OBS: Du finner nå lenker til nedlasting av media-filer nederst på det enkelte opptak sin avspillingsside.

Dato Tittel Foreleser Emne
Tommelnegl 27. april 2018
Kl. 12.12
60 min
K105
Presentation of NorSIS and the services Slettmeg.no and Nettvett.no. Cybersecurity for SMEs and the public; Threats and trends 2017/2018
Peggy Sandbekken Heie is the CEO of the Norwegian Centre for Cyber Security (NorSIS). Peggy has a Master in Business Economics with specialization in information management. She is also CISA and CRISC certified from ISACA and has a postgraduate certificate in education (PGCE). Peggy has several years of experience in risk management, corporate development, IT audit, financial audit and information security.
Peggy Sandbekken Heie NISlecture
Tommelnegl 26. januar 2018
Kl. 12.12
68 min
K105
Defending academics from the cyber reality since 1.1.2017
The NTNU digital security section (DS) and Security Operations Centre (SOC) was officially established 1.1.2017 and is the largest security section in academic Norway. Since being established, DS has been actively working on improving cyber and information security at the university. DS is primarily working in two domains, operative security and security management. The section also has a leading role in establishing the information security management system (ISMS) at NTNU. This talk will present the section and how it contributes to making the university a more secure environment for all. Furthermore, we will provide a picture of the operational capacity for cybersecurity of NTNU SOC, including the technology choices and the roadmap of building a scalable sensor network. Based on the operational capability, the talk will also provide some insight into the current risks and trends that NTNU is facing in the cyber domain. Finally, we will present how the digital security section is cooperating with academia and possible venues for further collaboration.
Christoffer Hallstensen and Gaute Wangen NISlecture
Tommelnegl 27. oktober 2017
Kl. 12.12
55 min
Store Eureka, 2/3 Eureka
20år med sikkerhetssertifisering – nonstop – fortsatt usikker på om det smaker?
NT har vært sikkerhetssertifisert i 20 år og har arbeidet systematisk med risiko, informasjonssikkerhet og opplæring i en årrekke. Gode sikkerhetstiltak er et avgjørende bidrag til å skape tillit hos kunder, kanskje det viktigste… Temaet for forelesningen gir et innblikk i hvordan NT arbeider med å ha kontroll på risikoer, sikkerheten for sine 400 ansatte og de 2 millioner kundene – og hvorfor Nonstop smaker like godt år etter år…
Trond Laupstad NISlecture
Tommelnegl 29. september 2017
Kl. 12.12
55 min
K105
Implementing European Cybersecurity Regulation
In summer 2016, the EU adopted its directive on the security of network and information systems (NIS directive). EU member states must transpose the directive into their national law by May 2018. The core provisions of the directive put pressure on European companies: Operators of critical infrastructures must implement cybersecurity requirements and report cyber attacks. Moreover, the directive covers major digital services. Online marketplaces, search engines and cloud services must fulfil similar requirements. Germany has been at the forefront of implementing the NIS directive. Even before the directive was passed by the European Parliament, Germany has adopted the first IT security law, which is close to the European provisions, and sets up cybersecurity requirements for critical infrastructures and digital services. However, NIS directive and its national implementations are just a part of the evolving cyber regulation in Europe. Sectorial regulation is spreading, too. Martin Schallbruch performs an analysis of the problems and opportunities of the regulatory rush in European cybersecurity. Martin Schallbruch is a Senior Researcher for Cyber Innovation and Cyber Regulation at the European School of Management and Technology, Berlin. For more than 10 years, he was a director-general in the German federal government, responsible for digital strategy and cybersecurity.
