CyberKriya

EP-24 - #CyberKriya Podcast - #RISE & #BTP Security Architecture and Hidden blind spots- With Khalid

EP-24 - #CyberKriya Podcast - #SAPCyberSecurity - RISE & BTP Security Architecture and Hidden blind spots- With Khalid Hussain [https://www.linkedin.com/in/ACoAAA_4E6UBjWi9bu-_oaCn8kqiqJw9SDqKp8E] Summary: In this episode, Gaurav Singh hosts Khalid Hussain, a seasoned SAP cybersecurity expert, to discuss the evolving landscape of SAP security in cloud environments, particularly with SAP Rise, BTP, and AI integration. They explore how organizations can proactively secure their SAP landscapes amidst cloud transformation and rising cyber threats. Key Takeaways: * The shared responsibility model in SAP Rise and cloud security best practices * Critical security considerations for SAP S/4HANA migration and cloud transition * Building a SAP BTP Center of Excellence (COE) for governance, automation, and security * The role of network segmentation, firewalls as a service, and real-time monitoring * Emerging risks associated with non-human identities (NHIs) and AI security * Strategies for effective governance, compliance, and collaboration in SAP security Timestamps: 00:00 - Introduction: Khalid Hussain's background and expertise in SAP security 02:16 - Overview of Khalid's experience with Microsoft, AWS, and Accenture 03:42 - The misconception of security in SAP Rise and cloud platforms 05:13 - Importance of integrating security early in the SAP Rise journey 07:54 - The significance of shared responsibility and contractual protections 09:15 - Deciding between standard, premium, and tailored SAP Rise models 10:13 - Preparing for SAP Rise negotiations: identity, data residency, and network security 11:54 - Building secure SAP Rise architecture: network segmentation and infrastructure 13:18 - Managing SAP admin subnets, SAP Cloud Connectors, and admin tooling 15:02 - Firewalls as a service in SAP Rise: placement, management, and cost considerations 16:37 - Cross-cloud security challenges and standardization across environments 20:53 - Establishing a SAP BTP Center of Excellence (COE): team roles and governance 28:12 - The criticality of security contracts and proactive vendor engagement 29:15 - Responsibility ownership: program leads, SAP basis, security, and admin roles 31:54 - The impact of AI integration in SAP BTP and governance for AI security 37:17 - Building a multi-disciplinary SAP BTP COE: application, platform, security, and monitoring teams 40:04 - Dealing with multicloud approaches, standardization, and security controls 44:41 - SAP's platform management, SAP Basis roles, and the need for skilled personnel 48:02 - AI security, governance, and the emerging role of AI architects in SAP 52:22 - The future of non-human identities and automation in SAP security 56:45 - Data privacy, agent security, and managing AI data flows 58:23 - The importance of collaboration, community sharing, and continuous learning in security Disclaimer: The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes — no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.

EP-23 - #CyberKriya Podcast - #SAP #GRC 2026(GRC on HANA) - with Sarvesh

EP-23 - #CyberKriya Podcast - #SAP #GRC #2026(GRC on HANA) - With Sarveshvaran Rajendran Summary: In this episode, Gaurav Singh hosts Sarvesh Rajendran to unravel the potential of integrating Cloud AI with SAP GRC, showcasing how AI-driven automation and insights are revolutionizing the GRC landscape. They discuss technical architectures, licensing considerations, and the strategic importance of AI in compliance and security management. Key Takeaways : * Overview of SAP GRC versions and the end-of-life roadmap for GRC 12.0 by 2027 * The shift from NetWeaver to S4 HANA as a foundation for GRC * How SAP consolidates multiple products (Audit, Compliance, Business Integrity) into GRC and licensing implications * Integration of SAP GRC with non-SAP systems via IAG and the importance of seamless identity management * Explanation of SAP Joule (AI layer) and MCP (Meta Connectivity Platform) architecture for secure, standardized cloud connections * Connecting MCP to SAP GRC, including security considerations and API management * The potential of AI to automate audit workflows, threat detection, and decision-making * Strategic advice for customers: whether to embed GRC within S4 HANA or operate on separate systems * The evolving role of SAP security specialists in AI-driven environments and the importance of early involvement Chapters: 00:00 - Introduction: The convergence of AI and SAP GRC 02:23 - SAP GRC version updates and end-of-life plans 04:02 - Transition from NetWeaver to S4 HANA for GRC and product consolidation 05:57 - SAP GRC licensing impacts and future module integrations 06:56 - Roadmap for GRC and support timelines 10:07 - Handling complex workflows and the role of IAG in hybrid environments 12:02 - Embedding audits and risk modules in S4 HANA: pros and cons 13:41 - Managing license counts and user provisioning strategies 15:55 - Introduction to SAP Joule and AI capabilities in GRC 16:38 - Embedding GRC into S4 HANA vs standalone deployment considerations 19:36 - Strategic system sizing and licensing decisions for GRC on Cloud vs on-premise 20:54 - Connecting SAP GRC with non-SAP systems: security & integration 23:50 - Best practices for managing user data sources and identity platforms 26:23 - The future of SAP security: early involvement & role management 30:05 - AI automation in GRC: opportunities and cautionary notes 37:04 - Connecting Cloud AI (MCP) to SAP GRC: "Why" and "How" 41:40 - The "Jewel" - AI in SAP and the transformative potential of MCP architecture 48:29 - How MCP acts as a bridge for data exchange between SAP and AI 50:43 - Security considerations: API secrets and access controls 53:50 - Cautions regarding AI updates and manual oversight in compliance workflows 55:20 - Starting small with AI integrations to mitigate risks 58:49 - The mindset shift: Automating routine tasks for security professionals 60:14 - The future of AI-driven innovation in SAP security and compliance Disclaimer: The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes — no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.

