SlideShare a Scribd company logo

It security

L
Lars Krag Kongsgaard

An Overview - From Identification to Authorization (and General Data Protection Regulation (GDPR))

Business
1 of 5
Download to read offline
IT SECURITY – AN OVERVIEW INSPIRATION FROM ISO 2700X - DR. DANIEL SOPER – ”NYE SIKKERHEDSMODELLER” - GDPR LARS KRAG KONGSGAARD - SENIOR PROJECT MANAGER 1
IT SECURITY • Tenets • Threats • Attacks • Availability • Cryptographic • Monitoring • Roles • Access Models • Recovery • Continuity • Medias • Platform • Points • Nodes • Devices • Protocols • Segmentations • Detection • Controls • Changes • Configurations • Incidents • Assessments • Risk Management • Applications • Databases • Devices • Networks • Operating Systems • Configurations • End Points • Health • Safety • Environment • Surveillance • Control • Deterrence • Site • Barriers • Mounting • Cooling • Power • Transmission Essentials Architecture Governance Hardening Physics LARS KRAG KONGSGAARD - SENIOR PROJECT MANAGER 2
NEW PARADIGM - FROM IDENTIFICATION TO AUTHORIZATION • Authorization based on validation • Prevention based on segmentation • Security by design • Privacy by design • Credentials depending on Context LARS KRAG KONGSGAARD - SENIOR PROJECT MANAGER 3
NEW MODELS FOR SECURITY FROM IDENTIFICATION TO AUTHORIZATION • Properties • Authentication • Responsibility • Communication Channel • Integrity • Responsibility • Role • Information • Validity • Private Key • Authorization per transaction • Pseudonyms • Authorization disconnection from Identification • Semantic Interoperability • Stakeholder Segmentation • Stakeholder- based Metadata • Implicit - no action for User • Context dependent Credentials • Transaction Segmentation • Information disclosure based on need • Purpose-specific Keys • Transaction Context • Transparency • User control • Consent • Code of conduct • Virtual Identity • Information Level Negotiation • Data Enrichment Control • Positive Properties • Negative Properties • Holder • Situation • Issuer • Usage • Protocol • Selective Disclosure • Undeniability • Verifiable Encryption Authorization Prevention Privacy by Design Security by Design Credentials LARS KRAG KONGSGAARD - SENIOR PROJECT MANAGER 4
ENHANCED GENERAL DATA PROTECTION REGULATION (GDPR) AGREED BY EUROPEAN PARLIAMENT. • Deadline: GDPR compliance before May 25, 2018 • Failure: GDPR compliance failure subject to penalties and fines • Application: European Union (consumer and personal data across EU nations) • Key Requirements for GDPR privacy and data protection: • Consent of subjects for data processing • Privacy Protection by means of Anonymizing collected data • Data breach notifications • Safe transfer of data across borders • Appointment of officer for GDPR compliance data protection for certain companies LARS KRAG KONGSGAARD - SENIOR PROJECT MANAGER 5

Recommended

See Web Security Trend from OWASP Top 10 - 2017
See Web Security Trend from OWASP Top 10 - 2017See Web Security Trend from OWASP Top 10 - 2017
See Web Security Trend from OWASP Top 10 - 2017
Chia-Lung Hsieh
 
OWASP Nagpur Meet #4
OWASP Nagpur Meet #4 OWASP Nagpur Meet #4
OWASP Nagpur Meet #4
OWASP Nagpur
 
apidays LIVE New York 2021 - Securing access to high performing API in a regu...
apidays LIVE New York 2021 - Securing access to high performing API in a regu...apidays LIVE New York 2021 - Securing access to high performing API in a regu...
apidays LIVE New York 2021 - Securing access to high performing API in a regu...
apidays
 
Secure Your Web Applications and Achieve Compliance
Secure Your Web Applications and Achieve Compliance Secure Your Web Applications and Achieve Compliance
Secure Your Web Applications and Achieve Compliance
Avi Networks
 
Investigating and Recovering from a Potential Hybrid AD Security Breach
Investigating and Recovering from a Potential Hybrid AD Security BreachInvestigating and Recovering from a Potential Hybrid AD Security Breach
Investigating and Recovering from a Potential Hybrid AD Security Breach
Quest
 
Hallwaze security snapshot
Hallwaze security snapshotHallwaze security snapshot
Hallwaze security snapshot
hallwaze_1
 
