bowbridge-banner.png

bowbridge Blog

May 21, '19 by Joerg Schneider-Simon

The news these days on cybersecurity is often grim. High-profile data breaches affect millions of consumers, data sabotage threatens vital infrastructure and systems, and massive phishing schemes wreak havoc on personal privacy. Cybersecurity...

May 2, '19 by Joerg Schneider-Simon

Whether they’re signing up for a gym membership or downloading a new app, it seems like people are perpetually being asked for their personal information. And while consumers may have varying levels of trust in the organizations making the...

Apr 11, '19 by Joerg Schneider-Simon

As 2018 drew to a close, another high-profile data hack hit the news: This time, the victim was hospitality giant Marriott. The breach was initially thought to have affected up to 500 million people, with their personal data — including millions...

Mar 26, '19 by Joerg Schneider-Simon

Information security professionals and CIOs are feeling the squeeze. Not only is the number of data breaches increasing all the time, but the number of available cybersecurity professionals is decreasing.

As a result, IS teams face a constant...

Mar 12, '19 by Joerg Schneider-Simon

Managers tasked with SAP cybersecurity used to have a (slightly) easier time with threat management. The primary reason? Every SAP end user was contained within the company’s four walls. All endpoints were known, and the SAP system was a closed...

Feb 25, '19 by Joerg Schneider-Simon

Keeping your SAP system safe from cyberattack takes time, effort, and manpower. Busy cybersecurity teams are no strangers to effort, but time and manpower? Those are in short supply nowadays.

Shorthanded and short-on-time teams are faced with...

Jan 31, '19 by Joerg Schneider-Simon

Another year, another listing of the top 25 most popular passwords, with the top two spots being taken, yet again, by “123456” and “password.”

People are notoriously terrible at choosing secure passwords. That is why when biometric-based...

Jan 17, '19 by Joerg Schneider-Simon

During this time of year, it’s natural to look to the year ahead and predict what it will bring. Cybersecurity experts have been doing this for decades, analyzing trends and developments to estimate a forthcoming landscape and alerting...

Dec 17, '18 by Joerg Schneider-Simon

Quick: When you think of data breaches, what comes to mind?

If you’re like most people, you think of cyberattacks that target structured, secured databases. These cyberattackers steal reams of sensitive data, often selling the data to the highest...

Nov 26, '18 by Joerg Schneider-Simon

It may be hard to believe, but six months have passed since the GDPR deadline. During that time, companies (including bowbridge) contacted their lists, seeking active consent to continue sending them information. GDPR opt-in emails were so...

Nov 14, '18 by Joerg Schneider-Simon

“I have read and understood the company’s IT policy.”

Employees check the box, but are they adhering to the policy? The evidence suggests otherwise: In a survey of IT professionals, employees leaving laptops and phones unsecured in vulnerable...

Nov 1, '18 by Joerg Schneider-Simon

Our friends at Cybersecurity Insiders recently released their 2018 Application Security Report, which contains some eyebrow-raising results. For example, only 62 percent of respondents feel (at best) moderately confident in their organization’s...

Oct 26, '18 by Joerg Schneider-Simon

Passwords are out, prints are in.

Biometric security features have been added to door locks, banking applications, smart phones and beyond. Instead of memorizing pin numbers, authenticating our identity is now as simple as looking into a camera...

Oct 16, '18 by Joerg Schneider-Simon

Ransomware continues to be one of the top varieties of malicious software. And it’s wreaking havoc, grinding company operations to a halt as the ransomware renders mission-critical data and systems inaccessible, while also exposing companies to...

Sep 27, '18 by Joerg Schneider-Simon

The enemy is coming … and the white hats are outnumbered.

It’s predicted there will be a worldwide shortage of cybersecurity professionals—2 million of them, to be precise—by 2019. Should someone from your own cybersecurity team leave your...

Aug 21, '18 by Joerg Schneider-Simon

The internet has come a long way since the days of screeching dial-up modems. We’ve become used to quick and reliable internet access from our computers and smartphones.

The new frontier? Connected appliances, vehicles, equipment, and more. The...

