Facebook, Netlog, Twitter, LinkedIn, Xing, … collectively represent more than a billion users and many thousands of organizations large and small accessing and using those networks on a daily basis. They are a great opportunity for trendy marketeers and smart business people, whilst building new standard communication channels for friends that we have lost track with and many business partners which are sometimes difficult to connect.

Twitter and Facebook are also providing major impact on mass media and in critical situations. Important societal events such as the Arabic spring or major disasters such as the terrorist attack in Norway, or even more recent the Pukkelpop festival in Belgium; social media are supporting communications and provide a relief for victims, family and relatives.
They have become and will continue to be important communication channels for leisure and pleasure, but increasingly for critical situations.

Introduction

Companies and other institutions are faced with the challenge of embracing these new channels and opportunities. In many cases this evolution has many similarities to the evolution of the internet in the enterprise, and the current challenges of the smartphones and mobile devices. For some they are considered a major threat, others recognize them as a new way of doing business, maintaining relationships, marketing new products, exchanging information, …
Statistics indicate that quite a lot of internet traffic is related to online social networks, typically within busy hours. Sometimes, they only relate to a small minority of personal, actively using the systems for business purposes, but in many cases they are being used for personal means.
Online Social Networks are also becoming an increasingly important channel for distribution of modern malwares. Current AV-tools are not always sufficient and need another approach.
Increasingly the online social networks are being misused, providing misleading information and falsified identities to release valuable information from the potential partners; sometimes they serve as a channel for data breaches.

This event is supported by LSEC Expert Members Barracuda Networks and MMS-Secure

Download more information

Barracuda Networks and Websense have been publishing various reports on some of the reported issues.
Visit their website to find out more, or download immediately :

Challenges, Threats and Opportunities

Finally there are increasing concerns on privacy, both for individuals and corporations. Online Social Networks are constantly adapting their guidelines and internal rules, to the benefit of some to the deficit of others, not always that clear. The changing data protection regulations are suggesting that citizen would also need to get the right to remove their historical data. Even as an organization using online social networks, marketing departments are struggling to keep the right messages coming across.

In this seminar, LSEC brought together some expertise to explain some of these challenges, and indicate some potential evolving solutions. Discussions were relate toward some upcoming threats and challenges, without forgetting the opportunity of the online social networks & online social media.

This seminar was intended to marketing departments, information security and security professionals, social and communication experts and information technology departments.

Program Overview

9.30 : Welcome & Registration

Coffee continuously available during the morning.

9.45 : Opening Notes & Introduction by Ulrich Seldeslachts, CEO LSEC

10.00 : Online Social Networking for Business explained, by Mark Vanlook, ceo of anaXis,
Whether it is to find new clients to do business somewhere online, to reach your market… more and more companies are taking advantage of Social Media today. Learn why and how companies are seizing the opportunity of Online Social networks and how also your company could be supported in using online social networks not only for the leisure of employees. Mark Vanlook explains what role social media can play in your company and which strategy is to follow in order to optimize your social media campaigns.

10.45 : Social media and expectations of your customers, an insight on social media for IT companies, by Frank De Graeve, Quadrant Communications.

Online Social media are more than a toy for youngsters. In every enterprise, at least someone is working with linkedin, wiki’s, twitter, and other online social networking tools. As professional communication services, more companies are asking us what the potential advantages could be, and how to deal with them.

11.30 :  Social Media Malware Problems, by Eddy Willems, G-Data

A historical perspective on Malware and what happens in the online social media environments. Some facts and figures on malware distribution through Online Social Media.

12.15 : the example of using Twitter as a channel for malware distribution, identity fraud and physing attacks, by Joeri Vanhoof, Barracuda Networks

13.00 : lunch & networking

14.00 : The use of online social networking as part of network traffic, and how to relate to it from a network management and network security management perspective, by Stijn Rommens, Palo Alto Networks

In it’s bi-annual white paper, Palo Alto Networks reports on the use of online social media and other traffic within the companies of their install base. They indicate how traffic inside the company is being shaped and how it could impact business communications. Learn how to use application firewalls to also prevent malicious attempts of malware coming in through the backdoor of online social media.

14.45 : Keynote address : Privacy disasters in social media – how vulnerable is your organization?, by Abhilash V. Sonwane – Vice President for Cyberoam, a division of Elitecore Technologies

Abstract: The aim of this presentation is to highlight emerging threats due to privacy disclosures faced by organizations and their employees, partners etc. who are active in social networks. While applications such as Facebook, Twitter and Linkedin have opened new windows of opportunity for their businesses, most organizations are unaware that each time they use social media tools, it reveals a potential minefield of sensitive information which may be used against them by competitors.

