Session one – setting your IAM strategy, supporting your team and delivering for your customers
- Identity experiences: setting the bar high
- Supporting innovation in times of disruption: workforce IAM
- Delivering for your customers: securing your CIAM ecosystem
- Next-gen identity platform: unified and accessible
- Counting the cost: consumer identity breach
- Transcending the enterprise environment: modern SSO solutions
- Power to the user: autonomous identity
Conference Chair’s Opening Address
Dr Gilad Rosner, Founder, IoT Privacy Forum; Expert in Public Policy of IoT & Identity Management; Privacy and Technology Policy Researcher
Identity experiences: setting the bar high
Customers want to be able to sign up to a digital system in a manner which supports seamless transactions, realises value quicker and puts them at the centre of everything you are doing. Equally, employees want a refined onboarding process, login credentials in minutes not days, and the right access to the right applications as and when required.
With an improved digital identity experience, you can increase customer and employee satisfaction by taking away the friction and frustration which typically comes with first interactions.
In our opening address, we focus on creating great digital experiences, and why this matters.
Supporting innovation in times of disruption: workforce IAM
Uwe Schwarz, Head of Infrastructure Security Services, Bayer
In the age of Covid, it is more important than ever that businesses positively engage with disruption. The only alternative is to succumb to market forces as consumer demand lessens, investors save rather than spend and business costs exceed revenue generation.
We look at what your IAM priorities should be.
- Meet market expectations
- Develop your IAM talent strategy
- Be a reliable service
- Meet security demands
- Support IAM initiatives
Delivering for your customers: securing your CIAM ecosystem
Establishing a secure, streamlined, individualised, and privacy-centric consumer digital ecosystem helps build confidence in your customer relations, improves workforce productivity, and enables business growth.
We address, how to manage omnichannel experiences, secure both customer and IoT access, authenticate billions of access demands, successfully integrate, facilitate data collection points, and protect against malicious threats.
Is Your PKI a POS?
Jon Lehtinen, Director, Identity & Access Management, Thomson Reuters
Public Key Infrastructure (PKI) plays a crucial role in your organization’s IAM & infosec programs.
Despite its criticality, PKI is frequently treated as a second-class citizen, failing to get the resources, executive sponsorship, or focus that other technologies do. However, PKI is so much more than ensuring your web TLS certs don’t expire. The SolarWinds incident and its mitigations highlight the criticality of a rigorous certificate management program in securing your organization.
But what does a “good” PKI program look like?
In this talk, Jon Lehtinen walks you through the steps you can take to improve your PKI program’s maturity & secure your certificate estate through a comprehensive PKI program- including tips on creating and driving adoption of PKI policy & governance, and technical controls.
How to easily escalate privileges and own an AWS account
Raul Lapaz, Cloud security engineer Blue Team, Roche
As a live demo, we illustrate how an end-to-end credentials compromise and privilege escalation can create persistence and finally ex-filtration of newly created credentials which can be sent to an attacker’s system.
• How to steal users/employees’ credentials
• Using those credentials to elevate privileges to Full admin on AWS
• Back-dooring other users or role to maintain persistence
• Configuring serverless function to send new user’s credentials to the attacker machine
• Lessons learnt and recommendations to defenders
Questions to the Panel of Speakers
Refreshment Break Served in the Exhibition Area
Transcending the enterprise environment: modern SSO solutions
Web access management, with SSO as its go to IAM function, was designed to problem solve within the confines of the enterprise perimeter. Today, legacy single-sign-on products lack the flexibility to move away from such outdated scenarios and into a perimeter-free environment.
What is required is the right architecture in place to support the adoption of a modern SSO function which supports MFA.
We address, providing a unified and fluid SSO experience, supporting your omnichannel ecosystem, and securing legacy applications with the latest authentication technologies.
The impact of AI and ML on IAM
Saru Tumuluri, India Ambassador, Women In Identity
83% of organisations do not have a mature approach to IAM, resulting in two times more breaches on average.
