Mr. Frantzen's introductory presentation will share IDC's views on some of the broader changes taking place in ICT and the industry's shift to the third major platform of growth and innovation – built on a combination of mobile technologies, cloud services, social business, and big data technologies. He will also touch upon next-generation solutions, while outlining the critical role of security and security solutions in this new environment.

We are all aware that security infrastructures are becoming more complex and that threats continue to multiply. Changes to a rapidly evolving IT environment and landscape will only serve to multiply challenges. This presentation will take a look at what companies have done to date, and why traditional approaches to IT security will need to be rethought and strategies with them in order to prepare for the even greater challenges that lie ahead brought on by mobility, big data, among others.

 The Internet has changed everything at work. What are the innovative solutions and techniques that can help your end-user awareness programs as well as training for your advanced cyber team. 

• The need of a holistic approach to MSS –what do companies need?
• The role of MSS in agile security
• Telefonica/O2 as a global MSSP player – Description about the model, global view (Global SOCs in Peru, Brazil and Spain)
• Services offered by Telefonica/O2 GSOCs
• Lessons learned by Telefonica/O2 GSOCs

Smartphones have become a part of our everyday lives. We use them not only to make phone calls, but also for other things such as storing important and personal information.

Smartphones have begun to penetrate the corporate environment, with personal phones increasingly being used as business phones.  On one hand, this brings companies a lot of advantages. On the other, it increases the risk of business information leaking.

To what threats are these devices – and through them the business environment in which they are used – exposed? We are aware of the dangers, but are we really prepared for the reality?

Enterprise in vulnerable world. How to effectively define a security strategy with the concept of 3D from Check Point.

How have threats to Web applications, mobile devices, and virtual tools developed? Is it possible to effectively avoid breakdowns in security and actively prevent potential system breaches that use regular and sophisticated attack techniques? The use of virtualization brings undeniable advantages, but also combines the weaknesses of traditional infrastructure with the specific vulnerabilities of virtualized tools. How should securing and protecting a virtualized environment be effectively approached? Large IT infrastructures generate huge amounts of data in various forms. Oftentimes, it is not easy for security personnel to know the entire context and discover an attack in time to minimize damages. How to make sense of all this information? The answers to these questions and more can be found in IBM Security Systems' portfolio of products and services.

While cyberwar is certainly getting all the front-page headlines right now, especially because of the well-known cyber-espionage and cyber-sabotage operations pioneered by nation state players in the past years, it doesn’t mean that traditional cybercrime is no longer a threat.
As long as traditional cybercrime will make a profit, there will be people doing it and there will be people trying to stop it. The days in which virus writers were creating malware just to make a point or just to prove that they can do it are gone for a long time. Right now, most of the malware appearing is written with just one purpose: financial gain.
Cybercriminal businesses behave the way real businesses behave – they are always connected with the latest happenings in technology, trying to closely follow the users – because that’s where the money is. This presentation aims to take a look at how traditional cybercrime has evolved and where it is going. We’re going to take a look at the new platforms which cybercriminals are targeting, their latest victims and their ever increasing profits. And last, but not least, we’re going to see if this is all going to stop anytime soon.

The changing methods of attacking specific targets, increasing requirements on the active use of private mobile devices in corporate networks, and the security of hosted services are hot topics for an increasing number of managers responsible for IT security. Advanced modern security approaches, interdependence, and understanding of the information processed by the individual elements of security systems are the basic points of information protection strategy regardless of platform or location. The Symmantec solutions that will be presented successfully manage these elements at a reasonable costs and effort.

The presentation will provide an overview of technology for security testing in networks and datacenters. The latest security threats and types of vulnerabilities will be explained, as will currently-available security appliances. The possible methods of network device performance testing will be described, as well as methods on how to evaluate the level of security on the networks tested.

The presentation will describe an advanced method of protecting sensitive information, even if the document or email leaves the customer's standard perimeter. By the time the information is beyond the control of internal IT, it is still possible to "tie-in" the document or email's security or and dramatically improve protection and reduce the risk of the loss or misuse of information. The second part of the presentation will briefly discuss proactive security monitoring, archiving of security events, and a comparison with generally accepted standards (PCI-DSS, SOX, BS)

Recent failures and security breaches are there to remind us that clouds fail. The difference between the users which are majorly affected and the ones which have minor or no impact is determinate by the capacity of latter ones to implement adequate risks management approaches and to plan for cloud service failure. Which in other terms means that cloud users have to make sure they have established risk management practices, accountability mechanism, geographic and providers redundancy, effective incident management mechanisms, well defined SLAs, etc.

The user has to be in the condition to

• assess and compare the cloud services on the base of their security, resilience, interoperability, portability and compliance features

• validate the providers claims on performance and levels of protection

• monitor the fulfillment of requirements

The presentation will provide an analysis of the main security, governance and compliance implications of cloud computing and suggest possible solutions to improve transparency, accountability and trust.

Particular emphasis will be given to loss of direct control and visibility on IT and security operations and the necessary changes in the Security Governance approaches.

The presentation also will look at the impact of the use of cloud services on legal and regulatory compliance. In many countries around the globe there are legislations (e.g. Privacy and Data Protection) which demand adequate level of data protection and prohibit transboard of certain categories of data (mainly sensitive data, such as healthcare information) out of the national territory. By using cloud (especially SaaS) services a company is untrusting most of the security responsibilities (and compliance) to the Cloud provider. This is a risky situation if the cloud user is not able to verify that the cloud provider is really applying state of art security measures and sound risks management approaches. Moreover some cloud providers do not offer the possibility to maintain the processing and storing of data in a pre-established geographic area.