Seemingly harmless forum posts, remarks, tweets, or status updates by employees, when fitted together as a jigsaw puzzle, disclose startling facts about the organization which only an insider might be aware of.  This level of privacy breach is equivalent to hacking into a company’s network to learn its plans, products, clients or trade secrets, or finding a person to be bribed, coerced or blackmailed to get such information. 
Cyberoam recently did a research on social media presence of 20 organizations from around the world, and their employees to mine for information which could be potentially embarrassing. The findings were interesting and scary at the same time – employees are tweeting away anything from sensitive financial information to product launch details. What’s more, studying the patterns of corporate disclosures can even unravel the very DNA of the organization.
About : Abhilash V. Sonwane is Sr. Vice President - Product Management for Cyberoam, a division of Elitecore Technologies, where he is responsible for product and technology direction of the Cyberoam product line of Unified Threat Management appliances and other network security products.  He is a key innovator of the patent pending Layer 8 technology that implements the Human Layer over the theoretical 7 layers of the network stack. His current research involves studying people behavior in social engineering, and the evolution of next-generation threats emanating from social media.
Abhilash has around 11 years of experience in developing products solutions. His excellent grasp of the security industry and in-depth technical knowledge has been instrumental in the evolution of the Cyberoam brand worldwide. A prolific public speaker, he has addressed prestigious network security forums including RSA Conference (San Francisco), Virus Bulletin (Vienna), Interop and more.

15.45 : Coffee Break

16.15 : Securing the social enterprise - make your business safe to be social, by Philippe Michiels,Territory Account Manager, Belgium, Websense

Abstract : Do you want to reap the social web business benefits of posts, tweets, and tubes? Do you want to capitalize on the social web without employees wandering off to unproductive sites or engaging in illegal activities and confidential data loss? Follow this session and learn the secrets to:
• Enable the use of the social web and protect productivity and limit legal liability
• Eliminate the risks of the social web and help prevent modern malware

About : Philippe Michiels joined Websense in April 2011 as Territory Account Manager for Websense in Belgium. In this role, he is responsible for the effectiveness of the Belgium channel and is there to advise customers about Websense security solutions.

Philippe has been in the security industry for over 15 years. He has a passion for IT and a self confessed fascination for the never ending evolution of the Internet following trends like Web 2.0 and the rise of Social Media. He studied electronics and began his career with an IT distributor before moving on to become a Systems Engineer, working hands-on designing and implementing the first Windows NT server deployments for enterprise customers.  It was at this time his enthusiasm for IT Security blossomed due to the new and rising phenomenon of the Internet. 

Philippe joins Websense from Trend Micro where he held positions as direct touch account manager and pre-sales engineer. Prior to that he held sales, sales engineer and security engineer positions at Dolmen CA, IN2 Computer and Tritech. Philippe plays a key role in educating our customers in Belgium and is an active company spokesperson discussing security-related matters at events and conferences.

17.00 : Privacy and Security in online social networks? A critical perspective from a research point of view, by Seda Guerses, COSIC, KU Leuven.

17.45 : Panel Discussion

18.15 : Closing Reception & Networking

19.15 : Close of Conference

You can also download a package with all the presentations of the day.

Topics under consideration

1. effectively using social networks in an enterprise context : block or embrace?
2. The example of using Twitter as a channel for malware distribution, identity fraud and physing attacks
3. enterprise social networking usage scenario’s, and how to deal with them
a. the real life experience : what do users do in their office time and some suggestionof dealing with it intelligently
b. social networks and data loss : should your security strategy be antisocial? 
4. social networks as means for targetted attacks and malware distribution
5. mapping an organization’s DNA using social media
6. privacy and online social networks : besides the personal data, is your enterprise or product social network protected?
7. ...

Practical Details :

Seminar with presentations, interactive discussions and panel discussions
Leuven, Ubicenter, September 6th from 9 AM until 7.30 PM

Free of Charge for LSEC Members, SIGNATURE partner Members and other Affiliate Members, and by special invitation
Free to attend upon registration before July 1st 2011, 150 € after July 1st.

Register at our http://socialnetworking2011.eventbrite.com.

About the organizers :
This event is organized by LSEC, a not-for-profit association focused on Information Security in Belgium. LSEC has been organizing over the last couple of years over 100 highly professional information security oriented activities. LSEC is a founding member of the European Security Innovation Network, a project supported by the European Commission through the INTERREG IVb program that supports innovative developments in the North Western European region in Security. With its partners Systematic Paris region in France, SITC in the UK and TeleTrusT in Germany, LSEC welcomes the active participation of companies to participate in the discussion of potential threats, challenges and opportunities for companies in the domain of Security, or to the enterprise market and government institutions.

Register at our http://socialnetworking2011.eventbrite.com.

Looking forward welcoming you on September 6th.