Over the last few years there have been indications of rising interest in SAP systems by white hatters and black hatters, and I guess any colour in between. In any case the world has got more dangerous for systems in general, not least because they are increasingly interconnected and exposed in ways that were unthinkable (for most) in the past. Although traditional security solutions remain vital for minimizing the attacks on your system landscape, you can and should assume that there will be unhealthy activity within your defensive perimeters. Determined attackers are likely to get through eventually and the best technical precautions might be nullified by internal personnel or by social engineering tricks.
These are well known dangers, and there appears to be a serious gap in the coverage of SAP systems by existing security products. These lack insight into SAP business software and also run up against what is essentially a big-data problem – that is, how to analyse the security-relevant data that exists in the landscape. Later this year, SAP plans to go into ramp-up with a new product designed to address exactly this issue.