Programme @

IDM

Identity Management

15 June 2023

Victoria Park Plaza Hotel, London

Programme @ IDM

Morning Session

How to implement your IAM strategy, embed across the business and bring your customers with you

  • The importance of having a centralized Access Management system (AKA: Authorization-as-a-Service)
  • Securing multi-cloud adoption
  • Bring Your Own Authenticator (BYOA) – Elevate the journey of secured and sustainable digital transformation
  • Business-friendly IAM
  • How to successfully manage IAM migration
  • Driving CX Innovation with CIAM to Deliver Competitive Advantage

09:00 (BST)

Preparing for the next generation of Identity and Access Management

Bharat Thakrar
CISO and Principal Security Lead, Information Security Forum
view profile

Conference Chair – Bharat Thakrar, CISO and Principal Security Lead, Information Security Forum

The past couple of years have seen some of the most daring and costly breaches in data history, with many of these being identity and credential based. How well IDM professionals understand the implications and respond with effective IAM solutions will determine the degree of their organisation’s resilience. The keynote will provide the backdrop for the major trends and the new advances IDM professionals need to adopt, including:

  • Revamping identity management to include machine identities;
  • Integrating identity governance and PAM into hybrid/multicloud environments;
  • Zero trust as a driver for continuous ID verification & effective entitlement management.

09:25 (BST)

Land Ahoy! Steering your IGA programme to success

Paul Squires
Lead Identity Strategist, SailPoint
view profile

Paul Squires, Lead Identity Strategist, SailPoint

Identity Governance and Administration (IGA) is a critical component of any organisation’s cybersecurity strategy. But we know that some identity programmes in the past have failed to reach their expected destination, with failures and abandonment, then others not delivering the true value expected. In this session we’ll look at;

  • how to avoid some of the pitfalls and challenges that can set you off course,
  • why choosing a good navigator with the right experience and focus on the right goals can make all the difference.
  • when a well-founded IGA programme, delivered efficiently, can increased value and help you progress to a greater level of maturity.

09:40 (BST)

User Authentication – Still bad at the basics?

Steven Furnell
Professor of Cyber Security, University of Nottingham
view profile

Steven Furnell, Professor of Cyber Security, University of Nottingham

User authentication represents the frontline face of cyber security for millions of users and despite various alternatives and enhancements, continues to be dominated by passwords. At the same time, passwords continue to be used badly and the blame is commonly laid at users for failing to follow good practice. However, there is also a clear argument that some responsibility rests with the sites and services that are requiring passwords to be used. Drawing from a recent assessment of the password guidance and enforcement on leading websites, the presentation examines the extent to which users are being offered support or left to fail.

Specific themes of the discussion include:

– Whether users are being guided to understand good practice
– Whether such good practice is enforced when passwords are chosen
– How the situation has changed over the years
– The implications in the wider cyber security context

09:55 (BST)

Orchestrate the Friction Out of Building Secure Digital Experiences

Máté Barany 
Account Executive, Ping Identity
view profile

Máté Barany, Account Executive, Ping Identity

As the number of digital touchpoints in the customer journey rises, IT teams are relying on customer identity to optimize security and user experience. But, ensuring one doesn’t overshadow the other often requires multiple integrations and custom development that add internal friction and slows down innovation.

Join this session to see how you can use identity orchestration to eliminate roadblocks and increase cross-functional collaboration to get seamless, secure customer experiences to market faster. You’ll learn how Ping’s approach to building, testing and optimizing secure digital journeys using an intuitive drag-and-drop interface combined with out-of-the-box integrations can boost IT agility to meet every business requirement.

10:10 (BST)

We Are All “Third Parties” – A Refresh Case For Identity Governance For Our New Economy

Manoj Kumar, Director: Identity and Access Management, Philip Morris International
Manoj Kumar
Director and Global head of Identity and Access Management, Philip Morris International
view profile

Manoj Kumar, Director and Global Head of Identity and Access Management, Philip Morris International

Enterprises are driven by social, political, and economic headwinds today that drive them to change and adapt more quickly to disruptive developments. Mergers, de-mergers, acquisitions, integrations, and spin-offs are the order of the day, as enterprises adapt to new realities. The traditional IT organisation does the heavy lifting in the engine room, encumbered as we usually are with systems that are built for permanence. Identity and Access Management systems fall in this mix and are in fact the front for much of this change. The presentation will cover the following:

  • Design considerations that underpin a resilient and modular identity infrastructure
  • Identity personas driving the need for “plug and play” Identity infrastructure
  • What should REALLY be the difference between the management of a third party and a standard colleague identity?
  • The new “North Star” in Identity Governance and how do we get there?

Manoj will be using use a real life case study as a reference.

