SlideShare une entreprise Scribd logo

Building secure digital services

Télécharger en tant que PPTX, PDF
N
NetDef

Steps for housing associations to protect themselves while providing digital services to tenants.

Technologie
1  sur  12
BUILDING SECURE DIGITAL SERVICES Manchester, 22nd October Dave Beesley Technical Director NetDef
Agenda  Evaluating IT infrastructure and processes to meet the needs of a rapidly changing sector.  Planning a robust infrastructure on which to build secure digital services.  Answering the security questions posed by regulatory compliance requirements.
What are digital services? External Internal • Digital inclusion solutions • Rent payments • Access to tenant facilities • Telemedicine • CRM solutions for tenant management • Agile working systems • Data sharing amongst apps
× Access × Skills × Motivation × Trust Over a third of these are in social housing Why? Digital Exclusion ~20% of population not using digital services
Security considerations • Tenants feeling unsafe online/cyber-crime • Mitigated by training/help with getting online • https://www.cyberstreetwise.com/ • https://www.getsafeonline.org/ • Mitigated by technology • Gateway level security software • Access to security software • Potential reputational damage • Tenants accessing illegal material • AUP and monitoring/controls • Cost of implementation of security • Assurance/testing/compliance/management
Current IT Infrastructure What does the business require? • SLAs • Capacity How are projects developed with the business? Cyber risk on corporate risk register? Business continuity and disaster recovery plans? Evaluation & asset management
Planning for future developments Agility & flexibility of infrastructure Speed of execution for new projects Cloud versus on-premise or hybrid Security considerations baked into projects  Saves money  Reduces risk
Compliance considerations Testing/assurance Safe Harbour EU ruling – important for cloud PCI/Data Protection/ISO27001 Ensuring reputational integrity Which standards are relevant? Who to turn to for advice?
Our approach Prevent Detect Respond
NetDef projects Regenda Group • Disaster Recovery and Business Continuity Strategy Guinness Partnership • Security infrastructure Auditing Services NDA • Security Auditing for Compliance Recent examples of consultancy work in housing associations
Your to do list Security risk assessment – risk register Capacity planning and/or evaluation of future needs Testing/security assessment for compliance Business continuity and disaster recovery planning Asset Management
Thank you Dave Beesley, Managing Director, NetDef

Recommandé

Benefits of IT Outsourcing
Benefits of IT OutsourcingBenefits of IT Outsourcing
Benefits of IT OutsourcingMultiTech IT
 
Ctc rick ryan prezi 3 2016
Ctc rick ryan prezi 3 2016Ctc rick ryan prezi 3 2016
Ctc rick ryan prezi 3 2016Courtney King
 
Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of Things
Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of ThingsChristopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of Things
Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of ThingsKatedra Informatologii. Wydział Dziennikarstwa, Informacji i Bibliologii, Uniwersytet Warszawski
 
IoT: Overcoming Barriers to a Connected World
IoT: Overcoming Barriers to a Connected WorldIoT: Overcoming Barriers to a Connected World
IoT: Overcoming Barriers to a Connected WorldCharles Mok
 
Iot and ethics
Iot and ethicsIot and ethics
Iot and ethicsErling Hesselberg
 
What to expect at the 2015 Information Assurance for Forum
What to expect at the 2015 Information Assurance for ForumWhat to expect at the 2015 Information Assurance for Forum
What to expect at the 2015 Information Assurance for ForumCentraComm
 
Ethical, Legal and Social issues IoT
Ethical, Legal and Social issues IoTEthical, Legal and Social issues IoT
Ethical, Legal and Social issues IoTLuckeylama
 
Outpost24 webinar - preventing wireless attacks with device visibility and t...
Outpost24 webinar - preventing wireless attacks with device visibility and t...Outpost24 webinar - preventing wireless attacks with device visibility and t...
Outpost24 webinar - preventing wireless attacks with device visibility and t...Outpost24
 

