The SBN initiative in Security and Compliance.
Posted by Eva-Maria Fahrer on 09/03/2022 07:39
I have collected a little information which I found to be interesting and relevant. You will later see more as Stein Ove Røv at Skagerak energi is helping and we will publish webinars and articles which should be of interest if you are working with security in an IT landscape.
Nasjonal sikkerhets Myndighet (NSM) in Norway generates anually a security report.
In the report Risk 2022, NSM states the threat to Norwegian companies is increasing. The tense situation in Ukraine makes this threat even worse. There is a high probability that Norwegian companies may be targets for cyber attacks. The Energy production that is an attractive target as well as example the telecom sector.
Targeted phishing is attacks on selected people. Common is that people pretend to be a director or other employee in the company, all seems very legitimate and it can therefore be very harmful. Suspicious incidents should be reported.
Telephone fraud is if you called by an unknown foreign number and they hung up. This is a fraud called wangiri. ("=one ring and cut" in Japanese). It's said they make good money from being called back. Do not call back! As example Telia has systems across the Nordic and Baltics that monitors activity. The numbers they identify are blocked for call back. Telia blocked more than 4 million calls in Norway during January and another 4 million calls to people in Sweden and Denmark.
Maybe also useful are NSMs "Basic Principles for ICT Security", which is recommendations for how to secure information systems.
We are never stronger than our weakest link.
We need to make a joint effort against cyber crime.
Advice to avoid fraud:
- Do not call back if you see that an unknown number from abroad has called you
- Do not click on links you have received from unknown numbers or senders
- Download apps only from Google Play and App Store
- Never give your BankID code to anyone
- Be critical - no professionals ask for personal information like BankID
- Smartphones can block calls from specific numbers use this functionality
If cybersecurity and digital espionage is in your area of interest, listen to Nicole Perlroth. She is a journalist and covers cybersecurity and digital espionage for The New York Times. She is a guest lecturer at the Stanford Graduate School of Business. She is the author of the New York Times bestselling book about the global cyber arms race. Here is a YouTube link to an intervju with Nicole Perlroth. 20 minutes into the intervju she talks about cyberattacks which has distroyed nuclear wepons to keep the world out of war and preserved peace. Link to her articles in NewYourTimes
The world is not obsessed with demand for profit nor is it evil or mean. Most people are friendly and helpful.
One example, Google Maps has less functionality in Ukraine, to stop the Russian military from tracking as example Ukrainian troops.
The Norwegian Petroleum Fund, will vote against Apple's remuneration policy as they are a owner and can do so. The fund will press for shareholder proposals related to sustainability and human rights and is against to give CEO Tim Cook $ 99 million in salary and bonus for 2021.
A completely different example is Conti, they sell extortion viruses and according to researchers has put pressure on companies in the USA and Europe for millions of dollars during recent years. Conti published full support for President Vladimir Putin, and promised to crack down on critical infrastructure in Ukraine. After this, hackers around the world made sure that sensitive data was leaked from Conti, such as chat logs, back-end infrastructure and bitcoin wallets. Now it is easier for authorities and cybersecurity companies to stop the criminal actions of Conti.
As you may have seen we have started an initiative in Security for Compliance.
Stein Ove Røv at Skagerak Energi is supporting us to Quality Assure our Partners presentations and material. For me it is important, the stuff we bring in SBN, is relevant for you.
We are currently working with quality assurance and will later publish webinars and articles which should be of interest if you are working with security in an IT landscape.
I found information about Cloud Connector in a newsletter from SAP. I’m not 100% sure its relevant but it sounded interesting so I hereby publish it for you, see below.
Cloud Connector is an SAP application to ensures a secure connection to the SAP “cloud”. The Cloud Connector ensures SAP Cloud products a securely communication with systems on-premise or a private cloud landscape. Cloud Connector can be installed on a Windows, Linux, Mac OS operating system. An SAP BTP account is needed to configure the connection between the SAP Cloud environment and the Cloud Connector instance. Multiple Cloud Connectors can be deployed to connect to one or more SAP BTP region- subaccounts. Cloud Connector documentation on this link
There is a solution and a managed service by SAP security experts called “SAP Enterprise Threat Detection, cloud edition" The concept from SAP defends against cyberattacks and safeguards business, maybe it could be interesting to read ore on the link above.
PS: Pictures say more than 1000 words. If you want to see if a picture is real test Search an Image with Google on this link.
In SBN we will dig into the area of Security to ensure Compliance and bring you different relevant solutions as informative webinars and articles, so please look out.
Published by Eva-Maria Fahrer, contact info here
SBN S/4HANA Day
F2F in Oslo & Remote
During the SBN S/4HANA Day, we share customer cases of moving to S/4HANA, experience with available tools from SAP and partners to migrate to S/4HANA, S/4HANA deployment methods and next steps after migration.
SBN SAP ALM (Solution Manager) Roadshow Day
F2F in Oslo & Remote
Knowledge sharing and from SAPs Product Management Expert ALM Benjamin Schneider hews and information about SAPs three strategic product lines – SAP Cloud ALM; SAP Focused Run and SAP Solution Manager (incl. Focused Build and Insights).