TAKE-AWAY MESSAGE
Emphasized text to show one more strong point on this slide
Agenda
BROAD PORTFOLIO OF PRODUCTS / SOLUTIONS / SERVICES
INTRACOM Group Core Companies
Telecoms productsTurn-key solutionsNetwork integration Professional services
IT systems integration and deploymentSoftware developmentOutsourcing & managedservices
Construction and high-tech infrastructure projects Electromechanical & telecom installationsEnergy / natural gasSite maintenanceSteel structures
Next generation telecommunications operatorInternet, voice and data services
A leading regional telecommunications
systems manufacturer and solutions provider
The leading IT services provider in the Greek market
and a major regional IT solutions integrator
Greece's largest defense electronics systems provider
The leading hi-tech construction company
in Greece
One of the largest voice/internet service providers in Greece
MA
RK
ET
POSI
TIO
NA
CTI
VITI
ES
Defense electronics products & applicationsCo-production of defenseelectronics subsystemsParticipation ininternational R&Dprogrammes
STRONG REGIONAL PRESENCE
International Presence
Subsidiaries in 20 countriesExports to 60 countriesInternational activities 55% of annual revenuePersonnel abroad: 1,850 (32%)
INVESTING IN CONTINUAL INNOVATION & GROWTH
Research & Development
Among the leading European groups in R&DAmong the leading European groups in R&D**
Main participating companies maintain:Main participating companies maintain:
**
2004, 2005, 2006 EU Industrial R&D Investment Scoreboards2004, 2005, 2006 EU Industrial R&D Investment Scoreboards
5%-7% of Group’s revenue invested annually in R&D2000-2004 total R&D investment: €293 mil
••
StateState--ofof--thethe--art researchart research
labs allowing rapid prototype labs allowing rapid prototype development and validationdevelopment and validation
••
Participation in more than 150 international R&D programmes Participation in more than 150 international R&D programmes (during the last five years)(during the last five years)
••
International partnerships with major technology manufacturers International partnerships with major technology manufacturers andand
leading academic institutionsleading academic institutions
••
A significant number of international patentsA significant number of international patents
CREATING ADDED VALUE FOR THE COMMUNITY
Corporate Citizenship
Adhering to a broad and comprehensive Corporate Social Responsibility programme Value-added contribution to society
2001-2005 : €1.261 billion
Excellent working environmentSocially
Responsible Index
Founding member of the Hellenic Network for CSR
Establishment of an academic and R&D Centre of Excellence
Value-Added
Statement
EMPLOYER OF THE REGION’S ENGINEERING TALENT
Human Resources
Masters17%
Others40%
Bachelors41%
Ph.D.2%
Scientific Staff: 60%Total Personnel: 5,700 (as a group)
2006
Intracom
IT Services
IT systems integration and deploymentSoftware developmentOutsourcing & managed services
The leading IT services provider in the Greek market and a major regional IT solutions integrator
WideWide
portfolio of IT Systems & Services for:portfolio of IT Systems & Services for:
--
Government & Public Organizations (EU and National GovernmentsGovernment & Public Organizations (EU and National Governments))
--
Banking & Financial InstitutionsBanking & Financial Institutions
--
Enterprise Market (Tourism, Lotteries, Retail, Enterprise Market (Tourism, Lotteries, Retail, TelcosTelcos,,
etc)etc)
Active in providing Outsourcing & Managed Services to Public & PActive in providing Outsourcing & Managed Services to Public & Private sectorsrivate sectors
Physical presence in Physical presence in 1111 countries: Belgium, Luxembourg, Cyprus, Bulgaria, Romania, Moldcountries: Belgium, Luxembourg, Cyprus, Bulgaria, Romania, Moldova,ova,
Turkey, Jordan, Egypt, Libya, USATurkey, Jordan, Egypt, Libya, USA
Strategic Partnerships:Strategic Partnerships: CA, Oracle, IBM, HP, SUN, SAP, Nortel, CA, Oracle, IBM, HP, SUN, SAP, Nortel, GenesysGenesys, Nuance, Microsoft,, Nuance, Microsoft,
Adobe, Hummingbird, Cisco, Adobe, Hummingbird, Cisco, CybertrustCybertrust, etc., etc.
