Programme @

IDM DACH

Identity Management

6 July 2023

The Westin Grand Frankfurt

Programme @ IDM DACH

Morning Session

Building back better with a robust, reliable and flexible IAM strategy

  • Building blocks for your Zero Trust journey
  • The Future of Access Management
  • The importance of identity in securing your business
  • Defend the perimeter!
  • How SASE supports the new way of working
  • Integrating PAM and IAM into your Identity Security Strategy

09:00 (CEST)

Introduction from the Conference Chair - Navigating the Evolving IAM Landscape

Bharat Thakrar
CISO and Principal Security Lead, Information Security Forum
view profile

Bharat Thakrar, CISO and Principal Security Lead, Information Security Forum

The past couple of years have seen some of the most daring and costly breaches in data history, with many of these being identity and credential-based. How well IDM professionals understand the implications and respond with effective IAM solutions will determine the degree of their organisation’s resilience.

The keynote will provide the backdrop for the major trends and the new advances IDM professionals need to adopt, including:

  • Revamping identity management to include machine identities;
  • Integrating identity governance and PAM into hybrid/multicloud environments;
  • Zero trust as a driver for continuous ID verification & effective entitlement management

09:25 (CEST)

3rd Party Identity Risk - the enemy in my house(?)

Klaus Hild
Principal Identity Strategist, SailPoint
view profile

Klaus Hild, Principal Identity Strategist, SailPoint 

Organisations today manage a multitude of identities beyond their own workforce. Contractors, partners, seasonal workers, suppliers, and even non-human workers such as RPAs and service accounts make up a large percentage of an organisation’s identities. Managing these identities and the access they receive is complex and it is important to keep them under control.

Find out about these topics:

– Not all identities are the same: Silicon vs. Carbon

– The supply chain as the weakest link

– How do I manage a multitude of identities, even in external corporate units?

– How do I ensure secure remote access for people and machines?

 

09:40 (CEST)

Best Practices in Access Management

Rasa Siegberg, Business Owner (IAM), Fujitsu Finland
Rasa Siegberg
Business Owner (IAM), Fujitsu Finland
view profile

Rasa Siegberg, Business Owner (IAM), Fujitsu Finland

While access management is perhaps the easiest or most straightforward aspect of IAM, it does present its own and particular challenges. Efficient practices in design, deployment and management are very much a key to success. As a long-term security service provider, Fujitsu discusses best practices to consider in access management.

09:55 (CEST)

Securing the Future of Digital Identity 

David Baier
Solution Architect, Ping Identity
view profile

David Baier, Solution Architect, Ping Identity

Today’s identity systems are a centralized collection of user data, and have become the #1 target for attackers. According to the Verizon DBIR, more than 80% of breaches start with compromised credentials. Decentralized identity represents a massive paradigm shift to a safer, more secure future by making the user’s device the transport mechanism for that single user’s data. In other words, no more “trusted” third parties. Decentralized identity eliminates the need to build connections into federation systems, and reduces the amount of personally identifiable information organizations must collect.

In short, we’ll discuss how shifting to a decentralized identity model reduces risk for organizations while simultaneously improving users privacy.

 

 

10:10 (CEST)

Service Account Management

Abhinav Bajaj, IAM Lead, Delivery Hero SE
Abhinav Bajaj
IAM Lead, Delivery Hero SE
view profile

Abhinav Bajaj, IAM Lead, Delivery Hero SE

In this presentation we will discuss the current state of (non-human) service accounts, the challenges we face related to governance, accountability, and management.

  • How can we leverage IAM core technologies like IGA and PAM to overcome the service accounts management challenges?
  • How do we provide better security controls?

10:25 (CEST)

Addressing The Emerging Threat Landscape With Modern Digital Identity

Adam Preis
Director, Solution Marketing, ForgeRock
view profile

Adam Preis, Director, Solution Marketing, ForgeRock

Advances in generative AI continue to drive risks and uncertainty across today’s threat landscape. Malicious actors are becoming more effective at exploiting blindspots across consumer, workforce, and partner access journeys.