10:25 (BST)

The Evolution of Cyber Insurance and the need for Privileged Access Management to reduce risk

Mark Lillywhite
Senior Sales Engineer, Delinea
view profile

Mark Lillywhite, Senior Sales Engineer, Delinea

The cyber insurance industry is evolving fast to help your business mitigate risk. Cyber insurance offers a safety net for businesses threatened by the rapid growth of insider cybercrime and external cyber threats, particularly ransomware. While cyber insurance has been a reliable safety net for years – driven by accelerating insider cybercrime and exploding ransomware attacks – things are changing fast. It’s important to understand the dynamics of the rapidly changing market and consider how well your security controls will stand up to an insurance company’s review.

This session will help you answer common questions about cyber insurance and ensure you get all the facts you need.

We will cover:

  1. The factors driving the skyrocketing costs of cyber insurance
  2. The security controls cyber insurance companies expect you to have
  3. Why cyber insurers care about PAM
  4. Explore the value of a continuous risk management approach to cyber risk and how it enables cyber insurers to reach their goals

10:40 (BST)

Questions to the Panel of speakers

11:00 (BST)

Networking in the Exhibition Area

Refreshments Served in the Exhibition Area

11:25 (BST)

Welcome to Session Two

Bharat Thakrar, CISO and Principal Security Lead, Information Security Forum

11:30 (BST)

ServiceIAM - The Single Pane of Glass to your Identity Platform

Alex Santos
Chief Product Officer, CyberIAM
view profile
Robert Raynor
Presales Consultant, CyberIAM
view profile

Alex Santos, Chief Product Officer, CyberIAM
Robert Raynor, Presales Consultant, CyberIAM

In today’s rapidly evolving business environment, the necessity for employing various state-of-the-art technologies from a multitude of vendors is undeniable. However, this approach brings complexity in the management of these technologies. How can a business truly see the overall health of their environment with multiple views?

In this session Alex & Robert talk around CyberIAM’s new platform, ServiceIAM, and how it’s focused on showing what ‘good’ really looks like when it comes to environment health. The session will also speak around the following:

  • How to measure, monitor and maintain your environment in a single view using industry leading solutions from BeyondTrust, CyberArk, Microsoft Azure, SailPoint and Ping Identity
  • How CyberIAM deliver a platform focusing on best practices and operational risks

11:45 (BST)

The Online Safety Bill: What is it? How is it aiming to make people safer online? What role can IDM play?

Ros Smith
Senior Technologist, Ofcom
view profile

Ros Smith, Senior Technologist, Ofcom

The Online Safety Bill was introduced in the UK Parliament on 17 March 2022, and is going through the parliamentary process.  As currently drafted, it will require services which host user-generated content and search engines to have systems and processes for protecting individuals from certain types of harm online and require pornography providers to ensure children are not normally able to encounter pornographic content. Any such service which has significant numbers of UK users, or which is targeted at the UK market will have new duties and must comply with the new law.  Ofcom is due to become the regulator for the Bill and in this talk Ros Smith will:

  • Introduce Ofcom and outline its range of responsibility;
  • Introduce the Online Safety Bill and the key points;
  • Highlight some of the key areas that have a link to Digital Identity;

12:00 (BST)

Cyber Security Physics: Breaking the Attack Chain

Chris Butchart
Solutions Engineer, BeyondTrust
view profile

Chris Butchart, Solutions Engineer BeyondTrust

Join BeyondTrust and learn the how you can break the attack chain and establish a solid foundation for security project success. Chris Butchart, Solutions Engineer will cover:

  • Common attack chain entry points
  • Practical steps you can take to block entry
  • How PAM ensures project success

12:15 (BST)

Questions to the Panel of Speakers & Delegates move to the Seminar Rooms

12:30 (BST)

Seminar Sessions

13:15 (BST)

Networking Lunch

Served in the Exhibition Area

Afternoon Session

Understanding your IAM ecosystem, mapping its landscape and understanding what the future holds

  • Why provisioning gives you a false sense of security
  • Maximise Zero Trust with AI-driven Role Management
  • Universal Privilege Management – A Modern Approach to PAM
  • Identity enables digital trust
  • Why on-prem IGA is the new legacy
  • The Login Experience Customers Want
  • Protecting and monitoring privileged access in the cloud: the convergence of IGA + PAM

14:00 (BST)

Conference Chair’s Afternoon Address

Bharat Thakrar, CISO and Principal Security Lead, Information Security Forum

14:05 (BST)

Modernizing Identity Governance: Why Now & How To Get There

Craig Ramsay
Senior Solution Architect, Omada
view profile

Craig Ramsay, Senior Solution Architect, Omada

80% People & Process, 20% Technology – that’s the split when looking at good Identity Governance. So, when it comes to modernizing your approach to Identity Governance, it’s more than just picking a new solution to deploy. Join this session with Omada where we will explore the drivers for modernization and share knowledge and experience of successful deployments and migrations of modern IGA – including how to avoid some of the most common pitfalls that identity programs face.

