Building back better with a robust, reliable and flexible IAM strategy
- Navigating the Evolving IAM Landscape
- 3rd Party Identity Risk – the enemy in my house(?)
- Best Practices in Access Management
- Securing the Future of Digital Identity
- Service Account Management
- Addressing The Emerging Threat Landscape With Modern Digital Identity
- MFA Reborn: How to Defeat Ransomware’s Lateral Movement Storms
- PlainID: Why Policy-Based Authorization is Critical for Identity First Security
- Modernizing Identity Governance: Why Now & How To Get There
Registration and Exhibition Opens
Delegates will collect their badge on arrival and refreshments will be served.
Conference Chair's Opening Address
Navigating the Evolving IAM Landscape
The past couple of years have seen some of the most daring and costly breaches in data history, with many of these being identity and credential-based. How well IDM professionals understand the implications and respond with effective IAM solutions will determine the degree of their organisation’s resilience.
The keynote will provide the backdrop for the major trends and the new advances IDM professionals need to adopt, including:
- Revamping identity management to include machine identities;
- Integrating identity governance and PAM into hybrid/multicloud environments;
- Zero trust as a driver for continuous ID verification & effective entitlement management
3rd Party Identity Risk - the enemy in my house(?)
Organisations today manage a multitude of identities beyond their own workforce. Contractors, partners, seasonal workers, suppliers, and even non-human workers such as RPAs and service accounts make up a large percentage of an organisation’s identities. Managing these identities and the access they receive is complex and it is important to keep them under control.
Point of interest in the discussion:
- Not all identities are the same: Silicon vs. Carbon
- The supply chain as the weakest link
- How do I manage a multitude of identities, even in external corporate units?
- How do I ensure secure remote access for people and machines
Best Practices in Access Management
While access management is perhaps the easiest or most straightforward aspect of IAM, it does present its own and particular challenges. Efficient practices in design, deployment, and management are very much a key to success. As a long-term security service provider, Fujitsu discusses best practices to consider in access management.
Securing the Future of Digital Identity
Today’s identity systems are a centralized collection of user data, and have become the #1 target for attackers. According to the Verizon DBIR, more than 80% of breaches start with compromised credentials. Decentralized identity represents a massive paradigm shift to a safer, more secure future by making the user’s device the transport mechanism for that single user’s data. In other words, no more “trusted” third parties. Decentralized identity eliminates the need to build connections into federation systems, and reduces the amount of personally identifiable information organizations must collect.
In short, we’ll discuss how shifting to a decentralized identity model reduces risk for organizations while simultaneously improving users privacy.
Service Account Management
In this presentation, we will discuss the current state of (non-human) service accounts, and the challenges we face related to governance, accountability, and management.
- How can we leverage IAM core technologies like IGA and PAM to overcome the service accounts management challenges?
- How do we provide better security controls?
Addressing The Emerging Threat Landscape With Modern Digital Identity
Advances in generative AI continue to drive risks and uncertainty across today’s threat landscape. Malicious actors are becoming more effective at exploiting blindspots across consumer, workforce, and partner access journeys.
Find out how modern identity can mitigate emerging threat vectors by:
- Reducing reliance on weak credentials
- Modernising outdated identity and access management infrastructure
- Leveraging context-driven AI countermeasures
Questions to the Panel of Speakers
Refreshment Break Served in the Exhibition Area
Welcome to Session Two
MFA Reborn: How to Defeat Ransomware’s Lateral Movement Storms
Understand how to protect against the 4 key stages of lateral movement.
- INITIAL ACCESS: compromised credentials of inactive VPN account with no MFA
- LATERAL MOVEMENT: utilizing PsExec and RDP until gaining domain dominance
- RANSOMWARE PROPAGATION: using a DC network share to spread the ransomware to multiple machines in the network
- RANSOMWARE EXECUTION: on all infected machine
PlainID: Why Policy-Based Authorization is Critical for Identity First Security
The enterprise perimeter is now its data objects, APIs, applications, and its users are now the workforce, customers, partners, and in many cases, machines. In this new, decentralized, and highly segmented world, CISOs and IAM leaders find themselves struggling with multiple systems and interfaces that control the most basic question: Who has access to what and when?
In this session, we will present a new architecture for Identity First Security based on centralized Access and Authorization Policy Management Platform, and discuss pro and cons, specific real-world implementations and more.
Modernizing Identity Governance: Why Now & How To Get There
80% People & Process, 20% Technology – that’s the split when looking at good Identity Governance. So, when it comes to modernizing your approach to Identity Governance, it’s more than just picking a new solution to deploy.
Join this session we will explore the drivers for modernization and share knowledge and experience of successful deployments and migrations of modern IGA – including how to avoid some of the most common pitfalls that identity programs face.
Questions to the Panel of Speakers and Delegates move to the Seminar Rooms
Networking Lunch in the Exhibition Area
Moving forward with the right tools, technologies and people in place
- Identity – The new Perimeter
- The Current State of Securing Identities
- Creating Trust with Reusable Digital Identity
- Zero Trust Architecture Demystified
Conference Chair’s Afternoon Address
Identity – The new Perimeter
Benefits of IAM
- Discuss several reasons why IAM is important
- What IAM is and how it compliments an organisation. What different toolings are available for business
Issues with IAM
- Why businesses are still having problems with IAM
- Highlight issues like out-of-date policies and procedures which do not get reviewed regularly
- Businesses not investing with IAM and then trying to patch up errors
- Still using password control and no investments into authentication i.e., as in 2FA or MFA
The future of effortless IAM
- What is the way forward?
- What is the end goal?
- What do we all want in the world of IAM?
The Current State of Securing Identities
Recent cloud trends have made classic perimeter-based security design obsolete. Identity is the new perimeter and must be the central element for today’s access policies.
Questions to the Panel of Speakers
Afternoon Networking and Refreshments served in the Exhibition Area
Welcome to Session Five
Creating Trust with Reusable Digital Identity
With more and more digital adoption we are connecting our physical and digital worlds in ways previously unimagined. Whilst this presents us with the space to create increasing degrees of convenience, it also enhances the likelihood of privacy being compromised.
The fundamental question is, how do we balance these trade-offs? And will the companies that find this balance foster greater loyalty? Alongside the need for enterprises to adapt, the distributed world is becoming more and more mainstream.
Can we challenge ourselves to find the middle road, where we create great customer experiences that are also private and secure by design?
- The creation and maintenance of customer/citizen trust is critical for the evolution of digital services, digital wallets, eIDAS2 etc
- Customer/citizen experience is a high focus for any organisation & the ability to balance strong security with strong CX is an ongoing challenge for organisations
Zero Trust Architecture demystified
While working in some major Financial Organizations and consulting companies around the world, several doubts have been voiced that CISOs, CTOs, and stakeholders have in regard to Zero Trust.
In this presentation we will discuss:
- What Zero Trust is (and what is not)
- User experience
- Key elements of Zero Trust Architecture/design
Questions to the Panel of Speakers
Closing Remarks from the Conference Chair
Whitehall Media reserve the right to change the programme without prior notice.