EP-11 #CyberKriya Podcast - #SAPCyberSecurity- The Practitioner's Voice with Nipun Mahajan
Keywords:
SAP cybersecurity, Nipun Mahajan, cybersecurity journey, volunteer work, shared responsibility model, cloud security, SAP security, business understanding, mentorship, career advice
Summary:
In this episode of the CyberKriya podcast, host Gaurav Singh welcomes cybersecurity expert Nipun Mahajan to discuss his journey in SAP cybersecurity, the importance of understanding business processes, and the role of volunteer work in professional development. Nipun shares insights on the shared responsibility model in cloud security, offers advice for aspiring cybersecurity professionals, and emphasizes the need for continuous learning in the evolving landscape of SAP security.
Key Takeaways:
Nipun Mahajan emphasizes the importance of understanding business processes in cybersecurity.
Volunteer work can open unexpected doors in one's career.
The shared responsibility model is crucial for cloud security.
Continuous learning is essential in the rapidly changing field of cybersecurity.
Networking and mentorship can significantly impact career growth.
SAP security professionals must understand both technical and business aspects.
Asking the right questions during transformation projects is vital.
Cybersecurity is a shared responsibility between the customer and the service provider.
Engaging with professional communities can enhance knowledge and opportunities.
Understanding controls is critical for effective cybersecurity management.
Titles:
Navigating the World of SAP Cybersecurity
From SAP Security to Cybersecurity: Nipun Mahajan's Journey
Sound bites
"Life is like a box of chocolate."
"The customer is always responsible."
"You cannot assume anything."
Chapters:
00:00 Introduction to Cybersecurity and SAP
02:35 Nipun Mahajan's Journey in Cybersecurity
05:17 The Importance of Business Understanding in Cybersecurity
07:56 Volunteer Work and Community Engagement
10:35 Current Trends in SAP Cybersecurity
12:51 Shared Responsibility in Cloud Security
15:12 Advice for Aspiring Cybersecurity Professionals
18:08 The Future of SAP Security and Cybersecurity Careers
19:00 Volunteer
24:00 SAP Cyber brings business acumen too
28:00 Where does SAPCyber sits in Org
29:00 Opening the Gates in Cloud SAP World
32:00 Shared Responsibility Model
34:00 Business Continuity
36:00 RISE Know what CAS Services you need
37:30 Segmentation even in RISE(VLAN, VPC)
37:45 Who owns the responsibility
38:10 Get Network segmentation even in RISE
42:00 Learn from Each Other - Community
42:48 The S4 Transformation is Coming
Disclaimer:
The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes β no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.
EP-10 #CyberKriya Podcast- "Modernizing SAP with AWS" - A Deep Dive with Tushar Srivastava
Keywords:
Cybersecurity, SAP, AWS, storytelling, professional growth, networking, cloud transformation, technical writing, book review, career advice
Summary:
In this episode of CyberKriya, host Gaurav Singh engages in a deep conversation with Tushar Srivastava, an expert in SAP and AWS. They discuss Tushar's professional journey, the importance of storytelling in technical writing, and the challenges of migrating SAP to the cloud. Tushar shares insights from his book, 'Modernizing SAP with AWS', emphasizing the need for effective communication and networking in professional growth. The conversation also highlights the significance of understanding business needs in cybersecurity and the value of listening in sales and technical roles.
Key Takeaways:
Storytelling can simplify complex technical concepts.
Understanding customer needs is crucial for effective sales.
Networking is essential for professional growth.
Listening attentively can improve communication and relationships.
Every professional role involves some form of sales.
Reading and traveling can broaden perspectives.
Engaging with diverse cultures enhances personal growth.
It's important to step out of your comfort zone.
Cybersecurity professionals should align with business goals.
Building relationships can lead to better collaboration.
Titles
Navigating Cybersecurity and Cloud Transformation
The Art of Storytelling in Technical Writing
Sound bites
"I thought maybe this is a good challenge."
"You need to be a good listener."
"You have to go out and meet people."
Chapters:
00:00 Introduction to CyberKriya and Guest Introduction
01:28 Tushar Srivastava's Professional Background
02:44 Overview of the Book: Modernizing SAP with AWS
08:06 Storytelling in Technical Writing
14:18 Target Audience for the Book
17:08 Customer Case Studies and Insights
21:07 The Importance of Storytelling in Professional Growth
22:37 The Importance of Networking
24:58 Mentorship and Professional Growth
27:17 Sales Skills in Every Role
31:23 Listening as a Key Skill
33:55 Reframing Roles in Cybersecurity
37:04 The Need for Broader Perspectives
39:34 Advice for Young Professionals
Disclaimer:
The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes β no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.