Aug 9, '18 by Joerg Schneider-Simon

On July 25th, the world received some startling news: The US Department of Homeland Security had issued an alert about ERP systems (specifically, SAP and Oracle) being targeted by nation-state attackers, cybercriminals, and hacktivist groups.

...

Jul 19, '18 by Joerg Schneider-Simon

Whether a company is looking at customers, suppliers, production, or finances, it’s looking at data. And SAP is one of the most widely used platforms for companies to manage their data and perform the multiple tasks that keep a business running.

...

Jul 10, '18 by Joerg Schneider-Simon

Supply chains keep an organization operating at full pace … or they can stop a company in its tracks. Without a well-run supply chain, a company can’t produce their product, maintain their equipment, or even manage day-to-day operations.

Today’s...

Jun 28, '18 by Joerg Schneider-Simon

It’s no surprise that SAP is one of the most widely used business platforms in the world, considering how wide-ranging and versatile it is.

And as a responsible company, SAP works hard to push out patches, called “security notes” in SAP-speak on...

Jun 21, '18 by Joerg Schneider-Simon

Our world is getting increasingly mobile. Our socializing, our banking, our dating, our bitter family arguments about politics … more and more, it’s all taking place on our mobile devices.

Business is no different. Increasingly, company employees...

Jun 7, '18 by Joerg Schneider-Simon

Cybercriminals are always looking for ways to get through a company’s cybersecurity defenses. And in 2017, Human Resources departments became a prominent victim.

A Petya ransomware variant named “GoldenEye” targeted HR departments, by way of...

May 17, '18 by Joerg Schneider-Simon

Processes and data: These are two things the average government agency has in abundance. And after decades of distributing massive procedural binders and struggling with file and document management, many government departments have found...

May 2, '18 by Joerg Schneider-Simon

Cyberattacks are changing. Previously, a common goal among cyberattackers was to pull off a large-scale attack that would either result in a massive theft or a complete shutdown of the target’s systems. Big and splashy, these attacks would make...

Apr 17, '18 by Joerg Schneider-Simon

Essen Systemhaus (ESH) is the central IT and telephone service provider for the City of Essen in the western region of Germany. Essen, the ninth-largest city in Germany houses a population of almost 600,000, making Essen Systemhaus’s work of...

Apr 4, '18 by Joerg Schneider-Simon

Anybody who has ever visited a web page has likely been redirected at some point, such as when older links get redirected to updated ones or visiting a “My Account” page redirects to the login page. Even on apps, this is common: When logging into...

Mar 22, '18 by Joerg Schneider-Simon

Phoenix Contact, headquartered in Blomberg, Germany, is the world leader in electrical connection technology. Their passion drives them to deliver the most innovative, highest quality connection technology that helps clients in industries such as...

Feb 27, '18 by Joerg Schneider-Simon

The prevalence of cybersecurity breaches in the news has attracted a lot of notice, even from people who aren’t normally tasked with keeping their finger on the pulse of the cybersecurity world. Indeed, high-profile and costly cyberattacks have...

Feb 9, '18 by Joerg Schneider-Simon

2017 opened everybody’s eyes to the rising threat of cyberattacks. Between the WannaCry ransomware attack and the massive Equifax data breach, companies around the globe realized that when it comes to cybersecurity, the status quo is no longer an...

Jan 25, '18 by Joerg Schneider-Simon

ERP security has long been focused on operational issues, such as permissions and segregation of duties. That may no longer be enough to keep organizations safe.

2017 was filled with headlines about major data breaches and cyberattacks, and it’s...

Dec 20, '17 by Joerg Schneider-Simon

Companies around the globe choose SAP to streamline and standardize their everyday activities like workflows, purchasing, and staffing, saving an enormous amount of time and effort.

However, SAP is also a preferred target for cyberattacks.

And...

Dec 12, '17 by Joerg Schneider-Simon

For decades, businesses and individuals have turned to Microsoft Office to create documents, spreadsheets, databases, and more. And as new cybersecurity threats have arisen, Microsoft has issued updates and patches to address those threats.

