Venue: Microsoft Executive Briefing Centre, Avenue des Nerviens 85, Brussels

9:30 – 10:00 Registration

9:30 – 10:30

Keynote session

Future of information security

Welcome by Dorothee Belz, Vice-President Legal and Corporate Affairs Europe, Microsoft

Member State Representative (tbc)

Ivailo Kalfin, Member of the European Parliament

Scott Charney, Vice-President Trustworthy Computing, Microsoft

10:30 – 11:00 Coffee Break

11:00 - 12:30

Break-out sessions

(DG Connect, Enisa, SAP,

CSA, Microsoft)

Threat landscape and the paradigm shift in

becoming resilient

Microsoft experts will give insights into new

threats at the horizon and discuss findings of

Microsoft’s Security Intelligence Report. This

session will dive into the paradigm shift from

protection to resilience and the necessary

organizational changes. Priorities of threats as

well as the top-level strategic objective of risk

management towards the concept of “Prevent,

Detect, Respond and Recover” will be discussed.

Defined as the ability of a system to withstand to

and recover from adversity, the concept seems

particularly useful to inform current

policymaking.

Transparency through certification: Data,

Cloud & NIS security standards

Visibility into a cloud provider’s security controls

remains a major priority for organizations looking

to move applications and services to the public

cloud model. There’s no standard way for

companies to evaluate a cloud provider’s security

or for providers to document their controls, but

there are efforts underway that aim to create

transparency and data security through standards

outlined in the draft privacy regulation, the

European Cloud Strategy and the draft Network

and Information Security Directive. This session

will recapitulate the current state of play and

discuss the implementation of controls by

business.

12:30– 13:30 Lunch

13:30 - 15:00

High level panel

Security frameworks for critical infrastructure

In many geographies, new security frameworks are under discussion. The panelists will exchange

experience and share their expert oppinions on existing and evolving security frameworks that offer

regulatory basis for the critical ICT infrastructure. The focus is set on the trust and confidence in the

cyber space that demands strict protection of critical information by means of standartization, secure

access, and transmission.

Matthew Scholl, Deputy Chief of the NIST Cybersecurity Division, US

Paul Timmers, Director Sustainable & Secure Society, DG CONNECT, European Commission

Agenda

6th JUNE 2013

Mark Clancy, Managing Director and Corporate Information Security Officer, DTCC

Gary Smith, Deputy Director Cyber & Information Economy BIS, UK

Gintaras Čiurlionis, Director of the ITC Department, MoI, Lithuania (tbc)

Tom Robertson, Vice-President and Deputy General Counsel, LCA Microsoft

Moderator: Ambassador Jean de Ruyt

15:00– 15:30 Coffee Break

15:30 – 17:00

Break-out sessions

(UK, Netherlands,

Microsoft, OECD, a.o.)

Information sharing: how to build a

trustworthy system?

This session will present emerging initiatives of

information sharing schemes from different

countries and explore the challenges of sharing

of very sensitive and current information on

actual attacks on specific networks. What is the

right approach to span these key economic

businesses from Retail and Finance to Transport

and Defence as well as cross-border?

OECD break-out: Cybersecurity for Economic

and Social Prosperity

The OECD is currently reviewing its 2002 Security

Guidelines which provide a set of high-level

policy principles for the management of security

risk in the Internet economy. In this context, this

session will discuss best practices from

government and business for ensuring

cybersecurity that serves economic and social

prosperity, consistent with the OECD mandate.

17:00 Conclusion & Reception