EP-9 #CyberKriya Podcast β"The Infrastructure Guardian" - Julian Petersohn
Keywords: cyber security, SAP, infrastructure security, cloud security, BTP, Cloud Foundry, shared responsibility, firewalls, collaboration, cybersecurity best practices
Summary:
In this episode, Gaurav Singh interviews Julian Petersohn, a principal systems engineer at Fortinet, focusing on the intersection of infrastructure security and SAP applications. They discuss the challenges of securing SAP in the cloud era, the importance of collaboration between cybersecurity and infrastructure teams, and the role of cloud connectors and firewalls in maintaining security. Julian shares insights from his personal journey in cybersecurity and emphasizes the need for a shared responsibility model in securing SAP environments.
Key Takeaways:
Chapters:
00:00 Introduction to Cyber Security and SAP Ecosystem
01:48 The Importance of Infrastructure Security in SAP
04:45 Navigating the RISE Transformation Journey
09:10 Understanding Cloud Connectors and BTP
12:55 Firewalls and Security Measures in SAP
22:07 Exploring BTP and Application Security
23:46 Understanding Cloud Foundry and KEMA
26:00 The Evolution of Cloud Foundry
27:23 BTP Security Challenges
30:29 Collaboration Between SAP and Cybersecurity
32:50 Building Bridges: SAP and Cybersecurity Teams
37:32 Julian's Journey: From Basis to Security Expert
43:27 Final Thoughts on Teamwork and Security
Disclaimer:
The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes β no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.
EP-8 #CyberKriya Podcast βThe SAP GRC Guru - Raghu Boddu
Keywords
SAP, GRC, cybersecurity, risk management, SAP security, Raghu Bodo, S4 transformation, compliance, automation, identity management
Summary
In this episode of CyberKriya, Gaurav Singh interviews Raghu Bodo, an expert in SAP security and GRC. They discuss Raghu's extensive experience in the field, the evolution of SAP security, and the importance of GRC in modern enterprises, especially during S4 transformations. Raghu shares insights on the maturity of GRC products, the challenges faced in current solutions, and the need for enhanced cybersecurity measures. The conversation emphasizes the importance of proactive risk management and the integration of advanced technologies like AI in GRC practices.
Takeaways:
Raghu Bodo has over 29 years of experience in SAP security and GRC.
The evolution of SAP security has seen significant changes from R2 to current versions.
Raghu has authored multiple books on GRC, emphasizing practical applications.
GRC is essential for organizations undergoing S4 transformations.
Current GRC solutions often focus too narrowly on SOD and compliance.
There is a pressing need for enhanced cybersecurity measures in GRC.
AI and advanced technologies can significantly improve GRC practices.
Proactive risk management is crucial for modern enterprises.
Organizations should not rely solely on GRC tools for security.
The threat landscape is evolving, requiring a broader approach to risk management.
Chapters
00:00 Introduction to CyberKriya and Guest Introduction
01:00 Raghu's Journey in SAP Security and GRC
03:37 Transition from BASIS to Security in SAP
06:37 Raghu's Blogging and Authorship Journey
10:25 The Importance of GRC in S4 Transformations
14:16 Maturity of GRC Products and Industry Insights
15:38 Challenges and Limitations of Current GRC Solutions
20:10 The Need for Evolution in GRC Solutions
24:53 Cybersecurity and Risk Management in GRC
26:22 Identifying Risks Beyond GRC
30:32 Transforming GRC in the S4 Landscape
32:09 Building Comprehensive Security Policies
37:09 Proactive Risk Management Strategies
43:04 The Future of GRC and Cybersecurity
Raghu LinkedIn - https://www.linkedin.com/in/bodduraghu/
Gaurav's LinkedIn - https://www.linkedin.com/in/gauravsingh14/
Raghu's GRC Books - https://www.sap-press.com/sap-access-control_5636/author/
Gaurav's Cyber Book - http://sapcybersecuritybook.com/
Disclaimer:
The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes β no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.