CASBs - A New Hope
CASBs - A New HopeCASBs - A New Hope
CASBs - A New Hope
Bitglass
 
CASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the CloudCASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the Cloud
Bitglass
 

Recommended

See Web Security Trend from OWASP Top 10 - 2017
See Web Security Trend from OWASP Top 10 - 2017See Web Security Trend from OWASP Top 10 - 2017
See Web Security Trend from OWASP Top 10 - 2017
Chia-Lung Hsieh
 
OWASP Nagpur Meet #4
OWASP Nagpur Meet #4 OWASP Nagpur Meet #4
OWASP Nagpur Meet #4
OWASP Nagpur
 
apidays LIVE New York 2021 - Securing access to high performing API in a regu...
apidays LIVE New York 2021 - Securing access to high performing API in a regu...apidays LIVE New York 2021 - Securing access to high performing API in a regu...
apidays LIVE New York 2021 - Securing access to high performing API in a regu...
apidays
 
Secure Your Web Applications and Achieve Compliance
Secure Your Web Applications and Achieve Compliance Secure Your Web Applications and Achieve Compliance
Secure Your Web Applications and Achieve Compliance
Avi Networks
 
Investigating and Recovering from a Potential Hybrid AD Security Breach
Investigating and Recovering from a Potential Hybrid AD Security BreachInvestigating and Recovering from a Potential Hybrid AD Security Breach
Investigating and Recovering from a Potential Hybrid AD Security Breach
Quest
 
Hallwaze security snapshot
Hallwaze security snapshotHallwaze security snapshot
Hallwaze security snapshot
hallwaze_1
 
CASBs - A New Hope
CASBs - A New HopeCASBs - A New Hope
CASBs - A New Hope
Bitglass
 
CASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the CloudCASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the Cloud
Bitglass
 
CASBs: Real World Use Cases
CASBs: Real World Use CasesCASBs: Real World Use Cases
CASBs: Real World Use Cases
Bitglass
 
CASBs: Critical Capabilities - in partnership with ISC(2)
CASBs: Critical Capabilities - in partnership with ISC(2)CASBs: Critical Capabilities - in partnership with ISC(2)
CASBs: Critical Capabilities - in partnership with ISC(2)
Bitglass
 
4 Essential Components of Office 365 Security
4 Essential Components of Office 365 Security4 Essential Components of Office 365 Security
4 Essential Components of Office 365 Security
Bitglass
 
O365 security and privacy de_novo_event_july2014
O365 security and privacy de_novo_event_july2014O365 security and privacy de_novo_event_july2014
O365 security and privacy de_novo_event_july2014
Alexey Vlasenko
 
ISC(2) Security Briefing Part 2 - CASBs: Real-world use cases
ISC(2) Security Briefing Part 2 - CASBs: Real-world use casesISC(2) Security Briefing Part 2 - CASBs: Real-world use cases
ISC(2) Security Briefing Part 2 - CASBs: Real-world use cases
Bitglass
 
Closing the Cloud Security Gap with a CASB (in partnership with Forrester)
Closing the Cloud Security Gap with a CASB (in partnership with Forrester)Closing the Cloud Security Gap with a CASB (in partnership with Forrester)
Closing the Cloud Security Gap with a CASB (in partnership with Forrester)
Bitglass
 
NTXISSACSC4 - Layered Security / Defense in Depth
NTXISSACSC4 - Layered Security / Defense in DepthNTXISSACSC4 - Layered Security / Defense in Depth
NTXISSACSC4 - Layered Security / Defense in Depth
North Texas Chapter of the ISSA
 
Office 365 Security: How to Safeguard Your Data
Office 365 Security: How to Safeguard Your DataOffice 365 Security: How to Safeguard Your Data
Office 365 Security: How to Safeguard Your Data
Bitglass
 
Cloud security
Cloud securityCloud security
Cloud security
BikashPokharel3
 
How Privacy in the Cloud Affects End-Users
How Privacy in the Cloud Affects End-UsersHow Privacy in the Cloud Affects End-Users
How Privacy in the Cloud Affects End-Users
WSO2
 
Raabit and bacteria
Raabit and bacteriaRaabit and bacteria
Raabit and bacteria
sabin kafle
 
