Programme @


Identity Management

7 March 2024

Steigenberger Airport Hotel, Frankfurt

Programme @ IDM DACH

Morning Session

Building back better with a robust, reliable and flexible IAM strategy

  • Navigating the Evolving IAM Landscape
  • 3rd Party Identity Risk – the enemy in my house(?)
  • Best Practices in Access Management
  • Securing the Future of Digital Identity
  • Service Account Management
  • Addressing The Emerging Threat Landscape With Modern Digital Identity
  • MFA Reborn: How to Defeat Ransomware’s Lateral Movement Storms
  • PlainID: Why Policy-Based Authorization is Critical for Identity First Security
  • Modernizing Identity Governance: Why Now & How To Get There

08:00 (CEST)

Registration and Exhibition Opens

Delegates will collect their badge on arrival and refreshments will be served.

09:00 (CEST)

Conference Chair's Opening Address

09:10 (CEST)

Navigating the Evolving IAM Landscape

The past couple of years have seen some of the most daring and costly breaches in data history, with many of these being identity and credential-based. How well IDM professionals understand the implications and respond with effective IAM solutions will determine the degree of their organisation’s resilience.

The keynote will provide the backdrop for the major trends and the new advances IDM professionals need to adopt, including:

  • Revamping identity management to include machine identities;
  • Integrating identity governance and PAM into hybrid/multicloud environments;
  • Zero trust as a driver for continuous ID verification & effective entitlement management

09:25 (CEST)

3rd Party Identity Risk - the enemy in my house(?)

Organisations today manage a multitude of identities beyond their own workforce. Contractors, partners, seasonal workers, suppliers, and even non-human workers such as RPAs and service accounts make up a large percentage of an organisation’s identities. Managing these identities and the access they receive is complex and it is important to keep them under control.

Point of interest in the discussion:

  • Not all identities are the same: Silicon vs. Carbon
  • The supply chain as the weakest link
  • How do I manage a multitude of identities, even in external corporate units?
  • How do I ensure secure remote access for people and machines

09:40 (CEST)

Best Practices in Access Management

While access management is perhaps the easiest or most straightforward aspect of IAM, it does present its own and particular challenges. Efficient practices in design, deployment, and management are very much a key to success. As a long-term security service provider, Fujitsu discusses best practices to consider in access management.

09:55 (CEST)

Securing the Future of Digital Identity 

Today’s identity systems are a centralized collection of user data, and have become the #1 target for attackers. According to the Verizon DBIR, more than 80% of breaches start with compromised credentials. Decentralized identity represents a massive paradigm shift to a safer, more secure future by making the user’s device the transport mechanism for that single user’s data. In other words, no more “trusted” third parties. Decentralized identity eliminates the need to build connections into federation systems, and reduces the amount of personally identifiable information organizations must collect.

In short, we’ll discuss how shifting to a decentralized identity model reduces risk for organizations while simultaneously improving users privacy.



10:10 (CEST)

Service Account Management

In this presentation, we will discuss the current state of (non-human) service accounts, and the challenges we face related to governance, accountability, and management.

  • How can we leverage IAM core technologies like IGA and PAM to overcome the service accounts management challenges?
  • How do we provide better security controls?

10:25 (CEST)

Addressing The Emerging Threat Landscape With Modern Digital Identity

Advances in generative AI continue to drive risks and uncertainty across today’s threat landscape. Malicious actors are becoming more effective at exploiting blindspots across consumer, workforce, and partner access journeys.

Find out how modern identity can mitigate emerging threat vectors by:

  • Reducing reliance on weak credentials
  • Modernising outdated identity and access management infrastructure
  • Leveraging context-driven AI countermeasures

10:40 (CEST)

Questions to the Panel of Speakers

11:00 (CEST)

Refreshment Break Served in the Exhibition Area

11:25 (CEST)

Welcome to Session Two

11:30 (CEST)

MFA Reborn: How to Defeat Ransomware’s Lateral Movement Storms

Understand how to protect against the 4 key stages of lateral movement.

  1. INITIAL ACCESS: compromised credentials of inactive VPN account with no MFA
  2. LATERAL MOVEMENT: utilizing PsExec and RDP until gaining domain dominance
  3. RANSOMWARE PROPAGATION: using a DC network share to spread the ransomware to multiple machines in the network
  4. RANSOMWARE EXECUTION: on all infected machine

11:45 (CEST)

PlainID: Why Policy-Based Authorization is Critical for Identity First Security

The enterprise perimeter is now its data objects, APIs, applications, and its users are now the workforce, customers, partners, and in many cases, machines. In this new, decentralized, and highly segmented world, CISOs and IAM leaders find themselves struggling with multiple systems and interfaces that control the most basic question: Who has access to what and when?