We explore how AI and ML can improve this situation by:
- Combining analytics and AI to contextual insights so that both technical and non-technical employees can work more time-efficient
- Drastically speeding up the existing IAM compliance controls
- Reviewing historical user access reports to comply with auditor requests
- Autonomously detecting anomalies and potential threats
- Paving the way between reactive to preventive/corrective access management
Questions to the Panel of Speakers and Delegates move to the Seminar Rooms
Networking Lunch Served in the Exhibition Area
Session two – understanding your business needs, utilising the available technology, and integrating successfully
- Bridging the gap: SSID and CIAM
- Integrating PAM with IAG
- IAM Blockchain: distributed workforce
- Expanding remote access demands
- Extend enterprise IAM security to IoT
- Enterprise DevSecOps
Conference Chair’s Afternoon Address
Business Roles and Least Privilege: (Re-)Balancing Risks and Efficiency
Oliver Briese, IAM Project Lead & Head of SoD, Deutsche Kreditbank AG (DKB)
Markus Duda, External Project Manager, Deutsche Kreditbank AG (DKB)
In today’s advanced and distributed IT landscapes business roles (BR) is the means to cope with the size and complexity of user access rights. Building BRs means a constant struggle to fulfil conflicting interests such as least privilege, need to know, segregation of duty and reducing building and provisioning efforts. As of late auditors have also been stressing the importance of least privilege.
We will, therefore, show a risk-oriented approach on how to harmonize the contradicting goals.
Managing highly privileged accounts: integrating PAM with IAG
By extending identity governance to privileged accounts, businesses will be better able to gain increased visibility into special accounts, govern them from a centralised location, rapidly grant access to ensure productivity, all through the use of recognised industry standards which reduce implementation time and cost.
- Comprehensive view of all privileged and non-privileged accounts
- Empowering your IT admin, specialists, and executives
- Automatically remove unnecessary privileges
- Maintain strong and consistent security and compliance controls
- Streamline account entitlement provisioning, de-provisioning, access request approvals and workflows
IAM in a zero-trust world
Andrew Aiken, Zero Trust Lead Architect, Twitter
Over the last several years, there has been a dramatic increase in the number of organizations pursuing the idea of creating a Zero Trust architecture within their organizations.
The interest and pursuit of ZT skyrocketed last year as many organizations were thrust into a primarily remote workforce.
Therefore, IAM in a Zero Trust world and if you’re not already, you will probably be there soon.
There are many components involved in the development of a comprehensive Zero Trust strategy for an organization. However, particularly as it relates to remote access, Identity and Access Management is one of the cornerstones.
Questions to the Panel of Speakers
Afternoon Networking and Refreshments served in the Exhibition Area
Secure expanding remote access demands: the new normal
Ionut Stolan, IAM Specialist, Multivac
2020 witnessed the greatest workforce remote working migration in world history. For security teams, the move caused chaos. Sensitive resources which had previously been accessed by workers on site now had to be made available to a workforce which, in many cases, became entirely remote.
Whilst the talk of a perimeter-less security system has become the norm, the unexpected migration has brought about a need to better understand how to securely manage a distributed workforce.
- Zero trust as a business imperative
- Removing the perimeter and becoming more fluid
- Accessing data regardless of location or device
- Continually analyse and evaluate access requests
- Operate dynamically and granularly
- Mitigate data exposure against threats
Extend enterprise IAM security to IoT: access all areas
Many non-traditional endpoints and edge devices have minimal computing power. Which means that they may not be well suited to traditional endpoint security tools. Added to this is the fact that IoT and network devices tend to have embedded or easy to navigate credentials.
This is why it is critical to extend credential management, least privilege, and other controls to these devices in order to keep them segmented across the enterprise.
We address, the role that PAM can play in adding vital security controls to IoT and how you can extend across your business environment.
Enterprise DevSecOps: addressing the IAM security challenge
When done effectively, DevSecOps can create a secure by design culture which supports transparency of security vulnerabilities, encourages collaboration between teams, and drives agility.
Done badly, teams then have to fall back on manual controls which has an impact on cycle times, produces false positives and leads to inefficient, voluminous outputs. This then leads to the late identification of defects in the development cycle, disrupts production and creates vulnerabilities.
- Avoiding costly remediation efforts
- Successfully leverage integrated automated controls
- Enable rapid secure by design platform and app development
- Secure product development and deployment