Preventing Data Cloud Breaches with Zero Trust
Preventing Data Cloud Breaches with Zero TrustPreventing Data Cloud Breaches with Zero Trust
Preventing Data Cloud Breaches with Zero Trust
Sara Goodison
 
Ijcis -->cfp
Ijcis -->cfp Ijcis -->cfp
Ijcis -->cfp
JonesSmith7
 
CSA Presentation - Software Defined Perimeter
CSA Presentation - Software Defined PerimeterCSA Presentation - Software Defined Perimeter
CSA Presentation - Software Defined Perimeter
Vishwas Manral
 
Cas 4
Cas 4Cas 4
Cas 4
Byju Antony
 
The Shifting Landscape of PoS MalwareOutput
The Shifting Landscape of PoS MalwareOutputThe Shifting Landscape of PoS MalwareOutput
The Shifting Landscape of PoS MalwareOutput
Silas Cutler
 
Qpazz introduction
Qpazz introductionQpazz introduction
Qpazz introduction
fbolk
 
Learning about Security and Compliance in Office 365
Learning about Security and Compliance in Office 365Learning about Security and Compliance in Office 365
Learning about Security and Compliance in Office 365
Aptera Inc
 
securing the cloud for financial services
securing the cloud for financial servicessecuring the cloud for financial services
securing the cloud for financial services
Bitglass
 
Cloud computing tp ny
Cloud computing tp nyCloud computing tp ny
Cloud computing tp nyprekubatortto
 
2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt
2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt
2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt
sikandar girgoukar
 
2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt
2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt
2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt
SharudinBoriak1
 

More Related Content

What's hot

CASBs: Real World Use Cases
CASBs: Real World Use CasesCASBs: Real World Use Cases
CASBs: Real World Use Cases
Bitglass
 
CASBs: Critical Capabilities - in partnership with ISC(2)
CASBs: Critical Capabilities - in partnership with ISC(2)CASBs: Critical Capabilities - in partnership with ISC(2)
CASBs: Critical Capabilities - in partnership with ISC(2)
Bitglass
 
4 Essential Components of Office 365 Security
4 Essential Components of Office 365 Security4 Essential Components of Office 365 Security
4 Essential Components of Office 365 Security
Bitglass
 
O365 security and privacy de_novo_event_july2014
O365 security and privacy de_novo_event_july2014O365 security and privacy de_novo_event_july2014
O365 security and privacy de_novo_event_july2014
Alexey Vlasenko
 
ISC(2) Security Briefing Part 2 - CASBs: Real-world use cases
ISC(2) Security Briefing Part 2 - CASBs: Real-world use casesISC(2) Security Briefing Part 2 - CASBs: Real-world use cases
ISC(2) Security Briefing Part 2 - CASBs: Real-world use cases
Bitglass
 
Closing the Cloud Security Gap with a CASB (in partnership with Forrester)
Closing the Cloud Security Gap with a CASB (in partnership with Forrester)Closing the Cloud Security Gap with a CASB (in partnership with Forrester)
Closing the Cloud Security Gap with a CASB (in partnership with Forrester)
Bitglass
 
NTXISSACSC4 - Layered Security / Defense in Depth
NTXISSACSC4 - Layered Security / Defense in DepthNTXISSACSC4 - Layered Security / Defense in Depth
NTXISSACSC4 - Layered Security / Defense in Depth
North Texas Chapter of the ISSA
 
Office 365 Security: How to Safeguard Your Data
Office 365 Security: How to Safeguard Your DataOffice 365 Security: How to Safeguard Your Data
Office 365 Security: How to Safeguard Your Data
Bitglass
 
Cloud security
Cloud securityCloud security
Cloud security
BikashPokharel3
 
How Privacy in the Cloud Affects End-Users
How Privacy in the Cloud Affects End-UsersHow Privacy in the Cloud Affects End-Users
How Privacy in the Cloud Affects End-Users
WSO2
 
Raabit and bacteria
Raabit and bacteriaRaabit and bacteria
Raabit and bacteria
sabin kafle
 
Preventing Data Cloud Breaches with Zero Trust
Preventing Data Cloud Breaches with Zero TrustPreventing Data Cloud Breaches with Zero Trust
Preventing Data Cloud Breaches with Zero Trust
Sara Goodison
 