EP-7 #CyberKriya Podcast β Empowering Women in Cybersecurity: A Conversation with Britta Simms
Keywords
cybersecurity, SAP security, women in tech, mentorship, global leadership, enterprise security, career advice, SAP transformation, identity governance, data security
Summary
In this episode of CyberKriya, host Gaurav Singh welcomes Britta Simms, a global cybersecurity leader at Accenture. They discuss Britta's journey into cybersecurity, the importance of mentorship, and how to attract new talent to the SAP cybersecurity space. Britta shares her insights on the business side of SAP security, her athletic background, and the significance of community in both sports and professional life. The conversation also covers key advice for aspiring SAP security professionals and the need to integrate security into SAP transformations. Britta emphasizes the importance of communication and education in the field, especially for women in technology.
Takeaways
Britta Simms is a global cybersecurity leader at Accenture.
Mentorship is crucial for career development in cybersecurity.
Attracting new talent to SAP cybersecurity requires education and outreach.
Understanding the business side of SAP security is essential.
Britta's athletic background has positively influenced her professional life.
Communication skills are vital for success in cybersecurity roles.
Security must be integrated into business processes from the start.
The community aspect of sports can enhance professional networking.
Consulting offers valuable learning opportunities in cybersecurity.
Women in tech should pursue careers in cybersecurity without stigma.
Titles
Empowering Women in Cybersecurity: A Conversation with Britta Simms
Navigating the World of SAP Security with Britta Simms
Sound bites
"Don't just take it and do it."
"Security is a marathon, not a sprint."
"We need more women in cybersecurity."
Chapters
00:00 Introduction to CyberKriya and Britta Simms
02:21 Britta Simms: A Global Cybersecurity Leader
07:56 Britta's Journey into Cybersecurity
12:45 The Importance of Mentorship in Cybersecurity
16:11 Attracting New Talent to SAP Cybersecurity
19:19 The Business Awareness in SAP Security
26:14 Britta's Athletic Background and Its Influence
28:16 Journey into Triathlons
31:27 The Importance of Physical Activity
35:14 Navigating SAP Security
44:38 Integrating Security in Transformations
49:11 Key Takeaways for SAP Professionals
Disclaimer:
The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes β no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.
EP -6 #CyberKriya Podcast - Unlocking the Cloud: SAP Cloud Identity Services Mastery with Harjeet Judge
Keywords
Cybersecurity, SAP, BTP, Cloud Identity Services, Identity Management, AI, Jewel, User Lifecycle Management, Authentication, SAP Analytics
Takeaways
Harjeet has over 20 years of experience in SAP.
He transitioned from analytics to BTP security naturally.
Education and training are crucial in cybersecurity.
Cloud Identity Services are essential for SAP solutions.
User lifecycle management is critical for security.
SAP offers free Cloud Identity Services to customers.
Integration with third-party identity providers is possible.
Delegated admin capabilities enhance management of identity services.
AI adoption is driving the need for centralized identity management.
Future SAP solutions will increasingly rely on Cloud Identity Services.
Summary
In this episode of CyberKriya, host Gaurav Singh welcomes Harjeet Chaj, a seasoned expert in SAP and BTP security. They discuss Harjeet's extensive experience in SAP, his transition from analytics to security, and the importance of education in cybersecurity. The conversation delves into Cloud Identity Services, user lifecycle management, and the integration of AI and Jewel within SAP solutions. Harjeet emphasizes the need for centralized identity management and the role of identity services in securing SAP landscapes.
Titles
Navigating the Future of Cybersecurity in SAP
The Evolution of Identity Management in SAP
Sound bites
"Harjeet has over 20 years of experience in SAP."
"Navigating AI and Jewel Integration is essential."
"Identity is the new parameter in the cloud world."
Chapters
00:00 Introduction to CyberKriya and Guest Introduction
03:00 Harjeet's Journey in SAP and Analytics
05:41 Transitioning from Analytics to BTP Security
08:22 The Evolution of Education and Training
11:06 Diving into BTP Security and Cloud Identity Services
13:55 Understanding SAP's Cloud Identity Services Architecture
16:38 Integrating Identity Services with SAP Solutions
19:50 User Lifecycle Management in Cloud Identity Services
22:35 Best Practices for Cloud Identity Services Tenants
25:50 Exploring the Components of Cloud Identity Services
29:11 Migration from Legacy Neo to Cloud Identity Services
31:35 Integrating SuccessFactors with Cloud Identity Services
34:58 The Role of AI in Identity Management
38:06 Value Proposition of Cloud Identity Services
40:41 Management and Ownership of Cloud Identity Services
43:18 Enhancements in Delegated Admin Capabilities
46:03 AI and Jewel Integration with Cloud Identity Services
EP-5 #CyberKriya Podcast - "Breaking SAP to Secure It: A Hacker's Perspective" with Holger Stumm
Keywords: Cybersecurity, SAP Security, Ethical Hacking, API Security, BTP, Cloud Security, Holger Stumm, CyberKriya, Development Skills, Security Processes
Summary:
In this episode of CyberKriya, host Gaurav Singh welcomes Holger Stumm, a seasoned expert in SAP security and cybersecurity. Holger shares his extensive journey in the field, discussing the evolution of SAP and the challenges it faces in cybersecurity. He emphasizes the importance of development skills for cybersecurity professionals and the need for collaboration between security and development teams. The conversation also touches on the significance of curiosity in identifying vulnerabilities, the changing landscape of SAP security with the rise of APIs and cloud technologies, and the necessity for organizations to embrace new technologies and processes. Holger also discusses his recent book on SAP security and offers advice for those looking to enter the field of ethical hacking.