14:20 (BST)

Keeping your finger on the pulse: Identity Management and the rapidly increasing security risks of AI

Gbola Gbadamosi
Head of Identity Management, The London School of Economics and Political Science (LSE)
view profile

Gbola Gbadamosi, Head of Identity Management, The London School of Economics and Political Science (LSE)

This presentation examines potential Identity and Access Management risks and vulnerabilities that organisations may face as a result of rapid advancements in artificial intelligence (AI). The presentation will also offer strategies and best practices to help mitigate these risks and stay informed about evolving AI threats.

  • Publicly available generative AI and Large Language Models (LLMs) can be used by attackers to compromise identity security in several ways.
  • The complexity, capability and availability of AIs is increasing at an incredible pace; keeping up with developments in this area is crucial.
  • Organisations of all sizes must review and renew IAM policies to ensure they are fit for the future

14:35 (BST)

Stories from the trenches - Identity & Incident Response

David Hitchen
Senior Solutions Architect, Semperis
view profile

David Hitchen, Senior Solutions Architect, Semperis

In the aftermath of an identity attack that compromises Active Directory, how can you quickly recover and restore trust in AD? Hear real-world examples that illustrate how you can perform attack forensics without alerting the attacker, build a defence, recover Active Directory, and make AD more resilient to compromise in the future.

Learn the simple steps that your organisation can take to improve your Active Directory security posture and protect AD against today’s widespread cyber threats.

14:50 (BST)

Questions to the Panel of Speakers

15:05 (BST)

Afternoon Networking Break

Refreshments served in the Exhibition Area

15:30 (BST)

Welcome to the Final Session

Bharat Thakrar, CISO and Principal Security Lead, Information Security Forum

15:35 (BST)

Managing secure customer identification for the leader in money transfer services

Frank Reboiras
Director of Solutions Engineering, TrustCloud Inc.
view profile

Frank Reboiras, Director of Solutions Engineering, TrustCloud Inc.

The recent pandemic had greatly accelerated the need for remote identity verification world wide. Learn how through a two-minute video call, a biometric analysis, the verification of official ID documents and the proof of life demonstrate in real time if the customer is who they say they are, and if the person verified is the same person who appears on the session.

During this session we will examine how some of the largest banking, online payments and insurance firms can verify the identity of their clients with all the guarantees, remotely, in real time, through a safe and guarded system of intelligent video calls, both automated or assisted.

Via a real life customer success story with one of the world’s largest money transfer services, you will understand how with the use of video technology, the true identity of the customer can be recorded, with simultaneous “layers” of authentication in a single, frictionless process, thanks to the easy and seamless usability with which it is developed for both customer and business.

Join this session to discover how remote identification technology, governed by a powerful orchestration layer, can help to achieve effective, regulatory compliant and secure customer identification.

15:50 (BST)

The World of IAM

Amardeep Ginday, Identity & Access Management Analyst, HS2
Amardeep Ginday
Identity and Access Management Lead, Vanquis Bank
view profile

Amardeep Ginday, Identity & Access Management Lead, Vanquis Bank

Amardeep will be speaking from personal experience on weak IAM functions within businesses that have not fully invested in IAM (or at all) until there is a breach.

He attends various Identity Conferences and will be giving feedback on IAM trends shaping the future of security.

 

16:10 (BST)

Questions to the Panel of Speakers

16:25 (BST)

Closing Remarks from the Conference Chair

Bharat Thakrar
CISO and Principal Security Lead, Information Security Forum
view profile

Bharat Thakrar, CISO and Principal Security Lead, Information Security Forum

16:30 (BST)

Conference Closes

Delegates Depart

Please note:
Whitehall Media reserve the right to change the programme without prior notice.

Follow us on social

Keep up to date with what's going on by following us on social media.

Featured blogs

Read the latest news and views from key industry figures and thought leaders.

Uniting large-scale, complex businesses with PowerSyncPro
Blog by: PowerSyncPro Mergers and acquisitions involving tens – or even hundreds – of thousands of users require complex tenant-to-tenant migrations. Traditionally, those migrations have been fraught with problems. Problems that impact your people, your productivity and your profit. Combining solid preparation with the right software solution can dramatically reduce the pain involved. Enter PowerSyncPro:...
Considering Passwordless? Here’s How to Do It
Blog by: CyberArk When creating a new password, you know the drill – it must be at least eight characters long, contain special characters and avoid sequential characters or be based on dictionary words. Although these requirements can be a pain in the neck and seriously hamper end user experience, they are not a sign...
Analytics and AI: Pioneering the Next Chapter in Identity Security
Blog by: Saviynt Identity proliferation, access sprawl,  over-provisioned access, and reviewer fatigue will continue to grow in your identity ecosystem. In the rapidly evolving landscape of identity security and governance platforms, a few tipping point technologies have emerged. The potential is immense – how do you harness the power? Right start your identity strategy with...