In a rapidly advancing IT-driven age, keeping up with security concerns can be a major problem for all types of companies and organizations. This presentation examines at the current context of IT security preparedness while looking to next steps to be taken toward security maturity. Additionally, attention will focus on a newly emerging security paradigm that IDC terms Information Leakage Detection and Protection (ILDP). ILDP is an area that explores new capabilities and technologies for detecting and/or preventing information leakage via email, the Web, mobile devices, and other channels.

This presentation is a short reminder of some very important, non-technological, aspects of IT Security. It is a humble attempt to “put a finger on the scales” of our judgement and balance it back in favor of considering the human factor as one of the most significant ones in IT Security.

The main goal of this session is to share with the audience a variety of real-world incidents and discuss possible defensive measures. Further objectives are to introduce the usage of preventive intelligence techniques and provide a practical, behind the buzzwords, briefing on advance technologies aim to mitigate these threats.

In the modern marketplace, connecting both onsite and mobile employees to valuable network tools and resources is crucial to business success. But granting network access to intended users can have unintended consequences, with even accidental network security breaches quickly equating to business jeopardy. How can you open your network to legitimate users and close it to rogue ones?

Businesses are pursuing ways to improve their network security, reliability, and performance, while minimizing the costs involved. Companies today are looking for networking solutions to ensure that their business systems are linked—but not at a loss or risk.

Wireless networks are forecasted to expand rapidly. Tens or even hundreds millions of smart wireless devices are in use worldwide and that number increases. Today’s wireless networks are vulnerable in many ways (eavesdropping, illegal use, unauthorized access, denial of service attacks etc). These problems and concerns are one of main obstacles for wider usage of wireless networks. People are worried to unknowingly “expose” their computers and other wireless devices to illegally access through air from undefined location. On wired networks intruder can access by physical access to wire, but in wireless he has possibility to access to your computer from anywhere in neighborhood. Security and privacy problems become more important in digital society and wireless networked world. Classic security systems can't give proper protection and it is necessary to employ new systems such as, among others, Intrusion Detection and Prevention Systems (IDS/IPS).

The Presentation will show the Physical Infrastructure importance for safe IT critical processes running. The overview of the World's the most important Standardization docs will be presented. The basic components of reliable Physical Infrastructure will be described and the possible solution will be suggested.

Do we all believe that security breaches are something for the others ? How safe are we behind our updated firewall and AV ? This presentation unveils more about pre-emptive security in action and why it is the only way to be secure now and in the future.

What are the current threats and how does active defense work? Active defense means not only desktop and gateway protection, but also security at the network layer and securing the Internet traffic itself. Trend Micro presents how it works automatically, without administrative intervention.

An increasingly important IT challenge faced by enterprises is enabling their employees and partners to access the IT systems, business applications, and information they need to fulfill their various assignments on demand, while at the same time controlling administration costs. In this environment companies also have to consider the demands of regulatory compliance (e.g., SOX, Basel II) on these processes. Identity Management solutions meet this challenge by providing cross-platform provisioning in a uniform, auditable and secure environment.

• Hacking with Google (e.g. detecting vulenreable applications)
• Netbios scans
• D.o.S. against Windows systems
• Attacks against web applications (e.g. online shops)
• XSS-attacks
• injection attacks
• hidden field manipulations
• Attacks with key loggers
• DNS-spoofing
• Man in the middle-attacks against SSL
• Attacks against cell phones via bluetooth

• Intranet as information source and business environment
• Problems of securing Intranet
• The concept of the multi layer protection
• Physical security
• Protection of the networking and application layer
• Technical and other methods for bypassing the security controls

Discussion will be moderated by Mr. Ofer Akerman

The Participants of the round table discussion in addition to Peter Gibbs, Dragan Pleskonjić, Radule Šoškić and Dejan Levaja are:

• Dr Milan Milosavljević, redovan professor na ETF-u*, dekan fakulteta FPI, prorektor SINGIDUNUM-a
• Dr Milan Kukrika, EOQ Auditor
• Mr Gojko Grubor, predavač na FPI**
• Tiodor Jovović, CISSP
• Mr. Nenad Krajnović, asistent na ETF*

• *ETF – Elektrotehnički Fakultet
• ** FPI – fakultet za primenjenu informatiku