Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

How to combine innovation, digitization and security?

44 views

Published on

Digitization has become a key element in international maritime, transport and logistics organizations such as our Dutch customer Van Oord. In their digital journey towards becoming a more data-driven company, Van Oord (www.vanoord.com) is also facing increased cybersecurity risks. The protection of all the data around the globe requires a thorough and structured approach to (cyber) security. During this session you will learn what Van Oord has done to digitize their IT processes and how they managed to get in control transforming data into information in a secure way. Van Oord is a family-owned company in the Netherlands with 150 years of experience as a leading international marine contractor.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

How to combine innovation, digitization and security?

  1. 1. 2 © 2019 FUJITSU How to combine innovation, digitization and security? Edwin Franse | IT Security Officer Van Oord Van Oord ServiceNow journey
  2. 2. 3 © 2019 FUJITSU Strategic choice for ServiceNow
  3. 3. 4 © 2019 FUJITSU Van Oord IT strategy results in ServiceNow roadmap Q2 2018 PARTNER SELECTION & CONTRACTING 2019 2020 Q3 Q4 Q2 Q3 Q4Q1 Q1 ITSM ITOM SECOPS & GRC ITBM Today
  4. 4. 5 © 2019 FUJITSU MyIT Self Service Portal - demo John Doe
  5. 5. Edwin Franse Background 1994 Bachelor of science in electrical engineering 1998 Master of science in technology management March 1998 CMG April 2006 Dutch Ministry of Defense Q4 2017 Van Oord
  6. 6. 8 © 2019 FUJITSU Dredging Netherlands Offshore Wind Offshore From asset to knowledge The Right People Sustainability Vox Data Strategy Mission As a global marine contractor, we are specialised in dredging, oil & gas infrastructure and offshore wind. We work closely and safely with our clients and stakeholders to create innovative and sustainable solutions. Purpose Our purpose is to create a better world for future generations by delivering marine ingenuity. We create We care We work together We succeedValues About Van Oord
  7. 7. 9 © 2019 FUJITSU Van Oord – more than 40 offices worldwide
  8. 8. 10 © 2019 FUJITSU − We operate the world’s most advanced equipment − State-of-the-art vessels − Highest quality and safety and sustainable standards − Continuous investment program − More than 100 vessels Van Oord - equipment
  9. 9. 11 © 2019 FUJITSU Digital Transformation
  10. 10. 12 © 2019 FUJITSU Time (years)-9000 -6000 -4000 -3000 -2000 0 -1000 2000 Population (millions)6000 0 3000 Agricultural revolution Pottery Plow Irrigation 1st City Metallurgy Writing Mathematics Peak of Rome Peak of Greece Internet PC’s Genome Project Nuclear Energy Penicillin DNA Discovered 1st Man on the Moon High-speed Computers Telephone Germ Theory 2nd Agricultural Revolution Automobile Industrial Revolution Airplane Watt Engine Railroads Why?
  11. 11. 13 © 2019 FUJITSU Time Growth In a VUCA world a new entrant promises superior product/service We’re in trouble Business is doing well; stick to what we know and everything will be fine… New entrant fails to deliver on promises We feel confident about our decisions Why?
  12. 12. 14 © 2019 FUJITSU Information Security
  13. 13. 15 © 2019 FUJITSU Information Security within Van Oord - history 15 2017 2017 2018 2021 IT Security Officer Intellectual property theft Awareness at C-level (competition/ innovation) GDPR legislation comes into force Cybersecurity regulations for the maritime industry CIO
  14. 14. 16 © 2019 FUJITSU Organisational Structure Executive Board Innovation Projects / Portfolio Management IT Operations Enterprise architecture Information Security Edwin Franse CIO
  15. 15. 17 © 2019 FUJITSU Information Security – how I see it • Security is not an outcome – it is a capability • Non- compliancy has a meaning • Awareness should motivate – not punish • Can never be an excuse. Not “I told you so” • Awareness is necessary compensating IT • Security should make sense • Security must make it easy – insecure should be harder Security needs to enable and deliver value Unclassified
  16. 16. 18 © 2019 FUJITSU ◼ Permanent digital threat: disruption of society is lurking ◼ Heavenly depending on only small number of vendors ◼ Advanced attack capabilities are freely available ◼ Cyber resilience is not yet at mature level ◼ Geopolitical developments impose threats from state actors Dutch National Coordinator of Counterterrorism and Security 18 https://www.nctv.nl/binaries/CSBN2019_online_tcm31-392768.pdf Unclassified
  17. 17. 19 © 2019 FUJITSU Dutch NCSC
  18. 18. 20 © 2019 FUJITSU Information Security - scope Information Security IT security Vendor Supply Chain Security Personnel Security Physical Security
  19. 19. 21 © 2019 FUJITSU Frameworks – what can one use? 21
  20. 20. 22 © 2019 FUJITSU 22 Prioritized set of actions Foundation Relates to ISO27001 Best practices/ guidelines Best practices/ guidelines Best practices/ guidelines collaboration Choose a framework as foundation (to start with)
  21. 21. 23 © 2019 FUJITSU With this initial selection: all DevOps teams are taking part! Unclassified Center for Information Security Controle
  22. 22. 24 © 2019 FUJITSU Where to start?! source: https://momentumcyber.com/docs/CYBERscape.pdf Unclassified
  23. 23. 25 © 2019 FUJITSU Implementation Service Desk Training Solution Design Integration Consulting Single Pane of Glass Security Operations Governance, Risk & Compliance SIEMaaS Vulnerability Management One Integrated Solution
  24. 24. 26 © 2019 FUJITSU Conclusion ◼ Choose your framework… and stick to it ◼ Choose your security partner… and go for it ◼ Information security is not an outcome, it is a capability ◼ Information security is about delivering value to business ◼ Work with companies in your sector on implementing minimum security controls

×