Recommandé

Benefits of IT Outsourcing
Benefits of IT OutsourcingBenefits of IT Outsourcing
Benefits of IT OutsourcingMultiTech IT
 
Ctc rick ryan prezi 3 2016
Ctc rick ryan prezi 3 2016Ctc rick ryan prezi 3 2016
Ctc rick ryan prezi 3 2016Courtney King
 
Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of Things
Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of ThingsChristopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of Things
Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of ThingsKatedra Informatologii. Wydział Dziennikarstwa, Informacji i Bibliologii, Uniwersytet Warszawski
 
IoT: Overcoming Barriers to a Connected World
IoT: Overcoming Barriers to a Connected WorldIoT: Overcoming Barriers to a Connected World
IoT: Overcoming Barriers to a Connected WorldCharles Mok
 
Iot and ethics
Iot and ethicsIot and ethics
Iot and ethicsErling Hesselberg
 
What to expect at the 2015 Information Assurance for Forum
What to expect at the 2015 Information Assurance for ForumWhat to expect at the 2015 Information Assurance for Forum
What to expect at the 2015 Information Assurance for ForumCentraComm
 
Ethical, Legal and Social issues IoT
Ethical, Legal and Social issues IoTEthical, Legal and Social issues IoT
Ethical, Legal and Social issues IoTLuckeylama
 
Outpost24 webinar - preventing wireless attacks with device visibility and t...
Outpost24 webinar - preventing wireless attacks with device visibility and t...Outpost24 webinar - preventing wireless attacks with device visibility and t...
Outpost24 webinar - preventing wireless attacks with device visibility and t...Outpost24
 
What hope for privacy in an IoT world?
What hope for privacy in an IoT world? What hope for privacy in an IoT world?
What hope for privacy in an IoT world? kotahinet
 
Law seminars intl cybersecurity in the power industry
Law seminars intl cybersecurity in the power industryLaw seminars intl cybersecurity in the power industry
Law seminars intl cybersecurity in the power industryKevin Murphy
 
Solving access for Hybrid IT
Solving access for Hybrid ITSolving access for Hybrid IT
Solving access for Hybrid ITJeff Green
 
IT Security News & Case Studies
IT Security News & Case StudiesIT Security News & Case Studies
IT Security News & Case StudiesDani Wannous
 
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...team-WIBU
 
A History of IIoT Cyber-Attacks
A History of IIoT Cyber-Attacks A History of IIoT Cyber-Attacks
A History of IIoT Cyber-Attacks GlobalSign
 
Aalto cyber-10.4.18
Aalto cyber-10.4.18Aalto cyber-10.4.18
Aalto cyber-10.4.18japijapi
 
5 Public Sector Technology Trends 2018
5 Public Sector Technology Trends 20185 Public Sector Technology Trends 2018
5 Public Sector Technology Trends 2018Mihae Ahn, MBA
 
The New Framework for Modern Data Privacy and Security
The New Framework for Modern Data Privacy and SecurityThe New Framework for Modern Data Privacy and Security
The New Framework for Modern Data Privacy and SecuritySara Goodison
 
Byod security
Byod security Byod security
Byod security Denise Bailey
 
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...CableLabs
 
Vishnu_Murali_September 2016 CDM CIO ENERGY Summit_FINAL_FINAL
Vishnu_Murali_September 2016 CDM CIO ENERGY Summit_FINAL_FINALVishnu_Murali_September 2016 CDM CIO ENERGY Summit_FINAL_FINAL
Vishnu_Murali_September 2016 CDM CIO ENERGY Summit_FINAL_FINALVishnu Murali
 
A History of IIoT Cyber-Attacks & Checklist for Implementing Security [Infogr...
A History of IIoT Cyber-Attacks & Checklist for Implementing Security [Infogr...A History of IIoT Cyber-Attacks & Checklist for Implementing Security [Infogr...
A History of IIoT Cyber-Attacks & Checklist for Implementing Security [Infogr...GlobalSign
 