More than More than 500500 customers in customers in 18 18 countriescountries
1.400 employees, 60% scientific staff, 50% work outside Greece1.400 employees, 60% scientific staff, 50% work outside Greece
Certificates: Quality Management (Certificates: Quality Management (ISO 9001:2000ISO 9001:2000), Environmental Management (), Environmental Management (ISO 14001:2004ISO 14001:2004), ),
Occupational Health and Safety (Occupational Health and Safety (OHSAS 18001: 1999OHSAS 18001: 1999) and Social Accountability () and Social Accountability (SA 8000: 2001SA 8000: 2001) )
management systemsmanagement systems
EXPERT IT PROFESSIONAL SERVICES
Profile Highlights
: : Top Greek IT Services Provider since 2000Top Greek IT Services Provider since 2000
EMPLOYER OF THE REGION’S ENGINEERING TALENT
INTRACOM IT SERVICES Group
€
126.5m
consolidated
2006 revenues of INTRACOM IT SERVICES
A REGIONALLY –
LEADING IT TECHNOLOGY & SERVICES GROUP
A VALUED COMBINATION OF TECHNOLOGY & BUSINESS DOMAIN EXPERTISE
Market Solutions
Information Systems Information Systems (ERP)(ERP)Enterprise SystemsEnterprise SystemsCommunication Communication NetworksNetworksTechnical SupportTechnical SupportBusiness OperationsBusiness OperationsVoice Processing Voice Processing Systems (IVR)Systems (IVR)
Core BankingCore BankingTreasury & Risk MgmtTreasury & Risk MgmtATM/POS/Card MgmtATM/POS/Card MgmtContact CentersContact CentersWorkflow MgmtWorkflow MgmtBusiness IntelligenceBusiness IntelligenceInformation SecurityInformation SecurityΙΤΙΤ Banking ConsultingBanking Consulting
Business & Technical Business & Technical ConsultingConsultingSoftware DevelopmentSoftware DevelopmentSystem & Network System & Network IntegrationIntegrationTechnical SupportTechnical SupportGovernment Process Government Process ReRe--engineeringengineering
Private CompaniesPrivate CompaniesTelecommunicationsTelecommunicationsTourismTourismRetailRetailLotteriesLotteries
BanksBanksFinancial Financial InstitutionsInstitutionsInsurance Insurance CompaniesCompanies
ee--GovernmentGovernmentGovernment FinancialsGovernment Financials(Taxation, Customs)(Taxation, Customs)Health CareHealth CareSocial SecuritySocial SecurityTransportTransport
MA
RK
ETS
MA
RK
ETS
SO
LUTI
ON
SS
OLU
TIO
NS
GOVERNMENTGOVERNMENT FINANCIAL FINANCIAL SERVICESSERVICES
ENTERPRISEENTERPRISESOLUTIONSSOLUTIONS
Loan Origination, Business Process Mngt
DealingRoom
&Treasury
Management
Business
Intelligence
& Data Warehousing
Consulting (BPR, IAS, Basel II, Anti-Money Laundering, BS7799, etc.)
Security & Vulnerability Assessment
RiskManagement
&Basel II
Multi-Channel Banking
ATM / POSATM / POSCardCard
ManagementManagement
Call CenterCall CenterCRMCRM
SpeechSpeechRecognitionRecognition
EE--BusinessBusinessEE--BankingBanking
MobileMobileBankingBanking
EnterpriseSuite
UniversalBanking
Financial & Enterprise Solutions
Risk & Vulnerability Assessment Services Corporate Information Security Risk AssessmentPenetration TestingInformation Security Risk Assessment for Services & Systems under development
Risk & Vulnerability Assessment Services Corporate Information Security Risk AssessmentPenetration TestingInformation Security Risk Assessment for Services & Systems under development
Information Security Infrastructure Implementation
Information Security Management System ImplementationInformation Security Training & Awareness ServicesInformation Security Technology Selection ConsultingBusiness Continuity Plan Design & ImplementationBS7799/ISO17799/ISO27001 Certification, Implementation &
Consulting ServicesPCI/DSS Compliance Implementation & ConsultingComputer Forensics ServicesCertification Authority Implementation Consulting Services
Information Security Infrastructure Implementation
Information Security Management System ImplementationInformation Security Training & Awareness ServicesInformation Security Technology Selection ConsultingBusiness Continuity Plan Design & ImplementationBS7799/ISO17799/ISO27001 Certification, Implementation &
Consulting ServicesPCI/DSS Compliance Implementation & ConsultingComputer Forensics ServicesCertification Authority Implementation Consulting Services
Managed Information Security MonitoringManaged Information Security MonitoringManaged Information Security Systems OperationVulnerabilities Alerting Service
Managed Information Security MonitoringManaged Information Security MonitoringManaged Information Security Systems OperationVulnerabilities Alerting Service
Information Security Technology Implementation & Integration
Access Control systems FirewallsIntrusion detection systems, IPSsVulnerability assessment systemsIdentity Management SystemsEnterprise security management systemsPublic Key Infrastructure (PKI) Integration
Information Security Technology Implementation & Integration
Access Control systems FirewallsIntrusion detection systems, IPSsVulnerability assessment systemsIdentity Management SystemsEnterprise security management systemsPublic Key Infrastructure (PKI) Integration
Information Security Services
TAKE-AWAY MESSAGE
Emphasized text to show one more strong point on this slide
Agenda
TAKE-AWAY MESSAGE
Emphasized text to show one more strong point on this slide
Security in Digital Decade
••
The new business model brings unique security challenges The new business model brings unique security challenges since business data cross the organizationsince business data cross the organization’’s boundariess boundaries••
It is important to find the right balance between the existing It is important to find the right balance between the existing
threat and the security measure needed to combat itthreat and the security measure needed to combat it
TAKE-AWAY MESSAGE
Emphasized text to show one more strong point on this slide
Major Effects of InfoSec Threats
The significance & the level of protection depends of the nature & value of information
Information Security Management System
In accordance to:Information Security Requirements & Corporate
objectivesAsset and Data Criticality Classification Risk & vulnerability assessmentLaw & regulatory requirementsBest practicesInternational Standards
( ISO/IEC27001, COBIT)
Security Management Framework Implementation
ISO/IEC 27001:2005 ISO/IEC 27001:2005 --
Information Security Management Systems Information Security Management Systems
TAKE-AWAY MESSAGE
Emphasized text to show one more strong point on this slide
Agenda
The standard provides a model for setting up and managing an effective ISMS
ISO 27001:2005 standard
10 Domains of ISO/IEC 27001 standard
TAKE-AWAY MESSAGE
Emphasized text to show one more strong point on this slide
Agenda
The significance & the level of protection depends of the nature & value of information
Business Benefits
25
More than 3.500 Certified Companies Worldwide (May 2007)
Country Nr. Country Nr. Country Nr. Country Nr.
