ISACA Norway Chapter - Medlemsmøte Oslo 15.mars
Velkommen til ISACA Norway Chapter medlemsmøte!
Møtet avholdes på Brygg- Det vil være mulig å velge serverig fra spennende matboder med Colombiansk- og indisk steetfood.
Vel møtt!
16:15 -16:45
| Velkommen
Registrering
|
| 16:45 -17:00 | Styret informerer
Litt om styrets planlagte arbeid fremover.
|
| 17:00 -17:45 | TBD |
17:45-18.00
| Pause
|
| 18:00-18:45 | Why you need a holistic and total threat intelligence approach to your company risk analysis Russia’s invasion of Ukraine has changed the world of intelligence. Secret services started publish intelligence to effectively share information, communicate, and coordinate the sanctions. Defense and intelligence agencies are struggling with the pace of bureaucracy and private sectors experience threats and get responsibilities they don’t understand or want. By making use of the tradecraft of intelligence specialists, the information needs can be tailored for your company. This will provide your company with proactive and predictive analysis, reducing uncertainty and strengthen the foundation for decision-making. The company assets may not only be critical for your company, but also of national and allied importance. It is important to assess your valuables holistically and strategically against the world picture and geopolitical situation. Cathrine Lagerberg, Senior Manager, Deloitte |
18:45-19.00
| Pause
|
| 19:00-19:45 | Security Debt Malicious actors are finding a greater potential gain in cyber-attacks, making it crucial to implement the necessary security at all needed layers in software products. Being aware of the solutions that do not meet the desired security goal is therefore important. It is important to manage these sub-optimal security solutions properly in order to control them better.
I will present the findings from a case study that was performed in order to find answers regarding these sub-optimal security solutions. The goal was to provide insight into the security debt phenomenon by proposing a definition of security debt, finding a way to manage security debt, and to find the relation between technical debt and security debt.
The first step in being able to manage security debt properly is to understand what it is, which includes the connection between security debt, security vulnerabilities, and technical debt. In order to manage security debt, it was found that the company's already existing technical debt management process was relevant for security debt management, with some key differences.
Maren Maritsdatter Kruke, Security Business Analyst, Visma |
19:45-
| Diskusjoner og nettverksbygging |
Møtet gir 3 CPE poeng.
