Tickets
Workshops
Agenda
Speakers

Thursday 

Room 4 

15:00 - 16:00 

(UTC+02

Talk (60 min)

How we secure NAV.no and 1/3 of Norway's national budget

Norwegian Labour and Welfare Administration (NAV) has over the past few years been through an extensive digital transformation journey that fundamentally changed who develop and deliver digital services and has influenced everything to how we work to the technology decisions we make.

Architecture
Continuous Delivery
Software Design
DevOps
Security

This journey will continue and we must adapt our approach to security accordingly.

As our attack surfaces grows with every new service, and our supply chain is growing longer and longer the threat landscape is becoming more and more complex. We experience an increase of digital threats and they can not be handled only by those who are operating the applications. Digital security concerns all roles and has to be implemented across the organization.

In this presentation we will shed some light on how NAV systematically works to enhance it's digital security from the very start of how the organization is structured with Security Champions in all teams, to planning/design/implementation of new systems, to how we secure the runtime and infrastructure that powers it all and how we proactively prevent and train on security related events.

Hans Kristian Flaatten

Platform Engineering at the Norwegian Labour and Welfare Administration (NAV) responsible for the NAIS platform. NAIS is an application platform built to increase development speed by providing our developers at NAV with the best possible tools to develop and run their applications.

Previously Chief Consultant and DevOps Practice Lead for TietoEVRY where I drove culture and competency building for DevOps, Site Reliability Engineering (SRE) and Cloud Native practices internally and for customers in public government, telecom, banking and insurance sectors.

Open Source, DevOps, and Cloud Native evangelist. Member of the Node.js Foundation where I manage test and release of official Node.js versions and the official Docker Image for Node.js with 10M+ downloads.

Organiser of DevOps Bergen, Bergen NoSQL User Groups, and Co-Organiser of the DevOps Days Oslo Conference. I speak at various other local, and national, user groups and conferences on Open Source, open data, Cloud Native, and other new and exciting technologies and practices.