The manufacturing industry faces a ticking time bomb in the form of outdated SAP enterprise resource planning (ERP) systems.  While SAP, the number three ERP provider after Microsoft Dynamics and Workday, is rapidly innovating and migrating its software to the cloud and implementing Business AI, many manufacturers are clinging to on-premise deployments of older SAP versions, particularly SAP's ECC (ERP Central Component). This creates a significant security risk, as these legacy systems become increasingly vulnerable after 2027 when mainstream maintenance support ends for Business Suite 7. 

Compounding the problem is the slow migration rate to SAP's S/4HANA, the company's next-generation cloud-based ERP system.  Research by Basis Technologies reveals that less than 60% of companies using SAP's on-premise ECC software application are on track to fully migrate before the 2027 deadline, due to system complexity and potential costs associated with the migration process.  Additionally, today’s growing tech talent shortage and skills gap is expected to further hinder the migration efforts of many manufacturers. 

The consequences of inaction are severe. With nearly three-quarters of SAP customers yet to make the transition, a significant portion of the manufacturing industry remains vulnerable.  Companies that fail to address this challenge risk running unsupported software, exposing themselves to critical security vulnerabilities and rising cyberattacks. These attacks can cripple production lines, cause significant financial losses, and damage a company's reputation. Manufacturers must prioritize modernizing their SAP infrastructure and implementing robust security measures to safeguard their critical operations and sensitive data. 

Manufacturer’s Must Prepare 

If enterprises aren’t preparing to transition, they will suffer from technical debt compounded by SAP ending its support of ECC models in the next three years. As these systems manage the most valuable data, they attract diverse threat groups, motivated either by financial gains or disruptive goals — and will have a clear opening for attack.  

The manufacturing industry has been of particular interest to cybercriminals, with 260 data violation incidents in 2023 in the United States alone. In fact, North America accounted for 40% of ransomware attacks on industrial organizations and infrastructures worldwide, and in 2022, the global average cost per industrial data breach was around $4.73 million U.S. dollars. 

Already, research has found that from 2021 to 2023, ransomware incidents that compromised SAP systems increased by 400%. During the same period, discussions on exploiting SAP vulnerabilities saw a staggering 490% increase across the open, deep, and dark web.  

Disrupted supply chains, loss of intellectual property, and product interference were real threats that 39% of manufacturers experienced from breaches in the last 12 months.  

This disturbing trend is a clear indicator that SAP applications are highly valued targets, connecting various crucial aspects of manufacturing and supply chain operations, making their security a top priority. 

Pace of Adoption Poses Risk 

Fueled by global competition and the need to bounce back from disruptions like COVID-19, many manufacturers have embarked on a digital transformation at breakneck speed.  While this rapid integration of technology has yielded efficiency gains, it often comes at the expense of security. Companies prioritizing speed over security have left gaping vulnerabilities in their systems, ripe for exploitation. 

This problem is compounded by the growing complexity of ERP systems.  As manufacturers embrace sustainable practices and Industry 4.0 principles, their ERP software needs to not only handle traditional functions but also integrate with new "green" processes and service-based models. This increased complexity creates blind spots within these systems, making them even harder to secure. 

Further exacerbating the issue is the ongoing cybersecurity skills gap.  With stretched-thin security teams juggling digitization initiatives, product innovation, and supply chain protection, critical tasks like ERP security often fall by the wayside. The World Economic Forum reports a staggering 95% of cyber leaders believe a greater effort is needed to recruit and develop cybersecurity professionals. This lack of skilled personnel makes implementing robust security measures even more challenging, particularly with the looming threat of mainstream maintenance ending for one of the top ERP softwares. 

On top of this, a crucial defense mechanism, Multi-Factor Authentication (MFA), is often not enforced, further weakening the overall security posture.  This combination of factors — increased complexity, a talent shortage, and lax security practices — creates a perfect storm for cyberattacks targeting these vulnerable organizations. 

Modern Solutions and Strategies 

Addressing the sophisticated nature of threats facing ERP systems in manufacturing today requires a multifaceted approach. This includes: 

1. Automated Security Processes: Automation plays a crucial role in modern cybersecurity strategies. By automating security measures, companies can minimize human error, accelerate response times, and ensure ongoing protection of critical systems.
2. Human-in-the-loop: When dealing with automated processes, human expertise must also be kept in the loop. This ensures the output stays consistent and enterprises can lessen entropy. Having data that is rich, relevant, and curated is still key to success. 
3. Research-Driven Insights: Leveraging the latest findings from cybersecurity research is essential. Continuous threat intelligence allows companies to stay ahead of cybercriminals, especially those targeting specific vulnerabilities in SAP systems. This approach is crucial for developing a proactive defense strategy that adapts to new threats as they emerge.
4. System Integration: Security must be integrated into the ERP system's architecture from the outset. A holistic approach ensures that every component of the ERP system is designed with security in mind, enhancing the overall resilience of business operations.
5. Joining the MFG-ISAC: Join communities such as the Manufacturing Information Sharing and Analysis Center (MFG-ISAC) to play a part in defending the manufacturing sector and staying up to date. 

Risk Management Requires a Holistic Approach  

Implementing advanced security measures involves more than just deploying technology; it requires a strategic approach to risk management. Best practices include continuous system monitoring, regular security assessments, and the proactive integration of security features during the system design and development phases — such as SAP S4/HANA.  

By understanding the specific threats that have historically targeted SAP systems, companies can better prepare and mitigate potential risks. Proactive security not only helps in managing the immediate threats but also prepares the organization for future challenges. Industry leaders in the manufacturing sector must not underestimate the importance of advanced ERP security strategies and must reassess existing security frameworks that are quickly becoming outdated.  

Paul Laudanski is director of security research at Onapsis.