slides: the security challenge: kpn's practical approach

The Security Challenge: KPN's Practical Approach for (IT) managers Xebia Security

Upload: xebia-nederland-bv

Post on 22-Jan-2018

422 views

Category:

Software

0 download

Report

Download

Embed Size (px):

TRANSCRIPT

The Security Challenge:

KPN's Practical Approach

for (IT) managers

Xebia Security

Page 2: Slides: The Security Challenge: KPN's Practical Approach

Who am I

Dave van [email protected]

@Dave_von_S

nl.linkedin.com/in/dvstein

Page 3: Slides: The Security Challenge: KPN's Practical Approach

KPN

Largest Telecom and IT operator in NL

Consumer, Business, Corporate markets

Several international brands

18,000 employees, 500M€ profit

Page 4: Slides: The Security Challenge: KPN's Practical Approach

KPN Online

Most internet facing applications and apps

Open environment (www.kpn.com)

Selfcare environments (mobile & desktop)

Consumer and small business webshop

Page 5: Slides: The Security Challenge: KPN's Practical Approach

-2013: project based

Security requirements Penetration test

Afterfix Afterfix 2

Retest

Page 6: Slides: The Security Challenge: KPN's Practical Approach

2014: Agile transformation

Page 7: Slides: The Security Challenge: KPN's Practical Approach

Security & Agile?

Page 8: Slides: The Security Challenge: KPN's Practical Approach

Changing Responsibilies

Page 9: Slides: The Security Challenge: KPN's Practical Approach

Integrate security expertise

Page 10: Slides: The Security Challenge: KPN's Practical Approach

Split and simplify policies

Page 11: Slides: The Security Challenge: KPN's Practical Approach

Standardized Architecture

Page 12: Slides: The Security Challenge: KPN's Practical Approach

Security in SDLC

Page 13: Slides: The Security Challenge: KPN's Practical Approach

Threat modeling by design

Page 14: Slides: The Security Challenge: KPN's Practical Approach

Compliant Operation

Story

Code

Platform

Application

Operations

Page 15: Slides: The Security Challenge: KPN's Practical Approach

Apply best practices

Page 16: Slides: The Security Challenge: KPN's Practical Approach

SecDevOps: summary

Align Dev, Sec, Bus, And Ops

Standardize and simplify

Automate, automate, automate

Know your value

Attack yourself

Learn, teach and train

Page 17: Slides: The Security Challenge: KPN's Practical Approach

SecDevOps: more info

devsecops.org - “Secure Agile Manifesto”

Forrester- “The Seven Habits of Rugged Devops”

Event.io- “Ten Ways to Develop a Rugged DevOps Approach”

Page 18: Slides: The Security Challenge: KPN's Practical Approach

Just do it

Page 19: Slides: The Security Challenge: KPN's Practical Approach

Thank you, Q&A

A Practical Time-Domain Fault Current Analysis using … · A Practical Time-Domain Fault Current Analysis using ... The challenge of this paper is to provide a practical time-domain

The Cost of Capital for KPN's Wholesale Activities: A 1 ... · The Cost of Capital for KPN's Wholesale Activities: A 1-year Estimate for 2007 A Final Report for OPTA. Project Team

Resourceful Collaboration: sustaining wealth in a competitive world 1. The Challenge 2. Practical Actions 3. London Community Resource Network 4. Advantage

BEA 001-2002 KM Challenge 2002: Advanced models of ... · KM Challenge 2002 ADVANCED MODELS OF KNOWLEDGE MANAGEMENT — PRACTICAL APPROACHES FOR IMPLEMENTATION Conference Chair &

USING THE LAW TO CHALLENGE UNLAWFUL DECISIONS: PRACTICAL CONSIDERATIONS

The Global Social Media Challenge - Lionbridgeinfo.lionbridge.com/rs/lionbridge/images/travel_GlobalSocialMedia_E… · The Global Social Media Challenge September 13, 2012 Some Practical

Practical Strategic Asset Management Planning€¦ · • ‘Projectising’ poses a technical challenge – grouping projects and linking to augmentation projects • Decant space

Exemption From Practical(S) In First Year: Is It A Good …psrcentre.org/images/extraimages/1215048.pdfchoosing physics lab experiment/practical component has been a challenge for