Martin Schallbruch NISlecture
Tommelnegl 25. august 2017
Kl. 12.12
55 min
K105
Our Cyber Security Challenges: A Serious Game
Do you have the “right stuff” to play the cyber security game? If not how can you get it? In this NISlecture we will outline some extracurricular activities you can participate in as a student to learn and challenge your skills and knowledge of cyber security. Associate Professor Simon McCallum will introduce the Community of Professors (COPS) Doctoral program on Serious Games and Cyber Security. He will also talk about the need for tools (Qrate) and skills for all students, be they bachelor, master or doctoral students, to learn how to ask “the right” critical questions to security cyber space. PostDoc Gaute Wangen will present his experience as a doctoral student and a member of the Norwegian Digital Border Squad in the 2017 Cyber 9/12 Challenge, held annually in Geneva. Further information about the Norwegian Cyber Security Challenge 2017 www.ntnu.no/ncsc will be presented. Professor Stig Frode Mjølsnes will present student extracurricular activities in IIK Trondheim-Campus via Skype. He will present the activities of the ITEMIZe Hacker Club. The ITEMIZE Hacker Club started up in October 2014 by Prof. Mjølsnes. An important goal of ITEMIZE is to actively participate and achieve respectable rankings in the multitude of international hacker contests. These typically take place over two-three days, most often on the weekends, which produce motivation, experience, and new skills. The, ITEMIZE members meet bi-weekly in some available afternoon, to share and discuss solutions to challenges and puzzles in earlier competitions, new exciting hacker stuff, hearsay, tool tutorials, and more. http://itemize.no/contact/ So all students should sign up to attend this NISlecture either in person or online to learn about some serious challenges in your future.
Simon McCallum, Gaute Wangen and Stig Frode Mjølsnes NISlecture
Tommelnegl 26. mai 2017
Kl. 12.12
55 min
K105
The Modern Cybersecurity Stack: Data-driven Network Monitoring with Bro
Faced with today's sophisticated cyberattacks, classic intrusion detection systems often leave defenders with playing games of whack-a-mole. Offering an alternative, the open-source network security monitor Bro has become a driver behind a recent paradigm shift inside the incident response community: By facilitating data-driven, site-specific network traffic analyses, Bro empowers operators to defend their organizations against a broad range of attacks, from indiscriminate to highly targeted. This talk will recap Bro's evolution from a niche software developed by a small academic research group into a widely deployed system that's now protecting some of the world's largest organizations. We will examine Bro's scientific foundation, discuss experiences transitioning the system from a research platform to large-scale operational deployment, and present current research efforts that seek to further advance today's network defense capabilities.
Robin Sommer NISlecture
Tommelnegl 28. april 2017
Kl. 12.12
55 min
K105
Biometric systems based on communications principles
Abstract: A biometric system is a technological system that uses information about a person to identify that person. We will discuss the connection between Biometric systems and Information/Communication theory. Several authentication system implementations will be explained and their performance analyzed. We will pay attention to the tradeoff between information security and reliability of biometric data.
A.J. Han Vinck NISlecture
Tommelnegl 31. mars 2017
Kl. 12.12
55 min
K105
Software Certification for Software-intensive Safety Critical Systems
Smart devices are all around us nowadays. These little angels/devils are making our lives much easier, while also opening up a lot of security/safety holes, esp. those safety critical devices have the potential of physically harming or even killing us. In this NIS lecture, in order to demonstrate the real threats of these devices, I will use a case study of a software intensive medical device ‹ the Insulin Pump ‹ from one of our previous projects at the McMaster Centre for Software Certification, McMaster University, Canada. Based on the insulin pump example, I will give an overview and discuss some important aspects of the key approach to make these systems safer and more secure: software certification.