In this session, we will present a new architecture for Identity First Security based on centralized Access and Authorization Policy Management Platform, and discuss pro and cons, specific real-world implementations and more.

12:00 (CEST)

Modernizing Identity Governance: Why Now & How To Get There

80% People & Process, 20% Technology – that’s the split when looking at good Identity Governance. So, when it comes to modernizing your approach to Identity Governance, it’s more than just picking a new solution to deploy.

Join this session we will explore the drivers for modernization and share knowledge and experience of successful deployments and migrations of modern IGA – including how to avoid some of the most common pitfalls that identity programs face.

12:15 (CEST)

Questions to the Panel of Speakers and Delegates move to the Seminar Rooms

12:30 (CEST)

Seminar Sessions

13:15 (CEST)

Networking Lunch in the Exhibition Area

Afternoon Session

Moving forward with the right tools, technologies and people in place

  • Identity – The new Perimeter
  • The Current State of Securing Identities
  • Creating Trust with Reusable Digital Identity
  • Zero Trust Architecture Demystified

14:00 (CEST)

Conference Chair’s Afternoon Address

14:05 (CEST)

Identity – The new Perimeter

Benefits of IAM

  • Discuss several reasons why IAM is important
  • What IAM is and how it compliments an organisation. What different toolings are available for business

Issues with IAM

  • Why businesses are still having problems with IAM
  • Highlight issues like out-of-date policies and procedures which do not get reviewed regularly
  • Businesses not investing with IAM and then trying to patch up errors
  • Still using password control and no investments into authentication i.e., as in 2FA or MFA

The future of effortless IAM

  • What is the way forward?
  • What is the end goal?
  • What do we all want in the world of IAM?

14:20 (CEST)

The Current State of Securing Identities

Recent cloud trends have made classic perimeter-based security design obsolete. Identity is the new perimeter and must be the central element for today’s access policies.

14:35 (CEST)

Questions to the Panel of Speakers

14:50 (CEST)

Afternoon Networking and Refreshments served in the Exhibition Area

15:15 (CEST)

Welcome to Session Five

15:20 (CEST)

Creating Trust with Reusable Digital Identity

With more and more digital adoption we are connecting our physical and digital worlds in ways previously unimagined. Whilst this presents us with the space to create increasing degrees of convenience, it also enhances the likelihood of privacy being compromised.

The fundamental question is, how do we balance these trade-offs? And will the companies that find this balance foster greater loyalty? Alongside the need for enterprises to adapt, the distributed world is becoming more and more mainstream.

Can we challenge ourselves to find the middle road, where we create great customer experiences that are also private and secure by design?

  • The creation and maintenance of customer/citizen trust is critical for the evolution of digital services, digital wallets, eIDAS2 etc
  • Customer/citizen experience is a high focus for any organisation & the ability to balance strong security with strong CX is an ongoing challenge for organisations

15:35 (CEST)

Zero Trust Architecture demystified

While working in some major Financial Organizations and consulting companies around the world, several doubts have been voiced that CISOs, CTOs, and stakeholders have in regard to Zero Trust.

In this presentation we will discuss:

  • What Zero Trust is (and what is not)
  • User experience
  • Key elements of Zero Trust Architecture/design


15:50 (CEST)

Questions to the Panel of Speakers

16:05 (CEST)

Closing Remarks from the Conference Chair

16:15 (CEST)

Conference Closes

Please note:
Whitehall Media reserve the right to change the programme without prior notice.

Follow us on social

Keep up to date with what's going on by following us on social media.

Featured blogs

Read the latest news and views from key industry figures and thought leaders.

Phased Approach: The Importance of Building a Mature PAM Program
Blog By: Xalient  The ever-present cybersecurity threats and the high costs of cyber insurance are driving many organizations to consider building a mature Privileged Access Management (PAM) program to protect their systems and infrastructure. When approaching PAM, organizations often view the process as a one-time solution implementation to help them stay compliant. The reality is...
Optimized IGA: The Power of Clear Skye + ServiceNow
Blog by: Clear Skye  Our decision to build our software natively on ServiceNow is a big part of what enables us to approach identity differently—dare we say better?—than other players in the game. It’s not just our opinion that the platform way is the best way—so why settle for better when we could be the...
The Crucial Role of Identity in Zero Trust Security
Written by Jaye Tilson, Field CTO, HPE Aruba Networking and Brian Ramsey, VP America, Xalient In an increasingly digital world where cybersecurity threats are constantly evolving, organizations are embracing new strategies to protect their sensitive data and assets. One such approach that has gained prominence in recent years is Zero Trust. Zero Trust challenges the traditional...