Payment Security 101
Learn about payment fraud and how to prevent it
- Why Eftsure?
-
-
Why Eftsure?
-
Why customers use Eftsure
-
-
- Platform
-
-
Accounts Payable
-
-
-
- Solutions
-
-
By role
-
-
- Resources
-
-
Learn
-
Company
-
-
ERP Statistics: A Huge Risk of Payment Fraud
Niek Dekker
Published : 07 July 2022
Technology is affecting how Accounts Payable teams manage their day-to-day operations. Enterprise Resource Planning (ERP) systems allow you to plan and manage every resource and task you undertake. To counter this trend, each year, more ERP systems are becoming compromised by cyber attacks that gain access to sensitive data.
Let’s look at these ERP statistics to understand better the cybercrime trends and the preventative steps being taken.
Author’s Top Picks
- Of the 64% that have suffered a breach of SAP or Oracle E-Business Suite (EBS), sales data (50%) was most commonly compromised.
- Almost 90% of cyber security experts expect attacks against ERP systems to increase over the near year.
- Up to 50% of ERP implementations fail the first time around, 64% of ERP projects go over budget, and 30% take longer than expected.
- In the last 18 months, 79% of companies have experienced at least one cloud data breach.
ERP Statistics
1. In 2019, the global ERP software market grew by 9%, resulting in a value of approximately $39 billion in total software revenue.
According to Market Share Analysis by Gartner, market leaders suggest that the ERP software market is consistently growing. The reason for the growth is organisations are finding ERP systems more beneficial allowing them to enhance business reporting in their day-to-day tasks.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-1
2. In a survey of IT decision-makers, 53% said ERP was an investment priority, in addition to CRM.
The Computer Weekly IT Priorities survey shows that companies across Europe are committed to upgrading their data centre infrastructure. However, enterprise resource planning remains the strongest category for packaged business applications.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-2
3. 50% of companies are acquiring, upgrading or planning to update ERP systems soon.
The main reasons for updating an ERP system are weak controls and weak functionality as well as the inability to control the risks involved. Upgrading or updating ERP systems is one of the best ways to achieve full ERP security.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-3
4. Of the 64% that have suffered a breach of SAP or Oracle E-Business Suite (EBS), sales data (50%) was most commonly compromised.
Research from Onapsis suggests that SAP and Oracle suffered a data breach resulting in a loss of sales data, HR data, personal customer information, intellectual property and financial data. Additionally, nearly two-thirds of businesses rely on SAP or Oracle. Due to its connection to the web, ERP can pose a security risk.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-4
5. 95% of more than 600 SAP systems tested were vulnerable to attack, mainly because patches had not been applied.
It is best to always have the latest ERP patches applied, as it ensures secure ERP systems. In a situation where ERP software isn’t updated, a data breach is very likely to occur. As a safety measure, companies that install advanced security technologies also need to have accounting protocols in place to minimise the risks of cyberattacks.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-5
6. Almost 90% of cyber security experts expect attacks against ERP systems to increase over the near year.
Cybercriminals prefer to target ERP systems, as well as phishing and brute force attacks. Each year, they come up with new and inventive ways to steal your information or defraud your financial accounts. One of the main causes of a compromised ERP system is that CFOs are unable to monitor their system’s security regularly.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-6
7. Researchers have identified more than 17,000 SAP and Oracle ERP applications exposed on the internet, most of them operated by the world’s largest commercial and government organisations.
The findings shed light on how cybercriminals and hacktivist groups are actively targeting organisations to disrupt business operations. Cybercriminals are likely to compromise ERP systems due to leaked information by third parties and employees.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-7
8. The top 5 Countries exposing SAP Applications to the internet were USA, India, China, Germany and Brazil.
Most of the cyber attacks that occur often happen in the countries listed above. This becomes an ideal testing ground for hackers attempting to target small-range attacks. Large organisations are usually targeted with ERP attacks due to their poor security controls around their ERP environment.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-8
9. 62% believe that their ERP applications have critical vulnerabilities despite attention to patching.