COVID-19 - Practical workforce strategies that put your ...€¦ · COVID-19: Practical workforce strategies that put your people first 4 5 Responding to the immediate challenge:

Face your challenge, Be smart - chem.msu.su · Face your challenge, Be smart PRACTICAL EXAMINATION JULY 18, 2013 ... After ca. 20-30 min carefully transfer the dried powder into the

Learning Design for the 21 st Century: Practical Insights on Challenge and Threat

The Psychophysiology of Stress: Practical Insights on Challenge and Threat

KPN's ision on and stept to reach fully programmable telco ... · KPN Fabric Simulation for Fabric & Function development Based on similar ONF developments within for example µONOS,

The Challenge: A Lack of Ethical Leadership · PDF fileThe Challenge: A Lack of Ethical Leadership ... across topic areas OXFORD UNIVERSITY PLUS VALUES-BASED CHARACTER ... practical

CHALLENGE POVERTY WEEK€¦ · Challenge Poverty Week is a real, practical opportunity to build a stronger movement against poverty and demonstrate our values of justice and compassion

Mastering the challenge - EY Japan · 1.1 Scope of IAS 39 5 ... Mastering the challenge: Practical IFRS guidance for power and utilities Mastering the ... E Support functions and

SUMMIT LEADERSHIP CHALLENGE - filestore.scouting.org · Summit Leadership Challenge (SLC) focuses on practical applications of Wood Badge skills. Using outdoor experiential learning

Entrepreneurship Challenge Mary Jane Page, Halton DSB Resources, ideas and energy provide the diverse entrepreneur students with practical and engaging

Practical JFSL verification using TACO › publications › ... · One challenge many formal tools share is to provide a practical interface for a non-proﬁcient user. In this article,

Practical Approaches to Stretch and Challenge Simple Methods and Activities to Enhance Motivation and Achievement

1 Teaching methodologies and the Practical English challenge Simon Smith ELC Teacher & President’s Office Special Assistant

The Cost of Capital for KPN's Wholesale Activities · The WACC for KPN’s wholesale activities List of Tables NERA Economic Consulting List of Tables Table 3.1 Nominal Risk-free

YOUR PRACTICAL GUIDE TO Gluten Free in Food Service · MEETING THE GLUTEN FREE CHALLENGE YOUR PRACTICAL GUIDE TO Gluten Free in Food Service Based on the Gluten Free Standard for

The challenge of postmodernism to rationality in Practical

The Psychophysiology of Stress: Practical Insights on Challenge and Threat Gabrielle Rappolt-Schlichtmann CAST; March 20, 2011

SMEs take on BIM Challenge - Construction News · PDF fileConstruction News’ practical guide to help smaller construction companies with their business SMEs take on BIM Challenge

Practical Approaches to the Building Renovation Challenge

ALL PORTS FACE A COMMON CHALLENGE ECO SLC presentation... · ALL PORTS FACE A COMMON CHALLENGE ... from October2011 daily worldwide service with 70 ships ... 2. practical environmental

CHALLENGES IN THE PRACTICAL IMPLEMENTATION …impel.eu/wp-content/uploads/2015/07/Implementation-Challenge... · challenges in the practical implementation of eu environmental law

Practical Advice on Physician Compensation: Achieving ... · Practical Advice on Physician Compensation: Achieving Compliance and FMV. ... New challenge –transition to ... that

East Bay Community Resilience Challenge...3 I. PROGRAM HIGHLIGHTS The East Bay Community Resilience Challenge has inspired thousands of citizens, leaders, and groups to take practical

FY18 RWDC State Unmanned Aerial System Challenge ... · Unmanned Aerial System Challenge: Practical Solutions to ... , Real World Design Challenge ... , unmanned aerial vehicle [UAV])

Practical issues performing Bronchial Challenge Tests

The Cost of Capital for KPN's Wholesale Activities · § NERA (January 2009) “The Cost of Capital for KPN’s Wholesale Activities: A 1-year Estimate for 2007”. These reports

Call for Practical Examples and Ideas - World Economic Forum€¦ · 02/10/2015 · Call for Practical Examples and Ideas As part of its Global Challenge Initiative on Economic Growth