Etisalat Digital Connect
Etisalat Digital ConnectEtisalat Digital Connect
Etisalat Digital ConnectGrafic.guru
 
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about themMobile security blunders and what you can do about them
Mobile security blunders and what you can do about themBen Rothke
 
Solving Industrial Data Integration with Machine Intelligence
Solving Industrial Data Integration with Machine IntelligenceSolving Industrial Data Integration with Machine Intelligence
Solving Industrial Data Integration with Machine IntelligenceBit Stew Systems
 
Security For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers SafeSecurity For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers Safewoodsy01
 
Driving IT Transformation with Agile Analytics
Driving IT Transformation with Agile AnalyticsDriving IT Transformation with Agile Analytics
Driving IT Transformation with Agile AnalyticsBit Stew Systems
 
Access control systems
Access control systemsAccess control systems
Access control systemsarnoldpeter01
 
Edge intelligence slide share
Edge intelligence slide shareEdge intelligence slide share
Edge intelligence slide shareBit Stew Systems
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective amarukanda
 
Cyberteq - Cyber Security for Telecom.pdf
Cyberteq - Cyber Security for Telecom.pdfCyberteq - Cyber Security for Telecom.pdf
Cyberteq - Cyber Security for Telecom.pdfssuser8717cc
 

Contenu connexe

Tendances

What hope for privacy in an IoT world?
What hope for privacy in an IoT world? What hope for privacy in an IoT world?
What hope for privacy in an IoT world? kotahinet
 
Law seminars intl cybersecurity in the power industry
Law seminars intl cybersecurity in the power industryLaw seminars intl cybersecurity in the power industry
Law seminars intl cybersecurity in the power industryKevin Murphy
 
Solving access for Hybrid IT
Solving access for Hybrid ITSolving access for Hybrid IT
Solving access for Hybrid ITJeff Green
 
IT Security News & Case Studies
IT Security News & Case StudiesIT Security News & Case Studies
IT Security News & Case StudiesDani Wannous
 
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...team-WIBU
 
A History of IIoT Cyber-Attacks
A History of IIoT Cyber-Attacks A History of IIoT Cyber-Attacks
A History of IIoT Cyber-Attacks GlobalSign
 
Aalto cyber-10.4.18
Aalto cyber-10.4.18Aalto cyber-10.4.18
Aalto cyber-10.4.18japijapi
 
5 Public Sector Technology Trends 2018
5 Public Sector Technology Trends 20185 Public Sector Technology Trends 2018
5 Public Sector Technology Trends 2018Mihae Ahn, MBA
 
The New Framework for Modern Data Privacy and Security
The New Framework for Modern Data Privacy and SecurityThe New Framework for Modern Data Privacy and Security
The New Framework for Modern Data Privacy and SecuritySara Goodison
 
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...CableLabs
 
Vishnu_Murali_September 2016 CDM CIO ENERGY Summit_FINAL_FINAL
Vishnu_Murali_September 2016 CDM CIO ENERGY Summit_FINAL_FINALVishnu_Murali_September 2016 CDM CIO ENERGY Summit_FINAL_FINAL
Vishnu_Murali_September 2016 CDM CIO ENERGY Summit_FINAL_FINALVishnu Murali
 
A History of IIoT Cyber-Attacks & Checklist for Implementing Security [Infogr...
A History of IIoT Cyber-Attacks & Checklist for Implementing Security [Infogr...A History of IIoT Cyber-Attacks & Checklist for Implementing Security [Infogr...
A History of IIoT Cyber-Attacks & Checklist for Implementing Security [Infogr...GlobalSign
 
Etisalat Digital Connect
Etisalat Digital ConnectEtisalat Digital Connect
Etisalat Digital ConnectGrafic.guru
 