Not focusing on I.T cybersecurity but rather just on general I.T controls can leave a company exposed. Accounts payable teams must apply security patches early to often mitigate ERP systems compromises.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-9
Common ERP Failures Statistics
10. In 2016 Revlon had a disastrous ERP rollout resulting in millions of dollars in lost sales.
Poor maintenance, a lack of budgeting, irregular implementation, or lack of continuous monitoring are some of the causes of ERP failures. In Revlon’s case, it had opted in 2016 to establish connections with a new ERP provider named SAP Hana. A lack of effective controls led to the company losing millions of dollars due to a disastrous event.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-10
11. Up to 50% of ERP implementations fail the first time around, 64% of ERP projects go over budget, and 30% take longer than expected.
ERP implementations can be costly, but failure to budget and secure adequate funding before starting will result in a failed implementation. Most CFOs and AP teams fail to budget the process during the implementation and after.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-11
12. Hershey’s ERP implementation failure was due to attempting to deploy 2 resource planning technologies at once.
During Hershey’s ERP implementation period, the chocolate giant suffered a major failure. Due to the Y2K incident, the firm rushed to complete the project. An attempt to use the resource planning technologies at the same time resulted in failed system testing, data migration and training.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-12
13. Nike’s supply chain issues brought about $100 million in lost revenue.
Early in the 2000s, Nike lost $100 million due to a software glitch in its new upgraded supply chain system ERP solution. Other ERP problems occurred, including bugs and performance difficulties. Millions were lost, but the company also lost millions in lawsuits and had 20% of its stock dropped.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-13
14. Gartner's research has found that globally 55% up to 75% of all ERP projects fail.
For any organisation, ERP failure statistics can be daunting to hear. When it comes to renewing or replacing an ERP system, several factors are involved. A strategic plan must be in place before transitioning to cover all areas during, before and after implementation. Other than technology, employees must be adequately trained.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-14
15. 95% of failed companies dedicate less than 10% of the total budget to education/training/change management when transitioning to an ERP.
One of the main causes of ERP implementation failure is weak budgeting. Poor management communication and short-cutting training programs often lead to a disastrous ERP transition. Employees who aren’t educated on the new software application can pose ERP risks involving compromised systems.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-15
16. 51% of companies experience operational disruption when they go live.
There are several ways organisations can avoid operational disruption. Some of the most successful often implement a sophisticated plan that details all aspects of the execution phase. This usually involves, analysing operational challenges, key business partners that involve communication, building a bulletproof QA process & measuring performance.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-16
17. The two most commonly cited challenges during ERP implementation were insufficient testing and not enough process reengineering.
It’s common for organisations to fail at business process reengineering. When manual working is used to change standard ERP modules, business reengineering can fail. One way organisations can attack this is through a strong pre-planned strategy for parallel engineering.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-17
Cloud ERP Statistics
18. In the last 18 months, 79% of companies have experienced at least one cloud data breach.
CFOs and AP teams must work together as a team to ensure cloud ERP security. To maximise security, CFOs and AP teams shouldn’t solely depend on cloud ERP security. An ongoing awareness program and security culture must be maintained to minimise the chances of cyber-attacks.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-18
19. The same study found that cloud-based ERP systems had a 21% enterprise application growth rate in the public cloud in 2018.
More and more, companies are making the switch from in-house technologies to cloud-based enterprise applications to become more efficient, have more control, and increase accessibility.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-19
20. According to a worldwide survey, around 64% of organisations are known to use SaaS, 21% are known to use Cloud ERP while the rest 15% are known to use on-premises.
On-premise ERP and cloud ERP differ primarily by the location of the data. Some businesses choose cloud-based ERP based on the benefits and features it offers over on-premise. Cloud computing has the advantage of high levels of security.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-20
21. Cloud ERP revenue growth was impacted by the pandemic, with ERP applications for manufacturing showing a 2% decline in revenue overall.
Over the past decade, companies have been gradually adopting next-generation enterprise resource planning (ERP) solutions due to the expectations of traditional ERP vendors. Digitalization and new ways of working have always been important to the business. However, post-COVID-19 ERP systems will accelerate the adoption.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-21
22. 88% of organisations currently using public cloud infrastructure services.
Many companies still view cloud ERP systems as more secure and resilient environments even after well-publicised incidents of cloud ERP data loss. According to Oracle, 40% of respondents agree that public clouds are much more secure. Security teams and IT professionals are still wary of the cloud-based threat.
Copy link
https://eftsure.com/statistics/erp-statistics/#section-22
