Why boards should be obsessed with their most ‘boring’ systems

Staff Editor 2026-02-05
Why boards should be obsessed with their most ‘boring’ systems

Why boards should be obsessed with their most ‘boring’ systems

https://cyberscoop.com/boardroom-erp-cybersecurity-sap-ransomware-resilience-op-ed/

Publish Date: 2026-02-05 06:02:00

Source Domain: cyberscoop.com

Following a series of high-profile cyberattacks, boards of directors are now requiring their organizations to take greater responsibility for the risks posed by enterprise resource planning (ERP) systems pose after a series of high-profile cyberattacks. The Jaguar Land Rover (JLR), incident in Sept. 2025 illustrates the severe consequences of such attacks. The cyberattack forced JLR to halt production for six weeks, making it the costliest cyberattack in Britain’s history. The company’s revenue declined 24 percent that quarter, accounting for potentially over a  $1.2 billion drop in earnings, and subsequently reported a 43.3% wholesale sales volume drop the following quarter.

For decades, organizations have treated ERP systems like SAP as back-office workhorses. However, the JLR incident—carried out by executed by the cybercrime group ShinyHunters —has thrust ERP systems into the spotlight. That shift in attention is critical: today, 90% of the Fortune 500 use SAP, making these systems “crown jewel” assets that require the highest level of protection.

The threat is escalating. A recent Google Cloud Security report forecasts that ransomware operations specifically designed to target critical enterprise applications such as ERP systems will emerge in 2026, forcing organizations to make quick ransom payments and sacrifice business resilience. 

In our roles as board members, advisers, and cybersecurity CEOs, we’re witnessing a fundamental shift in how organizations approach ERP security: the conversation has moved from compliance to survival. Organizations are grappling with critical question: Who owns the risk? What is our recovery time? Can we patch critical ERP vulnerabilities within 72 hours? Do we have visibility inside the application?

ERP risks are an existential threat

To understand the severity of ERP security risks, the C-suite must first recognize how critical these sytems are. ERP systems are the operating system of…

Source

More Stories

Diaspo #444: From supercomputers to cybersecurity, Asmae Mhassni’s unconventional path

Diaspo #444: From supercomputers to cybersecurity, Asmae Mhassni’s unconventional path

Staff Editor 2026-06-06
Opal Security Raises Million for AI-Native Identity Governance

Opal Security Raises $23 Million for AI-Native Identity Governance

Staff Editor 2026-06-06
Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Staff Editor 2026-06-06

Terms and Conditions - Privacy Policy