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about themMobile security blunders and what you can do about them
Mobile security blunders and what you can do about themBen Rothke
 
Solving Industrial Data Integration with Machine Intelligence
Solving Industrial Data Integration with Machine IntelligenceSolving Industrial Data Integration with Machine Intelligence
Solving Industrial Data Integration with Machine IntelligenceBit Stew Systems
 
Security For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers SafeSecurity For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers Safewoodsy01
 
Driving IT Transformation with Agile Analytics
Driving IT Transformation with Agile AnalyticsDriving IT Transformation with Agile Analytics
Driving IT Transformation with Agile AnalyticsBit Stew Systems
 
Access control systems
Access control systemsAccess control systems
Access control systemsarnoldpeter01
 
Edge intelligence slide share
Edge intelligence slide shareEdge intelligence slide share
Edge intelligence slide shareBit Stew Systems
 

Tendances (20)

What hope for privacy in an IoT world?
What hope for privacy in an IoT world? What hope for privacy in an IoT world?
What hope for privacy in an IoT world?
 
Law seminars intl cybersecurity in the power industry
Law seminars intl cybersecurity in the power industryLaw seminars intl cybersecurity in the power industry
Law seminars intl cybersecurity in the power industry
 
Solving access for Hybrid IT
Solving access for Hybrid ITSolving access for Hybrid IT
Solving access for Hybrid IT
 
IT Security News & Case Studies
IT Security News & Case StudiesIT Security News & Case Studies
IT Security News & Case Studies
 
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
 
A History of IIoT Cyber-Attacks
A History of IIoT Cyber-Attacks A History of IIoT Cyber-Attacks
A History of IIoT Cyber-Attacks
 
Aalto cyber-10.4.18
Aalto cyber-10.4.18Aalto cyber-10.4.18
Aalto cyber-10.4.18
 
5 Public Sector Technology Trends 2018
5 Public Sector Technology Trends 20185 Public Sector Technology Trends 2018
5 Public Sector Technology Trends 2018
 
The New Framework for Modern Data Privacy and Security
The New Framework for Modern Data Privacy and SecurityThe New Framework for Modern Data Privacy and Security
The New Framework for Modern Data Privacy and Security
 
Byod security
Byod security Byod security
Byod security
 
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
 
Vishnu_Murali_September 2016 CDM CIO ENERGY Summit_FINAL_FINAL
Vishnu_Murali_September 2016 CDM CIO ENERGY Summit_FINAL_FINALVishnu_Murali_September 2016 CDM CIO ENERGY Summit_FINAL_FINAL
Vishnu_Murali_September 2016 CDM CIO ENERGY Summit_FINAL_FINAL
 
A History of IIoT Cyber-Attacks & Checklist for Implementing Security [Infogr...
A History of IIoT Cyber-Attacks & Checklist for Implementing Security [Infogr...A History of IIoT Cyber-Attacks & Checklist for Implementing Security [Infogr...
A History of IIoT Cyber-Attacks & Checklist for Implementing Security [Infogr...
 
Etisalat Digital Connect
Etisalat Digital ConnectEtisalat Digital Connect
Etisalat Digital Connect
 
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about themMobile security blunders and what you can do about them
Mobile security blunders and what you can do about them
 
Solving Industrial Data Integration with Machine Intelligence
Solving Industrial Data Integration with Machine IntelligenceSolving Industrial Data Integration with Machine Intelligence
Solving Industrial Data Integration with Machine Intelligence
 
Security For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers SafeSecurity For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers Safe
 
Driving IT Transformation with Agile Analytics
Driving IT Transformation with Agile AnalyticsDriving IT Transformation with Agile Analytics
Driving IT Transformation with Agile Analytics
 
Access control systems
Access control systemsAccess control systems
Access control systems
 
Edge intelligence slide share
Edge intelligence slide shareEdge intelligence slide share
Edge intelligence slide share
 

