Emphasized text to show one more strong point on this slide€¦ · Main participating companies maintain: * 2004, 2005, 2006 EU Industrial R&D Investment Scoreboards. ¾5%-7% of

TAKE-AWAY MESSAGE

Emphasized text to show one more strong point on this slide

Agenda

BROAD PORTFOLIO OF PRODUCTS / SOLUTIONS / SERVICES

INTRACOM Group Core Companies

Telecoms productsTurn-key solutionsNetwork integration Professional services

IT systems integration and deploymentSoftware developmentOutsourcing & managedservices

Construction and high-tech infrastructure projects Electromechanical & telecom installationsEnergy / natural gasSite maintenanceSteel structures

Next generation telecommunications operatorInternet, voice and data services

A leading regional telecommunications

systems manufacturer and solutions provider

The leading IT services provider in the Greek market

and a major regional IT solutions integrator

Greece's largest defense electronics systems provider

The leading hi-tech construction company

in Greece

One of the largest voice/internet service providers in Greece

MA

RK

ET

POSI

TIO

NA

CTI

VITI

ES

Defense electronics products & applicationsCo-production of defenseelectronics subsystemsParticipation ininternational R&Dprogrammes

STRONG REGIONAL PRESENCE

International Presence

Subsidiaries in 20 countriesExports to 60 countriesInternational activities 55% of annual revenuePersonnel abroad: 1,850 (32%)

INVESTING IN CONTINUAL INNOVATION & GROWTH

Research & Development

Among the leading European groups in R&DAmong the leading European groups in R&D**

Main participating companies maintain:Main participating companies maintain:

**

2004, 2005, 2006 EU Industrial R&D Investment Scoreboards2004, 2005, 2006 EU Industrial R&D Investment Scoreboards

5%-7% of Group’s revenue invested annually in R&D2000-2004 total R&D investment: €293 mil

••

StateState--ofof--thethe--art researchart research

labs allowing rapid prototype labs allowing rapid prototype development and validationdevelopment and validation

••

Participation in more than 150 international R&D programmes Participation in more than 150 international R&D programmes (during the last five years)(during the last five years)

••

International partnerships with major technology manufacturers International partnerships with major technology manufacturers andand

leading academic institutionsleading academic institutions

••

A significant number of international patentsA significant number of international patents

CREATING ADDED VALUE FOR THE COMMUNITY

Corporate Citizenship

Adhering to a broad and comprehensive Corporate Social Responsibility programme Value-added contribution to society

2001-2005 : €1.261 billion

Excellent working environmentSocially

Responsible Index

Founding member of the Hellenic Network for CSR

Establishment of an academic and R&D Centre of Excellence

Value-Added

Statement

EMPLOYER OF THE REGION’S ENGINEERING TALENT

Human Resources

Masters17%

Others40%

Bachelors41%

Ph.D.2%

Scientific Staff: 60%Total Personnel: 5,700 (as a group)

2006

Intracom

IT Services

IT systems integration and deploymentSoftware developmentOutsourcing & managed services

The leading IT services provider in the Greek market and a major regional IT solutions integrator

WideWide

portfolio of IT Systems & Services for:portfolio of IT Systems & Services for:

--

Government & Public Organizations (EU and National GovernmentsGovernment & Public Organizations (EU and National Governments))

--

Banking & Financial InstitutionsBanking & Financial Institutions

--

Enterprise Market (Tourism, Lotteries, Retail, Enterprise Market (Tourism, Lotteries, Retail, TelcosTelcos,,

etc)etc)

Active in providing Outsourcing & Managed Services to Public & PActive in providing Outsourcing & Managed Services to Public & Private sectorsrivate sectors

Physical presence in Physical presence in 1111 countries: Belgium, Luxembourg, Cyprus, Bulgaria, Romania, Moldcountries: Belgium, Luxembourg, Cyprus, Bulgaria, Romania, Moldova,ova,

Turkey, Jordan, Egypt, Libya, USATurkey, Jordan, Egypt, Libya, USA

Strategic Partnerships:Strategic Partnerships: CA, Oracle, IBM, HP, SUN, SAP, Nortel, CA, Oracle, IBM, HP, SUN, SAP, Nortel, GenesysGenesys, Nuance, Microsoft,, Nuance, Microsoft,

Adobe, Hummingbird, Cisco, Adobe, Hummingbird, Cisco, CybertrustCybertrust, etc., etc.