Key Takeaways
Chapters
00:00 Introduction to Cybersecurity in ERP
02:32 Holger Stumm's Journey in SAP and Cybersecurity
10:10 The Importance of Development Skills in Cybersecurity
13:58 Navigating Security Processes and Challenges
19:56 Building a Collaborative Security Culture
23:12 The Evolving Threat Landscape for SAP
30:22 Understanding External Attack Surfaces
37:54 Building a Core Team for Business Security
39:20 Breaking into Cybersecurity: Bug Bounty Programs
40:51 The Importance of a Curious Mind in Hacking
42:12 Exploring Holger's Book on SAP Security
49:37 The Shift to API and Cloud in SAP
53:20 Training for API Hacking and BTP Security
01:01:11 Integrating Non-SAP Talent into BTP Projects
01:06:06 The Future of SAP Security in a Cloud World
Disclaimer:
The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with.
This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes β no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.
EP-4 #CyberKriya Podcast - Gabriele Fiata, The Celebrity of #SAPCyberSecurity
Summary -
In this episode of CyberKriya, Gaurav Singh interviews Gabriele Fiata, a seasoned cybersecurity professional with over 25 years of experience. They discuss the evolution of cybersecurity, the importance of a hacker mindset, and the need for passion and purpose in the field. Gabriele shares insights on SAP security, the changing landscape of cloud security, and the shared responsibility model.
The conversation emphasizes the importance of aligning cybersecurity efforts with business objectives and the need for continuous adaptation in a rapidly changing environment.
Takeaways:
Cybersecurity requires a hacker mindset to succeed.
Finding your purpose in cybersecurity is essential.
The landscape of SAP security is evolving rapidly.
Cloud security offers new opportunities and challenges.
Business objectives should drive cybersecurity strategies.
Awareness of cybersecurity risks has significantly increased over the years.
The shared responsibility model is crucial in cloud security.
Continuous learning and adaptation are necessary in cybersecurity.
Inspiring the next generation is vital for the future of cybersecurity.
Collaboration and community are key to effective cybersecurity.
Chapters
00:00 Introduction to CyberKriya and Guest Introduction
02:28 Gabriele Fiata's Cybersecurity Journey
05:17 The Evolution of Cybersecurity Awareness
09:52 The Hacker Mindset: Key Traits for Success
16:05 Finding Your Passion and Purpose in Cybersecurity
21:33 Expanding the SAP Security Community
23:55 Evolving Threat Landscape in Cybersecurity
24:43 Proactive Security Measures and Risk Management
26:04 Aligning Security with Business Objectives
27:28 Mapping Risks to Business Goals
29:17 The Importance of Cyber Risk Quantification
31:10 Continuous Security Monitoring and Adaptation
33:15 The Role of Threat Intelligence
34:00 Navigating SAP Security Challenges
35:10 CISO's Perspective on ERP Security
36:52 Leveraging Expertise for Effective Security
41:29 Cloud Security and Shared Responsibility
47:29 People, Process, and Technology in Security
50:39 Inspiring the Next Generation of Security Professionals
Ep-3 #CyberKriya Podcast -Mariano "The GodFather of #SAPCyberSecurity "& Gaurav
Summary
In this episode of CyberKriya, host Gaurav Singh interviews Mariano Nunez, co-founder and CEO of Onapsis, discussing the evolution of cybersecurity for SAP systems. They explore Mariano's journey into cybersecurity, the significance of the 2007 Black Hat conference, and the founding of Onapsis. The conversation delves into the challenges of SAP security, the impact of cloud transformation, and the role of AI in both enhancing and threatening cybersecurity.