Hao Wang NISlecture
Tommelnegl 24. februar 2017
Kl. 12.10
50 min
K105
Security aspects of smartphones authentication
Abstract: The industry introduced username and passwords more than 40 years ago and has subsequently seen incremental improvements to maintain an adequate security posture. Complexity rules, password change frequency, and requirements to avoid password re-use were added over time to improve the security of username+password infrastructure. Since then, (a) the average number of accounts has increased to a level that it is unfeasible for users to memorize distinct passwords per account and (b) mobile devices without physical keyboards are proliferating. Typing in passwords on such devices is cumbersome and prone to error. On the other hand, new attacks have appeared that demonstrate the fundamental security limitations of the existing password concept. Several variations of one-time-password schemes have been invented to fix the password security problem (e.g. one-time passcode (OTP) tokens, SMS OTP, OTP generator Apps). Unfortunately, such schemes further reduced usability and did not succeed in protecting against scalable attacks (e.g. Phishing, MITM). Biometric user verification, initially used for Government purposes, can be more convenient for users than typing passwords. We will look into the security aspects of the unattended nature of mobile biometrics and the implications for a secure implementation of secure and biometrics-based authentication. Rolf Lindemann works for Nok Nok Labs, Inc. as Senior Director Products & Technology and brings more than 15 years of experience in product management, R&D and operations from the IT security industry. He has contributed to various FIDO specifications and has been a frequent speaker at industry events. Prior to Nok Nok Labs Rolf Lindemann worked as Senior Director Product Management in the user authentication group at Symantec where he was responsible for research and product strategy on device authentication in smart grids and mobile networks. Before Symantec's acquisition of TC TrustCenter, he was Executive Director Product Strategy at TC TrustCenter GmbH. Named to that position in 2009 he was responsible for analyzing market trends and aligning the overall product portfolio to new market opportunities. Rolf Lindemann received his PhD from the Technical University in Hamburg-Harburg and holds a master's degree in electrical engineering.
Rolf Lindemann NISlecture
Tommelnegl 27. januar 2017
Kl. 12.10
60 min
K105
Enhancement of human performance in military cyber operations by facilitating the application of behavioral science in cyber defence practice
In cyber operations, we are less directly confronted with the outcomes of our action than in situations of physical or direct engagement. Our anticipation of future outcomes are more abstract or differently specified, less detailed, and typically decision-making processes are conducted under multiple converging and diverging pressures. These circumstances, are assumed but not yet well-understood aspects of cognition, such as an increased tolerance to uncertainty or management of cognitive load, all contribute to how judgements and decisions are made to act and determine the overall performance. The effects of digitisation on decision-making and the contribution of behavioural sciences are largely not investigated within the cyber domain, but this can nonetheless have immediate effects on cyber security at national and international level. In the wake of Cyber Pledge, this calls for an intensified effort in research, training and education of personnel with cyber competence. This talk will focus on human factors in cyber operations. What has been done so far by the research group *PACE-CYBORG*, and the future landscape ahead.
Øyvind Jøsok & Benjamin Knox NISlecture
Tommelnegl 16. desember 2016
Kl. 08.25
50 min
K102
Confidentiality, Privacy and Information security
Abstract: How to handle privacy and information aspects we learn about other people in our jobs – «the thin line» between more security and privacy. About the lecturer: Ms. Solveig Fiske, Bishop in the Church of Norway, the Diocese of Hamar. Born in 1952. Ordained pastor in January 1982. Consecrated bishop December 2006. Worked several years as chaplain and vicar in local parishes. Former leader of Norwegian association of female theologians. Member of the Norwegian delegation at the Pastoral Conference of Great Lakes in Africa in 2003 and 2004. Representing the Church of Norway’s Bishops conference in the Coordination council on abuse issues. Representative in the board of the Practical-Theological Seminar at the University of Oslo. Leader of the board of The Church’s Resource Centre against violence and sexual abuse. Part of the campaign-board for the national Stop violence against women campaign.
Bishop Solveig Fiske NISlecture
Tommelnegl 25. november 2016
Kl. 12.10
60 min
K102
Kan vi håndtere cybertrusselen? (Can we handle the cyber threat?)
In this lecture, Arne will review status for cyber security in 2016 and postulate about the future landscape ahead. Arne Helme received a Cand. Scient degree for research on distributed operating systems at the University of Tromsø in 1992 and a Doctorate degree in security engineering from the technical University of Twente, The Netherlands, in 1997. For the past 20 years he has helped public and private organization in Europe to improve their security capabilities – particularly in the area of electronic ID and national security infrastructures. He is currently Partner and Cyber Security Lead at KPMG Norway.
Arne Helme NISlecture
Tommelnegl 30. september 2016
Kl. 12.10
50 min
K102
Computer security at CERN: risks, vulnerabilities, threats, incidents etc. - trends and lessons learnt
In this lecture, Sebastian will present the computer security risk landscape of an international research laboratory, overview various motivations behind attacks, and explain how these threats are addressed at CERN. He will then go into details of several types of vulnerabilities, and incidents affecting CERN in the past - and will discuss lessons learnt. The lecture will conclude with a summary of possible future trends, and ways of responding to them.
