09-29, 10:15–10:55 (Europe/Berlin), Stage 1
We'll explain what is wrong with typical "Least Privilege" & "Zero Trust" implementations and ask: "Are we playing for a Draw or are we playing to Win against our IT security adversaries?
In this keynote we'll start out with a bit of Dutch folklore, we'll explain what is wrong with typical "Least Privilege" & "Zero Trust" implementations and ask the confronting question: "Are we playing for a Draw or are we playing to Win against our IT security adversaries...? Next we'll use some "classical" laws of war/diplomacy, biology/business and engineering to develop a modern IT architecture suitable for todays challenges. This architecture is based on desired state infrastructure, built using CI/CD and Infra/Policy-as-code. It stores its data in Data Services. It uses Events, Observability and IAM to operate securely. We'll explain this architecture and show different views of this architecture for: - Architects/Developers/Engineers - C-level Managers - CISO/Auditors.
As a bonus, since we’re at FOSS Security Campus, we’ll also answer the question if “zero privilege” equals “zero governance”, and that answer is most certainly not. ING has open sourced the first components of our “zero privilege” platform and we’ll also explain a bit on that journey.
We’ll answer some “zero privilege” questions like: - Can it be build ? - My workloads won't fit - We're not a bank, we cannot afford this - Doesn't this collide with current views/implementations of established entities in the security(/compliancy) industry ?
To conclude we’ll have some time to interact with the audience on “zero privilege” as well as on “open source governance” topics
Get your ticket now!
Register for FOSS Security Campus in our ticket shop! We also have online tickets and reduced tickets for students available!
On September 26-27th we are offering full- and multi day IT security trainings — Click here to find out more!
Architecting Cloud Native @ING since 2016 (employee since 2001) Architecture Lead for the Runtime Domain (“VM & Container Hosting”), for ING Private & Public Clouds. Speaker at KubeCon Amsterdam, OpenShift Commons San Diego & Detroit. Interviewed by TheCUBE during KubeCon Detroit. Author on TheNewStack (“ING on Building a Cloud Native Bank”). Living together with Karolina and son Erik in a small village close to Amsterdam
Jan Vogel is Architect Tech/Infra/EA and chair of ING’s Open Source Board. He has been interviewed for an external article on ING's approach to open source, which was published on several external sites. Living together with Carly in a different village slightly further away from Amsterdam.