Ijcis -->cfp
Ijcis -->cfp Ijcis -->cfp
Ijcis -->cfp
JonesSmith7
 
CSA Presentation - Software Defined Perimeter
CSA Presentation - Software Defined PerimeterCSA Presentation - Software Defined Perimeter
CSA Presentation - Software Defined Perimeter
Vishwas Manral
 
Cas 4
Cas 4Cas 4
Cas 4
Byju Antony
 
The Shifting Landscape of PoS MalwareOutput
The Shifting Landscape of PoS MalwareOutputThe Shifting Landscape of PoS MalwareOutput
The Shifting Landscape of PoS MalwareOutput
Silas Cutler
 
Qpazz introduction
Qpazz introductionQpazz introduction
Qpazz introduction
fbolk
 
Learning about Security and Compliance in Office 365
Learning about Security and Compliance in Office 365Learning about Security and Compliance in Office 365
Learning about Security and Compliance in Office 365
Aptera Inc
 
securing the cloud for financial services
securing the cloud for financial servicessecuring the cloud for financial services
securing the cloud for financial services
Bitglass
 
Cloud computing tp ny
Cloud computing tp nyCloud computing tp ny
Cloud computing tp nyprekubatortto
 

What's hot (20)

CASBs: Real World Use Cases
CASBs: Real World Use CasesCASBs: Real World Use Cases
CASBs: Real World Use Cases
 
CASBs: Critical Capabilities - in partnership with ISC(2)
CASBs: Critical Capabilities - in partnership with ISC(2)CASBs: Critical Capabilities - in partnership with ISC(2)
CASBs: Critical Capabilities - in partnership with ISC(2)
 
4 Essential Components of Office 365 Security
4 Essential Components of Office 365 Security4 Essential Components of Office 365 Security
4 Essential Components of Office 365 Security
 
O365 security and privacy de_novo_event_july2014
O365 security and privacy de_novo_event_july2014O365 security and privacy de_novo_event_july2014
O365 security and privacy de_novo_event_july2014
 
ISC(2) Security Briefing Part 2 - CASBs: Real-world use cases
ISC(2) Security Briefing Part 2 - CASBs: Real-world use casesISC(2) Security Briefing Part 2 - CASBs: Real-world use cases
ISC(2) Security Briefing Part 2 - CASBs: Real-world use cases
 
Closing the Cloud Security Gap with a CASB (in partnership with Forrester)
Closing the Cloud Security Gap with a CASB (in partnership with Forrester)Closing the Cloud Security Gap with a CASB (in partnership with Forrester)
Closing the Cloud Security Gap with a CASB (in partnership with Forrester)
 
NTXISSACSC4 - Layered Security / Defense in Depth
NTXISSACSC4 - Layered Security / Defense in DepthNTXISSACSC4 - Layered Security / Defense in Depth
NTXISSACSC4 - Layered Security / Defense in Depth
 
Office 365 Security: How to Safeguard Your Data
Office 365 Security: How to Safeguard Your DataOffice 365 Security: How to Safeguard Your Data
Office 365 Security: How to Safeguard Your Data
 
Cloud security
Cloud securityCloud security
Cloud security
 
How Privacy in the Cloud Affects End-Users
How Privacy in the Cloud Affects End-UsersHow Privacy in the Cloud Affects End-Users
How Privacy in the Cloud Affects End-Users
 
Raabit and bacteria
Raabit and bacteriaRaabit and bacteria
Raabit and bacteria
 
Preventing Data Cloud Breaches with Zero Trust
Preventing Data Cloud Breaches with Zero TrustPreventing Data Cloud Breaches with Zero Trust
Preventing Data Cloud Breaches with Zero Trust
 
Ijcis -->cfp
Ijcis -->cfp Ijcis -->cfp
Ijcis -->cfp
 
CSA Presentation - Software Defined Perimeter
CSA Presentation - Software Defined PerimeterCSA Presentation - Software Defined Perimeter
CSA Presentation - Software Defined Perimeter
 
Cas 4
Cas 4Cas 4
Cas 4
 
The Shifting Landscape of PoS MalwareOutput
The Shifting Landscape of PoS MalwareOutputThe Shifting Landscape of PoS MalwareOutput
The Shifting Landscape of PoS MalwareOutput
 
Qpazz introduction
Qpazz introductionQpazz introduction
Qpazz introduction
 
Learning about Security and Compliance in Office 365
Learning about Security and Compliance in Office 365Learning about Security and Compliance in Office 365
Learning about Security and Compliance in Office 365
 
securing the cloud for financial services
securing the cloud for financial servicessecuring the cloud for financial services
securing the cloud for financial services
 