Sebastian Lopienski NISlecture
Tommelnegl 26. august 2016
Kl. 12.10
50 min
K102
NISlecture2016/8: Practical Risk Assessments: A Trial by Fire
NISlecture2016/8: Practical Risk Assessments: A Trial by Fire
Gaute Wangen NISlecture
Tommelnegl 27. mai 2016
Kl. 12.05
60 min
K102
NISlecture 2016/5 :Some ethical dilemmas of hacking
NISlecture 2016/5 :Some ethical dilemmas of hacking
May Thorseth NISlecture
Tommelnegl 1. april 2016
Kl. 12.05
60 min
K102
NISlecture2016/3: Quantification of Cyber Risk Accumulation - one of the biggest challenges for insurers Dr. Maya Bundt NISlecture
Tommelnegl 26. februar 2016
Kl. 12.05
60 min
K102
NISlecture 2016/02 Unpatchable: Living with a vulnerable implanted device
NISlecture 2016/2 Unpatchable: Living with a vulnerable implanted device
Marie Elisabeth Gaup Moe NISlecture
Tommelnegl 29. januar 2016
Kl. 12.15
45 min
K102
NISlecture 2016/1 Our digital society and pervasive vulnerabilities Sofie Nystrøm NISlecture
Tommelnegl 11. desember 2015
Kl. 12.00
60 min
K102
The Norwegian Internet Voting Experiment Kristian Gjøsteen NISlecture
Tommelnegl 27. november 2015
Kl. 12.00
60 min
K102
Timing Attacks against State Estimation in Power Networks Stephen Wolthusen NISlecture
Tommelnegl 25. september 2015
Kl. 12.15
45 min
K102
NISlecture
Telenor Group from a Security Perspective
André Årnes NISlecture
Tommelnegl 28. august 2015
Kl. 12.05
70 min
K102
NISlecture: Digital Sovereignty
Core aspects of Digital Sovereignty will be governance of ICT and the new technologies and paradigms mainly mobile technologies and cloud computing. At the same time, these aspects are the hardest security challenges. The intersect of these areas will be the major drivers when it comes to the lead or even domination in the field of ICT over the next decade. With this digital sovereignty and international agreements, e.g. TTIP will play a decisive role in this game. Europe seems to have given in with the global division where America focusses on large and industrial software and systems where Asia has taken the lead with hardware as labor and environment conditions are not reflected in the products. Europe being one of the largest markets is still struggling with its position in this game. Consumer’s needs and security as well as data protection and trusted information security might be areas where Europe has fair chances but at the end it will be about governance. While overarching and global some of the key factors of such governance will be factored into important detail aspects and new ICT paradigms like mobile and cloud computing and might even take dominant roles.
Prof. Dr. Reinhard Posch NISlecture
Tommelnegl 29. mai 2015
Kl. 11.05
65 min
K102
NISlecture 2015/5 Luigi Lo Iacono NISlecture
Tommelnegl 8. mai 2015
Kl. 12.05
65 min
K102
NISlecture 2015/4 Dr. Dhiren R. Patel NISlecture
Tommelnegl 27. mars 2015
Kl. 12.05
80 min
K102
NISlecture 2015/3 Lars Bo Langsted and Søren Sandfeld Jakobsen NISlecture
Tommelnegl 27. februar 2015
Kl. 12.05
65 min
K102
NISlecture 2015/2 Sylvia Yang NISlecture
Tommelnegl 30. januar 2015
Kl. 12.05
65 min
K102
NISlecture 2015/1 Zeno Geradts NISlecture
Tommelnegl 28. november 2014
Kl. 12.05
65 min
K102
Nasjonalt ID senter Arne Tveitan NISlecture
Tommelnegl 31. oktober 2014
Kl. 12.05
65 min
K102
How we discovered Heartbleed Tomi Väisänen NISlecture
Tommelnegl 26. september 2014
Kl. 12.05
70 min
K102
Privacy is 80% Information Security, - How to manage privacy in your organization Hans Dahlquist NISlecture