SAP’s security team understand the nature of the threats they face.
- Vulnerability management: It offers detailed information on known vulnerabilities, enabling SAP to prioritize patching and mitigate potential risks.
- Threat actor tracking: The platform tracks the activities of known threat actors, giving SAP valuable insights into the tactics, techniques, and procedures (TTPs) used by these groups.
The shift was gradual, then sudden, as SAP’s security team began to fully utilize the platform’s capabilities, leading to a significant improvement in their ability to respond to threats. In 2022, the company reported a 30% reduction in the time it takes to respond to security incidents, partly attributed to the enhanced threat intelligence provided by the platform. Improving threat intelligence is crucial for organizations like SAP, as the cost of cyber attacks continues to rise. According to a recent report, the average cost of a data breach in 2022 was $4.35 million, a 12% increase from the previous year. As the threat landscape continues to evolve, SAP’s reliance on the ‘Wikipedia of cyber’ is likely to grow, with the company planning to expand its use of the platform to other areas of its operations. What happens next will depend on how effectively SAP can integrate this threat intelligence into its overall security strategy, and readers should watch for further updates on the company’s efforts to enhance its cyber security posture.