Cloud computing tp ny
Cloud computing tp nyCloud computing tp ny
Cloud computing tp ny
 

Similar to It security

2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt
2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt
2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt
sikandar girgoukar
 
2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt
2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt
2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt
SharudinBoriak1
 
Guide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureGuide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azure
Abdul Khan
 
Regulatory Compliance and Long-Term Storage of Data
Regulatory Compliance and Long-Term Storage of DataRegulatory Compliance and Long-Term Storage of Data
Regulatory Compliance and Long-Term Storage of Data
Arkivum
 
The day when 3rd party security providers disappear into cloud bright talk se...
The day when 3rd party security providers disappear into cloud bright talk se...The day when 3rd party security providers disappear into cloud bright talk se...
The day when 3rd party security providers disappear into cloud bright talk se...
Ulf Mattsson
 
MongoDB.local Sydney: The Changing Face of Data Privacy & Ethics, and How Mon...
MongoDB.local Sydney: The Changing Face of Data Privacy & Ethics, and How Mon...MongoDB.local Sydney: The Changing Face of Data Privacy & Ethics, and How Mon...
MongoDB.local Sydney: The Changing Face of Data Privacy & Ethics, and How Mon...
MongoDB
 
Cloud computing 10 cloud security advantages and challenges
Cloud computing 10 cloud security advantages and challengesCloud computing 10 cloud security advantages and challenges
Cloud computing 10 cloud security advantages and challenges
Vaibhav Khanna
 
Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)
Druva
 
Harbinger Tech Session in cloud Expo - New Possibilities in Cloud Based Healt...
Harbinger Tech Session in cloud Expo - New Possibilities in Cloud Based Healt...Harbinger Tech Session in cloud Expo - New Possibilities in Cloud Based Healt...
Harbinger Tech Session in cloud Expo - New Possibilities in Cloud Based Healt...
Harbinger Systems - HRTech Builder of Choice
 
FINTECH, CYBERSECURITY AND BUSINESS READINESS
FINTECH, CYBERSECURITY AND BUSINESS READINESS FINTECH, CYBERSECURITY AND BUSINESS READINESS
FINTECH, CYBERSECURITY AND BUSINESS READINESS
Andrew_Goss
 
The Impact of Cloud: Cloud Computing Security and Privacy
The Impact of Cloud: Cloud Computing Security and PrivacyThe Impact of Cloud: Cloud Computing Security and Privacy
The Impact of Cloud: Cloud Computing Security and Privacy
Charles Mok
 
Cloud Security for Regulated Firms - Securing my cloud and proving it
Cloud Security for Regulated Firms - Securing my cloud and proving itCloud Security for Regulated Firms - Securing my cloud and proving it
Cloud Security for Regulated Firms - Securing my cloud and proving it
Hentsū
 
security and compliance in the cloud
security and compliance in the cloudsecurity and compliance in the cloud
security and compliance in the cloudAjay Rathi
 
Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012
Trend Micro
 
Data lake protection ft 3119 -ver1.0
Data lake protection ft 3119 -ver1.0Data lake protection ft 3119 -ver1.0
Data lake protection ft 3119 -ver1.0
Finto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
 
What is Cloud Security, and Can I Have Some?
What is Cloud Security, and Can I Have Some?What is Cloud Security, and Can I Have Some?
What is Cloud Security, and Can I Have Some?John Kinsella
 
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdprIsaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Ulf Mattsson
 
GDPR v pojetí F5
GDPR v pojetí F5GDPR v pojetí F5
GDPR v pojetí F5
MarketingArrowECS_CZ
 
Lecture27 cc-security2
Lecture27 cc-security2Lecture27 cc-security2
Lecture27 cc-security2
Ankit Gupta
 
Cng 125 – chapter 12 network policies
Cng 125 – chapter 12 network policiesCng 125 – chapter 12 network policies
Cng 125 – chapter 12 network policies
Frank Victory
 

Similar to It security (20)

2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt
2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt
2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt
 
2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt
2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt
2211-III-IV-Info-Security-061cab6ee6c0fb0-53969879.ppt
 
Guide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureGuide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azure
 
Regulatory Compliance and Long-Term Storage of Data
Regulatory Compliance and Long-Term Storage of DataRegulatory Compliance and Long-Term Storage of Data
Regulatory Compliance and Long-Term Storage of Data
 
The day when 3rd party security providers disappear into cloud bright talk se...
The day when 3rd party security providers disappear into cloud bright talk se...The day when 3rd party security providers disappear into cloud bright talk se...
The day when 3rd party security providers disappear into cloud bright talk se...
 
