Upload File

trusler og policies - sintef · uruguay, bolivia and peru. • 20 million bank customers. • 8...

  • Home
  • Documents
  • Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23
22
Trusler og policies [email protected]

Upload: others

Post on 08-Oct-2020

1 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

Trusler og policies

[email protected]

Page 2: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

2

2006-11-23

Hvem er jeg?

IT-Arkitekt

LISO

Page 3: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

3

2006-11-23

Det jeg skal prate om er:

•Hvem vi er

•Våre utfordringer

•Trusler, hvordan ser vi de

•Hvordan implementerer vi policies

Page 4: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

4

2006-11-23

GRUPO SANTANDER

Posisjon

Blant de 10 største banker i verden

Tilstedeværelse i 46 land. Den ledendefinansinstitusjonen i Euro-sonen og Latin-Amerika.

59 millioner kunder, 10 000 filialer, 126 000 ansatte.

2 700 000 aksjeeiere.

Page 5: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

5

2006-11-23

Our businessesEuropa

• Leader in consumer financing in Europe.

• Present in:• Spain• U.K.• Portugal• Italy• Germany• Holland

• Poland• Czech Republic• Austria• Hungary• Norway• Sweden

• Direct Banking.• 7.7 million customers.• 100,000 dealers.• 257 own branches.• 5,100 employees.

Page 6: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

6

2006-11-23

Latin-Amerika

Latin America Division• Leading financial group in the region

(10% market share).• Leadership position in key markets:

Brazil, Mexico and Chile.• Prominent presence in Argentina,

Venezuela, Puerto Rico, Colombia, Uruguay, Bolivia and Peru.

• 20 million bank customers.• 8 million subscribers to pension

plans.• 4,100 branches.• 62,700 employees.

Page 7: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

7

2006-11-23

Systemene, sterkt forenklet

Page 8: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

8

2006-11-23

Hva gjør vi?

•TrusselvurderingerKonsekvens og sannsynlighetEnkelte systemer og grupper av systemer, basert påintervjuer av systemspesialister og brukere.

•PoliciesMadridUSANorskeFinskeSvenskeSelvpålagte

Page 9: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

9

2006-11-23

Trusler

•Utfordringer:

Personlig radar (tankesett)

Gruppetenking

Det å være norsk

Page 10: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

10

2006-11-23

Policies

•Hva gjør man med håpløse krav?

•Hvordan kan de etterleves?

•Hvem pålegges policies?

Page 11: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

11

2006-11-23

Hvem skriver policies?

•Sitter de alene i lukkede rom?

•Hva tenker de på?

Page 12: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

12

2006-11-23

Hvordan kan policies etterleves?

•- Lover og regelverk:Nasjonale loverEU-direktiver

•- Hvordan påvirke i pre-pipelinefasen?

Page 13: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

13

2006-11-23

Policies, hvordan håndteres dette i dag?

MadridUSA

Egne

SverigeFinland

Kreditttilsynet

BSK

LISO

Norge

Visa MC

Globale Lokale

Kort Lån Leasing Finland Sverige

Page 14: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

14

2006-11-23

Hvem bør foreta trusselvurderingen?

Page 15: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

15

2006-11-23

Valg av verktøy / metodeK

ompl

eksi

tet

SDL (Security Development Lifecycle) process

Bell-La Padula ModelDolev-Yao

Clark-Wilson

CORAS

Sannsynlighet for gjennomføring

http://coras.sourceforge.net/index.html
Page 16: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

16

2006-11-23

Scrum metodenSikkerhetsdesign og implementasjon

Page 17: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

17

2006-11-23

IKT forskriften fra Kredittilsynet

•§ 3 Risikoanalyse •…

•Foretaket skal minst en gang årlig, eller ved endringer som har betydning for IKT-sikkerheten, gjennomføre risikoanalyser for å påse at risiko styres innenfor akseptable grenser i forhold til foretakets virksomhet. Resultatet av risikoanalysen skal dokumenteres.

Page 18: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

18

2006-11-23

IKT forskriften fra Kredittilsynet

•§ 5 Sikkerhet •Foretaket skal utarbeide prosedyrer som skal sikre beskyttelse av utstyr, systemer og informasjon av betydning for foretakets virksomhet, jf. § 1, mot skader, misbruk, uautorisert adgang og endring, samt hærverk. Videre skal prosedyrene inneholde retningslinjer for tildeling, endring, sletting og kontroll med autorisasjon for tilgang til IKT-systemene. Kravene til IKT-sikkerhet skal så langt det er praktisk mulig være målbare.

Page 19: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

19

2006-11-23

IKT forskriften fra Kredittilsynet

•§ 7 Systemvedlikehold•Foretaket skal sikre at IKT-systemene vedlikeholdes og forvaltes på en måte som gir en stabil, planlagt og forutsigbar drift.