More than More than 500500 customers in customers in 18 18 countriescountries

1.400 employees, 60% scientific staff, 50% work outside Greece1.400 employees, 60% scientific staff, 50% work outside Greece

Certificates: Quality Management (Certificates: Quality Management (ISO 9001:2000ISO 9001:2000), Environmental Management (), Environmental Management (ISO 14001:2004ISO 14001:2004), ),

Occupational Health and Safety (Occupational Health and Safety (OHSAS 18001: 1999OHSAS 18001: 1999) and Social Accountability () and Social Accountability (SA 8000: 2001SA 8000: 2001) )

management systemsmanagement systems

EXPERT IT PROFESSIONAL SERVICES

Profile Highlights

: : Top Greek IT Services Provider since 2000Top Greek IT Services Provider since 2000

EMPLOYER OF THE REGION’S ENGINEERING TALENT

INTRACOM IT SERVICES Group

€

126.5m

consolidated

2006 revenues of INTRACOM IT SERVICES

A REGIONALLY –

LEADING IT TECHNOLOGY & SERVICES GROUP

A VALUED COMBINATION OF TECHNOLOGY & BUSINESS DOMAIN EXPERTISE

Market Solutions

Information Systems Information Systems (ERP)(ERP)Enterprise SystemsEnterprise SystemsCommunication Communication NetworksNetworksTechnical SupportTechnical SupportBusiness OperationsBusiness OperationsVoice Processing Voice Processing Systems (IVR)Systems (IVR)

Core BankingCore BankingTreasury & Risk MgmtTreasury & Risk MgmtATM/POS/Card MgmtATM/POS/Card MgmtContact CentersContact CentersWorkflow MgmtWorkflow MgmtBusiness IntelligenceBusiness IntelligenceInformation SecurityInformation SecurityΙΤΙΤ Banking ConsultingBanking Consulting

Business & Technical Business & Technical ConsultingConsultingSoftware DevelopmentSoftware DevelopmentSystem & Network System & Network IntegrationIntegrationTechnical SupportTechnical SupportGovernment Process Government Process ReRe--engineeringengineering

Private CompaniesPrivate CompaniesTelecommunicationsTelecommunicationsTourismTourismRetailRetailLotteriesLotteries

BanksBanksFinancial Financial InstitutionsInstitutionsInsurance Insurance CompaniesCompanies

ee--GovernmentGovernmentGovernment FinancialsGovernment Financials(Taxation, Customs)(Taxation, Customs)Health CareHealth CareSocial SecuritySocial SecurityTransportTransport

MA

RK

ETS

MA

RK

ETS

SO

LUTI

ON

SS

OLU

TIO

NS

GOVERNMENTGOVERNMENT FINANCIAL FINANCIAL SERVICESSERVICES

ENTERPRISEENTERPRISESOLUTIONSSOLUTIONS

Loan Origination, Business Process Mngt

DealingRoom

&Treasury

Management

Business

Intelligence

& Data Warehousing

Consulting (BPR, IAS, Basel II, Anti-Money Laundering, BS7799, etc.)

Security & Vulnerability Assessment

RiskManagement

&Basel II

Multi-Channel Banking

ATM / POSATM / POSCardCard

ManagementManagement

Call CenterCall CenterCRMCRM

SpeechSpeechRecognitionRecognition

EE--BusinessBusinessEE--BankingBanking

MobileMobileBankingBanking

EnterpriseSuite

UniversalBanking

Financial & Enterprise Solutions

Risk & Vulnerability Assessment Services Corporate Information Security Risk AssessmentPenetration TestingInformation Security Risk Assessment for Services & Systems under development

Risk & Vulnerability Assessment Services Corporate Information Security Risk AssessmentPenetration TestingInformation Security Risk Assessment for Services & Systems under development

Information Security Infrastructure Implementation

Information Security Management System ImplementationInformation Security Training & Awareness ServicesInformation Security Technology Selection ConsultingBusiness Continuity Plan Design & ImplementationBS7799/ISO17799/ISO27001 Certification, Implementation &

Consulting ServicesPCI/DSS Compliance Implementation & ConsultingComputer Forensics ServicesCertification Authority Implementation Consulting Services

Information Security Infrastructure Implementation

Information Security Management System ImplementationInformation Security Training & Awareness ServicesInformation Security Technology Selection ConsultingBusiness Continuity Plan Design & ImplementationBS7799/ISO17799/ISO27001 Certification, Implementation &

Consulting ServicesPCI/DSS Compliance Implementation & ConsultingComputer Forensics ServicesCertification Authority Implementation Consulting Services

Managed Information Security MonitoringManaged Information Security MonitoringManaged Information Security Systems OperationVulnerabilities Alerting Service

Managed Information Security MonitoringManaged Information Security MonitoringManaged Information Security Systems OperationVulnerabilities Alerting Service

Information Security Technology Implementation & Integration

Access Control systems FirewallsIntrusion detection systems, IPSsVulnerability assessment systemsIdentity Management SystemsEnterprise security management systemsPublic Key Infrastructure (PKI) Integration

Information Security Technology Implementation & Integration

Access Control systems FirewallsIntrusion detection systems, IPSsVulnerability assessment systemsIdentity Management SystemsEnterprise security management systemsPublic Key Infrastructure (PKI) Integration

Information Security Services

TAKE-AWAY MESSAGE

Emphasized text to show one more strong point on this slide

Agenda

TAKE-AWAY MESSAGE

Emphasized text to show one more strong point on this slide

Security in Digital Decade

••

The new business model brings unique security challenges The new business model brings unique security challenges since business data cross the organizationsince business data cross the organization’’s boundariess boundaries••

It is important to find the right balance between the existing It is important to find the right balance between the existing

threat and the security measure needed to combat itthreat and the security measure needed to combat it

