Risk management: Turning a roadblock into an enabler

For our next breakfast seminar, our Governance, Risk and Compliance department is joined by McAfee to take us on a risk management journey to the cloud.

The presentations will take you all the way from the legislative level, to the cloud realities that companies are facing here and now.

Join McAfee and mnemonic to see how organisations prepare for the future with products like CASB, and how you can update your security strategy for the cloud.

See you there!


Breakfast and registration


Security Act, ICT security law and the NIS Directive – what does it mean for you?

How can we best secure basic national functions and critical services in Norway?

The Norwegian authorities are currently attempting to answer this question through the introduction of a new security act and a new ICT security law. The Security Act was introduced at the beginning of 2019, but despite the increased scope, the consequences has per now been quite small. While we wait for the new Security Act, the Ministry of Justice is consulting a new ICT security law in the wake of EU’s new security directive, the NIS directive.

In his presentation, Mattias will update us on the newest developments for the Security Act, what the new ICT security law is and what it may entail.

Language: Norwegian
Technical level: 1/5

Can we afford to keep thinking negatively about risk?

Like many others who work with information risk management, Mark has spent most of his career focusing on the negative aspects of risk i.e. on the things a company needs to improve rather than re-enforcing the things they are doing right.

Hence, many companies may experience information risk and security as something that makes it difficult to do business. In many cases they are right, as the end-result often is; new rules, new restrictions, slower access to systems, and increased costs without increased earnings. No wonder we’re not the most popular group of people!

In the presentation, Mark wants to redefine how we think about risk by outlining a risk management model using a Sherwood Applied Business Security Architectures (SABSA) framework. And he’ll use the framework to help us think a little more positively about risk.

Language: Norwegian
Technical level: 1/5


Security Strategy in, on and for the Cloud

Organisations continue to move to the cloud because of benefits like cost-savings, scalability, and higher flexibility. Unfortunately, security is all too often an afterthought or not thought of at all.

However, by directly connecting your cloud security strategy to your business goals, you can ensure that security functions as an enabler for your business, and not as a roadblock.

During his presentation, you will learn how to create a security strategy for the cloud based on a Cloud Security Alliance framework using mnemonic’s methodology.

Language: Norwegian
Technical level: 1/5

Cloud Security – It’s not black and white

Security systems can be complex to implement, however some of them are at least easy to explain – malware is always bad and some web sites are always inappropriate for business.

Cloud is different and we need to come from a different angle. Some cloud services may be high risk, but even low risk services can be used in a high-risk manner. Our security approach needs to understand content, context and user behavior to ensure appropriate policies.

Nigel's presentation will review current cloud adoption solutions like CASB, share anecdotes about cloud security and make hard-hitting recommendations on what you need to do.

Language: English
Technical level: 1/5

Closing and prize drawing

Påmelding er nå stengt.