ERP systems expose firms to industrial espionage

Black Hat

IT chiefs have been warned that it is their mission-critical systems that pose one of the greatest security risks to the enterprise, with the complexity of patching enterprise resource planning (ERP) applications presenting an opening to cyber thieves.

Speaking at the Black Hat DC security conference this week, Alexander Polyakov of the ERPScan research team and Val Smith of Attack Research showed that the customizations and complexity of ERP systems increased the risk that attackers would be able to bypass authentication processes or exploit misconfigurations.