Session one- Policy, privacy and business
- Europe’s digital agenda: business and consumer impact
- Self-sovereign identity: a user-centric initiative
- Linking CIAM and SSID: personalisation without risk
- IAM in a fluid labour market: provisioning and de-provisioning
- The identity of things: the age of peak connectivity
- Privacy and the GDPR: assessing the business impact
- Cryptography and identity: hype or reality?
Conference Chair’s Opening Address
Europe’s digital agenda: business and consumer impact
In response to the growing challenge of managing digital identities and verifying access demands for both business and end-users, the EU has established a legal and regulatory framework for the handling of personal and identity data. This framework is designed to build upon existing regulations, ranging from the GDPR to the recently established EPrivacy regulation.
The European digital identity agenda is designed to support the use and processing of data and ensure it is driven towards economic drivers with a recognisably positive socio-economic impact.
In our opening address, we discuss:
- Digital identity and the single market
- Identifying commonalities in identity regulations
- Building the European data economy
- Ethical data monetisation
- Emerging business models for data
Self-sovereign identity: the evolution of user-centric solutions
Self-sovereign identity is fast emerging as a tool by which identities can be created, managed, disclosed and destroyed by the owner without having to engage with a third actor or centralised authority.
SSI is considered as the next stage in user-centric identity initiatives. We will address:
- Origins, principles and the current climate for SSI
- Existing projects and initiatives that have implemented SSI
- SSI and its relationship with existing IAM infrastructures
Linking CIAM and SSID: customer personalisation
With the rapid fusion of the physical and digital, identity is now more personal than ever. At the same time, data breaches, hacking and centralised information-sourcing platforms mean that customers are more vulnerable than ever before.
How we collect and process data in order to personalise services may be the difference between gaining trust or getting fined.
This session will focus on how incorporating SSID, ZKP and progressive disclosure enables an enterprise to personalise products and services without putting customers at risk.
IAM in a fluid labour market: automated provisioning and de-provisioning
A centralised Identity and Access Management solution can fully automate the provisioning and de-provisioning process, giving IT full power over the access rights of business users, end-users, third party actors, and guests. Automated provisioning and de-provisioning speed up the enforcement of strong security policies while helping to eliminate human error.
- Ending the need to manually provision access
- Increasing the productivity of your IT team
- De-provisioning access at speed and with scale
- Automation as a security enhancer and productivity saver
The identity of things: securing identities in an age of peak interconnectivity
In today’s hyper device-led interconnected world, the ability for companies to safeguard consumer information has become even more difficult. Enterprises, both small, medium and large, across all industry sectors are all under near-constant attack from subversive forces.
In response, patches are devised but then quickly circumvented as the hacker industry moves at a seemingly faster rate than enterprises can manage.
- The ‘always-on’ reality of IoT
- Increasing risk of theft and fraud
- The evolution of things into agents
- AI automation
- The logging of transactions and data
- New forms of identity relationship management
Questions to the Panel of Speakers
Refreshment Break Served in the Exhibition Area
Privacy and the GDPR: assessing the business impact
As can be evidenced since the implementation of the GDPR, what constitutes compliance is still a cause for concern and confusion. Such differences in perception cut across government, business and the individual.
Justifications for collecting data and what drives such efforts are under constant review as the GDPR lacks the fortune of having maturity on its side.
We address, ethical data-collection, who sets the boundaries and how, and the costs and revenues involved in compliance.
Cryptography and identity: hype or reality?
As technologies like AI, virtual reality and biometrics seep deeper into the way we perceive the world and interact with others, digital and real identity will also adapt and change.
We explore the ways digital identity may change, and how we as practitioners can meet the challenges and demands this will bring.
- Developing technologies mount pressure to augment our strategies to be increasingly societally responsible
- Emerging methods of Authentication mandate that we develop future technologies with a global view of identity
- Data minimization, pseudonymisation, unlinkability, transparency, and privacy
Questions to the Panel of Speakers and Delegates move to the Seminar Rooms
Networking Lunch Served in the Exhibition Area
Session two – Concepts, tools and techniques
- Addressing IAM project failure: pitfalls to avoid
- A guide to AI in IAM: successful procurement and deployment
- Social engineering: against traditional security solutions
- Your human firewall: securing your business pipeline
- Responding to a data breach: the four pillars
- IAM market 2020: the evolution of IAM
Conference Chair's Afternoon Address
Overcoming solution bias and limitations: addressing IAM project failure
When initiating an identity and access management project, business users need to balance differing business needs, technological constraints and the complex nature of enterprise-wide IAM systems which interact with every element of an organisations IT infrastructure.
We address, the ways you can approach IAM project management to ensure success.
A guide to AI in IAM: successful procurement and deployment
An emerging trend within the IAM space is the propensity of solution providers to popularise the use of AI in automating the analysis of behavioural and device usage in order to make machine led security decisions.
This presentation is designed to evaluate the many claims made by solution providers whilst posing helpful questions and setting out practical examples of how you can successfully procure and deploy the right technology for the right task.
- Progress and challenges in AI
- How to assess vendors selling you AI and ML solutions
- How to make build vs buy decisions in matters of data analytics
- Some cautionary tales and real-world case studies
Social engineering: circumventing traditional security solutions
Beyond business user issues related to vendor-led solutions, and beyond issues related to the deployment of disruptive technologies across IAM platforms, we have a human-led attack vector which circumvents all such parameters by exploiting people rather than systems.
In this talk, we will address the concept of trust and how it is exploited, the most common techniques deployed by social engineers, the cost to business and some of the most famous examples of successful attacks.
Questions to the Panel of Speakers
Afternoon Networking and Refreshments served in the Exhibition Area
Your human firewall: an answer to the ongoing cyber-security problem
There are three types of organisations, those that have suffered a cyber-attack, those that will, and those that do not know that they have. This added feature of the nature of cyber-attacks has changed the cyber-security landscape entirely.
Cyber-criminals today are infiltrating our lives and workplaces and residing within online systems for weeks, months and even years without our knowledge. The time spent undetected is used to analyse you and your employer in order to assess what information they require to successfully steal your identity.
- The limitations of traditional security infrastructure
- How cyber-criminals circumvent high-level security technology
- How to build your human firewall
- Proactive business security policy instruction and guidance
- Ensuring security is everyone’s responsibility within the business pipeline
Responding to a data breach: The four pillars
It is the call that every security team dread – that an attacker has seriously compromised your organisation and gained widespread access to sensitive data. But how prepared are you for this eventual scenario?
While most organisations have some frameworks in place to manage and respond to limited attacks, few feel confident that each person situated within the business pipeline fully appreciates their role in ensuring that each key business element is tied to the other in a complementary way.
There are four key questions you must ask yourself when assessing your organisational capabilities:
- WHY? what’s the issue or problem?
- WHAT can I do to resolve the issue?
- HOW am I going to implement the what?
IAM Market: 2020 and beyond
In recent years the business world has produced an environment in which a more robust regulatory environment has developed in response to the growing uncertainty around securing identities and managing access. Twinned with this development is the increase in the adoption of advanced technologies such as cloud computing, AI and IoT.
In our closing address, we explore how the IAM market will evolve, its changing relationship with new and emerging technologies and the extent to which consumer insight drives solution innovation at the provider level.
Questions to the Panel of Speakers
Closing Remarks from the Conference Chair
Whitehall Media reserve the right to change the programme without prior notice.