Programme @

IDM DACH

VIRTUALCONFEX

19 May 2021

Brought to you by Whitehall Media

Programme @ IDM DACH

Session One

setting your iam strategy, supporting your team and delivering for your customers

  • Identity experiences: setting the bar high
  • Supporting innovation in times of disruption: workforce IAM
  • Delivering for your customers: securing your CIAM ecosystem
  • Next-gen identity platform: unified and accessible
  • Counting the cost: consumer identity breach
  • Transcending the enterprise environment: modern SSO solutions
  • Power to the user: autonomous identity

view presentation

09:15 (CEST)

Conference Chair's Opening Address

Dr Gilad Rosner
Founder, IoT Privacy Forum
view profile

Dr Gilad Rosner, Founder, IoT Privacy Forum; Expert in Public Policy of IoT & Identity Management; Privacy and Technology Policy Researcher

09:25 (CEST)

Universal Privilege Management: Secure Every Privilege, Every Time

Charlie Wood
Regional Sales Manager, BeyondTrust
view profile

Virtually every cybersecurity breach today involves the exploitation of privileged access. Privileges are initially exploited to infiltrate an IT environment; once compromised by threat actors, privileges are further leveraged to move laterally, access assets, install malware, and inflict damage.

Enterprises of all sizes have experienced a privilege explosion, driven by trends like cloud computing, DevOps, and edge computing, and the proliferation of non-human identities and accounts. As a result, privileged access is pervasive across the modern IT environment, yet it is often inadequately managed and monitored. Many organizations assume that password management will solve the privilege problem—but it’s only a partial solution.

In this 15 minute session, learn about Universal Privilege Management, and how it is used to secure every user, session, and asset across your IT environment. Charlie will cover:
• Why relying on password management alone leaves dangerous gaps in protection
• Disrupting the cyberattack chain with privileged access security controls
• Keys to a frictionless PAM solution that is invisible to end users

09:40 (CEST)

Business Roles and Least Privilege: (Re-)Balancing Risks and Efficiency

Oliver Briese
IAM Project Lead & Head of SoD, Deutsche Kreditbank AG (DKB)
view profile
Markus Duda
External Project Manager, Deutsche Kreditbank AG (DKB)
view profile

Oliver Briese, IAM Project Lead & Head of SoD, Deutsche Kreditbank AG (DKB)

Markus Duda, External Project Manager, Deutsche Kreditbank AG (DKB)

In today’s advanced and distributed IT landscapes business roles (BR) is the means to cope with the size and complexity of user access rights. Building BRs means a constant struggle to fulfil conflicting interests such as least privilege, need to know, segregation of duty and reducing building and provisioning efforts. As of late auditors have also been stressing the importance of least privilege.

We will, therefore, show a risk-oriented approach on how to harmonize the contradicting goals.

10:00 (CEST)

The new normal für CIAM: key trends and focus areas for Consumer Identity and Access Management in 2021 and beyond

Allan Foster
Chief Evangelist, ForgeRock
view profile
Gerhard Zehethofer
VP IoT and New Technology, ForgeRock
view profile

Allan Foster, Chief Evangelist, ForgeRock
Gerhard Zehethofer, VP IoT and New Technology, ForgeRock

2020 introduced a whole new normal for consumer identity. Allan will talk about how Identity is a key foundation for a successful digital relationship with your consumer, impacting everything from regulatory compliance, to their user experience with your brand. Delivering a deeper understanding of the relationships you have with your consumer, across multiple aspects of your business, lets you provide the service and experience demanded by the new normal.

 

10:15 (CEST)

Questions to the Panel of Speakers

10:30 (CEST)

Networking Break

Session Two

10:45 (CEST)

Session Introduction

Dr Gilad Rosner
Founder, IoT Privacy Forum
view profile

Dr Gilad Rosner, Founder, IoT Privacy Forum; Expert in Public Policy of IoT & Identity Management; Privacy and Technology Policy Researcher

10:50 (CEST)

Why On Premise IGA is the New Legacy

Thomas Müller-Martin
Global Technical Lead, Omada
view profile

Thomas Müller-Martin, Global Technical Lead, Omada

In this session Thomas Müller-Martin, Global Technical Lead of Omada, will share his insights about the evolving IGA market and why companies today choose an enterprise IGA SAAS platform over an on-premise solution.

Learn in this session how to transform your legacy or home-grown solution to a modern IGA solution without the hassle of long and cumbersome implementation and high maintenance costs. Based on best practices, we will demonstrate to you how organizations today can deliver fast value to their business to mitigate risk and increase efficiency.

