Compliance in Practice: Making NIS2 and ISO 27001 Work in Daily Operations (denog17)

Chaos Computer Club - recent events feed (low quality)

CCC media team에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 CCC media team 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.

11d ago 33:34

MP4•에피소드 홈

With NIS2, ISO 27001 and requirements of BNetzA raising the bar for security and operational compliance, many internet providers are asking the same question: *How do we meet these requirements without drowning in bureaucracy?* This talk bridges the gap between regulation and real-world implementation. Instead of focusing on theory or checklists, we’ll look at how to integrate compliance into the day-to-day work of running a network—with minimal friction. **Topics include:** - Turning compliance into a continuous, manageable process - Using a Single Source of Truth (SSoT) to manage documentation, assets, and controls - The “document once, but right” principle: reducing duplication and inconsistency - Assigning and tracking responsibilities that actually get done - Lessons from real-life audits and what works in lean teams - Tooling, automation, and pragmatic templates to stay compliant while staying sane We will demonstrate these concepts using open-source tools like: - **NetBox** for infrastructure inventory and network documentation - **Snipe-IT** for asset lifecycle management - **Zammad** for task and ticket tracking - **Eramba** for managing risk, controls, and policy compliance - **GitLab** for documentation, version control, and approval workflows These tools help create a practical compliance framework that integrates seamlessly into daily operations and supports both audit readiness and operational efficiency. This session is tailored for engineers, DevOps, and infrastructure managers at ISPs and hosting providers who want to build a compliant operation—without losing focus on uptime, performance, and business continuity. **You’ll walk away with concrete strategies and examples you can apply on Monday.** Licensed to the public under http://creativecommons.org/licenses/by/4.0 about this event: https://pretalx.com/denog17/talk/DUMD8G/

1724 에피소드

#Technologie #CCC media team #Ccc Congress Hacking Security Netzpolitik #Video