MongoDB.local Sydney: The Changing Face of Data Privacy & Ethics, and How Mon...
MongoDB.local Sydney: The Changing Face of Data Privacy & Ethics, and How Mon...MongoDB.local Sydney: The Changing Face of Data Privacy & Ethics, and How Mon...
MongoDB.local Sydney: The Changing Face of Data Privacy & Ethics, and How Mon...
 
Cloud computing 10 cloud security advantages and challenges
Cloud computing 10 cloud security advantages and challengesCloud computing 10 cloud security advantages and challenges
Cloud computing 10 cloud security advantages and challenges
 
Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)Security and privacy of cloud data: what you need to know (Interop)
Security and privacy of cloud data: what you need to know (Interop)
 
Harbinger Tech Session in cloud Expo - New Possibilities in Cloud Based Healt...
Harbinger Tech Session in cloud Expo - New Possibilities in Cloud Based Healt...Harbinger Tech Session in cloud Expo - New Possibilities in Cloud Based Healt...
Harbinger Tech Session in cloud Expo - New Possibilities in Cloud Based Healt...
 
FINTECH, CYBERSECURITY AND BUSINESS READINESS
FINTECH, CYBERSECURITY AND BUSINESS READINESS FINTECH, CYBERSECURITY AND BUSINESS READINESS
FINTECH, CYBERSECURITY AND BUSINESS READINESS
 
The Impact of Cloud: Cloud Computing Security and Privacy
The Impact of Cloud: Cloud Computing Security and PrivacyThe Impact of Cloud: Cloud Computing Security and Privacy
The Impact of Cloud: Cloud Computing Security and Privacy
 
Cloud Security for Regulated Firms - Securing my cloud and proving it
Cloud Security for Regulated Firms - Securing my cloud and proving itCloud Security for Regulated Firms - Securing my cloud and proving it
Cloud Security for Regulated Firms - Securing my cloud and proving it
 
security and compliance in the cloud
security and compliance in the cloudsecurity and compliance in the cloud
security and compliance in the cloud
 
Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012
 
Data lake protection ft 3119 -ver1.0
Data lake protection ft 3119 -ver1.0Data lake protection ft 3119 -ver1.0
Data lake protection ft 3119 -ver1.0
 
What is Cloud Security, and Can I Have Some?
What is Cloud Security, and Can I Have Some?What is Cloud Security, and Can I Have Some?
What is Cloud Security, and Can I Have Some?
 
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdprIsaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
 
GDPR v pojetí F5
GDPR v pojetí F5GDPR v pojetí F5
GDPR v pojetí F5
 
Lecture27 cc-security2
Lecture27 cc-security2Lecture27 cc-security2
Lecture27 cc-security2
 
Cng 125 – chapter 12 network policies
Cng 125 – chapter 12 network policiesCng 125 – chapter 12 network policies
Cng 125 – chapter 12 network policies
 

Recently uploaded

amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05
marketing317746
 
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdfikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
agatadrynko
 
Understanding User Needs and Satisfying Them
Understanding User Needs and Satisfying ThemUnderstanding User Needs and Satisfying Them
Understanding User Needs and Satisfying Them
Aggregage
 
Building Your Employer Brand with Social Media
Building Your Employer Brand with Social MediaBuilding Your Employer Brand with Social Media
Building Your Employer Brand with Social Media
LuanWise
 
3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx
tanyjahb
 
Sustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & EconomySustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & Economy
Operational Excellence Consulting
 
Digital Transformation and IT Strategy Toolkit and Templates
Digital Transformation and IT Strategy Toolkit and TemplatesDigital Transformation and IT Strategy Toolkit and Templates
Digital Transformation and IT Strategy Toolkit and Templates
Aurelien Domont, MBA
 
Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...
dylandmeas
 
An introduction to the cryptocurrency investment platform Binance Savings.
An introduction to the cryptocurrency investment platform Binance Savings.An introduction to the cryptocurrency investment platform Binance Savings.
An introduction to the cryptocurrency investment platform Binance Savings.
Any kyc Account
 