Japan 2148 Brazil 16 Indonesia 4 Bulgaria 1
UK 313 Poland 16 Slovenia 4 Egypt 1
India 288 Austria 14 Thailand 4 Gibraltar 1
Taiwan 121 Finland 14 Argentina 3 Lebanon 1
Germany 70 Mexico 12 Canada 3 Lithuania 1
Hungary 50 Switzerland 11 France 3 Luxemburg 1
Korea 50 Turkey 11 Isle of Man 3 FYROM 1
USA 49 Spain 10 Macau 3 Moldova 1
China 48 Philippines 9 Romania 3 Morocco 1
Australia 44 Saudi Arabia 9 Belgium 2 New Zealand 1
Italy 43 Sweden 8 Croatia 2 Peru 1
Netherlands 31 UAE 8 Denmark 2 Qatar 1
Hong Kong 28 Iceland 7 Oman 2 Ukraine 1
Czech Republic 25 Kuwait 6 Pakistan 2 Uruguay 1
Singapore 25 Russian Federation 6 Slovak Republic 2 Vietnam 1
Malaysia 20 Greece 5 South Africa 2 Armenia 1
Ireland 17 Bahrain 4 Sri Lanka 2
TAKE-AWAY MESSAGE
Emphasized text to show one more strong point on this slide
Agenda
••Define Scope of the ISMSDefine Scope of the ISMS••Identify Business Model & IT mapping Identify Business Model & IT mapping ••Perform a Risk Assessment (Perform a Risk Assessment (Identify Risk)Identify Risk)••Perform Business Impact Assessment (BIA)Perform Business Impact Assessment (BIA)
••Risk Management (Risk Management (Select Select and implement effective and implement effective Controls)Controls)••ISMS ImplementationISMS Implementation
Policy / Procedures / Policy / Procedures / Guidelines & Stds Guidelines & Stds
••Detection to Incidents and Detection to Incidents and Response HandlingResponse Handling•• ISMS Training & Awareness ISMS Training & Awareness
••Actions Actions (Preventive / Corrective)(Preventive / Corrective)••ISMS ImprovementsISMS Improvements••Statement of ApplicabilityStatement of Applicability
••Internal ISMS AuditInternal ISMS Audit••Measure Effectiveness of ISMS (Identify Measure Effectiveness of ISMS (Identify weaknesses in processes and controls)weaknesses in processes and controls)
PLAN – DO –CHECK – ACT Methodology
Multilevel approach to security
Risk Management Controls
••Define Scope of the ISMSDefine Scope of the ISMS••Identify Business Model & IT mapping Identify Business Model & IT mapping ••Perform a Risk Assessment (Perform a Risk Assessment (Identify Risk)Identify Risk)••Perform Business Impact Assessment (BIA)Perform Business Impact Assessment (BIA)
••Risk Management (Risk Management (Select Select and implement effective and implement effective Controls)Controls)••ISMS ImplementationISMS Implementation
Policy / Procedures / Policy / Procedures / Guidelines & Stds Guidelines & Stds
••Detection to Incidents and Detection to Incidents and Response HandlingResponse Handling•• ISMS Training & Awareness ISMS Training & Awareness
••Actions Actions (Preventive / Corrective)(Preventive / Corrective)••ISMS ImprovementsISMS Improvements••Statement of ApplicabilityStatement of Applicability
••Internal ISMS AuditInternal ISMS Audit••Measure Effectiveness of ISMS (Identify Measure Effectiveness of ISMS (Identify weaknesses in processes and controls)weaknesses in processes and controls)
PLAN – DO –CHECK – ACT Methodology
Deliverables
•• Security PolicySecurity Policy•• Risk Assessment DocumentRisk Assessment Document•• Organizational approach to risk managementOrganizational approach to risk management•• Statement of ApplicabilityStatement of Applicability•• Disaster Recovery PlanDisaster Recovery Plan
Maintaining an ISMS
Thank you very much for your attention