ISACA Norway Chapter - Medlemsmøte Oslo 15.mars
Velkommen til ISACA Norway Chapter medlemsmøte!
Møtet avholdes på Brygg- Det vil være mulig å velge serverig fra spennende matboder med Colombiansk- og indisk steetfood.
Vel møtt!
16:15 -16:45
| Velkommen
Registrering
|
| 16:45 -17:00 | Styret informerer
Litt om styrets planlagte arbeid fremover.
|
| 17:00 -17:35 | Why you need a holistic threat intelligence approach to your company risk analysis Russia’s invasion of Ukraine has changed the world of intelligence. Secret services started publish intelligence to effectively share information, communicate, and coordinate the sanctions. Defense and intelligence agencies are struggling with the pace of bureaucracy and private sectors experience threats and get responsibilities they don’t understand or want. By making use of the tradecraft of intelligence specialists, the information needs can be tailored for your company. This will provide your company with proactive and predictive analysis, reducing uncertainty and strengthen the foundation for decision-making. The company assets may not only be critical for your company, but also of national and allied importance. It is important to assess your valuables holistically and strategically against the world picture and geopolitical situation. Cathrine Lagerberg, Senior Manager, Deloitte |
17:35-17:45
| Pause
|
| 17:45 - 18:20 | Threat modeling in a cloud world! Among cyber security processes, threat modeling is often highlighted as one of the most effective. There is a plethora of frameworks and methodologies out there prescribing how to threat model. But how do you actually threat model, what has changed now that the systems are moved into the public cloud and how can an organization realize the full benefit of threat modeling? In this talk Håkon will challenge some common misunderstanding about threat modeling, the cloud threat landscape and unrealized value of the threat models created. Håkon Sørum, O3 Cyber |
18:20-18.30
| Pause
|
| 18:30 -19:05 | Security Debt Malicious actors are finding a greater potential gain in cyber-attacks, making it crucial to implement the necessary security at all needed layers in software products. Being aware of the solutions that do not meet the desired security goal is therefore important. It is important to manage these sub-optimal security solutions properly in order to control them better.
I will present the findings from a case study that was performed in order to find answers regarding these sub-optimal security solutions. The goal was to provide insight into the security debt phenomenon by proposing a definition of security debt, finding a way to manage security debt, and to find the relation between technical debt and security debt. Maren Maritsdatter Kruke, Security Business Analyst, Visma |
19:15 - 19:50
| Hacking ChatGPT
Carsten Maartmann-Moe, Transcendent Group
|
Møtet gir 3 CPE poeng.