Find out how modern identity can mitigate emerging threat vectors by:

– Reducing reliance on weak credentials
– Modernising outdated identity and access management infrastructure
– Leveraging context-driven AI countermeasures

10:40 (CEST)

Questions to the Panel of Speakers

11:00 (CEST)

Refreshment Break Served in the Exhibition Area

11:25 (CEST)

Welcome to Session Two

Bharat Thakrar, CISO and Principal Security Lead, Information Security Forum

11:30 (CEST)

The Identity Security Blind Spot : MFA for Legacy Systems and Service Account protection

Mike King
Sales Engineer, Silverfort
view profile

Mike King, Sales Engineer, Silverfort

In this presentation we will:

  • Introduce Silverfort’s platform and its ability to extend MFA to AD environments, as well as its automated service account discovery and protection.
  • Walk through a customer case study that has successfully use Silverfort to block a ransomware’s lateral movement attack in his environment.
  • See the initial policies the customer set in place and understand their reasoning.
  • Gain insight the attack as it was reflected in Silverfort’s screens, and realize the potential impact of the damage that was prevented.

11:45 (CEST)

How to Derive a Sensible SoD-Ruleset for Your IdAM.Framework

Stefan Bosnjakovic
External IAM & GRC Architect, Glencore International AG
view profile

Stefan Bosnjakovic, External IAM & GRC Architect at Glencore International AG

Glencore was forced to implement UKCR (UK Company Reform, essentially the UK version of SoX) due to regulatory requirements and already owns a usable business process taxonomy, so we use this as a basis for the required SoD-framework:

Finding a suitable taxonomy for your enterprise (Finance, Industry, Pharma, etc.) – done. Glencore already defined a usable business process for industry and the following points are in progress:

  • Classify business processes and match to taxonomy values
  • Specify regulatory requirements
  • Derive basic SoD-ruleset
  • Find maker-checker-pairs
  • Specify board requirements
  • Derive extended SoD-ruleset
  • Analyse violation result set

12:00 (CEST)

Modernizing Identity Governance: Why Now & How To Get There

Thomas Müller-Martin
Lead Architect, Omada
view profile

Thomas Müller-Martin, Lead Architect, Omada

80% People & Process, 20% Technology – that’s the split when looking at good Identity Governance. So, when it comes to modernizing your approach to Identity Governance, it’s more than just picking a new solution to deploy.

Join this session with Omada where we will explore the drivers for modernization and share knowledge and experience of successful deployments and migrations of modern IGA – including how to avoid some of the most common pitfalls that identity programs face.

12:15 (CEST)

Questions to the Panel of Speakers and Delegates move to the Seminar Rooms

12:30 (CEST)

Seminar Sessions

13:15 (CEST)

Networking Lunch in the Exhibition Area

Afternoon Session

Moving forward with the right tools, technologies and people in place

  • Mobile worker security or user experience – how about both?
  • How to better manage device-based access
  • The Four Pillars of Certificate Automation
  • Adapt to the new normal with adaptive access policies
  • AIOps as the new enterprise perimeter
  • Unite the tribes: MIM + DevSecOps = digital business enabler
  • Why machine identities matter: MI’s as your networks weakest link

14:00 (CEST)

Conference Chair’s Afternoon Address

Bharat Thakrar
CISO and Principal Security Lead, Information Security Forum
view profile
Bharat Thakrar, CISO and Principal Security Lead, Information Security Forum

14:05 (CEST)

Managing secure customer identification for the leader in money transfer services

Christoph Sauerwein
Chairman and Co-Founder, TrustCloud
view profile

Christoph Sauerwein, Chairman and Co-Founder, TrustCloud

The recent pandemic had greatly accelerated the need for remote identity verification world wide. Learn how through a two-minute video call, a biometric analysis, the verification of official ID documents and the proof of life demonstrate in real time if the customer is who they say they are, and if the person verified is the same person who appears on the session.

During this session we will examine how some of the largest banking, online payments and insurance firms can verify the identity of their clients with all the guarantees, remotely, in real time, through a safe and guarded system of intelligent video calls, both automated or assisted.

Via a real life customer success story with one of the world’s largest money transfer services, you will understand how with the use of video technology, the true identity of the customer can be recorded, with simultaneous “layers” of authentication in a single, frictionless process, thanks to the easy and seamless usability with which it is developed for both customer and business.