Join this interesting speech by Omada, a global market leader in Identity Governance and Administration (IGA).

11:05 (CEST)

How to easily escalate privileges and own an AWS account

Raul Lapaz
Cloud security engineer Blue Team, Roche
view profile

Raul Lapaz, Cloud security engineer Blue Team, Roche

As a live demo, we illustrate how an end-to-end credentials compromise and privilege escalation can create persistence and finally ex-filtration of newly created credentials which can be sent to an attacker’s system.

·        How to steal users/employees’ credentials

·        Using those credentials to elevate privileges to Full admin on AWS

·        Back-dooring other users or role to maintain persistence

·        Configuring serverless function to send new user’s credentials to the attacker machine

·        Lessons learnt and recommendations to defenders

 

11:20 (CEST)

Why Identity is the Key to Your Zero Trust Success

Jason Goode
Regional Director, Ping Identity
view profile

Jason Goode, Regional Director, Ping Identity

The shift to remote work has increased the urgency behind Zero Trust adoption as organizations seek to find the optimal balance between employee security and productivity.

Join us for a discussion on why identity should be the core of your Zero Trust strategy. We’ll draw on our experience helping the largest enterprises in the world further their Zero Trust initiatives, to cover:

  • An overview of Zero Trust and the importance of Identity
  • Immediate priorities for securing remote work
  • How to strengthen security and reduce friction
  • Strategic advantages of implementing Zero Trust architecture

11:35 (CEST)

Questions To The Panel Of Speakers And Delegates Move To The Seminar Rooms

11:50 (CEST)

Networking Break

Please take this chance to visit the Virtual Exhibition

Session Three

12:05 (CEST)

Session Introduction

Dr Gilad Rosner
Founder, IoT Privacy Forum
view profile

Dr Gilad Rosner, Founder, IoT Privacy Forum; Expert in Public Policy of IoT & Identity Management; Privacy and Technology Policy Researcher

12:10 (CEST)

Zero Trust security system: A new way to secure internet traffic

Daniel Kramer
Customer Developer, Cloudflare
view profile

Daniel Kramer, Customer Developer, Cloudflare

The COVID-19 pandemic has exposed the weaknesses of the traditional ‘castle-and-moat’ security model. Remote work has expanded attack surfaces infinitely outwards, and more than ever, organizations need to start from the assumption that their ‘castle’ is already compromised. Zero Trust has emerged as a compelling security framework to address the failures. Cloudflare will share its own approach and how Cloudflare Access has helped thousands of organizations big and small to take their first steps toward Zero Trust.

12:25 (CEST)

The impact of AI and ML on IAM

Saru Tumuluri
India Ambassador, Women in Identity
view profile

Saru Tumuluri, India Ambassador, Women in Identity

83% of organisations do not have a mature approach to IAM, resulting in two times more breaches on average.

We explore how AI and ML can improve this situation by:

  • Combining analytics and AI to contextual insights so that both technical and non-technical employees can work more time-efficient
  • Drastically speeding up the existing IAM compliance controls
  • Reviewing historical user access reports to comply with auditor requests
  • Autonomously detecting anomalies and potential threats
  • Paving the way between reactive to preventive/corrective access management

12:40 (CEST)

The Dangers of the over provisioned User and how to identify them

Ben Bulpett
EMEA Marketing Platform Director SailPoint Technologies
view profile

Ben Bulpett, EMEA Marketing Platform Director, SailPoint Technologies

For many organisations, COVID-19 has prompted an unexpected and sudden migration to cloud and remote technologies. But the pandemic has accelerated everything both good and bad – leading to elevated risk for organisations trying to maintain business continuity amongst changing regulations and restrictions.

As 80% of employees continue to work remotely, organisations are facing increasing pressure to provision in a matter of days and weeks, as well as manage and control access to their systems so as to avoid over provisioning and the dangers that this presents to companies.

In this presentation, SailPoint will discuss how Identity Security is the foundation to regaining control and managing the new way of working.

12:55 (CEST)

Questions To The Panel Of Speakers

13:10 (CEST)

Networking Lunch

Please take this time to visit the exhibition stands

Session Four

13:45 (CEST)

Seminar Sessions A - D

14:30 (CEST)

Networking Break

Session Five

14:45 (CEST)

Seminar Sessions E- H

15:30 (CEST)

Networking Break

Take this time to visit the virtual exhibition

Session Six

understanding your business needs, utilising the available technology, and integrating successfully

  • Bridging the gap: SSID and CIAM
  • Integrating PAM with IAG
  • IAM Blockchain: distributed workforce
  • Expanding remote access demands
  • Extend enterprise IAM security to IoT
  • Enterprise DevSecOps

view presentation

15:45 (CEST)

Session Introduction

Dr Gilad Rosner
Founder, IoT Privacy Forum
view profile

Dr Gilad Rosner, Founder, IoT Privacy Forum; Expert in Public Policy of IoT & Identity Management; Privacy and Technology Policy Researcher

15:50 (CEST)

Is your PKI a POS?

