Event Recording

Reducing Complexity – Introducing a Practical Model for Security Classifications

Show description
Speaker
Eleni Richter
Chief Architect
EnBW
Eleni Richter
Eleni Richter is working as chief architect of the identity and organizational data management at a large German energy supplier (EnBW AG) and as part-time lecturer in IAM and Cyber Security Architecture at Lucerne University of Applied Sciences and Arts (HSLU). She has held various positions...
View profile
Top related content
Event Recording
Reducing the Species in your Cybersecurity Zoo
May 13, 2022
Event Recording
Cyber Security Architectures in a Hybrid World
May 12, 2022

A practical approach to cyber security architectures: In a hybrid ecosystem we have not only to find a suitable security model for IT but also for OT like in production environments. And after all cloud services are adding another dimension of complexity. We will take a short look at the security basics, compare some outdated, updated and up-to-date security models finding suitable models for IT-security, OT-security and cloud-security. Finally we will put it all together in combined scenarios. This presentation will focus on practical security architecture rather than on formal compliance.

 

Key Topics:

* IT-security, OT-security, cloud-security

* Cyber security: from basics, perimeter, air gap to zero trust

* Hybrid world: isolation or integration

* Tops and flops in practical cyber security

Event Recording
Zero Trust Use Cases
Sep 14, 2021

Zero Trust Use Cases: a pragmatic look from well-known use cases to lesser known ones. Focus will be on real world examples and situations proven in practice rather than on formal compliance. Further on we will have some critical thoughts on this topic.

 

Key Topics:

* What is Zero Trust?

* Some appliances for Zero Trust

              - Well-known use case: Web shop

              - Current use cases: Bring-your-own-device, Bring-your-own-account

              - Further use cases: Micro-segmentation, cloudification

* Some critical thoughts on non-deterministic systems

Eleni Richter, Chief Architect, EnBW
Event Recording
Workshop | Implementation of a Risk Class Model Within Access Management
Nov 09, 2022

In this workshop, we will show you how to implement a risk class-based approach within access management with little effort in order to achieve the highest level of control, compliance and transparency in your own organization. All the necessary rules and templates (e.g., for password management, connection guidelines for protocols used and authorizations) are based on best practices, the BSI risk class model and the requirements of ISO27001.

Webinar Recording
Forget Firewalls - Enterprise Data is your New Perimeter
Oct 30, 2015
One of the biggest challenges modern enterprises are facing is the evolution toward connected businesses. To survive in this fiercely competitive environment, businesses strive to be as agile as possible, to continuously adopt new business models and to open up new communication channels with their partners and customers. Thanks to rapidly growing adoption of cloud and mobile computing, enterprises are becoming more and more interconnected, and the notion of a security perimeter has almost ceased to exist.
Event Recording
Dr. Sridhar Muppidi - Security Starts with Identity and Access
May 11, 2016

People are the weak link in security. Most data breaches start with bad actors using stolen user credentials and this is fundamentally an identity problem. For too long Identity & Access Management has been viewed as silo often walled off from the security group but this must change. Now, more than ever Identity & Access Management must be viewed as a key security control that can help minimize and mitigate security intrusions.

Webinar Recording
Surviving the Cyber Security Attack Wave
Oct 14, 2011

KuppingerCole Webinar recording

Event Recording
Operational concepts with the WALLIX tiering model
Nov 15, 2023

Lack of control and controllability is increasingly a problem in many internal IT departments today. The complexity of the solutions used has steadily increased. It is therefore all the more important that information security systems are optimally set up and easy to operate and administer.

Establishing a risk class-based access management system makes sense for many reasons. In addition to meeting compliance requirements such as ISO27001, BSI IT-Grundschutz or industry standard 62443 and integrating seamlessly into a risk-based approach followed in the information security management system, this approach promotes the regaining of control over all possible accesses to company or organisational systems, regardless of these requirements.

Event Recording
Panel - Risk Assessment and Security Design
Dec 18, 2018

Zero Trust Security assumes that nothing in a companies ITinfrastructure like including users, endpoint devices, networks, and resources, is ever trusted. All interactions must be verified to decrease the chance of a security breach. Zero Trust Security ensures secure access to resources while significantly reducing the possibility of access by bad actors. In this paneldiscussion we will discuss the considerations companies should make before implementing Zero Trust Security and Zero Trust Security by Design.