CyberKriya

Gaurav Singh
  • 5.0 (2)
  • TECHNOLOGY

🎙️ Welcome to CyberKriya – the home of enterprise cybersecurity wisdom, one conversation at a time. At CyberKriya, we bring you powerful, no-fluff podcasts and interviews with global experts, trailblazers, and practitioners in SAP Cybersecurity, Cloud Governance, Risk & Compliance, and Digital Resilience. Whether you’re an SAP security leader, cloud architect, or just starting your journey — CyberKriya helps you stay ahead with real stories, real challenges, and real solutions. 🛡️ Topics we cover: • SAP & ERP Cybersecurity • RISE with SAP, BTP & S/4HANA Security • NIST CSF, Zero Trust, IAM, FinOps & GRC • AI for Cybersecurity & Digital Transformation • Career journeys, mentorship & community building 🧠 Hosted by Gaurav ‘Mr G’ Singh – author, global speaker, and CyberKriya founder. 🎧 New episodes every Tuesday – subscribe, hit the bell & join the #SAPCyberSecurity tribe! 🌐 cyberkriya.com | 🎙️ Also on Spotify, Apple Podcasts & LinkedIn. #CyberKriya #SAPCyberSecurity #DigitalResilience #CyberPodcast 🎙️ CyberKriya Podcast Disclaimer The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes — no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.

  1. APR 21

    EP-23 - #CyberKriya Podcast - #SAP #GRC 2026(GRC on HANA) - with Sarvesh

    EP-23 - #CyberKriya Podcast - #SAP #GRC #2026(GRC on HANA) - With Sarveshvaran Rajendran Summary: In this episode, Gaurav Singh hosts Sarvesh Rajendran to unravel the potential of integrating Cloud AI with SAP GRC, showcasing how AI-driven automation and insights are revolutionizing the GRC landscape. They discuss technical architectures, licensing considerations, and the strategic importance of AI in compliance and security management. Key Takeaways : Overview of SAP GRC versions and the end-of-life roadmap for GRC 12.0 by 2027The shift from NetWeaver to S4 HANA as a foundation for GRCHow SAP consolidates multiple products (Audit, Compliance, Business Integrity) into GRC and licensing implicationsIntegration of SAP GRC with non-SAP systems via IAG and the importance of seamless identity managementExplanation of SAP Joule (AI layer) and MCP (Meta Connectivity Platform) architecture for secure, standardized cloud connectionsConnecting MCP to SAP GRC, including security considerations and API managementThe potential of AI to automate audit workflows, threat detection, and decision-makingStrategic advice for customers: whether to embed GRC within S4 HANA or operate on separate systemsThe evolving role of SAP security specialists in AI-driven environments and the importance of early involvement Chapters: 00:00 - Introduction: The convergence of AI and SAP GRC 02:23 - SAP GRC version updates and end-of-life plans 04:02 - Transition from NetWeaver to S4 HANA for GRC and product consolidation 05:57 - SAP GRC licensing impacts and future module integrations 06:56 - Roadmap for GRC and support timelines 10:07 - Handling complex workflows and the role of IAG in hybrid environments 12:02 - Embedding audits and risk modules in S4 HANA: pros and cons 13:41 - Managing license counts and user provisioning strategies 15:55 - Introduction to SAP Joule and AI capabilities in GRC 16:38 - Embedding GRC into S4 HANA vs standalone deployment considerations 19:36 - Strategic system sizing and licensing decisions for GRC on Cloud vs on-premise 20:54 - Connecting SAP GRC with non-SAP systems: security & integration 23:50 - Best practices for managing user data sources and identity platforms 26:23 - The future of SAP security: early involvement & role management 30:05 - AI automation in GRC: opportunities and cautionary notes 37:04 - Connecting Cloud AI (MCP) to SAP GRC: "Why" and "How" 41:40 - The "Jewel" - AI in SAP and the transformative potential of MCP architecture 48:29 - How MCP acts as a bridge for data exchange between SAP and AI 50:43 - Security considerations: API secrets and access controls 53:50 - Cautions regarding AI updates and manual oversight in compliance workflows 55:20 - Starting small with AI integrations to mitigate risks 58:49 - The mindset shift: Automating routine tasks for security professionals 60:14 - The future of AI-driven innovation in SAP security and compliance Disclaimer: The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes — no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.

