Security 2009SECURING BUSINESS & IT

www.eurosecforum.com

Stockholm • Helsinki • Oslo

Organiserad av:

Goldpartner Silverpartner Partners

CONFERENCE PROGRAM

NEW FOR 2009

NETWORKING ZONE

Bring your businesscards

®

RISK CONTROL

SECURITY

Hilton Kalastajatorppa, Helsinki – October 29th

This years speakers include:

Security 2009 focuses on moving security from cost centre to enabler

• Business continuity and 24/7 security – the show must go on!

• Security Awareness – Securing data with remote users and portable devices

• Protecting your organisation against cybercrime and hackers

Security 2009 is all about best practice and networking opportunities

®

www.eurosecforum.com

SECURITY 2009Hilton Kalastajatorppa • Helsinki • October 29th

10.35 Identity and Access Management. What, why and how?

Identity and Access Management, the puzzle word which is some sort of myth to organizations and especially for management who are responsible for it. This presentation contains the set of industry best practices, practical experiences and principles how Identity and Access management can be implemented in a complex, multiplatform and heterogeneous IT system landscape.Get examples what organizations need to consider when imple-menting or improving Identity and Access Management systems and processes related to those. Also get ideas how to organize, streamline processes and considerations whether to centralize or decentralize user administration.

Tuomas Kivinen, IT Security Specialist, Nordea

09.05 Challenges in the Financial sector – threats and possibilities

CISO’s current challenges in the Financial Sector are many. New business evolutions introduce new challenges within the security area. Almost all transactions are online, computers are networked and data shared – as are the threats! In this presentation you will get to know your enemy and learn who you are against– and why.

Erkki Räsänen, CISO, OP Pohjola Group

www.eurosecforum.com

Table A:Identity and Access Management

Evaluating IAM requirements • Leveraging IAM to simplify user management improve organisational efficiency• Evaluating access control and best practices for implementation•

Table B:Information Security

Best practices for managing Information Security • Regulatory compliance requirements• Governance, risk and compliance •

Table C:Mobile Security – erasing the network perimeter

Mitigating the cost and complexity of securing a mobile workforce• Managing the threat of confidential data loss • How will future threats evolve with the growth of mobile working?•

Table D:

Securing a virtual worldHow real are the security threats to virtualization?• What are the main security considerations and requirements for a virtualized • environment and how do they compare with physical server security?Adapting existing security products to virtualized Systems•

NETWORKING ZONE

Delegates are invited to participate in these informal sessions to share their thoughts and experiences with peers and benchmark against similar challenges and projects. The networking zone is an excellent opportunity to make new contacts, leverage on experience and drive the discussion on security.

10.05 The Distributed Enterprise - a new era of connectivity and security

The traditional enterprise model based on headquarters and satellite branches is over. Today’s enterprise footprint extends far beyond the corporate headquarters to globally distributed locations. Remote and flexible working means all work centers are now business-critical and require consistent, secure and high-performance IT-networking services. In this presentation, you’ll learn all about securing The Distributed Enterprise.

Trevor Dearing, Head of Enterprise Marketing, EMEA Juniper

09.35 Protect Data and Services with End Point security as the strategic asset

When User mobility, device variety and multiple connectivity is a threat to your companies assets – what do you do? Gain insight to the challenge of weak and expensive or affordable best-of-class security. Understand why End Point security is a simple and easy solution to your security challenges.

Peter Lönnqvist, Sales Manager, Data Security - Nordic, Check Point Software Technologies

08.30 Registration and breakfast09.00 Security 2009 welcome those in attendance and declare the conference open.

10.05 - 10.35 Getting to know everyone morning break

10.55 Application Security - Do you have control of all applications running through your network?

At a time where services move into the cloud and more and more applications are running through the webbrowser, how do you maintain control and security? What applications should we allow inside our network and how should we protect them? Is it safe to outsource certain information and applications to the cloud? Can we trust that this information is safe and free of malicious code? Fortinet will present how to regain control over your business critical applications running in your network.

Matias Cuba, Regional Director Northern Europe, Fortinet

®

12.55 - 13.55

A B C

12.55 Table A, Table B, table C and table D

11.25 A real life crisis and a real life recovery

In May 2009 Finavia had an information security incident with one of our outsourced services. The incident made the Finnish national news. Since it's been in the news already, there's no rea-son not to give a presentation on it. Here you will learn about the specific incident in depth and also examples to illustrate vendor-related risks, the importance of risk management in projects and outsourcing from a "lessons learned" point of view.

Topi Ylinen, Finavia

D

11.55 - 12.55 Lunch

www.eurosecforum.comwww.eurosecforum.com

15.00 Information Security

Mika has been head of enterprise risk and management services at KPMG Oy and vice president, operational risk specialist at Nordea Bank. Today he is head of operational risk and information at Aktia Plc. Listen to experiences from a broad number of evaluated risk scenarios and walk away with first hand advice.

