The recent ‘Application Security’ Experience Sharing Day covered several Belgian research projects on advanced security approaches.
ESA focus group – 27 November 2019 – ESA Practice and API Security Architecture
27 November 2019 – Cyber Security Coalition
The agenda of the November session listed two distinct topics. The first one, brought by ING, forced us to take a distance from our day-to-day, technical focus and reflect on the purpose, mission, values and impact of our practices. The relative gap in maturity, initially perceived by some members, clearly is no longer an impediment to actively participating to open discussions among trusted members, boosting the sharing and value creation! Concrete proposed actions resulting from this activity are the co-creation and application of an ESA maturity model and the edition of an article on what enterprise security architecture is about and how the Coalition can help member and non-member organizations in achieving professional standards.
The second topic, jointly brought by BNP Paribas Fortis and Proximus, took a closer look into the API management domain, one of the pillars of enterprise digital transformation. Several architecture views, access control mechanisms and secure reference designs were elaborated. Three concrete patterns were analysed for trade-offs between their protection level and the implied management effort.
On the picture, from left to right: Sven Vermeulen (KBC Group), Peter Spiegeleer (Proximus), Coen De Roover (VUB)
Other blog posts
In a second workshop the Focus Group discussed the NIS implementation challenges faced by the transport sector.
Chairman D. Stevens presented the 2020-2025 Strategic Plan of the Belgian DPA to the Privacy Focus Group and R. Lembrechts tackled the issue of Shadow-IT.
The afternoon’s programme included two external speakers who talked about ‘SaaS security & compliance management challenges’ and ‘shift left’.
NIS workshop – 26 November 2019 – Operationalizing the NIS Directive in the water distribution industry
Late November saw the kick-off meeting of a series of workshops on the NIS implementation in the impacted sectors.