Identity Management

14 March 2019

Steigenberger Airport Hotel Frankfurt




Dr Gilad L. Rosner - Conference chair

Founder: IoT Privacy Forum; Expert in Public Policy of IoT & Identity Management; Privacy & Technology Policy Researcher

Dr Gilad Rosner is a privacy and information policy researcher and the founder of the non-profit Internet of Things Privacy Forum, a crossroads for industry, regulators, academics, government and privacy advocates to discuss the privacy challenges of the IoT. The Forum’s mission is to produce guidance, analysis and best practices to help industry and government to reduce privacy risk and innovate responsibly in the domain of connected devices.

Gilad’s broader work focuses on the IoT, identity management, US & EU privacy and data protection regimes, and online trust. His research has been used by the UK House of Commons Science and Technology Committee report on the Responsible Use of Data and he is a featured expert on O’Reilly and the BBC. Gilad is an internationally invited speaker, and has given talks at industry conferences, universities, and government agencies, including the US National Institute of Standards and Technology. Gilad has a 20-year career in IT, having worked with identity management technology, digital media, automation and telecommunications.

Gilad is a member of the UK Cabinet Office Privacy and Consumer Advisory Group, which provides independent analysis and guidance on Government digital initiatives and is a member of the IEEE Global Initiative for Ethical Considerations in Artificial Intelligence and Autonomous Systems. He is a Visiting Researcher at the Horizon Digital Economy Research Institute, an Affiliate Researcher at UC Berkeley’s Centre for Long-Term Cybersecurity and has consulted on trust issues for the UK government’s identity assurance programme,

Stefan Bosnjakovic

IAM & GRC Architect, DKB AG

Since 2016, Stefan has been an IAG Architect in the “IT Readiness Project DKB” at DKB Deutsche Kredit Bank. The emphasis of his professional activity during the last fifteen plus years has been on Identity and Access Management and Governance, Risk and Compliance projects. He has also undertaken related project activities including Segregation of Duties methodology development, Requirement Engineering, role modelling and design of standardised access and role-models, workflow and associated process modelling and BPAM business process analysis and modelling in consideration of relevant security norms. Before DKB Deutsche Kredit Bank, Stefan was based with several banking and financial institutions working on IAM and GRC projects.

Mohsin Choudhury

UK Head of Cyber Security, Information & Data Office of the Chief Operating Officer, Bank of Ireland UK

Mohsin has over 20 years of experience in Information Security from diverse sectors including Investment Banking, Defence & National Security, Central Government, Big 4 Audit Firms, Nuclear and Global Health Organisations. He is responsible for all areas of Information Security from defining security requirements for new digital programmes, advising businesses of their Cyber Risks, Technical Cyber Risk Assessment & Remediation and Financial Regulatory needs.

During his career, Mohsin has worked on the Security of Satellite Communication Systems, producing key management and encryption systems, helping and advising Global Investment Bank’s with their Information Security maturity and managing large scale security of transformational programmes. He is highly technical and understands business needs.

Mohsin holds CISM and CISSP Certifications and has two master’s degrees, MSc in Defence Communications Engineering and MSc in Nuclear Science & technology.

Previous Speakers

Vince Warrington

Senior Governance, Risk & Compliance Specialist – Open Banking

Vince Warrington is a leading Information Assurance and Cyber Security expert with over 15 years of experience heading-up large-scale, organisation-wide IT and cyber security programmes for central Government departments, blue chip private companies and well-known voluntary organisations across the globe.

Vince is an influential member of the Information Assurance Advisory Council (IAAC) and the UK Cyber Security Forum. He is currently advising on strategies to encourage more young people to consider a career in cyber security – especially females and those on the Autism spectrum.

Dmitry Kann

Senior Full Stack Developer, Nederlandse Spoorwegen

Born and bred in Russia, Dmitry moved some ten years ago to the Netherlands. Over the past two decades he has worked with numerous languages, platforms and frameworks, from 8086 assembly language to Java, Python and JavaScript/Angular. Dmitry also some practical
experience with Identity & Access Management and was involved in the implementation of the DSO (Digitaal Stelsel Omgevingswet) program, the digital ecosystem supporting the Living Environment Regulation. The so-called Standaard Platform is a cloud-based IaaS
solution for Dutch government institutions, which is heavily reliant on the WSO2 stack of products.

Since 2016 he has been working as a freelance software engineer. His favourite OS is Ubuntu Linux and his choice of editor is Vim. Dmitry loves travelling, rock music and playing guitar, and also has a second dan in aikido. In his spare time (which is scarce) he also runs a blog at

Fernando Garcia-Quismondo

Cyber Security Architecture (Digital Identity) - Global Cyber Security Area, Banco Santander

Fernando has a Physics degree from Universidad Complutense de Madrid. He joined Santander Group in 2004, and has been part of CTO and Innovation areas during these years, participating in most of the initiatives involving Customer Digital Identity, with special focus in biometrics-based IAM and onboarding processes. As part of Cybersecurity Global Team, he is currently in charge of the definition of a “Digital Trust Architecture”, assessing all technology aspects related to Digital Identity trends (biometrics, cybersecurity, privacy, etc.) as well as leading innovative proof of concepts to evaluate feasibility and possible uses of new technologies that form the Customer Centric security ecosystem.