Jon Lehtinen
Board Member, IDPro
view profile

Jon Lehtinen, Director, Board Member, IDPro

Public Key Infrastructure (PKI) plays a crucial role in your organization’s IAM & infosec programs.

Despite its criticality, PKI is frequently treated as a second-class citizen, failing to get the resources, executive sponsorship, or focus that other technologies do. However, PKI is so much more than ensuring your web TLS certs don’t expire. The SolarWinds incident and its mitigations highlight the criticality of a rigorous certificate management program in securing your organization.

But what does a “good” PKI program look like?

In this talk, Jon Lehtinen walks you through the steps you can take to improve your PKI program’s maturity & secure your certificate estate through a comprehensive PKI program- including tips on creating and driving adoption of PKI policy & governance, and technical controls.

16:05 (CEST)

To Trust or Not to Trust the Cloud; That is Your Compliance and Risk Management Question

Niamh Muldoon
Global Data Protection Officer and EMEA Trust & Security Leader, OneLogin
view profile

Niamh Muldoon, Global Data Protection Officer and EMEA Trust & Security Leader, OneLogin 

Many organizations struggle with digital transformation and cloud computing particularly when implementing a framework to meet their compliance and risk requirements equally. In this session, we will discuss a framework and operational approach to support you to move your business forward delivering quality services balancing cost and risk. This framework not only addresses legal and eCrime requirements but leads to developing and fostering trust with your end-users. As your organization transforms it is imperative to establish clear access control guidelines and maintain the trusted relationship with your end-user communities.

Takeaways:

  • Understanding your business requirement/s for digital transformation
  • Having a single view of your data from legal, regulatory and compliance perspective
  • How external factors influence how you operate your data management processes
  • Access control is the core of your digital transformation success
  • How independent identity and access management provides trust assurance

16:20 (CEST)

IAM In A Zero-Trust World

Dr Andrew Aken
Zero Trust Lead Architect, Twitter
view profile

Andrew Aken, Zero Trust Lead Architect, Twitter

Over the last several years, there has been a dramatic increase in the number of organizations pursuing the idea of creating a Zero Trust architecture within their organizations.

The interest and pursuit of ZT skyrocketed last year as many organizations were thrust into a primarily remote workforce.

Therefore, IAM in a Zero Trust world and if you’re not already, you will probably be there soon.

There are many components involved in the development of a comprehensive Zero Trust strategy for an organization. However, particularly as it relates to remote access, Identity and Access Management is one of the cornerstones.

 

 

Over the last several years, there has been a dramatic increase in the number of organizations pursuing the idea of creating a Zero Trust architecture within their organizations.

The interest and pursuit of ZT skyrocketed last year as many organizations were thrust into a primarily remote workforce.

Therefore, IAM in a Zero Trust world and if you’re not already, you will probably be there soon.
There are many components involved in the development of a comprehensive Zero Trust strategy for an organization. However, particularly as it relates to remote access, Identity and Access Management is one of the cornerstones.

16:35 (CEST)

Questions To The Panel Of Speakers

16:50 (CEST)

Closing Remarks from the Conference Chair

17:00 (CEST)

Conference Close

Please note:
Whitehall Media reserve the right to change the programme without prior notice.

Follow us on social

Keep up to date with what's going on by following us on social media.

Featured blogs

Read the latest news and views from key industry figures and thought leaders.

Addressing the Biometric Concern
According to recent research by Nomidio, it is discovered that only 14% of consumers are regularly using biometric authentications to log into their digital services, websites and even accounts. The recent survey did show that over half of the people surveyed agreed biometrics make authentication a quicker process, with nearly the same amount believing it...
Amazon Trials at Hand
In a progressive step for the online retail giant, Amazon has presented a new and improved contactless payment service currently being trialled is US Amazon Go stores. Amazon One The new biometric scanner is the hope to streamline contactless payment security as well as physical access for consumers. Labelled as Amazon One, the device scans...
Remote workers on the front line: access to sensitive data and its security implications
Remote workers needing access to sensitive data and their security implications Following the overwhelming success of IDM Europe and ECS UK, we were delighted once again with the outcome of our Government IT Security virtual conference, which was held on the 23rd of September. During this event, delegates were enlightened by our guest speakers who...