Similaire à Building secure digital services

Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective amarukanda
 
Cyberteq - Cyber Security for Telecom.pdf
Cyberteq - Cyber Security for Telecom.pdfCyberteq - Cyber Security for Telecom.pdf
Cyberteq - Cyber Security for Telecom.pdfssuser8717cc
 
Shift to Application & Infrastructure Hosting
Shift to Application & Infrastructure HostingShift to Application & Infrastructure Hosting
Shift to Application & Infrastructure Hostingtechzimslides
 
EMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudEMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudCompTIA UK
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
CYBER SECURITY.pptx
CYBER SECURITY.pptxCYBER SECURITY.pptx
CYBER SECURITY.pptxMalu704065
 
Tim Willoughby presentation to cloud workshop 2016
Tim Willoughby presentation to cloud workshop 2016Tim Willoughby presentation to cloud workshop 2016
Tim Willoughby presentation to cloud workshop 2016Tim Willoughby
 
Cloud computing
Cloud computingCloud computing
Cloud computingRazib M
 
Modiant World - Top IT Outsourcing Company in Dubai
Modiant World - Top IT Outsourcing Company in DubaiModiant World - Top IT Outsourcing Company in Dubai
Modiant World - Top IT Outsourcing Company in DubaiModiant world
 
Ethics, Professionalism and Other Emerging Technologies
Ethics, Professionalism and Other Emerging TechnologiesEthics, Professionalism and Other Emerging Technologies
Ethics, Professionalism and Other Emerging TechnologiesPrakhyath Rai
 
Overcoming the cybersecurity challenges of smart cities
Overcoming the cybersecurity challenges of smart citiesOvercoming the cybersecurity challenges of smart cities
Overcoming the cybersecurity challenges of smart citiesSaeed Al Dhaheri
 
Cybersecurity Risk from User Perspective
Cybersecurity Risk from User PerspectiveCybersecurity Risk from User Perspective
Cybersecurity Risk from User PerspectiveAvinantaTarigan
 
Digital demand - the challenges of being a CIO in the UK HE sector, by John C...
Digital demand - the challenges of being a CIO in the UK HE sector, by John C...Digital demand - the challenges of being a CIO in the UK HE sector, by John C...
Digital demand - the challenges of being a CIO in the UK HE sector, by John C...Jisc
 
MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?Kurt Hagerman
 
MISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Ontario Cloud SIG
 
Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...
Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...
Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...FinTech Belgium
 
ComResource Agency Solutions
ComResource Agency SolutionsComResource Agency Solutions
ComResource Agency SolutionsAnthony Dials
 
Digital Transformation 101 — How Will It Affect Your Business?
Digital Transformation 101 — How Will It Affect Your Business?Digital Transformation 101 — How Will It Affect Your Business?
Digital Transformation 101 — How Will It Affect Your Business?PECB
 

Similaire à Building secure digital services (20)

Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective a
 
Cyberteq - Cyber Security for Telecom.pdf
Cyberteq - Cyber Security for Telecom.pdfCyberteq - Cyber Security for Telecom.pdf
Cyberteq - Cyber Security for Telecom.pdf
 
Shift to Application & Infrastructure Hosting
Shift to Application & Infrastructure HostingShift to Application & Infrastructure Hosting
Shift to Application & Infrastructure Hosting
 
EMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudEMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the Cloud
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
CYBER SECURITY.pptx
CYBER SECURITY.pptxCYBER SECURITY.pptx
CYBER SECURITY.pptx
 
Tim Willoughby presentation to cloud workshop 2016
Tim Willoughby presentation to cloud workshop 2016Tim Willoughby presentation to cloud workshop 2016
Tim Willoughby presentation to cloud workshop 2016
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Modiant World - Top IT Outsourcing Company in Dubai
Modiant World - Top IT Outsourcing Company in DubaiModiant World - Top IT Outsourcing Company in Dubai
Modiant World - Top IT Outsourcing Company in Dubai
 