    1 hr

  2. APR 14

    EP-22 - #CyberKriya Podcast -#SAP #AI Security - with Jay Thoden Van Velzen

    EP-22 - #CyberKriya Podcast -#SAP #AI Security - with Jay Thoden Van Velzen - From Joule to Agentic Frontiers Summary: In this episode, Gaurav Singh is joined by Jay Thoden Van Velzen, a leading expert in agentic AI security at SAP, to explore how AI is transforming enterprise SAP environments. They delve into best practices, security challenges, and how organizations can responsibly adopt AI technologies like Joule within their workflows. Key Takeaways: The evolution of AI in SAP and what differentiates generative AI (GenAI) like JouleKey security and governance considerations when deploying AI in business processesArchitectural strategies for implementing secure, compliant, and effective AI solutionsManaging risks associated with AI misbehavior and malicious use casesPractical steps for customers and security teams to safeguard AI initiativesThe importance of threat modeling, access control, and grounding AI in organizational policiesThe role of deterministic workflows and control points in agentic AI systemsHow to ensure transparency and accountability with logging and audit capabilitiesThe significance of shared responsibility models and vendor risk management in AI deploymentFuture outlook: AI's impact on workforce productivity and strategic decision-making Chapters: (00:04) Introduction(01:09) Differences between traditional AI and Generative AI in SAP—Joule's role(03:19) Security risks in SAP AI such as hallucinations and data leakage(04:10) Grounding Joule's responses in truth for business relevance and security(05:11) How SAP implements privacy and access protections during AI training(06:26) Approaches to prevent privilege escalation and ensure compliant AI behavior(08:51) Architecture of Joule's orchestration layer for controlled AI interactions(15:00) Risks of malicious prompts and how SAP protects against them(25:04) Differentiating malicious from non-malicious usage and handling volumes(26:29) The components of Joule: from developer tools to business application layers(30:17) Human-in-the-loop decision-making and operational safeguards(32:45) Architectural patterns: separating planning and execution for control(38:13) Fail-safes and retries to prevent AI from stepping outside bounds(41:16) Responsibilities of SAP customers and security teams in AI security(49:17) Grounding AI with organizational policies and real documents(52:38) Auditing, logging, and shared responsibility in SAP AI deployments(56:32) Myths and realities about AI replacing jobs—what the data suggests(59:42) Balancing AI's strategic impact with human judgment and creativity. Threat modeling of AI use cases and handling agent misbehavior. Resources for further learning: SAP Responsible AI and related documentation Disclaimer: The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes — no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.

    59 min

  3. APR 7

    EP-21 - #CyberKriya Podcast -SAP BTP Platform Automation - with Christian Lechner

    EP-21 - #CyberKriya Podcast -SAP BTP Platform Automation - with Christian Lechner Summary: Unlock the power of automation on SAP BTP through CLI and Terraform, as Christian Lechner shares insights on infrastructure as code, governance, security, and best practices for both new and existing users. Key Takeaways: Differences between BTP CLI and Terraform for infrastructure managementBest practices for starting your automation journeyHow Terraform supports governance, security, and complianceManaging sub-accounts, entitlements, and roles with Terraform modulesImportance of organizational responsibilities and role segregationUse of policy frameworks like Open Policy Agent for guardrailsStrategies for importing existing infrastructure into Terraform Chapters : 00:00 - Welcome to CyberKriya: Introduction to today's topic on SAP BTP automation02:10 - The role of SAP BTP CLI and Terraform in resource provisioning04:00 - Terraform as industry-standard infrastructure as code tool06:15 - Using Terraform for lifecycle management, including deprovisioning07:30 - Setting up CLI and Terraform: installation and configuration tips08:50 - Best practices for organizations starting their automation journey10:50 - Role of organizational responsibility and responsibility segregation11:45 - Use of technical users for secure automation12:30 - Managing permissions with RBAC and minimizing manual cockpit access14:00 - How Terraform supports governance and policy enforcement15:30 - Role of open-source modules, snippets, and SAP-curated templates16:45 - Importing existing subaccounts and resources into Terraform18:20 - Strategies for incremental adoption in large environments19:45 - Ensuring compliance and auditability using Terraform and policies21:10 - Managing lifecycle of service keys and security best practices23:50 - Using policy frameworks such as Open Policy Agent for security guardrails25:15 - Handling naming conventions and governance with Terraform27:20 - How to create and manage multiple Terraform configurations for different teams28:55 - Interviewing organizational responsibilities for automation governance30:30 - Resources for learning Terraform: SAP courses, GitHub, and documentation32:00 - Building a community: SAP roundtables, GitHub issues, and discussions35:00 - How automation enhances compliance, security, and operational efficiency36:45 - Starting small: importing existing resources and iterative adoption40:00 - Challenges in security, user management, and lifecycle automation44:30 - The critical role of team collaboration between SAP admins and cloud engineers47:45 - Final thoughts: embracing automation for sustainable SAP cloud management Disclaimer: The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes — no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.

