SNOPUD Taps Onapsis for SAP Security 


SNOPUD, a municipal corporation of the state of Washington, is the second largest publicly owned utility in the Pacific Northwest and the 12th largest in the nation providing electric service to 350,000 homes and businesses and water service to more than 23,000 homes.

Cybersecurity and compliance solutions specialist Onapsis announced its latest SAP-focused partnership in the Utility sector with electric and water service provider SNOPUD (Snohomish County Public Utility). Under the PUD’s Connect Up program, Onapsis and the municipal agency seek to streamline SAP security and gain access to strategic threat intelligence through the support of the Onapsis Research Labs (ORL).

On the latest collaborative alliance with SNOPUD, Mariano Nunez, CEO and co-founder of Onapsis, shared that the business application security and compliance market leader will support the utility company in its commitment to deliver uninterrupted services for Snohomish County locals. He detailed:

“SAP applications within the utility sector provide a gold mine of value for cybercriminals and this hasn’t gone unnoticed. It’s no longer a matter of if, but when an attack occurs and there is no time to waste when it comes to embarking on the SAP security journey. SNOPUD sets a prime example of a utility company that is prioritizing the security of its critical business applications and the safety of its customers.”

SNOPUD Taking Measures on SAP Security

As a public agency, SNOPUD was formed and selected by a majority vote of the people to be the major provider of publicly owned electric and water utility service in the county of Snohomish and Camano Island. Employing over 1,000 staff, the utility company has a massive undertaking to cater to over 370,000 customers as of December 2022.

Since 1936, SNOPUD continues its commitment to deliver to its customer-owners quality, environmentally sustainable, and reliable service amidst the fast-evolving Utility sector. In 2019, Connect Up program was established to modernize operations and services, including deploying automated devices on its distribution system and extending communication technology to critical points, as a significant step toward its ambition to be the “Utility of the Future.”

Along with the Connect Up program that leads up to SNOPUD’s security-first digital transformation journey, the agency is ensuring that its critical SAP applications are secured and personal data of its water and energy customers are safe from cybercriminals by leveraging the Onapsis platform. As one of the leading contributors to the SAP product Security Response Team, Onapsis Research Labs will provide threat intelligence via the comprehensive, SaaS-based solution.

Through the Onapsis Platform, the municipal corporation will receive recommendations for patch prioritization and auto-remediate vulnerabilities, with minimal human intervention. This allows the employees to focus on other significant tasks.

“As a security-first company, SNOPUD takes security very seriously–it’s an integral component of our process. Onapsis’ SAP security solutions fit right into our security strategy of locking down our most critical assets,” said Marc Rosson, Enterprise Architect at SNOPUD. “We view security as a team sport and our collaborative partnership with Onapsis will give us the opportunity to work closely both with Onapsis’s experts and its extensive roster of utility customers.”

Kellie Snyder, Chief Customer Officer at Onapsis, mentioned that partnering the utility company is complementary to its increasing utilities customers. She added:

“The SNOPUD-Onapsis partnership marks a significant milestone for the sector, as it demonstrates that SAP security is no longer a nice-to-have, but a crucial component of security strategy.”

Ensuring SAP Security in the Utilities Sector

Angelica Kübel, Field Marketing Specialist EMEA at Onapsis, highlighted in an article that the utility infrastructure, such as informational technology (IT) and operational technology (OT) systems, is a primary target of cyber attacks. The US government tags the energy and water sectors as two of the 16 critical infrastructure sectors, stressing that “their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety.”

According to statistics, the average cost of an energy industry breach reaches around $4.7M, while 94% of energy industry breaches impact personal data, and 25% of energy industry data breaches are caused by Ransomware.

With the Utilities sector undergoing transformation, which usually involves SAP business-critical applications, the service providers are faced with challenges of securing their systems and meeting the current economic, political, and market demands. Aside from increasing ERP system cyberattacks, cloud migration and modernization and understaffing are also critical issues that companies deal with. Many utility companies undertake a cloud transformation journey leveraging SAP S/4HANA, and the SAP RISE Business Transformation Program to cut operational expenses while improving service delivery and enhancing human capital management when deploying field technicians.

Kübel shared three best practices to help utility companies navigate the industry’s pressing challenges:

  • Gain system visibility into cloud, on-premise, and hybrid environments by implementing tools for continuous threat monitoring
  • Employ solutions to gain access to actionable threat intelligence
  • Automate and streamline processes for successful patch management and cloud migrations

Share this post

submit to reddit
scroll to top