Page 20: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

20

2006-11-23

IKT forskriften fra Kredittilsynet

•§ 11 Driftsavbrudd og katastrofeberedskap•…•Det skal minst en gang årlig gjennomføres opplæring, øvelse og test i et omfang som gir tilstrekkelig trygghet for at katastrofeløsningen virker som forutsatt. Resultatet av testen skal dokumenteres slik at det er mulig åkontrollere.

Page 21: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

21

2006-11-23

Oppsummering

Det ER vanskeig å implementere policies

Trusselvurderinger bør ned på laveste nivå

Periodiske penetreringstester

Page 22: Trusler og policies - SINTEF · Uruguay, Bolivia and Peru. • 20 million bank customers. • 8 million subscribers to pension plans. • 4,100 branches. • 62,700 employees. 7 2006-11-23

ÝiVÕÌ Ûi ÃÕ >ÀÞ - SARPN · millionn million=peopleworld widewerelivingwith()6attheend of !nestimated million; millionn million=becamenewly infectedwith()6andanestimated million;

How to Win Subscribers & Influence Viewers on YouTube - SMX East 2013

HINDAMATUT KASVUSEADUST - Million

229,000 farms 67.6 million hectares of total area 35.9 million hectares of land in corps (excluding Christmas trees) 15.8 million cattle

ONE million dollars

Посібник Абонента - my.ntktv.uamy.ntktv.ua/subscribers/faq/Posibnyk_abonenta.pdf · ² Чи можете Ви встановити так званий «Безпровідний

Outline - Università degli Studi di Milano-BicoccaMiddle East 5.12 million Europe 190.91 million Asia/Pacific 187.24 million Africa 6.31 million World Total 605.60 million 6 HTTP/CGI

Inactive Email Subscribers Reactivation Strategies

Preliminary Design of 4,100 TEU Container Carrier (4,100 TEU …ocw.snu.ac.kr/sites/default/files/NOTE/2616.pdf · 2018-01-30 · Preliminary Design of 4,100 TEU Container Carrier

ENVIRONMENTAL REPORT 2017 - NECプラット … Accounting 2016 Environmental Items A=Depreciation, Maintenance (Million) B=Labor cost (Million) C=Saving cost (Million) D=Contract,

Million dollars story

Futurebit Subscribers Segmentation // Сегментация базы подписчиков

Subscribers, Fans, Followers - Digital Morning Final

Fundraisingový koláč Kolik organizací usiluje o část ... · United Arab Emirates – 35.3 million Kuwait – 34.2 million Russia – 32.5 million India – 14.6 million South

7000 million

タイヤレスノンスリップ - hinaka.co.jp...D258 4,000 4,100 3,200 1,340 940 4,000 4,100 3,200 1,340 940 D197 アルミニウム(シルバー) 18 品 番 入数(本)

One In A Million

CHEVROLET CHEYENNE® 2018 · Toma de corriente 110 voltios ... Encendido remoto de motor ... Torque 383 lb-pie @ 4,100 rpm 383 lb-pie @ 4,100 rpm 383 lb-pie @ 4,100 rpm 383 lb-pie

Actionpay and Unisender. Resuscitation Subscribers

average growth rate Annual growth rates in mobile subscribers #" ˜ ˘ , * , * ˘ ˜ ˜ ˇˆ * / #$ 9% * , # 6 ˚ ,

Million spanish 2

M : million

Interim Report 2013 - First Pacific · Combined broadband subscriber base at 3.2 million (1H12: 3.0 million) of which 2.3 million were wireless broadband subscribers and over 920,000

$1 Million

孟橙策略行銷 · 2012-10-04 · ftv 媒體曝光效益 ... russia 12 million asia 101 million australia & new zeland 1,8 million mideast 8 million

JUDAISM. Judaism Worldwide: 14,551,000 Jews – US: 5.6 million – Asia: 4.5 million – Europe: 2.4 million Many different groups/divisions of Judaism

INTRODUCCIÓN A LA GDS Y AL SPI4 AUDITORIA SOCIAL · 2019. 3. 27. · Cuestionario principal ... Medium Africa, Asia, ECA, MENA 2 million to 8 million LAC 4 million to 15 million

12. One Million Phenomena

¥2600 3,400 3,400 3,400 3,100 3,900 4,100 4,200 4,500 ¥2600 … · 2020. 3. 2. · ¥2600 3,400 3,400 3,400 3,100 3,900 4,100 4,200 4,500 ¥2600 ¥3,400 85 (10M2%) 6,50 6,80 T,oo

Million$ - MSS FEBUI

Sains Matematik dalam acuan bahasa Melayu dan Islam · dalam abad ke-17M dengan maksud "million million", iaitu "million kuasa dua" =1012' tetapi Amerika Syarikat (AS) mengambil "million"

Presentación 1 million

Subscribers, Fans and Followers

Million Voices-shots! MashUp

WWII: African-American Gains and Struggles. 5 Million Volunteers 10 Million Draftees 5 Million Volunteers 10 Million Draftees