Nov 23, '17 by Joerg Schneider-Simon

Part of what makes SAP so convenient is the ability for external users, like suppliers or job applicants, to upload files. This feature, however, can be a double-edged sword: While legitimate users can upload purchase orders and resumes,...

Nov 13, '17 by Joerg Schneider-Simon

We’ve all encountered instances of a malware attack on a friend’s or relative’s home computer — or even on our own. Personal cybersecurity breaches can be inconvenient and distressing, especially if they result in frustrating identity theft or...

Oct 30, '17 by Joerg Schneider-Simon

October is cybersecurity awareness month. We look at Equifax’s cybersecurity nightmare and how your SAP system may put you at similar risk.

It has been only about a month since Equifax went public with news of a security breach that affected over...

Oct 19, '17 by Joerg Schneider-Simon

Staying on top of SAP cybersecurity requires unceasing vigilance. This year’s SAPinsider Events offer an excellent opportunity to learn the latest news on the industry’s biggest threats and smartest best practices.

Oct 17, '17 by Joerg Schneider-Simon

October is Cybersecurity Awareness Month. We take a look at the explosive growth of cybercrime as a service and how it puts your SAP system at risk.

We live in an age where we can outsource just about anything. From virtual assistants to lawn...

Oct 11, '17 by Joerg Schneider-Simon

Technology security professionals see a staggering variety of cyberattacks and are constantly on guard for new threats on the horizon. But even the most weathered IT pro feels a rise in blood pressure when they hear this phrase: cross-site...

Sep 21, '17 by Joerg Schneider-Simon

SAP recently issued a security note addressing a vulnerability in the SAP E-Recruiting application: 

“When a user registers to the e-recruiting application, he/she receives a link by email to confirm access to the provided email address....

Aug 29, '17 by Joerg Schneider-Simon

Many businesses rely on SAP CRM (Customer Relationship Management) and SRM (Supplier Relationship Management) applications to manage workflows, standardize processes and centralize data. But, while these applications are eminently useful, they...

Aug 7, '17 by Joerg Schneider-Simon

Petya. No-Petya. WannaCry. Locky. The names alone are enough to make any IT professional’s senses leap to high alert.

Jul 19, '17 by Joerg Schneider-Simon

Considering how SAP systems are often interlinked with critical financial data, human resources records, and even vital infrastructure, a cyberattack could be devastating.

Jul 12, '17 by Joerg Schneider-Simon

Sharing files is a common part of any company’s day. Documents are shared between departments, invoices are sent from suppliers, and resumes are sent from candidates. Departments such as Accounts Receivable, HR, Procurement, and more all handle...

May 9, '17 by Joerg Schneider-Simon

Directory traversals are one of the most common SAP cybersecurity attacks, accounting for 20% of the security notes published by SAP. In these attacks, cybercriminals gain unwanted access to sensitive files or system directories, potentially...

Apr 13, '17 by Joerg Schneider-Simon

External cybersecurity threats pose a very real risk to SAP systems of all sizes. One of the most common vehicles for hackers is the injection attack – both SQL injections and OS command injections. Preventing these attacks requires proactive...

Mar 15, '17 by Joerg Schneider-Simon

If you’re a manager tasked with SAP security, it’s likely that you spend a significant amount of time focused on internal and process-based security threats. However, you may be unaware of the external cybersecurity threats that can put your...

Feb 21, '17 by Joerg Schneider-Simon

In years past, corporate IT departments exerted complete control over who used their SAP applications. Any endpoint that accessed SAP was known and secured. As a result, managers tasked with SAP security were concerned about internal business-...

Jan 25, '17 by Joerg Schneider-Simon

Many users safely employ macros to streamline repetitive processes. Unfortunately, many cybercriminals also use macros to hide malicious code in an attempt to steal information or money.

After several quiet years, macro malware is experiencing a...

Jan 3, '17 by Joerg Schneider-Simon

In late November 2016, the low-tech ransomware program “Locky” began spreading via scalable vector graphics (SVG) images sent through Facebook Messenger.