About this talk:

The UK National Cyber Security Centre (NCSC) have published a pattern on how to safely import data into an organization. This can be found at https://www.ncsc.gov.uk/guidance/pattern-safely-importing-data

The pattern fundamentally recommends a Transform and Verify approach to imports as shown below:

This has some significant differences to import processes typically in use in commercial environments.

The objective of this session is to raise the awareness of this pattern, highlight the differences in the pattern and the pros/cons of them, and to explore the practicalities of using this patter in commercial environments.