The largest IT Security festival (Sikkerhetsfestivalen) ever seen in Norway was held in August with 900 participants!
The scale of this festival, as it takes place in a small country like Norway, displays an excellent example of the growing market of security. In the aftermath of the cyber-attack on the large Norwegian aluminum supplier Hydro, costing them somewhere between 40 and 70 million-euro, cyber protection will no longer seem optional even to the most hopeless laggards of companies.
Naturally, Transcendent Group was of course present at this festival, but also participated in an astounding way. Not only was our own Magnus Ask responsible for the program of the festival, we also contributed with two presentations – held by Gøran Breivik and Eli Sofie Amdam. In total, we had seven participants from TG Norway there networking. Our experienced and highly skilled GRC-consultants utilize years of experience and knowledge from consulting and industry roles, and we love to share that knowledge with colleagues from the industry!
Eli Sofie held a presentation together with her long-time customer, Storebrand/SPP, about the project she has been part of there the last 2,5 years. The project has established and implemented an ISMS (Information Security Management System) in the entire group. In the presentation they shared experiences from the project, discussed what benefits that have been achieved and challenges the project encountered along the way. It was very appreciated to see concrete examples of how to communicate security requirements to an organization.
Gøran gave an insight in to how you can e.g. use personas and personas-like descriptions to help you understand your own cyber threat situation. He talked about how you can work systematically with your threat actor information, gather intel from all sorts of open source intelligence sources and really use concrete threat information to help you prioritize just the right security controls i.e. NSMs basic principles for IT-security.
The event was arranged by the Norwegian Information Security Forum (ISF) togheter with several partners (e.g ISACA and CSA).