Mika Linna, Head of Operational Risk & Information Security, Aktia

14.30 Social media – a new generation forming trust and evaluating security

They are here to stay. If you cannot fight it – befriend it. Social media is teaching and shaping generation how to decide who, what and when to get involved and interact with a system, a per-son – another party. Listen to how the bases of trust formation and security evaluation are currently changing and learn what users seem to be up to in the social media.

Kristiina Karvonen, Future Internet Research Programme Manager, HIIT

www.eurosecforum.com

PANEL DEBATE 15.45

What do industries have in common and what sets them apart. Listen and learn when benchmarking between financial and non financial industries. Ask questions and participate in the debate!

16.20 Incident recovery after a cyber attack

With the European threats coming closer, hostile situation are being managed and crisis avoided or in worst case scenario – handled. One thing is to be able to handle the technical side of recovery but how to really handle the continuity and social side of continuity within the working society? Listen to real life situations and how they were managed; learn from incident recovery and business continuity for real.

Tommi Nyström, Director, OTSO palvelut Oy

Table E:Educating users –

Security policy and controlThe balance between users’ needs and IT department security concerns• Using compliance to maintain security awareness across the organisation• Web 2.0 - security vulnerabilities with social networking and collaboration•

Table F:Digital Forensics

Security testing - threat protection and intrusion prevention• The legal and technical issues of fraud and corporate investigations• The challenges in tracing cyber attacks• Data recovery techniques•

Table G:Securing the datacentre

Managing physical access with RFID technology, smart cards and biometrics• Defining data centre policy: Visitor guidelines, unsecured computers, mobile • deviceKey security considerations for outsourcing data centre operations•

Table H:Business continuity and incident recovery

Rapid recovery from incidents with minimum disruption• Scalable recovery planning• Continuous data protection, secure storage, data backup and remote storage•

13.25 Table E, Table F, Table G and table H

E F G H

16.55 Getting the final business cards mingle with drinks

SECURITY 2009Hilton Kalastajatorppa • Helsinki • October 29th

13.55 - 14.30 Afternoon break

15.25 Using IT Security Process Automation to Operationalize IT Security

The only way to meet the complexity of threats to data, to reduce the risk of insider attack, and to drive down costs at the same time, is to integrate and automate security and compli-ance solutions. Automation of day-to-day tasks will allow you to operationalise your IT Security and introduce greater efficiency to your organization. This session will give you the practical steps to building automated security event management. You will learn how to reduce your compliance costs and more closely align security operations with your business goals, assess configurations against industry best-practices, regulatory requirements and organizational policies and much more.

Gunnar Eld, Sales Engineer, NetIQ, a business unit of Attachmate

Fax: +46-8-441 07 93

www.midfieldmedia.com

Mail to: Eurosec Forum C/O Midfield Media Gamla Brogatan 23b, 111 20 Stockholm, Sweden

info@midfieldmedia.com

Phone: +46-8 -65 00 270

5 easy ways to register

Midfield Media is a leading provider of events and executive forums for the IT, financial and telecommunications markets. Midfield Media has built up a reputation of reliability and success in delivering outstanding and high-impact events for IT and business executives. We provide the key insights into the opportunities and challenges facing businesses today with the latest on future trends and market developments. It is our mission to help you achieve your objectives and generate results with our commitment to providing excellent forums for networking, contact building and lead generation. www.midfieldmedia.com

Sender: Eurosec ForumC/O Midfield MediaGamla Brog. 23b111 20 StockholmSweden

Yes! I am an end-user and pay only Euro 690, excl. tax.

Yes! I am a vendor and pay Euro 1.190, excl. tax.

Yes! I want the Finanasforum newsletter

Yes! I want to attend the free “Demo” theater!

Yes! Contact me, I am interested in Sponsorship- and exhibitioninfo!

SPEAKING AND EXHIBITION OPPORTUNITIESSponsorship opportunities that include speaking and exhibition options are limited.

To find out more about how your company can be a part of the most important security event of the year, contact:

Adam Spritzman, Project ManagerPhone: +46 8 676 01 70Adam.spritzman@midfieldmedia.com

CONTACT INFOAnna Näsmark, program managerPhone: +46 8 676 01 80anna.nasmark@midfieldmedia.com

Security 2009Securing Business & IT

Hilton Kalastajatorppa Helsinki – October 29th

Cancellation & Substitution policyYou may substitute a delegate at any time. For cancellations received in writing more than 5 business days prior to the event, a €120 (+VAT) administrative fee will be charged and a credit memo for the remaining amount will be issued. Credit memos may be used at any Midfield Media conference within one year of issuance.

New for 2009More Networking Options

Round Table Clinics

Exciting Panel Debates

Who Will Attend

Researched and designed for:

IT ManagerIT Security ManagerNetwork ManagerInfrastructure ManagerIT ArchitectCSOPersonnel Manager Risk ManagerFacility ManagerIT AdministratorOperations Manager

CISOCTOData Security AdministratorIT Communications ManagerSecurity ManagerData Security AnalystInformation Technology SpecialistIT Security Engineer – CISSP, CISA etc.Technical Support Manager Systems Manager

Oslo • Helsinki • Stockholm