Hans Zandbelt

IAM Architect, OpenID Foundation

Hans Zandbelt is a founder and IAM architect at ZmartZone IAM. He holds an MSc. degree in Computer Science, Tele-Informatics and Open Systems from Twente University (1993). He has over 20 years experience as a technical leader in research and innovation projects, including digital identity initiatives. In 2007 he joined SURFnet as the architect and technical product manager of SURFfederatie, the national infrastructure for federated Single Sign-On for the research and higher education community in the Netherlands. In 2011 he joined Ping Identity as an expert on Single Sign-On, Cloud Identity & Access Management and large scale deployment of federation technology, representing the CTO Office in Europe. In 2017 he founded ZmartZone IAM to provide Identity & Access Management consultancy and to contribute to standards and open source development in the broader field of IAM. He is an active member of the OpenID Connect Certification team in the OpenID Foundation.

Edina Dobos

DBS Governance & Controls Senior Manager - Global SoD and Application Controls, Diageo

Edina is the Global SoD and Application Controls Senior Manager for Diageo, covering both IS and Business SoD control activities for the key ERP, accompanied by management assurance over ERP application controls. Having gained over 10 years in managing and improving overall response to business SoD-risks, she has expanded her remit to cover and transform IS SoD control activities.

During her career she has created the foundations of a centralized SoD operations team, standardizing and simplifying new monitoring procedures along with leading the upgrade of GRC Access Control and Emergency Access Management from a business point of view. Her
experience includes, as a business acceptance lead, a major review of SoD-matrices, translation of rules into GRC solution, designing and implementing new monitoring processes and engagement to achieve management and external auditor confidence in the new procedures. Very recently she has been involved in global privileged access re-certification activities for key SAP production landscapes (ECC, APO, CRM, PLM and BW) and involved in re-designing IT Control frameworks, with special focus on access risks and control requirements.

Edina is certified in CISA, CRISC and COBIT 5 and is highly qualified in ERP security, administration and configuration.

Henk Marsman

Lead Product Manager Identity and Access Management, Rabobank

Henk Marsman is lead product manager for Identity and Access Management for employees at Rabobank, a top three bank in the Netherlands. He’s responsible for the cohesion and ‘customer’ orientation of the IAM services and works with the IAM product owners in Rabobank to materialize the vision and strategy. Prior to joining Rabobank Henk spent 11 years with Deloitte, of which the last 5 years he led the IAM expertise team for the Netherlands and provided management consulting services in this area to a wide range of organizations.

Besides the ‘traditional’ security and employee oriented IAM area he’s keenly interested in the wider area of digital identities, digital developments and the role access control therein. Within Rabobank he builds the bridge to the true customer identity management areas and the identity service provider (broker) that Rabobank provides in the marketplace. Beyond Rabobank he enjoys visiting events like IDnext to learn from the experts and share his vision.

Robert Garskamp

Entrepreneur, Advisor on Digital Identity Matters and Founder of the IDnextplatform

With the enormous speed of technological digitalisation transformation nowadays, Robert believes that it will influence, constitute and shape our society where you are able to control your identity on attribute level within a secure and privacy-regulated basis. As an expert for 10+ years, Robert strives to share his knowledge and experience regarding several topics about digital Identity, security, privacy, mobility, risk management and compliance with several organisations in different sectors. He also advises and consults various organisations (in public and private sector) related to digital identity.

Robert is Founder of the IDnext platform, a pan-European open and independent platform to support and facilitate innovative approaches in the world of the digital identity, creating awareness about digital identity, providing a knowledge and networking platform for experts in IT, Business and Marketers as a European centre of expertise.

Hans van der Burght

Information Architect and Lead Analyst, Dutch Ministry of Economic Affairs

Hans van der Burght graduated in 1985 at the Utrecht University in Economic Geography. After a career in the software industry and he was responsible for the design and implementation of IT infrastructure for the judicial organization in the Netherlands. Mr. van der Burght participated in the STORK2.0 consortium since the start of the project as co-chair and project leader of the Dutch pilot. He elaborated the cross border farmer’s pilot, one of the success stories of STORK. He was also one of the promotors of the development of the eIDAS – PEPS adapters in the eSENS program, a co-production of IS, SE, DE, AT, NL, DIGIT and other eSENS partners. This adapter will ensure a smooth migration of
STORK enabled services to an eIDAS environment.

Within the running program for the implementation of eIDAS in the Netherlands he is responsible for the migration of the STORK / PEPS infrastructure to the eIDASnode and the development of an interface between the eIDAS and the Dutch eID schemes.