EP-22 - #CyberKriya Podcast -#SAP #AI Security - with Jay Thoden Van Velzen

EP-22 - #CyberKriya Podcast -#SAP #AI Security - with Jay Thoden Van Velzen - From Joule to Agentic Frontiers Summary: In this episode, Gaurav Singh is joined by Jay Thoden Van Velzen, a leading expert in agentic AI security at SAP, to explore how AI is transforming enterprise SAP environments. They delve into best practices, security challenges, and how organizations can responsibly adopt AI technologies like Joule within their workflows. Key Takeaways: * The evolution of AI in SAP and what differentiates generative AI (GenAI) like Joule * Key security and governance considerations when deploying AI in business processes * Architectural strategies for implementing secure, compliant, and effective AI solutions * Managing risks associated with AI misbehavior and malicious use cases * Practical steps for customers and security teams to safeguard AI initiatives * The importance of threat modeling, access control, and grounding AI in organizational policies * The role of deterministic workflows and control points in agentic AI systems * How to ensure transparency and accountability with logging and audit capabilities * The significance of shared responsibility models and vendor risk management in AI deployment * Future outlook: AI's impact on workforce productivity and strategic decision-making Chapters: * (00:04) Introduction * (01:09) Differences between traditional AI and Generative AI in SAP—Joule's role * (03:19) Security risks in SAP AI such as hallucinations and data leakage * (04:10) Grounding Joule's responses in truth for business relevance and security * (05:11) How SAP implements privacy and access protections during AI training * (06:26) Approaches to prevent privilege escalation and ensure compliant AI behavior * (08:51) Architecture of Joule's orchestration layer for controlled AI interactions * (15:00) Risks of malicious prompts and how SAP protects against them * (25:04) Differentiating malicious from non-malicious usage and handling volumes * (26:29) The components of Joule: from developer tools to business application layers * (30:17) Human-in-the-loop decision-making and operational safeguards * (32:45) Architectural patterns: separating planning and execution for control * (38:13) Fail-safes and retries to prevent AI from stepping outside bounds * (41:16) Responsibilities of SAP customers and security teams in AI security * (49:17) Grounding AI with organizational policies and real documents * (52:38) Auditing, logging, and shared responsibility in SAP AI deployments * (56:32) Myths and realities about AI replacing jobs—what the data suggests * (59:42) Balancing AI's strategic impact with human judgment and creativity. Threat modeling of AI use cases and handling agent misbehavior. Resources for further learning: SAP Responsible AI and related documentation Disclaimer: The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes — no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.