Mariano shares insights for aspiring cybersecurity professionals and emphasizes the importance of integrating SAP security with broader cybersecurity practices. The episode concludes with recommendations for organizations to assess their SAP security posture and the need for continuous awareness and education in the field.
Takeaways
Mariano Nunez is a pioneer in SAP cybersecurity.
The 2007 Black Hat conference was a pivotal moment for SAP security awareness.
SAP systems are critical and often overlooked in cybersecurity discussions.
AI can be both a tool for defense and a weapon for attackers.
Cloud transformation has increased the attack surface for SAP systems.
Organizations need to integrate SAP security with overall cybersecurity strategies.
Aspiring cybersecurity professionals should find their passion within the field.
Visibility into SAP systems is crucial for detecting threats.
Understanding risk is essential for effective cybersecurity management.
Continuous education and awareness are vital in the evolving cybersecurity landscape.
Chapters
00:00 Introduction to Cybersecurity for SAP
00:58 Mariano Nunez's Journey into Cybersecurity
02:49 The 2007 Black Hat Experience
06:05 The Birth of Onapsis
09:16 The Evolution of SAP Security Awareness
11:16 The Role of AI in Cybersecurity
15:31 Cloud Transformation and Security Challenges
19:12 Advice for Aspiring Cybersecurity Professionals
21:52 The Future of SAP Cybersecurity
26:31 Integrating SAP Security with Cybersecurity
29:15 Starting Your SAP Security Journey
33:14 Final Thoughts and Recommendations
Ep-2 Cyber Kriya Podcast Juan Perez-Etchegoyen(JP) & Gaurav | Author's of BestSeller "Cybersecurity for SAP" SAPPress Book @SAPPRESS_Official Read "Cybersecurity for SAP" Book Read by Authors ----------------------------------------------------------------------------------- Why - Chapter 1 and 2 What - Chapter 3 How - Chapter 4 ---------------------------------------------------------------------------------- 1. LinkedIn Connect with Authors - Juan Perez-Etchegoyen - https://www.linkedin.com/in/jppereze/ Gaurav Singh - https://www.linkedin.com/in/gauravsingh14/ 2. Get the BestSeller @SAPPRESS_Official Book " Cybersecurity for SAP" Book here - www.sapcybersecuritybook.com Use Exclusive Author Coupon Code - SCAUTH15 to get 15% Discount 3. Get the Book on Amazon - https://amzn.to/487PX5O (Disclaimer - Affiliate link) 4. Know More about @OnapsisInc - https://onapsis.com/
CyberKriya Podcast - Episode 1 - Jay(The Magician with the Hat) and Gaurav Welcome to our Inaugural episode of #CyberKriya Podcast, where we bring in experts from #SAPCyberSecurity Tribe to make our community Stronger... Guest : The Magician with the Hat "SAPCyberSecurity" Jay Thoden van Velzen Strategic Advisor to the CSO at SAP | SAP Global Security Leadership Team Host : Gaurav Singh Resources as discussed in Podcast - 1. Jay - LinkedIn - https://www.linkedin.com/in/jay-thoden-van-velzen/ 2. The Agentic AI Blog - that-s-not-what-we-agreed-repudiation-and-agentic-ai-threat-modeling https://community.sap.com/t5/security-and-compliance-blogs/that-s-not-what-we-agreed-repudiation-and-agentic-ai-threat-modeling/ba-p/14208975 - By Ron F. Del Rosario, Head of AI Security for SAP ISBN, and Jay Thoden van Velzen, Technical Advisor, Office of the CSO 3. Cybersecurity for SAP Book by http://sapcybersecuritybook.com/ by https://www.linkedin.com/in/jppereze/ and https://www.linkedin.com/in/gauravsingh14/ Use Exclusive Author Coupon SCAUTH15 to get 15% Discount on any format for the SAPpress book - https://www.sap-press.com/cybersecurity-for-sap_5887/?utm_source=2592&utm_medium=referral&utm_campaign=Authors&utm_content=2592 4. Jay's India Story --- Jay(A Dutchman who Learned Sanskrit in Kashi, Bharat in 90s) https://www.youtube.com/watch?v=DbGOszjBMEI 5. Jaguar Land Rover Cyber Breach - https://www.theguardian.com/business/2025/sep/20/jaguar-land-rover-hack-factories-cybersecurity-jlr DM me at https://www.linkedin.com/in/gauravsingh14/ if you want to be on Podcast