Ethics, Professionalism and Other Emerging Technologies
Ethics, Professionalism and Other Emerging TechnologiesEthics, Professionalism and Other Emerging Technologies
Ethics, Professionalism and Other Emerging Technologies
 
Overcoming the cybersecurity challenges of smart cities
Overcoming the cybersecurity challenges of smart citiesOvercoming the cybersecurity challenges of smart cities
Overcoming the cybersecurity challenges of smart cities
 
The fourth industrial revolution
The fourth industrial revolutionThe fourth industrial revolution
The fourth industrial revolution
 
Cybersecurity Risk from User Perspective
Cybersecurity Risk from User PerspectiveCybersecurity Risk from User Perspective
Cybersecurity Risk from User Perspective
 
Digital demand - the challenges of being a CIO in the UK HE sector, by John C...
Digital demand - the challenges of being a CIO in the UK HE sector, by John C...Digital demand - the challenges of being a CIO in the UK HE sector, by John C...
Digital demand - the challenges of being a CIO in the UK HE sector, by John C...
 
Does cloud technology belong at your law firm?
Does cloud technology belong at your law firm?Does cloud technology belong at your law firm?
Does cloud technology belong at your law firm?
 
MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?
 
MISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloud
 
Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...
Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...
Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...
 
ComResource Agency Solutions
ComResource Agency SolutionsComResource Agency Solutions
ComResource Agency Solutions
 
Digital Transformation 101 — How Will It Affect Your Business?
Digital Transformation 101 — How Will It Affect Your Business?Digital Transformation 101 — How Will It Affect Your Business?
Digital Transformation 101 — How Will It Affect Your Business?
 

Dernier

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 

Dernier (20)

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 

Building secure digital services

  • 1. BUILDING SECURE DIGITAL SERVICES Manchester, 22nd October Dave Beesley Technical Director NetDef
  • 2. Agenda  Evaluating IT infrastructure and processes to meet the needs of a rapidly changing sector.  Planning a robust infrastructure on which to build secure digital services.  Answering the security questions posed by regulatory compliance requirements.
  • 3. What are digital services? External Internal • Digital inclusion solutions • Rent payments • Access to tenant facilities • Telemedicine • CRM solutions for tenant management • Agile working systems • Data sharing amongst apps
  • 4. × Access × Skills × Motivation × Trust Over a third of these are in social housing Why? Digital Exclusion ~20% of population not using digital services
  • 5. Security considerations • Tenants feeling unsafe online/cyber-crime • Mitigated by training/help with getting online • https://www.cyberstreetwise.com/ • https://www.getsafeonline.org/ • Mitigated by technology • Gateway level security software • Access to security software • Potential reputational damage • Tenants accessing illegal material • AUP and monitoring/controls • Cost of implementation of security • Assurance/testing/compliance/management
  • 6. Current IT Infrastructure What does the business require? • SLAs • Capacity How are projects developed with the business? Cyber risk on corporate risk register? Business continuity and disaster recovery plans? Evaluation & asset management
  • 7. Planning for future developments Agility & flexibility of infrastructure Speed of execution for new projects Cloud versus on-premise or hybrid Security considerations baked into projects  Saves money  Reduces risk
  • 8. Compliance considerations Testing/assurance Safe Harbour EU ruling – important for cloud PCI/Data Protection/ISO27001 Ensuring reputational integrity Which standards are relevant? Who to turn to for advice?
  • 10. NetDef projects Regenda Group • Disaster Recovery and Business Continuity Strategy Guinness Partnership • Security infrastructure Auditing Services NDA • Security Auditing for Compliance Recent examples of consultancy work in housing associations
  • 11. Your to do list Security risk assessment – risk register Capacity planning and/or evaluation of future needs Testing/security assessment for compliance Business continuity and disaster recovery planning Asset Management