EP-21 - #CyberKriya Podcast -SAP BTP Platform Automation - with Christian Lechner

EP-21 - #CyberKriya Podcast -SAP BTP Platform Automation - with Christian Lechner Summary: Unlock the power of automation on SAP BTP through CLI and Terraform, as Christian Lechner shares insights on infrastructure as code, governance, security, and best practices for both new and existing users. Key Takeaways: * Differences between BTP CLI and Terraform for infrastructure management * Best practices for starting your automation journey * How Terraform supports governance, security, and compliance * Managing sub-accounts, entitlements, and roles with Terraform modules * Importance of organizational responsibilities and role segregation * Use of policy frameworks like Open Policy Agent for guardrails * Strategies for importing existing infrastructure into Terraform Chapters : * 00:00 - Welcome to CyberKriya: Introduction to today's topic on SAP BTP automation * 02:10 - The role of SAP BTP CLI and Terraform in resource provisioning * 04:00 - Terraform as industry-standard infrastructure as code tool * 06:15 - Using Terraform for lifecycle management, including deprovisioning * 07:30 - Setting up CLI and Terraform: installation and configuration tips * 08:50 - Best practices for organizations starting their automation journey * 10:50 - Role of organizational responsibility and responsibility segregation * 11:45 - Use of technical users for secure automation * 12:30 - Managing permissions with RBAC and minimizing manual cockpit access * 14:00 - How Terraform supports governance and policy enforcement * 15:30 - Role of open-source modules, snippets, and SAP-curated templates * 16:45 - Importing existing subaccounts and resources into Terraform * 18:20 - Strategies for incremental adoption in large environments * 19:45 - Ensuring compliance and auditability using Terraform and policies * 21:10 - Managing lifecycle of service keys and security best practices * 23:50 - Using policy frameworks such as Open Policy Agent for security guardrails * 25:15 - Handling naming conventions and governance with Terraform * 27:20 - How to create and manage multiple Terraform configurations for different teams * 28:55 - Interviewing organizational responsibilities for automation governance * 30:30 - Resources for learning Terraform: SAP courses, GitHub, and documentation * 32:00 - Building a community: SAP roundtables, GitHub issues, and discussions * 35:00 - How automation enhances compliance, security, and operational efficiency * 36:45 - Starting small: importing existing resources and iterative adoption * 40:00 - Challenges in security, user management, and lifecycle automation * 44:30 - The critical role of team collaboration between SAP admins and cloud engineers * 47:45 - Final thoughts: embracing automation for sustainable SAP cloud management Disclaimer: The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes — no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast. ----------------------------------------

EP-20 - #CyberKriya Podcast -Women Leader in #Cybersecurity- Rasha Horn

EP-20 - #CyberKriya Podcast -Women Leader in #Cybersecurity- Rasha Horn #IWD2026 Keywords: cybersecurity, NICE program, community, career ambassador, awareness, personal growth, AI, youth empowerment, Rasha Horn, CyberKriya Summary: In this engaging conversation, Gaurav Singh and Rasha Horn explore the significance of cybersecurity, the importance of community involvement, and the transformative power of the NICE Cybersecurity Career Ambassador Program. Rasha shares her personal journey from being an immigrant to becoming a leader in cybersecurity advocacy, emphasizing the need for awareness and education in digital safety. The discussion highlights the role of individuals in shaping the future of cybersecurity, especially in the context of emerging technologies like AI. Rasha encourages young aspirants to pursue their passions and connect with communities that can support their growth. Key Takeaways: Rasha emphasizes the importance of surrounding yourself with inspiring individuals. Cybersecurity is a field that requires diverse backgrounds and skills. Awareness about digital safety is crucial for children and parents alike. The NICE Cybersecurity Career Ambassador Program is open to everyone, regardless of their background. Community involvement can lead to personal and professional growth in cybersecurity. Cybersecurity is not just about preventing hacks; it's about protecting people. Young people can make a significant impact in the field of cybersecurity. AI will create new challenges in cybersecurity that require human oversight. There are many free resources available for learning about cybersecurity. Persistence and community support are key to overcoming obstacles in pursuing a career. Titles Empowering the Next Generation in Cybersecurity Rasha Horn: A Journey from Immigrant to Cyber Advocate sound bites "You are who you spend time with." "Cybersecurity is not just about money." "We need humans to protect technology." Chapters: 00:00 Introduction to CyberKriya and Rasha Horn 04:15 Rasha's Journey and Background 10:29 The Importance of Cybersecurity Awareness 12:20 NICE Cybersecurity Career Ambassador Program Overview 24:23 The Role of Community in Cybersecurity 30:04 Cybersecurity as a Career and Personal Growth 36:02 The Future of Cybersecurity in the Age of AI 40:22 Encouragement for Young Aspirants 47:26 Celebrating Community and Future Events Disclaimer: The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes — no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.