    1h 3m

  4. MAR 10

    EP-20 - #CyberKriya Podcast -Women Leader in #Cybersecurity- Rasha Horn

    EP-20 - #CyberKriya Podcast -Women Leader in #Cybersecurity- Rasha Horn #IWD2026 Keywords: cybersecurity, NICE program, community, career ambassador, awareness, personal growth, AI, youth empowerment, Rasha Horn, CyberKriya Summary: In this engaging conversation, Gaurav Singh and Rasha Horn explore the significance of cybersecurity, the importance of community involvement, and the transformative power of the NICE Cybersecurity Career Ambassador Program. Rasha shares her personal journey from being an immigrant to becoming a leader in cybersecurity advocacy, emphasizing the need for awareness and education in digital safety. The discussion highlights the role of individuals in shaping the future of cybersecurity, especially in the context of emerging technologies like AI. Rasha encourages young aspirants to pursue their passions and connect with communities that can support their growth. Key Takeaways: Rasha emphasizes the importance of surrounding yourself with inspiring individuals. Cybersecurity is a field that requires diverse backgrounds and skills. Awareness about digital safety is crucial for children and parents alike. The NICE Cybersecurity Career Ambassador Program is open to everyone, regardless of their background. Community involvement can lead to personal and professional growth in cybersecurity. Cybersecurity is not just about preventing hacks; it's about protecting people. Young people can make a significant impact in the field of cybersecurity. AI will create new challenges in cybersecurity that require human oversight. There are many free resources available for learning about cybersecurity. Persistence and community support are key to overcoming obstacles in pursuing a career. Titles Empowering the Next Generation in Cybersecurity Rasha Horn: A Journey from Immigrant to Cyber Advocate sound bites "You are who you spend time with." "Cybersecurity is not just about money." "We need humans to protect technology." Chapters: 00:00 Introduction to CyberKriya and Rasha Horn 04:15 Rasha's Journey and Background 10:29 The Importance of Cybersecurity Awareness 12:20 NICE Cybersecurity Career Ambassador Program Overview 24:23 The Role of Community in Cybersecurity 30:04 Cybersecurity as a Career and Personal Growth 36:02 The Future of Cybersecurity in the Age of AI 40:22 Encouragement for Young Aspirants 47:26 Celebrating Community and Future Events Disclaimer: The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes — no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.

    54 min

  5. MAR 4

    EP-19 - #CyberKriya Podcast -"No IIT Tag, No Problem, NVIDIA, Yes- Kartik Khurana #Cybersecurity"

    EP-19 - #CyberKriya Podcast -"No IIT Tag, No Problem — How Kartik Khurana Cracked NVIDIA Through #Cybersecurity" Keywords: #cybersecurity, #mentorship, career journey, resilience, continuous learning, networking, overcoming challenges, self-discovery, youth guidance, personal growth Summary: In this episode, Gaurav Singh interviews Kartik Khurana, a young cybersecurity professional who shares his inspiring journey from a tier 3 college in India to working at NVIDIA. Kartik discusses the importance of mentorship, self-discovery, and the challenges he faced along the way. He emphasizes the need for continuous learning, networking, and resilience in the face of failure. The conversation also touches on the expectations placed on young individuals in India and how to navigate them while pursuing one's passion in cybersecurity. Key Takeaways: Start whenever you can. Hard work cannot be replaced. Accept failure and learn from it. Learn from others. Be consistent and persevere. Networking is crucial for growth. Embrace your unique journey. Seek mentorship and guidance. Continuous learning is essential. Don't be afraid to explore different paths. Chapters: 00:00 Introduction to Kartik Khurana's Journey 04:12 Overcoming Challenges from a Tier 3 College 09:25 The Importance of Mentorship and Self-Discovery 16:54 Navigating Expectations and Finding Your Path 23:25 The Role of Continuous Learning and Networking 29:36 Embracing Failure and Building Resilience 36:29 Transitioning into Cybersecurity from Other Fields 42:36 Key Takeaways and Final Thoughts Disclaimer: The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes — no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.

