Wednesday, 27.11.2013
12:00-18:00 Checkin & Registration
13:00-13:30 Welcome Reception with Snacks & Refreshments
13:30-14:00 New Information Security Risks vs. New Business Requirements: How to Prepare for the Rough and protect against Industrial Espionage

Martin Kuppinger, KuppingerCole

Information Security professionals are facing a dilemma these days: On one hand, the threat landscape is changing to the worse and risks increase. On the other hand, business wants and needs to communicate and collaborate well beyond the traditional perimeter of IT (the enterprise itself), flexibly yet secure. The new challenges include nation-state Industrial Espionage at an entirely new level, organized crime acting as professional attackers on IT systems, new and insecure devices in widespread use, increasingly tight compliance regulations, and many other new types of risks. On the other hand, there is the Computing Troika: Cloud Computing, Mobile Computing, and Social Computing. Business wants to use new deployment models because they promise better value for the money. It needs to support mobile workforces and new types of devices. And it wants to deal with the millions of customers out there and new business partners, in a changing competitive landscape. This is about agility, about competitiveness, about flexibility in a global economic landscape. So Information Security is under pressure to support these new requirements while mitigating Information Security risks. It is about moving out of the role of the notorious naysayer, even when this appears to be virtually impossible. In his opening keynote, Martin Kuppinger will look at this scenario and deliver some thesis on how to succeed in solving this dilemma.

14:00-16:00 Dialog I: Extended Enterprise – the new Scope of Information Security. How to Deal with the Challenges of the Computing Troika – Cloud, Mobile and Social Computing

Martin Kuppinger, KuppingerCole

The “Identity Explosion” is one of the challenges organizations are facing today. It is not only about some thousand, tens of thousands, or a few hundred thousand employees anymore. It is about dealing with an ever-changing landscape of business partners and potentially millions of customers. It is about support new business models and partner landscapes in a flexible way. But not only that, there are new challenges in supporting mobile devices and new deployment models for IT services – Cloud Computing. All this is about managing access for all types of users, all devices, and all deployment models in a consistent way. It is about the ABC: The “Agile Business – Connected”. Solving this connectivity for the connected/extended enterprise is at the key of the discussions in this roundtable. Following a short initial presentation with some thesis on that, the panelists and the audience will have the opportunity to discuss their challenges and look for solutions, with the advice of all the KuppingerCole analysts and the industry experts in the room.

16:00-16:30 Coffee & Networking
16:30-18:30 Dialog II: How Mature is Your Cloud? Defining your own benchmark on Cloud Maturity, Measuring and Enforcing it.

Martin Kuppinger, KuppingerCole

One of the challenges in Information Security is Cloud Computing – an opportunity as well as a threat. Cloud Computing can provide services that have never been available before. It is (hopefully) run by professional service providers that potentially can providers a better service level than internal IT can do. On the other hand: Who knows what really happens at the Cloud Providers side? How to assure quality of service and security of information? You need to know how mature your cloud is. It is about finding your way on assessing the cloud, by benchmarking your own maturity for cloud provider selection, assurance, and Cloud usage. It is about measuring it and it is about enforcing your own standards to get the value out of the cloud that it promises – without ending up with a service management or information security nightmare. Following a short initial presentation with some proposals on such an approach, the panelists and the audience will have the opportunity to discuss their challenges and look for solutions, with the advice of all the KuppingerCole analysts and the industry experts in the room.

19:00-21:00 Dinner & Networking

Thursday, 28.11.2013
08:00-17:00 Checkin & Registration
08:30-10:30 Dialog III: Identity Information Quality – Foundation for reliable Access Control. How to Handle this in the Decade of the Identity Explosion, with Social Logins, BYOI (Bring Your Own Identity) etc.?

Martin Kuppinger, KuppingerCole
Dr. Barbara Mandl, Daimler AG

Identity Information Quality – sort of the “Identity IQ” – has been a challenge since the early days of IAM. Technically seen, it is feasible to synchronize and exchange identity data with various systems. But what about the orphaned accounts? What about inaccuracies in HR systems? Everyone who has dealt with IAM in global organizations is well-aware of the latter challenge: Not every source for HR-based identity data provides the same level of quality. Nowadays, when dealing not only with employees and some few business partners but with all the partners and customers, this becomes an even bigger challenge. Social logins and other sources with limited trustworthiness, the concepts of BYOI (Bring Your Own Identity) – they create a new challenge for Information Security professionals. How good are these? To which degree can we base access control decisions on that information? How to improve quality of that information, for instance by combining various sources? Following a short initial presentation with some thesis on that, the panelists and the audience will have the opportunity to discuss their challenges and look for solutions, with the advice of all the KuppingerCole analysts and the industry experts in the room.

10:30-11:00 Coffee & Networking
11:00-12:30 Dialog IV: 10 Good Arguments to Invest in Information Security from a Legal Perspective

Dr. Karsten Kinast, LL.M., KuppingerCole
Dr. Barbara Mandl, Daimler AG

We all know that the compliance for meeting regulatory compliance are increasing. There is the new EU privacy regulation at the horizon, which most likely will put new pressure on organizations. But there are also less well-known challenges such as the liability for the loss of intellectual property by Industrial Espionage and other types of attacks, the potential issues caused by not properly selecting Cloud Providers, or the consequences of incorrectly dealing with mobile devices and – just as one example – remote wiping of devices that hold both business and private data. In this session, Dr. Karsten Kinast will talk about 10 good reasons to invest in Information Security from the legal perspective – 10 good arguments to increase Information Security budgets. After his initial presentation, panelists and attendees can dive into discussion and details.

12:30-14:00 Lunch Break
14:00-16:00 Dialog V: Assessing your Information Security Infrastructure and Understanding your Biggest Risks

Ravi Bindra, Novartis
Martin Kuppinger, KuppingerCole
Prof. Dr. Sachar Paulus, KuppingerCole

How good is what you are doing in Information Security? Benchmark yourself or let yourself be benchmarked. In this session, we will talk about ways to benchmark what you are doing in Information Security, based on the KuppingerCole experience from various advisories. You need to understand your strengths and weaknesses to better protect your organization. You need to identify your biggest risks to address them strategically. This is also about aligning your overall GRC strategy with what you are doing in Information Security. Prof. Dr. Sachar Paulus and Martin Kuppinger will lead into this session by showing approaches and elements of maturity benchmarking in Information Security, to discuss this with the attendees and share the panelists and attendees experience in the roundtable.

Seraphinite AcceleratorOptimized by Seraphinite Accelerator
Turns on site high speed to be attractive for people and search engines.