Organizational Change Leadership Agile Tour Geneve 2024
Organizational Change Leadership Agile Tour Geneve 2024Organizational Change Leadership Agile Tour Geneve 2024
Organizational Change Leadership Agile Tour Geneve 2024
Kirill Klimov
 
Authentically Social by Corey Perlman - EO Puerto Rico
Authentically Social by Corey Perlman - EO Puerto RicoAuthentically Social by Corey Perlman - EO Puerto Rico
Authentically Social by Corey Perlman - EO Puerto Rico
Corey Perlman, Social Media Speaker and Consultant
 
Agency Managed Advisory Board As a Solution To Career Path Defining Business ...
Agency Managed Advisory Board As a Solution To Career Path Defining Business ...Agency Managed Advisory Board As a Solution To Career Path Defining Business ...
Agency Managed Advisory Board As a Solution To Career Path Defining Business ...
Boris Ziegler
 
Mastering B2B Payments Webinar from BlueSnap
Mastering B2B Payments Webinar from BlueSnapMastering B2B Payments Webinar from BlueSnap
Mastering B2B Payments Webinar from BlueSnap
Norma Mushkat Gaffin
 
Call 8867766396 Satta Matka Dpboss Matka Guessing Satta batta Matka 420 Satta...
Call 8867766396 Satta Matka Dpboss Matka Guessing Satta batta Matka 420 Satta...Call 8867766396 Satta Matka Dpboss Matka Guessing Satta batta Matka 420 Satta...
Call 8867766396 Satta Matka Dpboss Matka Guessing Satta batta Matka 420 Satta...
bosssp10
 
Auditing study material for b.com final year students
Auditing study material for b.com final year studentsAuditing study material for b.com final year students
Auditing study material for b.com final year students
narasimhamurthyh4
 
BeMetals Investor Presentation_June 1, 2024.pdf
BeMetals Investor Presentation_June 1, 2024.pdfBeMetals Investor Presentation_June 1, 2024.pdf
BeMetals Investor Presentation_June 1, 2024.pdf
DerekIwanaka1
 
-- June 2024 is National Volunteer Month --
-- June 2024 is National Volunteer Month ---- June 2024 is National Volunteer Month --
-- June 2024 is National Volunteer Month --
NZSG
 
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdfModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
fisherameliaisabella
 
Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...
Lviv Startup Club
 
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBdCree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
creerey
 

Recently uploaded (20)

amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05
 
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdfikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
 
Understanding User Needs and Satisfying Them
Understanding User Needs and Satisfying ThemUnderstanding User Needs and Satisfying Them
Understanding User Needs and Satisfying Them
 
Building Your Employer Brand with Social Media
Building Your Employer Brand with Social MediaBuilding Your Employer Brand with Social Media
Building Your Employer Brand with Social Media
 
3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx
 
Sustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & EconomySustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & Economy
 
Digital Transformation and IT Strategy Toolkit and Templates
Digital Transformation and IT Strategy Toolkit and TemplatesDigital Transformation and IT Strategy Toolkit and Templates
Digital Transformation and IT Strategy Toolkit and Templates
 
Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...Discover the innovative and creative projects that highlight my journey throu...
Discover the innovative and creative projects that highlight my journey throu...
 
An introduction to the cryptocurrency investment platform Binance Savings.
An introduction to the cryptocurrency investment platform Binance Savings.An introduction to the cryptocurrency investment platform Binance Savings.
An introduction to the cryptocurrency investment platform Binance Savings.
 
Organizational Change Leadership Agile Tour Geneve 2024
Organizational Change Leadership Agile Tour Geneve 2024Organizational Change Leadership Agile Tour Geneve 2024
Organizational Change Leadership Agile Tour Geneve 2024
 
Authentically Social by Corey Perlman - EO Puerto Rico
Authentically Social by Corey Perlman - EO Puerto RicoAuthentically Social by Corey Perlman - EO Puerto Rico
Authentically Social by Corey Perlman - EO Puerto Rico
 
Agency Managed Advisory Board As a Solution To Career Path Defining Business ...
Agency Managed Advisory Board As a Solution To Career Path Defining Business ...Agency Managed Advisory Board As a Solution To Career Path Defining Business ...
Agency Managed Advisory Board As a Solution To Career Path Defining Business ...
 