    1 hr

  6. FEB 18

    EP-18 - #CyberKriya Podcast - Securing Non-Human Identities - with Vishal Verma #SAPCyberSecurity

    EP-18 - #CyberKriya Podcast - Securing Non-Human Identities - with Vishal Verma #SAPCyberSecurity Keywords: cybersecurity, SAP, GRC, non-human identities, service keys, BTP security, identity management, governance, risk management, compliance, cloud security Summary: In this episode, Gaurav Singh interviews Vishal Verma, an industry veteran with over 20 years of experience in SAP and GRC. They discuss Vishal's journey in the cybersecurity field, the importance of governance, risk, and compliance (GRC), and the challenges posed by non-human identities and service keys in the BTP environment. The conversation highlights the need for organizations to manage these identities effectively and the solutions being developed to address these challenges. Vishal emphasizes the importance of staying updated with industry trends and the evolving landscape of cybersecurity. Key Takeaways: Vishal Verma has over 20 years of experience in SAP and GRC. GRC is essential for managing risks and compliance in organizations. Non-human identities and service keys pose significant security challenges. Organizations must rotate and protect service keys to prevent breaches. The integration of health and charity through yoga is a personal passion for Vishal. SAP's GRC solutions are tightly integrated with business processes. The future of SAP security lies in understanding non-human identities. Staying updated with industry trends is crucial for cybersecurity professionals. Organizations should measure their security posture around integrations. The community must evolve to address new cybersecurity challenges. Titles: Navigating the Future of Cybersecurity in SAP The Evolution of GRC in the Cloud Era sound bites "You have to take risks, right?" "We are trying to connect health to charity." "These keys must be protected and rotated." Chapters 00:00 Introduction to Cybersecurity and Guest Introduction 02:44 Vishal Verma's Journey in SAP and GRC 05:31 Understanding Governance, Risk, and Compliance (GRC) 11:11 The Importance of Non-Human Identities and Service Keys 16:57 Challenges in BTP Security and Key Management 22:28 Building Solutions for Non-Human Identity Management 28:12 Future of SAP Security and GRC 33:41 Key Takeaways and Closing Remarks Disclaimer: The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes — no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.

    46 min

  7. FEB 10

    EP-17 - #CyberKriya Podcast - Building #Cybersecurity Communities That Matter — with Ken Fishkin

    EP-17 - #CyberKriya Podcast - Building #Cybersecurity Communities That Matter — with Ken Fishkin Keywords: cybersecurity, community, mentorship, career development, internships, education, networking, certifications, leadership, AI Summary: In this engaging conversation, Gaurav Singh interviews Ken Fishkin, a prominent figure in the cybersecurity community, who shares his journey and insights on building a thriving chapter of ISC2 in New Jersey. They discuss the importance of mentorship, community engagement, and various programs that support career development in cybersecurity. Ken emphasizes the significance of inclusivity, innovative educational approaches, and the commitment required for effective leadership. The conversation also touches on the relevance of certifications and staying updated in a rapidly changing technological landscape. Key Takeaways: Ken Fishkin has built a community of over 800 members in the ISC2 New Jersey chapter. The chapter offers various programs, including public speaking workshops and mentoring opportunities. Inclusivity is a key focus, welcoming individuals from diverse backgrounds and experiences. Internship programs have been established to help students and newcomers find job opportunities. Networking events have led to job placements and professional growth for members. The chapter has received recognition for its innovative approach to community building. Ken emphasizes the importance of continuous learning and staying updated with industry trends. Certifications like CISSP can be pursued even without extensive experience, showcasing commitment. Community support and collaboration are vital for personal and professional development. Ken's journey illustrates the impact of passion and dedication in leadership roles. Sound bites "It's about the community!" "It's been a wild ride!" "Stay on top of things!" Chapters: 00:00 Introduction to Cybersecurity Community Leadership 05:20 Building a Thriving Cybersecurity Chapter 10:33 Creating Opportunities: Internships and Mentorships 16:04 Engaging the Next Generation in Cybersecurity 21:00 The Importance of Community and Accountability 26:01 Staying Relevant in a Changing Job Market 32:42 Advice for Career Advancement in Cybersecurity Join the Award Winning and #1 NA ISC2 NJ Chapter Here: https://newjersey.isc2chapters.isc2.org/page/overview Follow and Connect with Ken and Gaurav Here - https://www.linkedin.com/in/kfishkin/ https://www.linkedin.com/in/gauravsingh14/ Disclaimer: The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes — no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.