TAKE-AWAY MESSAGE

Emphasized text to show one more strong point on this slide

Major Effects of InfoSec Threats

The significance & the level of protection depends of the nature & value of information

Information Security Management System

In accordance to:Information Security Requirements & Corporate

objectivesAsset and Data Criticality Classification Risk & vulnerability assessmentLaw & regulatory requirementsBest practicesInternational Standards

( ISO/IEC27001, COBIT)

Security Management Framework Implementation

ISO/IEC 27001:2005 ISO/IEC 27001:2005 --

Information Security Management Systems Information Security Management Systems

TAKE-AWAY MESSAGE

Emphasized text to show one more strong point on this slide

Agenda

The standard provides a model for setting up and managing an effective ISMS

ISO 27001:2005 standard

10 Domains of ISO/IEC 27001 standard

TAKE-AWAY MESSAGE

Emphasized text to show one more strong point on this slide

Agenda

The significance & the level of protection depends of the nature & value of information

Business Benefits

25

More than 3.500 Certified Companies Worldwide (May 2007)

Country Nr. Country Nr. Country Nr. Country Nr.

Japan 2148 Brazil 16 Indonesia 4 Bulgaria 1

UK 313 Poland 16 Slovenia 4 Egypt 1

India 288 Austria 14 Thailand 4 Gibraltar 1

Taiwan 121 Finland 14 Argentina 3 Lebanon 1

Germany 70 Mexico 12 Canada 3 Lithuania 1

Hungary 50 Switzerland 11 France 3 Luxemburg 1

Korea 50 Turkey 11 Isle of Man 3 FYROM 1

USA 49 Spain 10 Macau 3 Moldova 1

China 48 Philippines 9 Romania 3 Morocco 1

Australia 44 Saudi Arabia 9 Belgium 2 New Zealand 1

Italy 43 Sweden 8 Croatia 2 Peru 1

Netherlands 31 UAE 8 Denmark 2 Qatar 1

Hong Kong 28 Iceland 7 Oman 2 Ukraine 1

Czech Republic 25 Kuwait 6 Pakistan 2 Uruguay 1

Singapore 25 Russian Federation 6 Slovak Republic 2 Vietnam 1

Malaysia 20 Greece 5 South Africa 2 Armenia 1

Ireland 17 Bahrain 4 Sri Lanka 2

TAKE-AWAY MESSAGE

Emphasized text to show one more strong point on this slide

Agenda

••Define Scope of the ISMSDefine Scope of the ISMS••Identify Business Model & IT mapping Identify Business Model & IT mapping ••Perform a Risk Assessment (Perform a Risk Assessment (Identify Risk)Identify Risk)••Perform Business Impact Assessment (BIA)Perform Business Impact Assessment (BIA)

••Risk Management (Risk Management (Select Select and implement effective and implement effective Controls)Controls)••ISMS ImplementationISMS Implementation

Policy / Procedures / Policy / Procedures / Guidelines & Stds Guidelines & Stds

••Detection to Incidents and Detection to Incidents and Response HandlingResponse Handling•• ISMS Training & Awareness ISMS Training & Awareness

••Actions Actions (Preventive / Corrective)(Preventive / Corrective)••ISMS ImprovementsISMS Improvements••Statement of ApplicabilityStatement of Applicability

••Internal ISMS AuditInternal ISMS Audit••Measure Effectiveness of ISMS (Identify Measure Effectiveness of ISMS (Identify weaknesses in processes and controls)weaknesses in processes and controls)

PLAN – DO –CHECK – ACT Methodology

Multilevel approach to security

Risk Management Controls

••Define Scope of the ISMSDefine Scope of the ISMS••Identify Business Model & IT mapping Identify Business Model & IT mapping ••Perform a Risk Assessment (Perform a Risk Assessment (Identify Risk)Identify Risk)••Perform Business Impact Assessment (BIA)Perform Business Impact Assessment (BIA)

••Risk Management (Risk Management (Select Select and implement effective and implement effective Controls)Controls)••ISMS ImplementationISMS Implementation

Policy / Procedures / Policy / Procedures / Guidelines & Stds Guidelines & Stds

••Detection to Incidents and Detection to Incidents and Response HandlingResponse Handling•• ISMS Training & Awareness ISMS Training & Awareness

••Actions Actions (Preventive / Corrective)(Preventive / Corrective)••ISMS ImprovementsISMS Improvements••Statement of ApplicabilityStatement of Applicability

••Internal ISMS AuditInternal ISMS Audit••Measure Effectiveness of ISMS (Identify Measure Effectiveness of ISMS (Identify weaknesses in processes and controls)weaknesses in processes and controls)

PLAN – DO –CHECK – ACT Methodology

Deliverables

•• Security PolicySecurity Policy•• Risk Assessment DocumentRisk Assessment Document•• Organizational approach to risk managementOrganizational approach to risk management•• Statement of ApplicabilityStatement of Applicability•• Disaster Recovery PlanDisaster Recovery Plan

Maintaining an ISMS

Thank you very much for your attention