Mastering B2B Payments Webinar from BlueSnap
Mastering B2B Payments Webinar from BlueSnapMastering B2B Payments Webinar from BlueSnap
Mastering B2B Payments Webinar from BlueSnap
 
Call 8867766396 Satta Matka Dpboss Matka Guessing Satta batta Matka 420 Satta...
Call 8867766396 Satta Matka Dpboss Matka Guessing Satta batta Matka 420 Satta...Call 8867766396 Satta Matka Dpboss Matka Guessing Satta batta Matka 420 Satta...
Call 8867766396 Satta Matka Dpboss Matka Guessing Satta batta Matka 420 Satta...
 
Auditing study material for b.com final year students
Auditing study material for b.com final year studentsAuditing study material for b.com final year students
Auditing study material for b.com final year students
 
BeMetals Investor Presentation_June 1, 2024.pdf
BeMetals Investor Presentation_June 1, 2024.pdfBeMetals Investor Presentation_June 1, 2024.pdf
BeMetals Investor Presentation_June 1, 2024.pdf
 
-- June 2024 is National Volunteer Month --
-- June 2024 is National Volunteer Month ---- June 2024 is National Volunteer Month --
-- June 2024 is National Volunteer Month --
 
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdfModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
 
Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...Kseniya Leshchenko: Shared development support service model as the way to ma...
Kseniya Leshchenko: Shared development support service model as the way to ma...
 
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBdCree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
 

It security

  • 1. IT SECURITY – AN OVERVIEW INSPIRATION FROM ISO 2700X - DR. DANIEL SOPER – ”NYE SIKKERHEDSMODELLER” - GDPR LARS KRAG KONGSGAARD - SENIOR PROJECT MANAGER 1
  • 2. IT SECURITY • Tenets • Threats • Attacks • Availability • Cryptographic • Monitoring • Roles • Access Models • Recovery • Continuity • Medias • Platform • Points • Nodes • Devices • Protocols • Segmentations • Detection • Controls • Changes • Configurations • Incidents • Assessments • Risk Management • Applications • Databases • Devices • Networks • Operating Systems • Configurations • End Points • Health • Safety • Environment • Surveillance • Control • Deterrence • Site • Barriers • Mounting • Cooling • Power • Transmission Essentials Architecture Governance Hardening Physics LARS KRAG KONGSGAARD - SENIOR PROJECT MANAGER 2
  • 3. NEW PARADIGM - FROM IDENTIFICATION TO AUTHORIZATION • Authorization based on validation • Prevention based on segmentation • Security by design • Privacy by design • Credentials depending on Context LARS KRAG KONGSGAARD - SENIOR PROJECT MANAGER 3
  • 4. NEW MODELS FOR SECURITY FROM IDENTIFICATION TO AUTHORIZATION • Properties • Authentication • Responsibility • Communication Channel • Integrity • Responsibility • Role • Information • Validity • Private Key • Authorization per transaction • Pseudonyms • Authorization disconnection from Identification • Semantic Interoperability • Stakeholder Segmentation • Stakeholder- based Metadata • Implicit - no action for User • Context dependent Credentials • Transaction Segmentation • Information disclosure based on need • Purpose-specific Keys • Transaction Context • Transparency • User control • Consent • Code of conduct • Virtual Identity • Information Level Negotiation • Data Enrichment Control • Positive Properties • Negative Properties • Holder • Situation • Issuer • Usage • Protocol • Selective Disclosure • Undeniability • Verifiable Encryption Authorization Prevention Privacy by Design Security by Design Credentials LARS KRAG KONGSGAARD - SENIOR PROJECT MANAGER 4
  • 5. ENHANCED GENERAL DATA PROTECTION REGULATION (GDPR) AGREED BY EUROPEAN PARLIAMENT. • Deadline: GDPR compliance before May 25, 2018 • Failure: GDPR compliance failure subject to penalties and fines • Application: European Union (consumer and personal data across EU nations) • Key Requirements for GDPR privacy and data protection: • Consent of subjects for data processing • Privacy Protection by means of Anonymizing collected data • Data breach notifications • Safe transfer of data across borders • Appointment of officer for GDPR compliance data protection for certain companies LARS KRAG KONGSGAARD - SENIOR PROJECT MANAGER 5