    37 min

  8. FEB 4

    EP-16 - #CyberKriya Podcast - Securing SAP - The OWASP Way - With Waseem and Julian

    EP-16 - #CyberKriya Podcast - Securing SAP - The OWASP Way - With Waseem and Julian Keywords: cybersecurity, SAP security, OWASP, penetration testing, SAP transformation, cybersecurity framework, information security, enterprise security, security tools, collaborative security Summary: In this episode of CyberKia, host Gaurav Singh welcomes cybersecurity experts Waseem Ajrab and Julian Petersohn to discuss the OWASP Core Business Application Security Project, focusing on SAP security. They explore the importance of collaboration between cybersecurity and SAP teams, the challenges of securing SAP environments, and the resources available through the OWASP project to enhance security practices. The conversation emphasizes the need for a collective approach to cybersecurity, particularly in the context of SAP transformations, and encourages professionals to engage with the OWASP community. Key Takeaways: This is our first multi-guest podcast. Sharing is caring. OWASP is an extensive foundation. SAP is a black box for cyber folks. The OWASP project is an informational tool. We need a place to store information. Security has to be baked in. It takes two to tango. We need collective wisdom. Join the OWASP project if you can. Titles Unlocking SAP Security with OWASP The Future of Cybersecurity in SAP Sound bites "Sharing is caring." "We need collective wisdom." "It takes two to tango." Chapters: 00:00 Introduction to Cybersecurity Podcast 05:03 Understanding the OWASP Project 11:49 Diving into SAP Security 20:27 Exploring the OWASP Core Business Application Security Project 30:52 Navigating SAP Transformation and Security 48:08 Collaboration Between Cybersecurity and SAP Teams Disclaimer: The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes — no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.

    1h 2m
See All (23)

Ratings & Reviews

5
out of 5
2 Ratings

About

🎙️ Welcome to CyberKriya – the home of enterprise cybersecurity wisdom, one conversation at a time. At CyberKriya, we bring you powerful, no-fluff podcasts and interviews with global experts, trailblazers, and practitioners in SAP Cybersecurity, Cloud Governance, Risk & Compliance, and Digital Resilience. Whether you’re an SAP security leader, cloud architect, or just starting your journey — CyberKriya helps you stay ahead with real stories, real challenges, and real solutions. 🛡️ Topics we cover: • SAP & ERP Cybersecurity • RISE with SAP, BTP & S/4HANA Security • NIST CSF, Zero Trust, IAM, FinOps & GRC • AI for Cybersecurity & Digital Transformation • Career journeys, mentorship & community building 🧠 Hosted by Gaurav ‘Mr G’ Singh – author, global speaker, and CyberKriya founder. 🎧 New episodes every Tuesday – subscribe, hit the bell & join the #SAPCyberSecurity tribe! 🌐 cyberkriya.com | 🎙️ Also on Spotify, Apple Podcasts & LinkedIn. #CyberKriya #SAPCyberSecurity #DigitalResilience #CyberPodcast 🎙️ CyberKriya Podcast Disclaimer The views and opinions expressed in this podcast are those of the host and guests and do not necessarily reflect the official policy or position of any organization, employer, or company they are affiliated with. This podcast is intended for informational and educational purposes only. It does not constitute professional, legal, or cybersecurity advice. References to specific companies, products, or technologies are made solely for discussion and illustration purposes — no endorsement or criticism is implied.Listeners are encouraged to consult their own security, legal, or compliance teams before acting on any information shared in this podcast.

Information

  • Creator
    Gaurav Singh
  • Years Active
    2025 - 2026
  • Episodes
    23
  • Rating
    Clean
  • Copyright
    © 2025 Gaurav Singh