Alice Vasilescu

IT Project Officer - Connecting Europe Facility (CEF) eID at European Commission

Alice Vasilescu is acting as Policy Officer at the Directorate-General for Informatics of the European Commission. She is coordinating the technical work carried out under CEF eID and supports the Member State community that is setting up the eIDAS eID Infrastructure. Alice
is an experienced IT professional, specializing in Enterprise Architecture, IT security and system interoperability for large-scale European projects.

Colin Brown

Identity and Access Management Architect, BBC

Colin Brown has worked in the field of Identity and Access Management for the past fourteen years. Working mostly as a freelance solutions architect, he has always been the predominant driving force in defining, designing and delivering the enterprise solution that the business demands.

An impressive client list includes Aviva, Royal Bank of Scotland, The Co-operative Bank, WorldPay, EY and the BBC, as well as the vendors BridgeStream and Oracle. Before moving into IAM, he worked in both software development and support roles for consulting firms and enterprises, mainly in the insurance sector.

Dimitri Chichlo

Former VP Information Security & Business Continuity at Edmond de Rothschild

Dimitri Chichlo is former VP Information Security and Business Continuity Management at Edmond de Rothschild in Geneva where he was responsible for developing and implementing the cybersecurity and BCM governance, consulting on IT projects from the InfoSec side as well as spreading InfoSec awareness in the Bank.

Prior to this position, he worked 6 years for ING as Head of Risk Management in Geneva, where he was responsible for all aspects of non-financial risks in a commercial bank, successfully enforcing information security risk framework as well as leading related projects. From 2004 to 2009, he spent 5 years in the Ukraine and was involved in various international greenfield industrial and banking projects with different French companies. Dimitri is also an avid trail runner and a PADI scuba diving Instructor. He is currently pursuing an Executive MBA at the INSEAD.

Serge Oskam

Manager, Identity & Access Management, NN Group

Serge Oskam is responsible for IAM processes and operations within a multinational insurance and asset management company, covering over 20,000 identities in a complex, highly regulated, application landscape.

Serge’s professional experience spans over 15 years’ in IT Infrastructure within the financial industry. After gaining hands-on experience in server administration, he continued his career as a project manager. Less than 5 years ago he took on one of the most challenging positions becoming responsible for Identity & Access Management during the turmoil of a disentanglement from another enterprise. He mostly enjoys researching and deliberating on control, cost and efficiency enhancements within his field. Serge earned a master’s degree in Chemical Engineering from Delft University of Technology.

Xin Wang

Delivery Manager / Design Authority, Identity & Access Management, Canon Europe

Xin is Delivery Manager and Design Authority of Identity & Access Management Project for Canon Europe in EMEA region. He has established Canon’s IAM capacity from green field with zero foundation into a fully structured competence centre, delivering both user management solution (e.g. joiner-mover-leaver processes, request based access control, password management, identity hubs, reusable frameworks, etc.) and Single Sign-On solutions.

Colin Wallis

Executive Director, Kantara Initiative

Colin is the Executive Director of the Kantara Initiative Inc, the globally acknowledged thought leader and emerging practice resource center for federated digital identity, access and consent-based information sharing. Colin’s combined public and private sector background in online identity and privacy builds on 15 years of contribution to international standards and consortia. Alongside his contracts with Kantara and his previous employer, Colin maintains leadership positions in the US Identity Ecosystem Steering Group (IDESG), OECD Internet Technical Advisory Committee (ITAC) and ISO SC27 Security Techniques on topics around Information Security, Privacy and Trusted Identity.

Peter Dornheim

Head of Identity and Access Management, Festo

After several positions in a SAP Consulting Company (finally as Manager for SAP Security) and IT Security Architect at Daimler AG, Peter Dornheim is now the Head of Identity and Access Management at Festo AG & Co. KG. He is responsible for the whole Identity Lifecycle, Cloud Security, Security@IoT and IT Compliance and Authorization Management.

Joanna Zdulska

Information Security Access Programs and Governance Manager, Citibank Europe PLC

Joanna has extensive knowledge in the Information Security field. She has specialized in the domain of Identity and Access Management for the last 10+ years. Joanna has over 20 years of operations, technology and management experience with specific emphasis on compliance, risk management, solutions development and program management.

Since joining Citi in 1996 Joanna has served in multiple technology managerial roles, being responsible for software development, project management and operational activities. Joanna managed risk management area as a formal Business Information Security Officer and Compliance Officer in Regional Data Center. Between 2005-2007 Joanna managed two Regional projects related to access management standardization and improvement for Distributed system like Unix, Wintel, SQL and Oracle databases. In 2007 Joanna joined Global ID management team and took on a global function responsible for Provisioning Automation and tools development. Since 2010 Joanna is managing Global Programs related to ID Management including the centralization of access and compliance checks.

Joanna graduated from the IT program at the Department of Technical Physics and Applied Mathematics at Warsaw University of Technology (Master of Science degree). She holds a CISSP (Certified Information Systems Security Professional) certificate.