Join this session to discover how remote identification technology, governed by a powerful orchestration layer, can help to achieve effective, regulatory compliant and secure customer identification.

14:20 (CEST)

Modern IAM for M&A. How to Unify Fragmented Identity - Achieve successful M&A with the right Identity strategy

Thomas Heinz
Team Lead Solutions Engineering Commercial Central & Eastern Europe & Switzerland, Okta
view profile

Thomas Heinz, Team Lead Solutions Engineering Commercial Central & Eastern Europe & Switzerland, Okta

Merger & Acquisition comes with expectations. Okta helps organizations quickly and securely
integrate or divest entities to deliver business value more immediately. This session will use Customer case studies to illustrate this journey.

14:35 (CEST)

Questions to the Panel of Speakers

14:50 (CEST)

Afternoon Networking and Refreshments served in the Exhibition Area

15:15 (CEST)

Welcome to Session Five

Bharat Thakrar, CISO and Principal Security Lead, Information Security Forum

15:20 (CEST)

It’s All About Your Wallet

Drs. Jacoba C. Sieders
Drs Jacoba C Sieders, Independent Digital Identity/IAM Expert
view profile

Drs Jacoba C Sieders, Independent Digital Identity/IAM Expert

In this presentation, Jacoba will be giving you a high-level overview of the background, current state, challenges, and future for the European digital identity wallets, as aimed for by the e-IDAS 2.0 legislation.

  • Within a few years, every EU citizen is entitled to have this privacy-friendly, secure, and seamless magic data-sharing agent on their device.
  • What is it?
  • Will it work?
  • And where are we today?

15:35 (CEST)

Making a choice of CIAM tool for growing enterprises

Amol Sawarkar
Enterprise Architecture - Global IT Planning and Project Management, IFRC (International Federation of Red Cross and Red Crescent Societies)
view profile

Amol Sawarkar, Enterprise Architecture – Global IT Planning and Project Management, International Federation of Red Cross and Red Crescent Societies (IFRC)

Increased digitalisation creates the need for applications to be available beyond corporate users like partners and consumers. A case study will be used from IFRC for building a scalable external identity platform for memberships and volunteers. The idea is to use cloud services at its disposal, allowing the organisation to start with minimal operational investment and scale-up/scale-out with the success of the business model. Let’s try exploring how to set an approach to move in steps and widen the scope to increase adoption and expansion opportunities.

  • Extranet with single sign-on for external users
  • Based on Industry standards and scale to needs approach
  • Lower initial investment, low operational cost. Customise when needed.

 

15:50 (CEST)

Questions to the Panel of Speakers

16:05 (CEST)

Closing Remarks from the Conference Chair

Bharat Thakrar
CISO and Principal Security Lead, Information Security Forum
view profile

Bharat Thakrar, CISO and Principal Security Lead, Information Security Forum

16:15 (CEST)

Conference Closes

Please note:
Whitehall Media reserve the right to change the programme without prior notice.

Follow us on social

Keep up to date with what's going on by following us on social media.

Featured blogs

Read the latest news and views from key industry figures and thought leaders.

Maintenance – the vital defense longtail of any IAM solution
Blog By: Ductus  Increasing IAM complexity The need for effective Identity Access Management (IAM) has never been greater, whether for humans trying to log in via a frontend client or machine-to-machine identities. And, with such a broad spectrum of gateways, APIs, SOAP interfaces, direct point-to-point integrations, or other transfer protocols, the challenge of authenticating identities...
How to Manage Non-Employee Access
Blog by: Saviynt  The world of third party access governance  is – and isn’t – like identity governance and administration (IGA). The motivations may be the same but the risks are very different. Recently, Anirudh Sen (AS), Saviynt VP of Products, and Nitish Deshpande (ND), Research Analyst with  KuppingerCole, sat down to discuss third-party lifecycle management, process challenges, and...
Uniting large-scale, complex businesses with PowerSyncPro
Blog by: PowerSyncPro Mergers and acquisitions involving tens – or even hundreds – of thousands of users require complex tenant-to-tenant migrations. Traditionally, those migrations have been fraught with problems. Problems that impact your people, your productivity and your profit. Combining solid preparation with the right software solution can dramatically reduce the pain involved. Enter PowerSyncPro:...